1. Who we are

Effective date: 2 June, 2025

Controller: RSE s.r.o.

Address: Holandska 854/1, Styrice, 63900 Brno, Czech Republic

Email: info@rse.energy

Please contact us at the email above for any privacy matter.

2. Scope

This policy explains how we process personal data when you use rse.energy. It covers our website, the contact form, security tools such as Google reCAPTCHA, functional cookies and consent management.

3. Data we process

  • Contact form data. Name, email, the content of your message and any other information you provide.

  • Form storage. We store form submissions in our WordPress database via the CFDB7 plugin.

  • Security and technical data. IP address and other technical data may be processed for security and delivery of the site by our hosting, by Wordfence firewall, and by Google reCAPTCHA when it is displayed.

    We do not intentionally collect special categories of data under Article 9 GDPR. Please avoid including sensitive information in free text fields.

    We do not run email marketing and we do not use analytics or advertising technologies at this time.

4. Purposes and legal bases

  • Responding to your inquiry and pre-contract steps. Article 6(1)(b) GDPR.

  • Contract performance, invoicing and record keeping where applicable. Articles 6(1)(b) and 6(1)(c) GDPR.

  • Website security and abuse prevention using Wordfence and reCAPTCHA. Article 6(1)(f) GDPR. Our legitimate interest is to protect our services and users.

  • Consent management for any non-essential cookies and similar technologies. Article 6(1)(a) GDPR where applicable.

    We do not use automated decision making that produces legal or similarly significant effects.

5. Cookies and similar technologies

We currently use only strictly necessary cookies. These include consent cookies set by our consent tool and security cookies used by reCAPTCHA and, in some cases, WordPress or Wordfence. See the Cookie Policy for details. You can change your choices at any time via the cookie banner or the Cookie Settings link in the footer.

6. Third party websites

Our site may contain links to third party websites that we do not control. Their privacy practices are governed by their own policies. Please review those policies when you visit third party sites.

7. Disclosures and processors

We use service providers who process personal data on our instructions, including:

  • Website hosting and maintenance providers

  • Security provider Wordfence

  • Form storage via the CFDB7 plugin in our WordPress database

  • Google reCAPTCHA for bot prevention on forms

    We do not sell personal data. We disclose data to authorities only where the law requires it.

8. International transfers

Some providers may process data outside the European Economic Area. For example Google reCAPTCHA may involve connections to Google servers outside the EEA, which results in transfer of your IP address. Where a transfer occurs we rely on appropriate safeguards such as the European Commission Standard Contractual Clauses and additional measures where required. If we later self-host Google Fonts we will update this section.

9. Retention

  • Contact form submissions stored via CFDB7: up to 24 months after the last interaction if no contract follows.

  • Security and server logs including Wordfence data: typically up to 90 days, unless needed longer for investigation.

  • Contract and accounting records: retained for the period required by law and limitation periods, typically up to 10 years.

  • Strictly necessary cookies: stored for their individual lifetimes as shown in the Cookie Policy.

10. Your rights

You have the rights of access, rectification, erasure, restriction, portability, and objection to processing based on legitimate interests. You have the right to withdraw consent at any time. To exercise your rights contact info@rse.energy.

11. Do Not Track

Some browsers offer a Do Not Track signal. There is no current industry standard for responding to such signals. We treat consent and preferences through our cookie banner and settings.

12. Security

We apply technical and organizational measures appropriate to the risk. Access is limited, systems are maintained and updated, and transmissions are protected. We will notify authorities and users about personal data breaches where required by law.

13. Changes

We may update this policy. The latest version will always be available on this page.