Last updated: April 30, 2026
The data controller for your personal data is Petr Matěj (IČO: 02558220), operating as Deep Sleep Reset, with registered address at Mládeže 12, Prague 6, 169 00, Czech Republic. Contact: [email protected].
We collect information you provide directly to us, such as your email address when you make a purchase, take our sleep quiz, or sign up for updates. When you make a purchase, Stripe (our payment processor) collects your payment information — we never store your full card number, CVV, or card expiration date on our servers. We also automatically collect certain information about your device and how you interact with our website, including IP address, browser type, pages visited, time spent on pages, and referring URL. We use cookies and similar tracking technologies to enhance your experience and analyze website traffic.
We process your personal data on the following legal bases: (a) Contract performance — to deliver purchased products and services; (b) Legitimate interest — to improve our website, prevent fraud, and send relevant communications; (c) Consent — for marketing emails and non-essential cookies (you can withdraw consent at any time); (d) Legal obligation — to comply with tax, accounting, and other legal requirements.
We use the information we collect to: process your orders and deliver your purchased digital products; send you transactional emails (order confirmations, download links, subscription updates); send you marketing communications if you have opted in; improve our website, products, and user experience; analyze usage patterns to optimize our service; detect and prevent fraud; and comply with legal obligations.
We may share your information with the following trusted third-party service providers: Stripe, Inc. (payment processing — subject to Stripe's Privacy Policy at stripe.com/privacy); Brevo (email delivery and marketing automation); Google Analytics (website analytics); Reddit Ads and other advertising platforms (conversion tracking with anonymized data). These parties are obligated to keep your information confidential and use it only for the purposes we specify. We do not sell your personal information to third parties.
Your data may be transferred to and processed in countries outside the European Economic Area (EEA), including the United States (where Stripe and other service providers operate). Such transfers are protected by Standard Contractual Clauses (SCCs) approved by the European Commission, or other appropriate safeguards as required by GDPR.
We retain your personal information for as long as necessary to provide our services and comply with legal obligations. Purchase records and invoices are retained for 10 years for accounting and tax purposes as required by Czech law. Email addresses are retained until you unsubscribe or request deletion. Quiz results and behavioral data are retained for up to 2 years for analytics purposes.
Under the General Data Protection Regulation, you have the right to: access your personal data; rectify inaccurate data; erase your data ("right to be forgotten"); restrict processing; data portability; object to processing based on legitimate interest; withdraw consent at any time; and lodge a complaint with a supervisory authority (in the Czech Republic: Úřad pro ochranu osobních údajů, www.uoou.cz). To exercise your rights, contact us at [email protected]. We will respond within 30 days.
We use the following types of cookies: Essential cookies — required for website functionality and payment processing; Analytics cookies — Google Analytics to understand how visitors use our site; Advertising cookies — Reddit Pixel and similar tools for conversion tracking and retargeting. You can control cookie settings through your browser preferences. Disabling essential cookies may affect some functionality of our website.
We implement industry-standard security measures to protect your personal information, including: SSL/TLS encryption for all data transmission; PCI-DSS compliant payment processing through Stripe; secure server infrastructure; regular security updates. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.
Our services are not directed to children under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have inadvertently collected such information, please contact us immediately and we will delete it.
We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page with an updated date. Your continued use of our services after changes constitutes acceptance of the updated policy.
If you have questions about this Privacy Policy or wish to exercise your data protection rights, please contact us at: [email protected] or write to: Petr Matěj, Mládeže 12, Prague 6, 169 00, Czech Republic.