Information on the Attorney’s Processing of Clients’ Personal Data

Data Controller:

JUDr. Radoslav Bolf, Attorney, Czech Bar Association reg. no.: 11053
JUDr. Radoslav Bolf Law Firm
registered office: Zádušní 2590/2, 276 01 Mělník
Reg. no.: 707 96 050
hereinafter referred to as “Data Controller

The Data Controller is an individual working as an attorney. The Data Controller hereby informs the clients (hereinafter referred to as “Data Subject(s)”) about the manner and extent of the processing of personal data by the Data Controller, including the extent of the Data Subjects’ rights related to the processing of their personal data by the Data Controller. The Data Controller processes personal data in compliance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation; hereinafter referred to as “GDPR”), and in compliance with relevant national personal data protection legislation.

The Data Controller only collects and processes personal data in compliance with the specified purposes and to the extent and for the time necessary for the purposes specified below.

1. The discharge of contractual obligations resulting from contracts for legal services, or taking measures before entering into a contract

The Data Controller collects and processes the Data Subjects’ data within the following scope:

  • identification data
  • contact information
  • bank details (if provided)
  • records of communication, which may contain information about persons authorised to act on behalf of the client, including the client’s employees, provided by such persons themselves, and
  • other information that the Data Controller learns while providing legal services (in particular, information provided by the client or the adverse party, or information from public sources).

The aforementioned data may relate to the client or to any other persons affected by the provision of the legal services (adverse party, contract party, etc.).

In connection with the discharge of the Data Controller’s contractual obligations, statutory obligations (keeping tax and accounting documents on file) must be performed as well and personal data are also processed due to the Data Controller’s legitimate interests, in particular for the purpose of inspection and provability of the provided legal services, for debt collection and for filing legal claims.

Such records are filed for at least 10 years after the termination of the contractual relationship unless the law (in particular, the Act on Archiving and Record Service, Act on Legal Profession, or the GDPR) specifies that the Data Controller must keep them for a longer period of time.

2. Consent to Personal Data Processing

Personal data processing may also be based on the Data Subject’s consent to personal data processing if provided after 25 May 2018. Previously provided consents cannot be use as the basis for personal data processing even if they are part of a concluded contract. The particular personal data to be processed and the processing conditions are included in the consent. The Data Subject may withdraw his or her consent at any time in person or by means of a written notification sent to the Data Controller (see contact information below).

3. General Information on Personal Data Processing

The Data Controller may process the personal data – manually or by automated means – through designated processors, such as attorneys who cooperate with the Data Controller and whose list is available on as well as other entities, whose up-to-date list can be provided by the Data Controller on request. Unless the information herein suggests otherwise, personal data will only be made accessible to the Data Controller’s or processor’s authorised employees and only to the extent necessary for the purposes of the processing. The Data Controller does not intend to transfer any personal data to any third countries or international organisations.

Based on a statutory request, personal data may be transferred to third parties (recipients) that have statutory power to require such transfer of personal data under conditions determined by the law.

4. The Rights of the Data Subject Related to Processing

The Data Subject is entitled to:

  • request information about the categories of the processed personal data, about the purpose, period and manner of processing and about the recipient of the personal data;
  • request a copy of the personal data undergoing processing;
  • request, under conditions specified by applicable legislation, that the personal data be corrected, completed or deleted, or that data processing be restricted;
  • object to personal data processing and lodge a complaint with a supervisory authority, i.e. the Office for Personal Data Protection;
  • be informed of cases of personal data breach if the personal data breach is likely to result in a risk to the Data Subject’s rights and freedoms.

Detailed information on Data Subjects’ rights are available on

5. Data Controller’s contact information:

Name: JUDr. Radoslav Bolf, advokátní kancelář
Registered office: Zádušní 2590/2, 276 01 Mělník
Contact person: JUDr. Radoslav Bolf
E-mail: bolf(a)


JUDr. Radoslav Bolf, Attorney
Zádušní 2590/2
276 01 Mělník
Česká republika