Customer support:+420 720 020 074info@goldbee.cz
    Language
    English
    Home / Privacy Policy

    Privacy Policy

    I. Basic Provisions

    1. The data controller pursuant to Art. 4(7) of the Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter: “GDPR”) is Czech Soul s.r.o. ID No. 63488639, registered office: Družstevní 2223/21, 621 00 Brno, Czech Republic (hereinafter: “controller”).
    2. The controller’s contact details are: Address: Družstevní 2223/21, 621 00 Brno, Czech Republic, e-mail: info@goldbee.cz, phone: +420720020074
    3. Personal data means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, network identifier, or to one or more specific elements of the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
    4. The controller has not appointed a Data Protection Officer.

    II. Sources and Categories of Processed Personal Data

    1. The controller processes personal data you have provided or personal data obtained in connection with the fulfillment of your order.
    2. The controller processes your identification and contact details and data necessary for contract fulfillment.

    III. Legal Basis and Purpose of Personal Data Processing

    1. The legal basis for personal data processing is:
      • the performance of a contract between you and the controller pursuant to Article 6(1)(b) GDPR,
      • the legitimate interest of the controller in providing direct marketing (in particular sending commercial communications and newsletters) pursuant to Article 6(1)(f) GDPR,
      • your consent to processing for the purpose of providing direct marketing (in particular sending commercial communications and newsletters) pursuant to Article 6(1)(a) GDPR in conjunction with § 7(2) of Act No. 480/2004 Coll. on certain information society services, if no order of goods or services has been placed.
      • The purpose of processing personal data is:
        • to process your order and exercise rights and obligations arising from the contractual relationship between you and the controller; personal data required to successfully fulfill the order (name and address, contact) are mandatory; providing personal data is a necessary condition for concluding and performing the contract, without which the contract cannot be concluded or fulfilled by the controller,
        • to send commercial communications and perform other marketing activities.
      • The controller does not engage/engages in automated individual decision-making pursuant to Art. 22 GDPR. You have given explicit consent for such processing.

    IV. Data Retention Period

    1. The controller retains personal data:
      • for the period necessary to exercise rights and obligations arising from the contractual relationship between you and the controller and to assert claims from these contractual relationships (for 15 years after the end of the contractual relationship),
      • until consent for processing personal data for marketing purposes is withdrawn, maximum …. years, if personal data are processed based on consent.
    2. After the retention period expires, the controller will delete the personal data.

    V. Recipients of Personal Data (Controller’s Subcontractors)

    1. Recipients of personal data are persons:
      • participating in the delivery of goods/services/payment processing based on the contract,
      • providing e-shop operation services (Shoptet) and other services related to e-shop operation,
      • providing marketing services.
    2. The controller does not intend to transfer personal data to a third country (outside the EU) or an international organization. Recipients of personal data in third countries are mailing service/cloud service providers.

    VI. Your Rights

    1. Under the conditions set out in GDPR, you have:
      • the right to access your personal data under Art. 15 GDPR,
      • the right to rectify personal data under Art. 16 GDPR, or to restrict processing under Art. 18 GDPR,
      • the right to erase personal data under Art. 17 GDPR,
      • the right to object to processing under Art. 21 GDPR,
      • the right to data portability under Art. 20 GDPR,
      • the right to withdraw consent to processing in writing or electronically at the address or email of the controller provided in Section III of these terms.
    2. Additionally, you have the right to lodge a complaint with the Office for Personal Data Protection if you believe your personal data protection rights have been violated.

    VII. Personal Data Security Measures

    1. The controller declares that it has adopted all appropriate technical and organizational measures to ensure the security of personal data.
    2. The controller has implemented technical measures to secure data storage and personal data in paper form, in particular …
    3. The controller declares that only authorized persons have access to personal data.

    VIII. Final Provisions

    1. By submitting an order through the online order form, you confirm that you are familiar with the personal data protection terms and accept them in full.
    2. You agree with these terms by checking the consent box via the online form. By checking the consent box, you confirm that you are familiar with the personal data protection terms and accept them in full.
    3. The controller is entitled to amend these terms. The new version of the personal data protection terms will be published on the controller’s website and sent to the email address you provided to the controller.

    These terms come into effect on 1 August 2020.

    Vytvořil Shoptet | Design Shoptak.cz.