1.1. The controller of personal data under Article 4(7) of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as "GDPR") is Patricie Krechloková, located at náměstí Svatopluka Čecha 1348/3, 101 00 Praha - Vršovice (hereinafter referred to as "the Controller").
1.2. Contact details for the Controller:
Address: náměstí Svatopluka Čecha 1348/3, 101 00 Praha - Vršovice
Email: pkrechlok@yahoo.com
Phone: +420 77 63 63 853
1.3. Personal data refers to any information about an identified or identifiable natural person. An identifiable natural person is one who can be identified directly or indirectly, particularly by reference to an identifier such as a name, identification number, location data, online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
1.4. The Controller has not appointed a data protection officer.
2.1. The Controller processes personal data provided by you or obtained by the Controller based on the fulfillment of your order.
2.2. The Controller processes your identification and contact details, as well as data necessary for fulfilling the contract.
3.1. The fulfillment of a contract between you and the Controller under Article 6(1)(b) of GDPR,
The legitimate interest of the Controller in direct marketing (particularly for sending commercial communications and newsletters) under Article 6(1)(f) of GDPR,
Your consent for processing data for the purpose of direct marketing (particularly for sending commercial communications and newsletters) under Article 6(1)(a) of GDPR in conjunction with Section 7(2) of Act No. 480/2004 Coll., on certain information society services, if no goods or services were ordered.
3.2. The purposes of personal data processing are:
To process your order and exercise rights and obligations arising from the contractual relationship between you and the Controller. When placing an order, personal data is required for successful order processing (name, address, contact information). Providing personal data is a necessary requirement for concluding and fulfilling the contract; without it, the contract cannot be concluded or fulfilled by the Controller.
To send commercial communications and conduct other marketing activities.
3.3. The Controller does not perform automated decision-making as defined in Article 22 of GDPR. Such processing requires your explicit consent.
4.1. The Controller retains personal data:
For the period necessary to fulfill rights and obligations arising from the contractual relationship between you and the Controller and to assert claims from these contractual relationships (for 15 years from the end of the contractual relationship).
Until consent to process personal data for marketing purposes is withdrawn, but no longer than 5 years if the data is processed based on consent.
4.2. After the retention period expires, the Controller deletes the personal data.
5.1. Recipients of personal data include:
Individuals involved in delivering goods/services and processing payments under a contract,
Individuals responsible for ensuring the operation of services,
Marketing service providers.
5.2. The Controller does not intend to transfer personal data to a third country (outside the EU) or an international organization. Recipients of personal data in third countries include providers of mailing services/cloud services.
6.1. Under the GDPR, you have the following rights:
The right to access your personal data under Article 15 GDPR,
The right to rectify personal data under Article 16 GDPR, or restrict processing under Article 18 GDPR,
The right to erasure of personal data under Article 17 GDPR,
The right to object to processing under Article 21 GDPR,
The right to data portability under Article 20 GDPR,
The right to withdraw consent to processing in writing or electronically to the Controller’s address or email specified in Article III of these terms.
6.2. You also have the right to lodge a complaint with the Office for Personal Data Protection if you believe your personal data protection rights have been violated.
The Controller declares that all appropriate technical and organizational measures have been taken to secure personal data.
The Controller has implemented technical measures to secure data storage and personal data stored in paper form.
The Controller declares that personal data is accessible only to authorized individuals.
By submitting an order through the online order form, you confirm that you have read and accept the privacy policy in its entirety.
You agree to this policy by checking the consent box via the online form. By doing so, you confirm that you have read and accept the privacy policy in its entirety.
The Controller is entitled to amend these terms. A new version of the privacy policy will be published on the Controller's website or sent to your email address provided to the Controller.
This policy is effective as of December 1, 2024.