top of page

Cookie Policy and Privacy Policy

Cookie Policy

In order for the website ("Website") operated by us to function properly, we place small data files called cookies on your device. Cookies are small text files that are stored on your computer or other device when you visit a website. Among other things, cookies help us remember your activities and preferences over time so that you do not have to re-enter them each time you return to the Website.  

Through the use of cookies, the website will know if you have been to the website before and what parts of the website you are viewing. In particular, cookies allow us to store your settings and preferences, remember your access data, provide targeted content and marketing communications and help us understand which part of our website is most popular and analyse how it works. Cookies may come from us ("first party cookies") or from third parties whose services we use ("third party cookies").

This website uses the following types of cookies, the scope and functionality of which are explained below:

Technical cookies 
Technical cookies provide features without which the website cannot function properly, enabling basic functions such as site navigation and access to secure sections of the website. These are always first party cookies. The use of these cookies is possible without your consent.

Analytical cookies
Analytical cookies collect information about how the website is used.  Through these cookies, we are able to determine, for example, whether and possibly which subpages of the website are visited by users and what content is of particular interest to users. With these cookies, we also record, in particular, the number of visits to the website, the number of subpages opened, the time spent on our website, the order of the pages visited, from where access is made, the proportion of mobile devices from which access to our website is made, etc. Thanks to these cookies, we can therefore tailor the content of our website more specifically to the needs of our users and optimize our offer.

Marketing cookies
Marketing cookies are used to collect information about the website visited by the user in order to create targeted advertising for that user.

Information on the processing of personal data in connection with the use of cookies

Personal data controller
The controller of personal data is Comfort Zone Investments, a.s., ID No.: 090 40 927, with registered office at Sokolovská 428/130, Prague 186 00, registered in the Commercial Register maintained by the Municipal Court in Prague, Section B, Insert 25191

Individual types of cookies, purpose of processing, legal basis for processing, storage period

Technical Cookies
The legal basis for processing is consent within the meaning of Article 6(1)(af) of Regulation (EU) No. 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter referred to as "GDPR").

Recipients of personal data
Third party cookie providers:

Google (Analytics. AdSense, DoubleClick)

Data subject rights and further information for data subjects
Every data subject has the right under data protection law to request:

- the right to access, rectification or erasure of personal data concerning the data subject, or restriction of processing;
- the right to the portability of personal data;
- the right to object to the processing of personal data concerning him or her;
- the right to lodge a complaint at any time with the supervisory authority, which is the Office for Personal Data Protection -;
- where consent is the legal basis for processing, this consent may be withdrawn by the data subject at any time, without prejudice to the lawfulness of processing based on consent prior to its withdrawal.
- The legitimate interest of the controller in the case of processing based on Article 6(1)(f) is the interest in the correct and smooth functioning of the website.

The provision of personal data is a contractual requirement and is voluntary as far as analytical and marketing cookies are concerned. As far as technical cookies are concerned, their provision is necessary and failure to provide them would result in the website not functioning properly.

In connection with the processing carried out, personal data may be sent to the following third countries, i.e. countries outside the European Economic Area, if you give us your explicit consent to do so or if we provide sufficient safeguards to protect the personal data transferred. If you give us your consent, in connection with Google Analytics and/or analytics or marketing cookies or cookies linked to social networks and other web technologies described above, such as those used by Facebook, we will send your personal data to companies located in the United States of America ("USA") on servers located there. Please note that such transfers may involve risks to the processing of your personal data due to the lack of adequate privacy decisions and appropriate safeguards. Specifically, the transfer and processing of personal data in the U.S. may be subject to surveillance programs by U.S. government authorities and your personal data may then be disclosed to security services. There is no one specific authority in the U.S. responsible for data protection oversight. Different U.S. federal states have different points of contact with respect to data protection powers, including a special court that rules on foreign security oversight matters.

The data subject has the right not to be subject to any decision based solely on automated processing, including profiling, which has legal effects on the data subject or similarly significantly affects the data subject. The controller does not base any of its decisions in the operation of the website solely on automated processing, and profiling carried out by the controller does not have legal effects on or significantly affect the data subject.

The Data Protection Officer may be contacted at any time in writing at the address of the controller's registered office or electronically at


What type of information do you collect?

We receive, collect and store any information you enter on our website or provide us in any other way. In addition, we collect the Internet protocol (IP) address used to connect your computer to the Internet; login; e-mail address; password; computer and connection information and purchase history. We may use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page. We also collect personally identifiable information (including name, email, password, communications); payment details (including credit card information), comments, feedback, product reviews, recommendations, and personal profile.


How do you collect information?
When you conduct a transaction on our website, as part of the process, we collect personal information you give us such as your name, address and email address. Your personal information will be used for the specific reasons stated above only.

Why do you collect such personal information?
We collect such Non-personal and Personal Information for the following purposes:
1. To provide and operate the Services;
2. To provide our Users with ongoing customer assistance and technical support;
3. To be able to contact our Visitors and Users with general or personalized service-related notices and promotional messages;
4. To create aggregated statistical data and other aggregated and/or inferred Non-personal Information, which we or our business partners may use to provide and improve our respective services; 
5. To comply with any applicable laws and regulations.

How do you store, use, share and disclose your site visitors' personal information?
Our company is hosted on the platform. provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through’s data storage, databases and the general applications. They store your data on secure servers behind a firewall.  

All direct payment gateways offered by and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.


How do you communicate with your site visitors?
We may contact you to notify you regarding your account, to troubleshoot problems with your account, to resolve a dispute, to collect fees or monies owed, to poll your opinions through surveys or questionnaires, to send updates about our company, or as otherwise necessary to contact you to enforce our User Agreement, applicable national laws, and any agreement we may have with you. For these purposes we may contact you via email, telephone, text messages, and postal mail.

How do you use cookies and other tracking tools?
If your website tracks personal information through the use of cookies, for example, you must make this clear to your site visitors. Be clear about what tracking tools (e.g. cookies, flash cookies, web beacons, etc.,) your website employs, what personal information they gather and why they are being used.

It's important to note that third-party services, such as Google Analytics or other applications offered through the Wix App Market, placing cookies or utilizing other tracking technologies through Wix´s services, may have their own policies regarding how they collect and store information. As these are external services, such practices are not covered by the Wix Privacy Policy.


Types of Cookies
In general, the cookies which are initially placed on your Wix website may be categorized as essential cookies. However, considering that our platform gives you the ability to add multiple components, codes, third-party applications...and so on, your website may include other types of cookies which might require specific settings.
Take a look at the table below to see which cookies we place on Wix sites:

Cookie Name,   Purpose,   Duration,   Cookie Type,

XSRF-TOKEN, Used for security reasons. Session, Essential

hs, Used for security reasons, Session, Essential

svSession, Used in connection with user login, 2 years, Essential

SSR-caching, Used to indicate the system from which the site was rendered, 1 minute, Essential

_wixCIDX, Used for system monitoring/debugging, 3 months, Essential

_wix_browser_sess, Used for system monitoring/debugging, session, Essential

consent-policy, Used for cookie banner parameters, 12 months, Essential

smSession, Used to identify logged in site members, Session, Essential

TS*, Used for security and anti-fraud reasons, Session, Essential

bSession, Used for system effectiveness measurement, 30 minutes, Essential

fedops.logger.sessionId, Used for stability/effectiveness measurement, 12 months, Essential

wixLanguage, Used on multilingual websites to save user language preference, 12 months, Functional

How can your site visitors withdraw their consent?
If you don’t want us to process your data anymore, please contact us at

Privacy policy updates
We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it. 

Questions and your contact information
If you would like to: access, correct, amend or delete any personal information we have about you, you are invited to contact us at


Information on the processing of personal data of Comfort Zone Investments a.s.


1. Introductory provisions
1.1 This Information on the processing of personal data ("Information") is prepared in accordance with Regulation No. 2016/679 of the European Parliament and of the Council, General Data Protection Regulation ("General Data Protection Regulation").
1.2 The purpose of this Infomation is to provide information to clients and potential investors using collective money management services (hereinafter referred to as "Clients") of Comfort Zone Investments a.s., with registered office at Sokolovská 428/130, Karlín, 186 00 Prague 8, ID No. 09040927, registered in the Commercial Register maintained by the Municipal Court in Prague, Section B, Insert 25191, (the "Company"), about the collection and processing of personal data by the Company.
1.3 The Company considers all personal data of the Client to be strictly confidential.

2.    Personal Data Protection Policy
2.1 In particular, the Company is bound by the following principles when processing personal data:
2.1.1. personal data must be processed fairly and in a lawful and transparent manner;
2.1.2. personal data may only be collected for the purposes of fulfilling a legal obligation and may not be further processed in a manner incompatible with those purposes;
2.1.3. personal data may be processed only to the extent necessary in relation to the purpose in question;
2.1.4. the processing of personal data must take into account its accuracy;
2.1.5. personal data may be kept only for the necessary period; and
2.1.6. personal data must be processed under appropriate security.

3. Information for Clients
The Company provides the following information to Clients about the processing of personal data:
3.1. the data controller
3.1.1 The data controller, i.e. the one who collects and is responsible for the data, is the Company. The contact address of the Company is set out above; further contact details can be found at
3.2 Purposes of processing and their legal basis
3.2.1 The Company processes personal data for the following purposes in particular:
(a) the proper provision of services to Clients, 
b) to comply with legal requirements, 
c) for the performance of the contract; and
d) to prevent the laundering of the proceeds of crime and the financing of terrorism.
3.2.2 The legal basis for the collection of personal data is primarily the legislation of the Czech Republic, in particular Act No. 240/2013 Coll., on Investment Companies and Investment Funds ("ICIF") and related implementing regulations issued by the Czech National Bank, as well as Act No. 253/2008 Coll., on Certain Measures against the Legalization of Proceeds of Crime and Terrorist Financing, and the Company's legitimate interest in preventing the legalization of proceeds of crime and terrorist financing.
3.2.3 The Company processes the Client's identification and contact data, such as the Client's name and surname, date of birth, birth number, home address, e-mail, telephone number or bank account number. Within the framework of the prevention of money laundering and terrorist financing, the Company processes the Client's name and surname, birth number, date of birth, place of birth, gender, permanent or other residence, nationality and image, data on the issue and validity of the Client's identification documents, income and assets and political exposure. Data on the Client's assets or investment knowledge and experience may also be processed for the purpose of assessing or categorising the Client for regulatory reasons (in particular the ISIF).
3.3 Obligation to provide personal data
3.3.1 The Company shall not enter into a contractual relationship with any person who refuses to provide personal data to the extent required by law. If the Client refuses to provide such information, the Company shall not enter into any contractual relationship with the Client or shall be obliged to terminate the existing contractual relationship with the Client.
3.4 Archiving period
3.4.1 The Company shall archive the Clients' personal data for such period as is necessary in relation to the purpose for which it was obtained.
3.5 Categories of recipients of personal data
3.5.1 The Company may disclose Personal Data to entities and authorities to whom it is obliged or entitled to disclose Personal Data in order to fulfil the purposes set out above and to comply with its legal obligations. This applies in particular to government authorities or auditors.
3.6 Transfer of personal data to third countries
3.6.1 The Company does not envisage any first-time transfers of personal data to countries outside the European Union. In the event of transfers of personal data to third countries where the level of protection of personal data is not considered sufficient by the European Commission, the Company will apply the standard contractual provisions approved by the European Commission and will follow the relevant provisions of the General Data Protection Regulation.

4.    Rights of Clients
4.1 The primary bearer of personal data is always the Client and as such has the rights in relation to his/her personal data as set out below and specified in more detail in the General Data Protection Regulation.
4.2 Right of access to personal data
4.2.1 The Client has the right to obtain confirmation from the Company as to whether it processes his/her personal data and the right to access such data and information about it.
4.3 Right to rectification or completion
4.3.1 The Client may request the correction or completion of his/her personal data. The Company is obliged to comply with the Client's request if justified.
4.4 Right to erasure
4.4.1 The Client has the right to ask the Company to delete his/her personal data if any of the legal grounds for deletion is present.
4.4.2 The Client does not have the right to erasure if the processing of the personal data is necessary for the establishment, exercise or defence of legal claims or for the performance of a legal obligation under the law. 
4.5 Right to restriction of processing
4.5.1 In case of uncertainty about the accuracy or lawfulness of the processing of personal data, the Client may request that the Company temporarily restrict the processing of his/her personal data.
4.6 Right to data portability
4.6.1 If the legal prerequisites are met, the Client has the right to request from the Company his personal data in a machine-readable format and the right to request the transfer of such data to another controller.
4.7 Right to object
4.7.1 The Client shall have the right to object to the processing of their personal data by the Company on grounds relating to their particular situation (and in the case of direct marketing, at any time). Unless there are compelling legitimate grounds for processing, the Company shall no longer process the Client's personal data in question.
4.8 Right to lodge a complaint
4.8.1 Every Client has the right to lodge a complaint with a supervisory authority in the European Union if he/she believes that the processing of his/her personal data violates the General Data Protection Regulation. The supervisory authority in the Czech Republic is the Office for Personal Data Protection, located at Pplk. Sochor 27, 170 00 Prague 7,

5.    Final provisions
5.1 The Company is entitled to unilaterally change the Personal Data Protection Information at any time.
5.2 This Information shall take effect on 1 January 2022.

bottom of page