Moodle login
Apply now

Privacy & Cookie Policy

Effective from: 1. 1. 2026

European Institute of Applied Science and Management, o.p.s. (hereinafter the “Institute”, “we”, or “us”) respects your privacy and is committed to protecting your personal data. This Privacy and Cookie Policy explains how we process personal data in connection with our institutional website, our online study environment, and our e-shop where students and other customers can pay tuition and other study-related fees.

We process personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (the General Data Protection Regulation, “GDPR”), Czech Act No. 110/2019 Coll., on the Processing of Personal Data, and Czech Act No. 480/2004 Coll., on Certain Information Society Services, as amended.

1. Data Controller

The controller of your personal data is:

European Institute of Applied Science and Management, o.p.s.
Public benefit organization (obecně prospěšná společnost)
Registered office: Pod vodárenskou věží 1143/4, Libeň, 182 00 Praha 8, Czech Republic
Identification number (IČO): 24190101

Registered in the Register of Public Benefit Corporations kept by the Municipal Court in Prague, Section O, Insert 865.

Contact for data protection matters: info@eiasm.cz

We have not appointed a Data Protection Officer, as we are not required to do so under Article 37 GDPR. For any questions regarding the processing of your personal data, please contact us at the email address above.

2. Scope of this Policy

This Policy applies to personal data processed when you:

  • browse our institutional website;
  • register for and use your student account;
  • access our learning management system (LMS) operated at moodle.eiasm.cz (powered by Moodle™), which requires your login credentials, or other online study materials linked from our website;
  • purchase study programmes, courses, or pay tuition and other study-related fees through our e-shop;
  • contact us by email, contact form, or other means; or
  • subscribe to our newsletters or other marketing communications.

3. Categories of Personal Data We Process

3.1 Browsing the website

When you visit our website, we automatically process technical data such as your IP address, browser type and version, operating system, referring website, pages visited, and date and time of visit. This data is processed mainly through cookies and similar technologies (see Section 9).

3.2 Student account, learning management system and study services

When you register and study with us, we process your identification and contact data (name, surname, date of birth, address, email, telephone number), as well as login credentials for your student account and for the learning management system at moodle.eiasm.cz. Passwords are not stored in plain text; they are kept in the form of a one-way cryptographic hash.

Within the learning management system and other online study services, we process in particular the following data relating to the course of your studies:

  • enrolment data (study programme, courses, groups, role, start and end of enrolment);
  • study results (assignment submissions and the files you upload, quiz and test attempts and answers, grades, teacher feedback, attendance, certificates);
  • communications carried out within the platform (forum posts, private messages, comments and chat messages exchanged with teachers and other students);
  • activity and access logs (date and time of login, IP address, course pages accessed, time spent, actions performed) generated automatically by the system for security, technical and pedagogical purposes;
  • profile data you choose to provide (profile picture, short biography, language and notification preferences).

Access to learning materials and to the LMS is reserved for authenticated users. Some study materials may also be made available through links on our institutional website; where access to those materials requires authentication, the same rules described in this Section apply.

3.3 E-shop purchases and payments

When you make a purchase in our e-shop or pay tuition or other study-related fees, we process the data necessary to perform the contract and to comply with our accounting and tax obligations:

  • identification and contact data (name, surname, billing address, delivery address if different, email, telephone);
  • billing data (for business customers: company name, registered office, IČO, DIČ/VAT ID);
  • order data (items purchased, price, date of order, order number);
  • payment data (payment method, transaction reference, payment status). Card numbers and other sensitive payment credentials are processed exclusively by the relevant payment service provider; we never receive or store the full card number.

3.4 Communication with us

When you contact us, we process the content of your message together with your contact details, so that we can respond and keep a record of the communication.

3.5 Marketing communications

If you give us your consent, or if you are our customer and have not objected, we process your email address and basic identification data in order to send you newsletters and information about our study programmes and events.

4. Purposes and Legal Bases of Processing

We process your personal data only where we have a valid legal basis under Article 6(1) GDPR:

a) Performance of a contract – Article 6(1)(b) GDPR

To conclude and perform the study contract or the purchase contract for goods and services in our e-shop, including processing of payments, delivery of study materials, provision of access to the online study environment, and handling of complaints and refunds.

b) Compliance with a legal obligation – Article 6(1)(c) GDPR

To comply with obligations arising from accounting, tax, and consumer protection legislation (in particular Act No. 563/1991 Coll. on accounting, Act No. 235/2004 Coll. on value added tax, and Act No. 634/1992 Coll. on consumer protection) and from legislation governing educational activities.

c) Legitimate interests – Article 6(1)(f) GDPR

To ensure the security and proper functioning of the website and the e-shop, prevent fraud and abuse, evaluate and improve our services, defend our legal claims, and send direct marketing communications to existing customers regarding similar services. You may object to processing based on legitimate interests at any time (see Section 8).

d) Consent – Article 6(1)(a) GDPR

For sending marketing communications to persons who are not our customers, for the use of non-essential cookies (analytical and marketing cookies), and for any other processing where consent is required by law. Consent is voluntary and may be withdrawn at any time without affecting the lawfulness of processing carried out before withdrawal.

5. Retention Periods

We retain personal data only for as long as necessary for the purposes for which it was collected, or as required by law:

  • Accounting documents (invoices, payment records): 5 years from the end of the accounting period (Section 31 of Act No. 563/1991 Coll.).
  • Tax documents relevant for VAT: 10 years from the end of the tax period in which the taxable supply occurred (Section 35 of Act No. 235/2004 Coll.).
  • Study records and graduation documents: for the duration of studies and for the period required by applicable educational and archival legislation.
  • E-shop customer account: for the duration of the account; if inactive, we may delete it after 3 years of inactivity.
  • Communication records: up to 3 years from the last communication, unless a longer period is required for the defence of legal claims.
  • Marketing consents: until consent is withdrawn, or up to 3 years of inactivity if no withdrawal occurs.
  • Cookies: for the period stated in Section 9 below.

6. Recipients and Processors

Your personal data may be made available to the following categories of recipients, who act as our processors or independent controllers under appropriate contractual arrangements:

  • payment service providers operating the payment gateway used in our e-shop;
  • hosting providers and providers of cloud services and IT infrastructure;
  • providers of email and customer-relationship management tools;
  • providers of website analytics and marketing tools (only on the basis of your consent given through the cookie banner);
  • accountants, auditors, tax advisors and legal counsel bound by professional secrecy;
  • couriers and postal service providers (only where physical delivery is necessary);
  • public authorities, where we are obliged to disclose data by law (e.g. tax administration, courts, police).

A current list of specific processors is available on request at info@eiasm.cz.

7. Transfers Outside the EU/EEA

As a rule, we process your personal data within the European Union or the European Economic Area. If, in connection with the use of certain tools (typically analytics or marketing services), data is transferred to a third country, such transfer takes place only on the basis of an adequacy decision of the European Commission or under appropriate safeguards within the meaning of Article 46 GDPR (in particular Standard Contractual Clauses).

8. Your Rights as a Data Subject

Under the GDPR, you have the following rights in relation to your personal data:

  • Right of access – to obtain confirmation as to whether we process your personal data and, if so, to receive a copy of the data and information about the processing.
  • Right to rectification – to have inaccurate or incomplete data corrected.
  • Right to erasure (“right to be forgotten”) – to have your data deleted where one of the legal grounds in Article 17 GDPR applies (e.g. the data is no longer necessary, you withdraw consent, or you object successfully).
  • Right to restriction of processing – to have processing limited in the cases set out in Article 18 GDPR.
  • Right to data portability – to receive data you have provided to us in a structured, commonly used and machine-readable format and to transfer it to another controller.
  • Right to object – to object at any time to processing based on our legitimate interests, including profiling, and at any time and free of charge to processing for direct-marketing purposes.
  • Right to withdraw consent – where processing is based on consent, you can withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.
  • Right not to be subject to automated decision-making – we do not carry out automated decision-making with legal effects on you, including profiling within the meaning of Article 22 GDPR.

You can exercise your rights by writing to info@eiasm.cz or to our registered office. We will respond within one month; in justified cases this period may be extended by a further two months.

If you believe that our processing of your personal data infringes the GDPR, you have the right to lodge a complaint with the supervisory authority, which in the Czech Republic is the Office for Personal Data Protection (Úřad pro ochranu osobních údajů), Pplk. Sochora 27, 170 00 Prague 7, www.uoou.cz.

9. Cookies

Cookies are small text files placed on your device when you visit a website. They are widely used to make websites work, or to work more efficiently, as well as to provide information to the operator of the site.

9.1 Categories of cookies we use

Essential (strictly necessary) cookies

These cookies are necessary for the website, the e-shop, and the learning management system to function. They include cookies that keep you logged in (in particular the session cookie used by the Moodle platform at moodle.eiasm.cz, typically named “MoodleSession”), remember the contents of your shopping cart, manage the checkout process, and ensure security and load balancing. These cookies are processed on the basis of our legitimate interest in providing functioning services and do not require your consent. Without them, you would not be able to log in to your student account or to the LMS, and the e-shop checkout would not work.

Functional cookies

These cookies allow the website to remember choices you make (such as language, region, or display preferences) and provide enhanced features. They are processed on the basis of your consent.

Analytical cookies

These cookies help us understand how visitors interact with our website by collecting information on an aggregated, pseudonymous basis (e.g. number of visits, traffic sources, pages viewed). We use them to improve the website. They are processed only on the basis of your consent.

Marketing cookies

These cookies are used to measure the effectiveness of our marketing campaigns and to display relevant advertising on third-party sites. They are processed only on the basis of your consent.

9.2 Consent and how to manage cookies

When you first visit our website, a cookie banner appears allowing you to accept all cookies, reject all non-essential cookies, or set your preferences by category. You can change or withdraw your consent at any time by opening the cookie settings.

You can also manage cookies directly in your browser. Most browsers allow you to view, delete, and block cookies, or to be notified before a cookie is stored. Instructions for the most common browsers are available at:

  • Google Chrome: support.google.com/chrome
  • Mozilla Firefox: support.mozilla.org
  • Microsoft Edge: support.microsoft.com
  • Safari: support.apple.com

Please note that disabling essential cookies will prevent parts of the website and the e-shop from working correctly.

9.3 Third-party services

Our website may include content and functionality provided by third parties (for example embedded videos, social-media share buttons, payment gateways, or analytics tools). These third parties may set their own cookies, governed by their own privacy policies. They are activated only where required for the service or where you have given the corresponding cookie consent.

10. Security

We apply appropriate technical and organisational measures to protect personal data against unauthorised or unlawful processing and against accidental loss, destruction, or damage. These include encrypted (HTTPS/TLS) communication on all our domains and subdomains (including moodle.eiasm.cz), authenticated access to the student account and to the learning management system, role-based access controls, hashed storage of passwords, regular software updates and security patching of the LMS and supporting systems, logging of access for security review, and contractual confidentiality and security obligations imposed on our processors.

You are responsible for keeping your login credentials confidential and for promptly notifying us of any suspected unauthorised use of your account.

11. Children

Our services are intended primarily for adult students. Where we offer services to persons under 18, we obtain personal data with the involvement and, where required by law, the consent of a parent or legal guardian.

12. Changes to this Policy

We may update this Privacy and Cookie Policy from time to time to reflect changes in our services, applicable law, or best practice. The current version is always available on our website with the effective date stated at the top. Material changes will be notified to registered users by email or through the student account.

13. Contact

If you have any questions about this Policy or about how we process your personal data, please contact us:

European Institute of Applied Science and Management, o.p.s.
Pod vodárenskou věží 1143/4, Libeň, 182 00 Praha 8, Czech Republic
Email: info@eiasm.cz
IČO: 24190101