Let’s discuss

Tell us about your idea, and we’ll suggest the best and fastest plan of action.

Privacy Policy

Nomium

Last updated: January 7, 2026

Data Controller:
Nomium
Vlkova 532/8, 130 00 Prague, Czech Republic
Email: info@nomium.org
Phone: +420 723 726 100

1. Introduction

Nomium (“we”, “us”, “our”) provides full-cycle IT development services through the website https://nomium.tech.

This Privacy Policy describes how we collect, use, and protect personal data in accordance with the EU General Data Protection Regulation (GDPR) (EU) 2016/679.

The supervisory authority is the Czech Office for Personal Data Protection (Úřad pro ochranu osobních údajů – ÚOOÚ).

2. Personal Data We Collect

2.1 Data Provided by You

  • Name
  • Email address
  • Phone number
  • Messenger identifiers (Telegram, WhatsApp)
  • Company / organization name
  • Project descriptions and files submitted via forms

2.2 Technical Data

  • IP address
  • Browser type and version
  • Pages visited and interaction data

Technical data is collected via server logs and cookies (see Cookie Policy).

We do not intentionally collect special categories of personal data (e.g. health, religion, political views).

3. Purposes and Legal Bases of Processing

PurposeExamplesLegal Basis (GDPR Art. 6)Recipients
Enquiries & quotesProject assessment, estimates, NDAArt. 6(1)(b) – pre-contractual stepsNone
CommunicationClient support, service informationArt. 6(1)(f) – legitimate interests (responding to enquiries and maintaining business communication with clients)Hosting providers acting as data processors under Article 28 GDPR
MarketingNewsletters, updatesArt. 6(1)(a) – consentEmail service provider
AnalyticsWebsite traffic analysisConsent (cookies)Analytics providers
Legal complianceAccounting, tax obligationsArt. 6(1)(c) – legal obligationAuthorities

We do not perform automated decision-making or profiling.

4. Cookies and Analytics

Non-essential cookies and analytics tools are used only after obtaining explicit user consent via the cookie consent banner.
Consent may be withdrawn at any time through cookie settings.Details are provided in the Cookie Policy.

5. Data Sharing and International Transfers

We do not sell personal data. Personal data may be shared only to the extent necessary with the following categories of recipients:

  • Service providers acting as data processors, including hosting and analytics providers, with whom we have concluded Data Processing Agreements (DPA) in accordance with Article 28 GDPR.
  • Affiliated group entities within the European Economic Area (EEA) (e.g., Germany), where necessary for internal administrative and operational purposes.
  • Recipients in third countries, in particular the United Arab Emirates, for project communication and service delivery. Such transfers are carried out on the basis of EU Standard Contractual Clauses (SCCs). We also conduct Transfer Impact Assessments (TIA) to ensure that the laws of the destination country provide a level of protection essentially equivalent to that of the EU.
  • Communication platforms, such as WhatsApp and Telegram. Please note that by choosing to communicate through these platforms, you acknowledge that they process data in accordance with their own privacy policies. We recommend reviewing their terms before use.

All international data transfers are performed in compliance with Chapter V of the GDPR.

6. Data Retention

  • Project enquiries: up to 3 years from the last interaction
  • Technical logs: up to 12 months
  • Accounting and tax records: 10 years (Czech law)

After expiration, data is securely deleted or anonymized.

7. Data Security

We apply appropriate technical and organizational measures, including encryption, access controls, and internal policies, to protect personal data from unauthorized access, loss, or misuse.

8. Your Rights (GDPR Art. 15–22)

You have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request erasure (“right to be forgotten”)
  • Restrict or object to processing
  • Data portability

Requests can be sent to info@nomium.org.
We respond within one month (extendable to three months for complex requests). Identity verification may be required.

9. Complaints

If you believe your rights have been violated, you may lodge a complaint with the supervisory authority:Czech Office for Personal Data Protection (ÚOOÚ)
https://www.uoou.gov.cz

10. Children’s Privacy

Our services are not directed at children under the age of 16, in accordance with Art. 8 GDPR.
If we become aware that personal data of a child has been collected, it will be deleted without delay.

11. Changes

We may update this Privacy Policy from time to time.
Material changes will be published on this page and, where appropriate, notified via email or the website.

12. Contact

Nomium
Vlkova 532/8, 130 00 Prague, Czech Republic
Email: info@nomium.org
Phone: +420 723 726 100
Telegram: @nomium_org_bot

Data Protection Officer (DPO): Not appointed (processing does not meet mandatory threshold).