This page provides an overview of the main principles of protection and processing of personal data. You can also find more information in our terms and conditions.
WHO WORKS YOUR DATA?
The personal data controller referred to in Article 4 (7) of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data ("GDPR") is a company and Luce s.r.o.: 02041081, with its registered office
Konevova 237, 130 00 Praha 3, Czech Republic, registered: in the Commercial Register kept by the Municipal Court in Prague, Section C, Insert 214783, hereinafter referred to as the "Administrator".
The administrator's contact details are: address: Konevova 237, 130 00 Prague 3, email: firstname.lastname@example.org, phone: +420 603 482 775. The Data Protection Officer is not appointed to the Administrator.
WHAT ARE PERSONAL DATA?
Personal information means any information about an identified or identifiable natural person; identifiable natural person is a natural person that can be identified directly or indirectly, in particular by reference to a particular identifier such as name, identification number, location data, network identifier or one or more specific physical, physiological, genetic, psychological, economic, social identity of this individual. Personal information is, for example, but not exclusively, the name and surname, e-mail address and home address or telephone number.
WHAT IS YOUR PERSONAL DATA PROCESSED?
We only process personal information you voluntarily provide in connection with ordering or using our other services (such as signing up for a personal account, subscribing to a newsletter). Specifically, these are: name and surname, e-mail address (for the necessary communication regarding your order), delivery and/or billing address (for order delivery), telephone number (for order status communication) payment cards) and, if necessary, other information you provide to us, for example, in the contact form.
Other data that we automatically retrieve in connection with the use of the web interface is the IP address, browser type, device and operating system, time and number of web interface accesses, information obtained through cookies and other similar information. Please note that we can obtain this extra data even without registration and whether or not you are purchasing a web interface.
WHAT IS PURPOSE TO PROCESS PERSONAL DATA?
The main reason we process your personal information is to process your order and to exercise the rights and obligations arising from the contractual relationship between you and the trustee; when ordering, the personal data required for successful order execution are required; the provision of such data is a necessary requirement for the conclusion and performance of the contract, without the provision of personal data it is not possible to conclude the contractor to fulfill it by the trustee.
We also use the data to communicate about account management and user support, access to your account, and the easiest way to use the web interface. Data can be used to improve our services, including the use of Web interface user behavior analysis.
Data can be used to send business messages and other marketing purposes. By submitting your order or by entering your email address in the newsletter box, you agree to submit business messages and processing your personal information. You may at any time revoke your consent to receive business messages - newsletters directly in the business newsletter, in your personal account or by email to our contact e-mail address email@example.com
HOW LONG YOUR DATA ARE STORED?
We keep personal data for as long as necessary to exercise the rights and obligations arising from the contractual relationship between you and the trustee and the claims arising from these contractual relationships (for a period of 10 years from the termination of the contractual relationship).
Alternatively, until consent to the processing of personal data for marketing purposes is revoked, if personal data is processed by consent.
At the end of the retention period, the administrator will erase personal information.
However, the deletion must not be in conflict with the applicable laws that prescribe the retention of some of your personal information for a certain period of time.
Personal data will be processed electronically in an automated manner or in a printed form in a non-automated manner.
WE COME YOUR PERSONAL DATA?
We protect your personal data as an eye in our head and we carefully choose the co-workers and suppliers to whom we entrust our data. Your data is always handed over to the minimum extent - for example, we only provide the carrier with the data that is necessary for the trouble-free delivery of the goods.
Third parties who may have access to your personal data by the nature of the service you use or have used are:
shipping service providers delivering your orders;
payment gateway providers;
persons providing e-shop services and other services related to the operation of an e-shop;
persons providing marketing services;
An administrator intends to pass personal data to a third country (to a non-EU country). The recipients of personal data in third countries are mail service providers (Mailchimp)
WHAT ARE YOUR RIGHTS CONCERNING THE PROTECTION OF PERSONAL DATA?
Under the terms of the GDPR you have
the right of access to their personal data under Article 15 of the GDPR,
the right to repair personal data pursuant to Article 16 of the GDPR, or the restriction of processing under Article 18 GDPR,
the right to delete personal data under Article 17 of the GDPR,
the right to object to processing under Article 21 GDPR,
the right to portability of data under Article 20 GDPR and
the right to withdraw consent to processing in writing or electronically to the address or email of the administrator
If you believe that we or your personal data processor process your personal data in violation of law, you may:
ask us or the processor for an explanation;
request that we or the processor remove the resulting condition. In particular, it may be blocking, repairing, supplementing, or deleting personal information.
We will assist you best to protect your personal information. However, if you are not satisfied with the settlement, you have the right to contact the competent authorities, in particular, the Office for Personal Data Protection. This provision is without prejudice to your right to contact the Office for Personal Data Protection directly with your complaint.
SECURITY OF PERSONAL DATA
The Administrator declares that he has taken all appropriate technical and organizational measures to safeguard personal data.
The administrator has taken technical measures to secure data warehouses and personal data repositories in paper form. To protect your personal data better, access to these data is password-protected, and sensitive data is encrypted during transmission between your browser and our website.
The Administrator declares that personal data are only accessible to authorized persons.
These Terms become effective on May 25, 2018.