Privacy Policy

Naděje z Popela, z.s. Privacy Policy

Our contact details

Name: Naděje z Popela z.s.

Address: V Lukach 458/36

Hradec Kralove 50341

Phone Number: +420732116929

IČO: 09299874

E-mail: nadejezpopela.outofashes@gmail.com

The type of personal information we collect

We currently collect and process the following information:

  • Personal identifiers, contacts and characteristics

  • Phone numbers

  • Address

  • Email address

  • Lifestyle information (including special categories of information such as personal information including sexual orientation, sex life, and religious beliefs)

  • Information on your religious beliefs

  • Information about your interactions with our groups, via our facebook group/pages, and website including “insights” data and how you interact with our groups/pages. This may include device information to help us understand which device you use to access our services and to check we can render content sufficiently well.

  • Information for our staff or role holders which may include name, addresses, bank details, social security or other government registration information, details of pension payments and salary or expenses payments, contact details, next of kin, information on any legal convictions (which could include special categories of data). We use these to administer our staff (for example, to pay staff or pay expenses or social security/insurance payments, to inform next of kin in an emergency or screen potential role holders (if required).

How we get the personal information and why we have it

Most of the personal information we process is provided to us directly by you for one of the following reasons:

  • To help us engage with you and fulfil our mission as an organisation. Including contacting, supporting, providing care or other services to our members or prospective members.

  • To provide you with information and to enable your participation in a group or event, so that you can engage with us and get support, services, or care from the group or event.

We also receive personal information indirectly, from the following sources in the following scenarios:

  • Facebook – we have a joint controller arrangement with Facebook as Keifer Lucchi and Maximilian Datelinka are owners of subsidiary facebook groups and pages and as such, the Facebook joint controller addendum applies. https://www.facebook.com/legal/terms/page_controller_addendum
    We may receive information from Facebook you provide in the group and also through Facebook insights and your interactions with the group or group members. Please see our statement on our Facebook page on the relationship between us and Facebook as joint data controllers for Facebook information (www.nadejezpopela.com/fbpage, www.nadejezpopela.com/fbgroup)

  • Google Cloud – we have a joint controller arrangement with Google as laid out in their terms and conditions here: (https://policies.google.com/terms#toc-intro)
    We may receive information from Google that you provide via email, forms, or other cloud based services, as well as through Google analytics and your interactions with other Google products, services or users.
    More information can also be found in Google’s privacy policy, and Terms of Service. (
    https://policies.google.com/privacy)

We may use the information that you have given us in order to to help us engage with you and fulfil our mission as an organization to show the love of Jesus by fulfilling the mental, spiritual, emotional, physical and social needs for people in our local communities, and to create a central support and equipping point for Christian workers across Europe. This includes contacting, supporting, providing care or other services to our members or prospective members. To provide you with information and to enable your participation in the group. This may include keeping records of members, interested parties, supporters, those in contact with us, keeping records of feedback received and potentially financial or bank information for supporters or donators. We may also hold data for the administration of our employees and own business for example to administer payroll and our responsibilities as an employer/with relation to your staff. To manage expenses payments or social security/payroll tax or pension payments.

We may use the information to administer our organisation, fulfil administrative tasks related to it, reach out to and contact supporters, seek comments or views from you, reach out for fundraising activities or notify of any changes.

We may process your information to manage any donations or support you provide.

We may process the information in order to provide support, care to you or others and to minister to your spiritual or physical needs.

We may share this information with:

Our directors and board members, named in the Czech business registry.

Facebook, as part of engaging with our groups/pages via facebook, information may be shared or provided by you there. See above for information on our relationship with facebook and how we manage your data.

Google, as per our email, and cloud agreements, information may be shared or provided by you to Google. See above for information on our relationship with Google and how we manage your data.

Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:

(a) Your consent. You are able to remove your consent at any time. You can do this by contacting Keifer Lucchi or Maximilian Datelinka at nadejezpopela.outofashes@gmail.com

(b) We have a contractual obligation.

(c) We have a legal obligation.

(d) We have a vital interest.

(e) We need it to perform a public task.

(f) We have a legitimate interest.

Most of our processing is done in line with our legitimate interests or those of a third party, unless there is a good reason to protect the personal data which overrides these legitimate interests. This includes our legitimate interests to fulfil the mission of the group, support and reach out to members and support engagement with us. We may need to fulfil legal obligations (for example if information is requested by a competent legal authority). We may need to fulfil a contract (for example with our staff or to pay them or manage them). In certain cases, vital interest (For example, if we are concerned about someone’s welfare and need to inform a doctor or other authority, this may require us to use this basis to process some of your information to protect life).

How we store your personal information

Your information is securely stored in the Czech Republic or, as applicable, via Google cloud following their GDPR compliant storage policies outlined here: (https://policies.google.com/privacy/frameworks, https://policies.google.com/privacy#enforcement).


We keep information only as long as necessary, not exceeding 2 years from the last date of necessity, except where required by law, or for the purposes of tax or financial management. Once data is no longer of required, it is deleted from all hard drives and cloud servers.