Personal data protection policy (privacy statement), legitimate interest and GDPR

Digital Resources a. s. has always taken care of and up to date it ensures a great level of information security and use of information in accordance to valid legislation.

The essential business activity of Digital Resources a.s is solely in the business-to-business area that is business activities, consulting, implementation of information systems, taking care of customer IT infrastructure, providing of full ICT outsourcing, including data centers. All that solely for commercial entities, legal persons, eventually (1%) entrepreneurs individuals, nevertheless always companies.

It follows from the above that Digital Resources a.s. as part of its marketing and business activities has never collected and does not collect personal data from non-business individuals.

All marketing, pre-sales and sales activities are conducted on the basis of a legitimate interest institute. In other words, there is a possibility that the company and the contact person of the company may have a legitimate interest in improving their business environment, obtain better ICT solution for the company, deploying a new information system, or analyzing the possibility of deploying some selected technologies in a company they represent. Similarly, a person representing a legal entity can, for example, download full version of the system for a 30-day trial period, or download premium content from the corporate websites (,,, It is never an interest of a private person, it is always an institute of legitimate interest between two commercial subjects. Therefore, any further communications, or registrations of data for the further development of business relationships with a possible conclusion of business contracts, are always motivated by this legitimate interest among commercial entities. Information obtained for this purpose is always used only in accordance with the principle of legitimate interest. If they are shared, it is only in the case of legitimate interest (for example DHL delivery, etc.).

Therefore, the GDPR regulation has limited effects on the business activity of Digital Resources a.s., because it does not collect personal data in the strict sense, but only data that are related to business processes and is always related to the legitimate interest of a third party – a legal person.

In any case, Digital Resources has a strong internal directive „Security, Privacy, Personal data protection – Compliance with GDPR“ valid from May 24, 2018, which ensures the safe handling and protection of all information, in particular information that constitutes trade secrets, information within any of the information systems used, regardless of whether it is a legitimate interest or business secret or protection under the GDPR regulation. Security and information protection is one of the priorities of Digital Resources a.s.

However, in marketing and business activities of Digital Resources between commercial entities must looked at as a legitimate interest and protect the information at a great level for reasons of protection of business know-how, opportunities, and in connection to other agreements and contracts with commercial entities (such as NDA contracts), even in cases when such information is not directly covered by the GDPR regulation. However, a formal consent under GDPR is not required to record and process data when providing the premium content or the full software solution for a limited period of time, or to provide free consultations or free seminars or specialized conferences, since this is always a situation of legitimate and demonstrated interest from commercial entities that are only being represented and that may be seeking a business agreement. For this reason, we apply our own safety directive to protect this information because the GDPR regulation is not directly applicable.

In the field of marketing – we only mention a possibility (optional) of a consent to the registration and processing of personal data – for cases when a potential contact person wishes so. However, even disagreement in the sense of the GDPR does not necessarily mean lack of interest to download premium subscription material or lack of interest to download the software or a wish not to communicate or not seeking to conclude a business contract, including the fact of negotiating with that particular person, which must be registered for these purposes – if such interest is clear, even if, this person does not confirm consent under GDPR, because there is a conflict between the institution of legitimate and clearly demonstrated interest and the GDPR regulation; i.e. refusing to give the consent under the GDPR, but the subsequent downloading of premium materials or software or sharing contact with interest in business negotiations between commercial entities does not mean that the legitimate interest or business negotiations, offers, presentations, negotiation of contracts, the provision of free and paid services could be overlooked.

All information Digital Resources treats in a way that these basic principles are reached:

  •  It respects the willingness of its contractual and potential partners, including the legitimate interest institute,
  • Protects information with the highest priority against a possible abuse,
  • Does not share information that would cause a violation of a valid law,
  • It educates its employees so they can properly work with any information and contribute to their protection.