DECLARATION ON THE PROCESSING OF PERSONAL DATA PURSUANT TO REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL ON THE PROTECTION OF PERSONS WITH REGARD TO THE PROCESSING OF PERSONAL DATA AND ON THE INFORMATION OF DATA SUBJECTS (HEREINAFTER REFERRED TO AS “GDPR”)
If you are a visitor to our website or a customer of our e-shop, you provide us with your personal data. We, as their administrator, are responsible for their protection.
„personal data“ means any information about an identified or identifiable person (“data subject”); an identifiable person is a person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, a network identifier or to one or more specific elements of the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
„processing“ means any operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automated processes, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or any other disclosure, alignment or combination, restriction, erasure or destruction;
„administrator“ means a legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, that law may determine the administrator concerned or the specific criteria for its determination;
„processor“ means a legal person, public authority, agency or other body which processes personal data on behalf of a administrator;
„consent“ means any free, specific, informed and unambiguous indication of the subject’s will by which he or she gives his or her agreement to the processing of his or her personal data, by means of a declaration or other manifest affirmation;
„third party“ means a legal person, public authority, agency or other entity which is not the data subject, administrator processor or a person directly under the control of the administrator or processor who is authorised to process personal data;
II. Basic provisions
Administrator of personal data is René Pajurek, registered office: Zátiší 3590, 738 01 Frýdek-Místek, ID No.: 44929501, VAT No.: CZ7103044938 (VAT payer)
Contact details of the administrator: e-mail email@example.com.
Administrator does not have a “data protection officer”.
III. Processing of personal data
The administrator processes the following data provided by you on the basis of filling in your order:
- Name, surname, address, e-mail, telephone number for persons
- Company name, registered office, company ID number and VAT number for business entities.
This personal data is necessary for the processing of orders, the processing of the data is necessary for the performance of the contract (based on Article 6(1)(b) of the Regulation).
It is also necessary to process this personal data for the fulfilment of a legal obligation and for the purposes of the legitimate interests of the administrator (based on Article 6(1)(c) and (f) of the Regulation. The administrator processes these data for the purpose of recording the contract and for the possible future exercise and defence of the rights and obligations of the parties.
This said personal data may be further processed by the following third parties:
- Česká pošta a.s. (Czech Post) for the purpose of transporting parcels.
- Zásilkovna s.r.o. for the transport of parcels
- PPL CZ s.r.o. for the transport of parcels
- Značkárna s.r.o. for the creation and administration of the website.
When you browse our website, we record your IP address, how long you stay on the page and from which page you come.
Cookies for advertising targeting will only be processed on the basis of your consent.
V. Data retention period
The administrator retains personal data for the period necessary to exercise the rights and obligations arising from the contractual relationship between you and the administrator and to assert claims arising from this contractual relationship (for a period of 10 years from the termination of the contractual relationship).
After the expiry of the retention period, the administrator will delete the personal data.
VI. Your rights
Under the conditions set out in the GDPR, you have
- the right to access your personal data in accordance with Article 15 of the GDPR,
- the right to rectification of personal data pursuant to Article 16 GDPR, or restriction of processing pursuant to Article 18 GDPR,
- the right to erasure of personal data pursuant to Article 17 GDPR,
- the right to object to processing under Article 21 GDPR,
- the right to data transfer under Article 20 GDPR,
- the right to withdraw consent to processing in writing or electronically to the administrator’s address or to the administrator’s e-mail address.
You also have the right to place a complaint with the Data Protection Authority if you believe that your right to data protection has been violated.
VII. Personal Data Security Terms and Conditions
The Data administrator declares that he has taken all appropriate technical and organisational measures to ensure the security of personal data.
The Data administrator declares that only persons authorised by it have access to the personal data.
VIII. Final Provisions
If you have a request for additional information or for a change in the handling of your personal data, please send your request to the administrator’s e-mail address or contact him by phone.
These terms will take effect on November 1, 2021.