European Founders Network

Privacy Policy

Effective date: 1 August 2025

Last updated: 1 August 2025

This Privacy Policy (”Policy”) explains how Memetic Design Company s.r.o. (”we”, “us”, “our”) collects and uses personal data when you visit European Founders Network websites, apply for membership, pay fees, or use member areas and events (collectively, the “Services”).

We process personal data in accordance with the EU/EEA General Data Protection Regulation (GDPR) and applicable Czech law.

⸻

1) Who is the controller?

Controller: Memetic Design Company s.r.o.

Registered office: Kurzova 2222/16, Stodůlky, 155 00 Prague 5, Czech Republic

Company ID (IČO): 22105425

Register: Municipal Court in Prague

Contact e‑mail: contact@europeanfounders.net

DPO: We have not appointed a Data Protection Officer. For any privacy question, contact us at the e‑mail above.

Supervisory authority: You have the right to lodge a complaint with the Czech Office for Personal Data Protection (ÚOOÚ) (see https://www.uoou.cz) or with your local EU authority.

⸻

2) What data we collect

We collect and process the following categories of personal data:

•Account & profile data:

name, e‑mail address, password hash, photo/avatar, bio, role, company name, country, links (e.g., LinkedIn).

•Application data:

information you provide during the membership application (e.g., company details, stage, sector, references, answers to questions, and any supporting documents).

•Membership & community data:

membership status and tier, renewals, groups you join, introductions, messages/posts you create, event RSVPs/attendance, feedback and support tickets.

•Billing & payments:

billing address, VAT ID (if any), invoice details, payment status and tokens. We do not store full card numbers. Payments are processed by Stripe.

•Technical & usage data:

device and browser information, IP address, log data, timestamps, referrers, cookie IDs, interaction data (pages viewed, clicks), and basic diagnostics.

•Marketing preferences:

your opt‑in/out choices for newsletters and updates.

•Event media (optional):

photos/recordings from events or webinars if we tell you in advance (and obtain consent where required).

We collect data directly from you, automatically via cookies and similar technologies, and from third parties where lawful (e.g., payment and anti‑fraud signals from Stripe, publicly available sources like LinkedIn if you include a link in your application).

⸻

3) Why we use your data (purposes & legal bases)

We use your personal data for the purposes listed below and on the following legal bases under Article 6 GDPR:

Purpose Examples Legal basis

Evaluate applications & onboard members review eligibility, verify details, decision communications Contract (Art. 6(1)(b)) and legitimate interests (Art. 6(1)(f)) to ensure community integrity

Provide and administer membership account creation, member directory, forum/messages, event registration, customer support Contract (Art. 6(1)(b))

Process payments & invoicing charge fees, issue invoices, manage renewals, detect fraud Contract (Art. 6(1)(b)), legal obligation (Art. 6(1)(c) – accounting/tax), and legitimate interests (fraud prevention)

Operate, secure & improve the Services logs, security monitoring, troubleshooting, analytics in aggregate Legitimate interests (Art. 6(1)(f)) to keep services secure and useful

Send service messages renewal reminders, changes to terms, security alerts Legal obligation and/or contract

Marketing communications newsletters, announcements, event invites Consent (Art. 6(1)(a)). You may withdraw consent at any time. Where local e‑privacy rules allow, we may use the soft opt‑in for our existing members and you can opt out easily.

Comply with law & enforce terms tax retention, handling claims, preventing abuse/spam Legal obligation and legitimate interests

We do not use your data for automated decision‑making that produces legal or similarly significant effects.

⸻

4) Cookies & similar technologies

We use cookies and similar technologies to run the site, remember your preferences, and (with your consent) for analytics and marketing.

• Strictly necessary cookies – essential for login, payments, security. (No consent required.)

• Analytics cookies – help us understand usage to improve the Services. (Consent required.)

• Marketing/advertising cookies – used to measure campaigns or show relevant content. (Consent required.)

You can manage your choices at any time via our Cookie Settings link (footer). If you refuse non‑essential cookies, the site will still work, but some features may be limited.

A detailed cookie list is available in our Cookie Policy, which forms part of this Policy.

⸻

5) Payments via Stripe

We use Stripe to process payments. When you pay, certain information (card details, device/technical data, fraud indicators) is handled directly by Stripe. Stripe acts as our processor for processing your payments and also as an independent controller for activities such as fraud prevention and regulatory compliance. See Stripe’s own privacy documentation for details. We receive limited payment information from Stripe (e.g., payment status, last four digits, card brand, expiry month/year) and invoice details for our records.

⸻

6) Sharing your data

We share personal data with:

• Service providers (processors): hosting and infrastructure, customer support tools, email delivery, analytics (when enabled), CRM and community platforms—all bound by contracts and confidentiality.

• Payment provider: Stripe (see above).

• Event partners: venues or online event platforms, when necessary for registration and access.

• Professional advisers & authorities: accountants, auditors, legal counsel, law enforcement or regulators where required.

• Other members: your member profile and directory information are visible to other members to enable networking; you can edit what is shown in your profile.

We do not sell personal data.

⸻

7) International transfers

Some recipients may be located outside the EU/EEA. Where this occurs, we use lawful transfer mechanisms such as European Commission Standard Contractual Clauses (SCCs) or other safeguards permitted by GDPR. You can contact us for a copy of the relevant safeguards.

⸻

8) How long we keep data (retention)

We keep personal data only as long as needed for the purposes above:

• Account & membership records: for the duration of membership and up to 3 years after termination (claims limitation) unless we need longer for a dispute.

• Application data: if not approved, up to 12 months from decision unless you ask us to delete sooner; if approved, we retain it within your member record.

• Invoices & tax records: retained for statutory periods (generally up to 10 years under accounting and tax laws).

• Marketing data: until you withdraw consent or opt out; we will then keep a minimal record of your opt‑out.

Where data is no longer needed, we delete or irreversibly anonymise it.

⸻

9) Security

We implement appropriate technical and organisational measures to protect personal data, including encryption in transit, access controls, least‑privilege permissions, regular updates, and staff confidentiality obligations. No system is perfectly secure; if we identify a breach affecting your data, we will notify you and/or authorities as required by law.

⸻

10) Your rights

Under GDPR, you have the following rights (subject to conditions and exemptions):

• Access to your personal data and information about our processing.

• Rectification of inaccurate or incomplete data.

• Erasure (“right to be forgotten”).

• Restriction of processing.

• Data portability in a structured, commonly used, machine‑readable format.

• Object to processing based on our legitimate interests (including profiling on that basis).

• Withdraw consent at any time for processing based on consent (e.g., marketing). Withdrawal does not affect processing already carried out.

To exercise your rights, contact contact@europeanfounders.net. We may ask you to verify your identity. You also have the right to lodge a complaint with ÚOOÚ or with your local authority.

⸻

11) Children

Our Services are not directed to children under 18. We do not knowingly collect personal data from children.

⸻

12) Changes to this Policy

We may update this Policy from time to time. If changes are material, we will notify you (e.g., by e‑mail or in‑app notice) before they take effect. The “Last updated” date at the top will show the latest version.

⸻

13) Contact

Questions or requests?

E‑mail: contact@europeanfounders.net

Postal address: Memetic Design Company s.r.o., Kurzova 2222/16, Stodůlky, 155 00 Prague 5, Czech Republic

⸻

Annex A — Cookie Policy (summary)

This summary is provided for convenience; if you publish a separate Cookie Policy page, keep it consistent with your consent banner and vendor configuration.

What we use cookies for:

• To run the site securely (session management, load balancing, CSRF protection, payment flow).

• To remember preferences (language, cookie choices).

• With consent, to measure usage (analytics) and run campaigns (marketing pixels).

How you can control cookies:

• On first visit we present a banner asking for opt‑in consent for non‑essential cookies.

• You can change your choice anytime via Cookie Settings (footer).

• You can also block or delete cookies in your browser; this may affect functionality.

Non‑essential vendors we may use (examples): analytics provider; email/CRM tracking; advertising/retargeting platforms. If you deploy such vendors, list them (name, purpose, type, duration) on the cookie page.