This document describes how we handle the information and data you share with us.
1. Basic provisions
1.1. The Controller of personal data pursuant to art. 4 paragraph 7 of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter: “GDPR”) is Jan Páv, established in Kovanecká 2110/14, Prague 9 190 00, Company ID: 01990764 (hereafter : “Administrator”).
1.2 The contact details of the administrator are: address-Kovanecká 2110/14, Prague 9 190 00, firstname.lastname@example.org, phone-724 666 236.
1.3 Personal data means any information about an identified or identifiable natural person; An identifiable natural person is a natural person who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, identification number, locator data, network identifier or one or more specific elements of a physical , physiological, genetic, psychological, economic, cultural or social identity of that natural person.
1.4 The administrator did not appoint a data protection officer.
2. Sources and categories of personal data processed
2.1 The administrator processes personal data that you have provided to him or personal data that the administrator has obtained by fulfilling your order.
2.2 The controller processes your identification and contact details and data necessary for the performance of the contract.
3. Legal reason and purpose of the processing of personal data
The lawful reason for processing personal data is:
- 3.1 The performance of the contract between you and the controller pursuant to art. Article 6 (a) (1) b) GDPR. For the purpose of processing your order and exercising the rights and obligations arising from the contractual relationship between you and the administrator. When ordering, personal data are required for successful processing of the order (name and address, domicile, telephone, e-mail), the provision of personal data is a necessary requirement for the conclusion and performance of the contract, without the provision of personal data is not possible The contract by the Controller.
- 3.2 A legitimate interest of the controller in order to be able to inquire, complain and resolve complaints in connection with a purchase contract in the future.
- 3.3 A legitimate interest of the Controller in the provision of direct marketing (in particular for sending commercial communications and newsletters) pursuant to art. Article 6 (a) (1) f) GDPR, in conjunction with § 7 para. 2 of Act No. 480/2004 Coll., on certain information society services.
- 3.4 Your consent to processing for the purpose of providing direct marketing (in particular for sending commercial communications and newsletters) pursuant to art. Article 6 (a) (1) A) The GDPR in the absence of the order of the goods (i.e. the absence of the fulfilment of Point 3.3). Your personal data will be processed for the duration of this consent.
- 3.5 Your consent for the purpose of adapting the product offer (so-called profiling), where we may process your personal data in the range of email address, transaction history, IP address, cookies, browser imprint, data on visits to our website, Behavioral data and more. Your personal data will be processed for the duration of this consent.
- 3.6 Your consent for the purpose of distributing individual commercial communications relating to our goods and services, loyalty program, birthday card. Your personal data will be processed for the duration of this consent.
- 3.7 In order to ensure the functionality of our websites and applications we may work with the so-called Cookies. The legal basis for such processing is the performance of the contract (i.e. order Processing). Personal data will be processed and stored for as long as is necessary to ensure the functionality of the websites and applications (i.e. for a period of several days or weeks, or even for the duration of the contractual relationship, if necessary).
4. Duration of data retention
4.1 The administrator retains personal data
- For the period necessary for the exercise of the rights and obligations arising from the contractual relationship between you and the Controller and the claims of these contractual relationships (for a period of 15 years after termination of the contractual relationship).
- For as long as the consent to the processing of personal data for marketing purposes is revoked, no longer than 7 years, if the personal data are processed on the basis of consent.
4.2 When the personal data retention period expires, the controller clears the personal data.
5. Recipients of personal data (sub-contractors of the Controller)
5.1 Your personal data may be disclosed to third parties who provide us with administrative, logistical or technical support, i.e. Data processors. For example, we may share your personal information with payment service providers, carriers, external partners, or other persons, which, of course, are subject to confidentiality obligations and we have a closed intermediary contract with all of them.
5.2 Most administrators are established in the European Union. If not, they are still subject to the same GDPR requirements. For example, the two entities are:
- Advertising platform Facebook, INC. -Personal data are transferred outside the EU, specifically to the USA. The data transmission will be based on the processor’s verification by the privacy Shield.
- Google Analytics and Google AdWords Google LLC-personal data are transferred outside the EU, specifically to the USA. The data transmission will be based on the processor’s verification by the privacy Shield.
5.3 Only a limited number of our employees have access to your personal data. Employees are required to treat your personal data, as well as information on the measures taken to protect them, as strictly confidential. Third parties are only permitted to process personal data on the basis of our explicit instructions.
6. Your Rights
6.1 Under the conditions set out in the GDPR, you
- The right of access to their personal data pursuant to art. 15 GDPR
- Right to rectify personal data pursuant to art. 16 GDPR, or restriction of processing pursuant to art. 18 GDPR.
- The right to erasure of personal data pursuant to art. 17 GDPR
- The right to object to processing pursuant to art. 21 GDPR and
- The right to data portability pursuant to art. 20 GDPR.
- The right to revoke consent to processing in writing or electronically to the address or email of the controller referred to in art. Even these conditions.
6.2 You also have the right to lodge a complaint with the Office for Personal Data protection if you believe that your right to the protection of personal data has been infringed.
7. Terms of security of personal data
7.1 The administrator declares that he has taken all appropriate technical and organisational measures to secure personal data.
7.2 The administrator has taken technical measures to secure the data storage and storage of personal data in paper form, in particular the password of computers, the use of anti-virus programs, data encryption, etc.
7.3 The administrator declares that the personal data can only be accessed by the person authorised by him.
8.1 Description of Cookies
- To the proper functioning of our site in order to complete the purchasing process with the least inconvenience possible;
- When remembering the credentials of our customers, so they do not have to enter them each time;
- In determining which pages and features are used by visitors most often; Based on this we can best tailor our offer to your requirements;
- Help us see which ads are most frequently viewed by visitors, so that they don’t always show the same ad when they browse the site, or don’t show an ad for items they’re not interested in.
For more general information about cookies, see here.
8.2 Cookies used by us
The cookies used on our site can be divided into two basic types in terms of their durability. Short-term so-called “Session cookies” which are only temporary and remain stored in your browser only until you close the browser and long-term so called. “Persistent cookies” that remain stored on your device much longer or until you manually delete them (the time the cookie on your device depends on the settings of the cookie itself and your browser settings).
In terms of the function that each cookie performs, the cookie can be divided into:
- Conversion that allows us to analyse the performance of different sales channels,
- tracking, which in combination with conversion help analyze the performance of different sales channels,
- Remarketing that we use to personalise the content of your ads and to target them correctly.
- Analytics to help us improve the user experience of our website by understanding how users use it.
- Essential for the basic functionality of the site.
Some cookies may collect information that is subsequently used by third parties and which, for example, is Directly support our promotional activities (so-called “Third party Cookies”). For example, information about products purchased by visitors on our site may be displayed by an advertising agency so that we can better adapt the display of online advertising banners to the Web pages you display. However, you cannot identify you according to this information.
The administrator collects the following cookies on their website:
|Publisher (S. Name)||Type||Durability|
|Google AdWords||Tracking, remarketing,||90 days|
(_ga, CID, UTMV, UTMZ, Utma, UTMB, UTMC)
|Analytical, tracking, conversion||Permanent|
|Sklik||Conversion, remarketing||30 to 540 days|
An effective cookie management tool is also available on the website www.youronlinechoices.com
9. Use of social networks
10. Final provisions
These conditions shall take effect on the date 3. 2. 2019.