Personal data processing policy
Basic information
1.1. Content of the document. This privacy policy describes how we process the personal data of visitors, customers of the online shop and other persons. In particular, you will find out what personal data we process, why and on what basis we do so, to whom we pass it on and what rights you have in relation to the processing. All processing of personal data is carried out in accordance with the European Union's General Data Protection Regulation 2016/679, commonly referred to as GDPR.
1.2. Our position. All the described activities of personal data processing are carried out in the capacity of the controller by the business company ROK corp s.r.o., with its registered office at Lipůvka No. 350, 679 22 Lipůvka, ID No. 14235251, registered in the Commercial Register kept by the Regional Court in Brno, Section C, Insert 127314, Tax ID No. CZ14235251 (for greater clarity, hereinafter referred to as "we"). This means that we determine the purposes for which we collect your personal data as described below, determine the means of processing and are responsible for its proper execution.
1.3. Scope of processing of personal data. The personal data we process are:
1.3.1. identification data (in particular name and surname or identification number and tax identification number in the case of entrepreneurs),
1.3.2. contact details (in particular address, email address and telephone number),
1.3.3. order and transaction data (in particular, the goods and services ordered, the payment and shipping method selected and other information related to the order),
1.3.4. communication data (in particular the content and other data associated with communications between us and you),
1.3.5. registration and setup data (in particular, data associated with your user account if you register with us and data about the settings of our services),
1.3.6. data about the use of our website (in particular, IP address, data about your device, data collected using cookies or data about what you do on our website).
Why and how do we process your personal data?
2.1. Functioning of the website. If you visit our website, we process your personal data to ensure its proper functioning on the basis of our legitimate interest in providing our services via the Internet.
2.2. User account. Based on the contract, we process your personal data when maintaining user accounts in our online shop.
2.3. Improving and developing our services. We also process your personal data for the purpose of measuring website traffic and creating statistics and records to evaluate and develop our services, based on our legitimate interest in monitoring website traffic and developing and optimising our services.
2.4. Determining your satisfaction. To determine your satisfaction with our services, we process your personal data on the basis of our legitimate interest in obtaining your feedback. We also do this as part of our Customer Verified programme through email questionnaires that we send you every time you make a purchase with us, unless you opt out of receiving them. To send the questionnaires, evaluate feedback and analyse market position, we pass information about the goods you have purchased and your email address to the programme operator. In doing so, your personal data is not passed on to any third party for its own purposes. You can object to the sending of questionnaires within the framework of the Customer Verified programme at any time by rejecting further questionnaires using the link in the questionnaire email. If you object, we will no longer send you the questionnaire.
2.5. Protection of legal claims and internal control. We process your personal data on the basis of our legitimate interests to protect legal claims and our internal records and controls.
2.6. Sending commercial messages to customers. If we receive electronic contact details from you in connection with an order or our services, we may also process your personal data for the purpose of continuing to offer our goods and services to you via commercial communications based on our legitimate interest in promoting ourselves, unless you have opted out of receiving such communications.
2.7. Sending commercial communications on the basis of consent. Based on your consent, we process your personal data for the purpose of sending you commercial communications.
2.8. Online advertising. We may process personal data on the basis of our legitimate interest in promoting us in order to show you tailored advertisements on our website and third party websites.
2.9. Fulfilling our legal obligations. We also process your personal data for the purposes and on the basis of the performance of our legal obligations related, in particular, to the provision of information to public authorities.
2.10. Execution and conclusion of contracts. We process your personal data on the basis of and for the performance of our obligations under contracts concluded between us and you and for the conclusion of these contracts. For this purpose, we may also process personal data of addressees and other recipients of goods and other services, if any.
2.11. Customer support. We process your personal data to deal with your order-related requests on the basis of the obligation to perform the contracts concluded between us and you and for the conclusion of these contracts. For handling other requests, if any, we process your personal data on the basis of our legitimate interest in providing our services and ensuring adequate support.
2.12. Storage time. We store personal data only for the time necessary to achieve the stated purposes of processing personal data. After the purpose of processing has passed, we will immediately destroy the personal data. As a general rule, we retain personal data for the duration of the limitation period (normally 3 years) and one year after the expiry of the limitation period in view of possible claims made at the end of the limitation period. Beyond this, the following special storage periods apply:
2.12.1. We retain the data associated with a user account for the lifetime of the account until it is deleted.
2.12.2. In the case of legal and other proceedings, we process your personal data to the extent necessary for the duration of such proceedings and for the remainder of the limitation period after the conclusion of such proceedings.
2.12.3. For the purpose of sending commercial communications to customers, we process your personal data until you opt out of receiving commercial communications.
2.12.4. In order to send you commercial communications based on your consent, we process your personal data until you withdraw your prior consent to the processing of your personal data.
2.12.5. In order to comply with legal obligations, we process personal data for the period necessary to comply with these obligations.
To whom is the personal data transferred?
3.1. Processors. For the processing of personal data, we also use the services of other entities as processors who process personal data only according to our instructions. These are mainly:
3.1.1. IT service providers and other technology suppliers,
3.1.2. operators of analytical and marketing tools,
3.1.3. providers of communication tools,
3.1.4. operators of customer satisfaction programs, e.g. Verified by Customers (Heureka.cz).
3.2. Administrators. You may disclose your personal data to other entities as controllers:
3.2.1. our suppliers involved in the performance of the contract, in particular carriers and payment system operators,
3.2.2. operators of advertising systems and social networks.
They are providers of the following platforms and services:
Hosting and server service providers
- Poskytovatel služby Upgates, provozované společností EVici webdesign s.r.o., sídlem Petra Bezruče 139, 747 91 Štítina;
- Forpsi.com – hosting webu INTERNET CZ, a.s., Ktiš 2, 384 03, KTIŠ, Czech Republic
Analytical tools
- Google Analytics – website traffic statistics
Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA - ECOmail - ECOMAIL.CZ, s.r.o., Na Zderaze 1275/15, 120 00 Praha 2,
Marketing and customer support
- ManyChat – FB messenger
ManyChat, INC.220 Golden Oak Dr, Portola Valley, CA, 94028, United States. - Facebook pixel
Facebook Ireland Ltd, 4 Grand canal square, Dublin 2, Irsko, VAT IE9692928F - Sklik, Seznam.cz, a.s., Radlická 3294/10, 150 00 Prha 5, IČ: 26168685
3.3. Transfers outside the EU: In some cases, your personal data may be transferred outside the European Economic Area, either pursuant to an adequacy decision under Article 45 of the GDPR, appropriate safeguards under Article 46 of the GDPR, or an exemption under Article 49 of the GDPR.
Your rights
4.1. Rights of the data subject. With regard to your personal data, you have the right to:
4.1.1. request the correction of inaccurate or outdated personal data, so if you find that the personal data we process about you is inaccurate or incomplete, you have the right to have it corrected or completed without undue delay,
4.1.2. to request confirmation of whether processing is taking place and, if so, information relating to that processing to the extent provided for in Article 15 of the GDPR, as well as a copy of the processed data (we are entitled to charge a fee for additional copies to cover the necessary costs),
4.1.3. in some cases, you have the right to have your personal data erased. We will delete your personal data without undue delay if we no longer need it for the purposes for which we processed it, or if you exercise your right to object to the processing and we find that we no longer have such legitimate interests that would justify such processing, or if it turns out that the processing of personal data by us is no longer in accordance with generally binding regulations. However, this right does not apply if the processing of your personal data is still necessary for compliance with our legal obligation, for archiving purposes, for scientific or historical research or statistical purposes, or for the establishment, exercise or defense of legal claims.
4.1.4. exercise the right to restrict the processing of personal data. This right allows you in certain cases to request that your personal data be marked and not subject to any further processing operations - in this case, however, not forever (as in the case of the right to erasure), but for a limited period of time. We have to restrict the processing of personal data where you dispute the accuracy of the personal data before we agree what data is correct, or where we process your personal data without sufficient legal basis (e.g. beyond what we have to process) but you would prefer only to restrict the processing of such data before erasing it (e.g. If you expect that you would provide us with such data in the future anyway), or we no longer need the personal data for the above processing purposes but you require it for the establishment, exercise or defense of your legal claims, or you object to the processing and we are obliged to restrict the processing of your personal data for the period we are investigating whether your objection is justified.
4.1.5. request the transfer of personal data in cases of processing based on your consent or on a contract,
4.1.6. object to the processing of personal data based on our legitimate interest. We will stop processing your personal data unless we have compelling legitimate grounds for continuing to do so. If we object to marketing activities, we will cease these activities in any event,
4.1.7. to object at any time to the processing of your personal data for the purpose of sending you commercial communications, just as you may withdraw your prior consent to the processing of personal data for other purposes at any time, unless the processing is for the purpose of fulfilling our contractual obligations, for the purpose of fulfilling our legal obligations or for any other purpose arising from our legitimate interests.
4.2. Method of exercising rights. You can exercise your rights in one of the following ways:
4.2.1. by email at info@senteso.cz.
4.3. The right to lodge a complaint with the supervisory authority. If you become convinced that we have violated the GDPR in processing your personal data, you have the right to file a complaint with the Office for Personal Data Protection, which is located at Pplk. Sochora 27, 170 00 Prague 7 (http://www.uoou.cz).
Cookies
Cookies
5.1. Files stored on your device for later access (temporary files). Our website may use cookie technology (and possibly other technologies on a similar principle, such as Web Storage). This means that we store small data files in a dedicated location in your device's memory that allow us to provide you with a service and to further improve it. For simplicity, we will refer to all of these technologies as "cookies".
5.2. Cookies necessary to provide the service. Some cookies are technologically necessary to provide the service. This means that their storage cannot be avoided while maintaining the functionality of the service. These are in particular cookies to:
5.2.1. storing your choices in connection with your order,
5.2.2. saving site settings,
5.2.3. ensuring IT security.
5.3. Other types of cookies. We use some cookies so that we can provide you with a better quality and more personalised service. As part of this, we may place cookies on your device:
5.3.1. to provide traffic analysis and website usage, including third party cookies,
5.3.2. for advertising purposes to display tailored advertising on our and other websites, including third party cookies,
5.3.3. linking to social networks, including third-party cookies,
5.4. Cookie storage settings. You can make settings for the use of cookies on our website within the relevant options on your device, for example by blocking cookies if you do not agree to their use on our website. If you use this option, you acknowledge that some parts of the service may not function correctly.