Personal data controller
737 01 ČESKÝ TĚŠÍN
- Personal data
- The Customer's personal data are processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter also referred to as: "GDPR") and other personal data protection legislation applicable throughout the processing of personal data. Personal data is any information that identifies or allows the identification of a natural person (hereinafter referred to as: "Personal Data").
- Personal data will be processed in accordance with the principles of art. 5 GDPR.
Personal data will be:
- processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’);
- collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; (‘purpose limitation’);
- adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’);
- accurate and, where necessary, kept up to date (‘accuracy’);
- kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; (‘storage limitation’);
- processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).
- Your personal data is processed primarily within the European Economic Area (hereinafter: "EEA"). In connection with the operation of the Online Store, your personal data may also be transferred to countries outside the EEA, where the entity cooperating with the Administrator manages tools for processing personal data according to the Administrator's instructions. Such transfer of personal data is always carried out only to the extent necessary.
- In the case of transfers of personal data to entities based outside the EEA, the Controller ensures the application of the requirements set out in Chapter 5 of the GDPR, including the use of appropriate safeguards for the transfer in the form of standard contractual clauses adopted on the basis of a decision of the European Commission.
- What personal data we process:
- If you order goods or services from us, we need your data to complete the order. If we did not have this data, we would not be able to deliver the goods to you. These data are important to us, so we have them as mandatory data during the completion of the order or registration. We need your e-mail address to send order confirmations.
- The provision of this data is voluntary, but necessary for registration and purchases in the website interface. The Customer may at any time make registration changes to the data entered into the Online Store system.
- A customer who has created an account in the online store may at any time request the customer service department to delete it. Account cancellation is irreversible and means the deletion of all Customer Data. You won't be able to recover this account.
- Data we need: Name and surname, Delivery address, Phone number, Email address, ID (companies or retailers only).
- Why we collect and process personal data:
- Personal data are processed for the purposes listed below, and the scope of processed personal data depends on the specific purpose of processing. For some processing purposes, it is possible to process personal data directly on the basis of a legal basis where the customer's consent to such processing of personal data is not required, while the second group consists of processing that is only possible with the customer's consent.
- The following legal basis is given for the processing of personal data for which the customer's consent is not required:
- processing for the performance of a contract to which the customer is a party - in particular for the purposes of implementing the purchase contract, including order processing, creating and managing an account or accounts, performance of the contract including related communication with the customer, handover of goods for the transport of goods and final sale of the ordered goods and their delivery to the customer and billing of the relevant purchase price - for the duration of the contractual relationship or for the period necessary for the performance of the purchase contract (Article 6 (1) (b) GDPR);
- processing for the fulfilment of legal obligations imposed on the controller - in particular for the purposes of fulfilling the accounting and tax obligations of the administrator - for the necessary period of time according to the statutory deadlines that are set by law (e.g. invoices issued by the administrator are archived for a period of 10 years from the end of the taxable period in accordance with Section 35 of Act No. 235/2004 Coll., on Value Added Tax, as amended, in which the performance took place, whereby due to the need to prove the legal reason for issuing invoices, concluded purchase contracts or customer orders are also archived for a period of 10 years from the date of termination of the contract (Article 6 (1) (c) GDPR);
- processing for the purposes of protecting the legitimate interests of the administrator - this is the processing of personal data for the protection of the rights and legally protected interests of the administrator, which can be carried out without the customer's consent, but with the fulfilment of the existence of the corresponding interest of the administrator, which is the need for data processing for the registration of outstanding receivables and the assertion of the controller's claims from concluded purchase contracts (court, or execution recovery of receivables from the customer and other customer disputes, asserting insurance claims, etc.), resolving customer claims (complaints, withdrawal, etc.) and future customer inquiries and complaints, including the provision of evidence in the event of future litigation to which the administrator will be a party (Article 6 (1) (f) GDPR);
- If you subscribe to the Newsletter (Email address), your personal data is processed for the purpose of sending the Newsletter. The legal basis for the processing of your personal data is the performance of the contract for the provision of the Newsletter service concluded with the Administrator pursuant to Article 6 par. 1 point. b) GDPR.
- Your personal data may also be processed for the purpose of carrying out marketing (independent of the Newsletter), analytical and statistical activities, as well as for the protection of legitimate interests and legal claims. The legal basis for the processing of your personal data in this case is the legitimate interest of the Controller or a third party pursuant to Article 6 para. 1 point. f) GDPR.
- Unless expressly stated otherwise, personal data are processed only for the necessary time, in particular for the duration of the contractual relationship or other legal title that allows the administrator to process the customer's personal data, and archived according to the deadlines imposed by law. After the loss of the legal reason, the relevant personal data is deleted. Personal data that are processed with the customer's consent are stored only for the duration of the purpose for which the consent was granted, at the latest for the duration of the consent granted by the customer or until its withdrawal.
- Recipients of the Customer's personal data:
Recipients of the Customer's personal data may by entities performing the order at the Seller's request and handling it, such as: shipment companies, accounting companies, suppliers of the goods, assembly services, providers of IT solutions, payment processing companies, banks, companies providing marketing services, telecommunication providers, law offices, authorized state authorities.
- Your rights:
- Due to the voluntary nature of providing your personal data, you have the right to access to your personal data, rectify your personal data, delete your personal data ("the right to be forgotten"), restrict the processing of your personal data, transfer your personal data, to object.
- At the same time, it informs you that if you suspect that your personal data is being processed unlawfully, you have the right to file a complaint with the Office for Personal Data Protection of the Czech Republic. However, we will be glad if you solve the problems with us first.
- You are not obliged to provide personal data. The provision of your personal data is a necessary requirement for the conclusion and performance of the contract and without the provision of your personal data it is not possible to conclude the contract or to fulfill it by the administrator.
- Cookies are small files containing letters and numbers that are sent via a web browser to a computer or smartphone where they are stored on the hard drive. The main task of this file is to distinguish and identify individual users of the website.
- Cookies are part of the HTTP protocol that is used for communication between the web server and the browser. They consist of: the identification key, the value and the period for which the browser should delete cookies. Their functions are mostly standard and are used for browser settings. Cookies are used to tailor the content of the site to your preferences, including our offers, and to improve and personalize the content of the website.
- Cookies collect various types of information that usually do not allow you to be identified. However, some information, depending on its content and use, may be assigned to a specific person and is therefore considered personal data. We may process any cookies, except as strictly necessary, only on the basis of your consent pursuant to Art. 6 para. 1 point. a) GDPR.
- Two basic types of cookies are used in the Online Store:
- temporary (session cookies) – these are temporary files that are stored on your end device until you leave the website or turn off the software (web browser); and
- persistent cookies – which are stored on your end device for the period specified in the cookie details in our cookie bar or until you delete them.
- In addition to the necessary cookies (which we use to ensure the proper functioning of the website and its safe use), we may also use the following types of cookies within the Online Store:
- analytical and functional - cookies aimed at analyzing the way of using the Online Store. Thanks to them, we can determine the number of people visiting the Online Store, detect irregularities in its functioning and at the same time constantly improve it. These cookies also make it easier for you to use the Online Store (e.g. by remembering the information and settings you have provided);
- marketing - cookies that are used to present advertisements tailored to your interests and may also be used to modify the content and advertisements that are presented to you by third parties with whom we work.
- The visitor may disagree with the activities of the Administrator carried out for the purposes mentioned above. If the visitor agrees with the presentation, creation, assignment and implementation of advertisements, offers or promotions (discounts) tailored to his preferences, he may withdraw the consent at any time - but this does not affect the legitimacy of the processing that was carried out on the basis of consent before its withdrawal.
- The site you are on uses Google Analytics, which stores cookies. This allows us to analyse very accurately and reliably the ways in which visitors use our website. All usage files generated will be stored in the USA on Google servers, including the IP address. Google has the option to provide this data to third parties if required to do so by law or if the third party processes the data directly on Google's behalf. In most cases, Google will use the data for evaluation purposes and analysis for the website operators themselves. In the interest of data protection, Google will not associate IP addresses with data held by Google.
- All third party cookies:
Google Analytics- Traffic analysis
Google Ads - Marketing
Meta Pixel - Marketing