sekce_zpracovani_ou

Privacy Policy

I. Privacy Policy

1.1. By sending an order from the online order form for the delivery of services, an order by phone or by using the services themselves, the user confirms that he/she understands the terms of personal data protection, that he/she expresses his/her consent to their wording, and that he/she accepts them in their entirety.
1.2 The Provider is the controller of the users' personal data pursuant to Article 4(7) of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter referred to as "GDPR"). The Provider undertakes to process personal data in accordance with legal regulations, in particular the GDPR.

1.3. Personal data are all information about an identified or identifiable natural person; an identifiable natural person is a natural person who can be identified, directly or indirectly, in particular by reference to a specific identifier, such as a name, identification number, location data, network identifier or to one or more specific elements of the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
1.4 When placing an order, personal data are required that are necessary for the successful processing of the order (invoicing data, email, telephone number). The purpose of processing personal data is to process the user's order and exercise the rights and obligations arising from the contractual relationship between the Provider and the User. The purpose of processing personal data is also to send commercial communications and carry out other marketing activities. The legal reason for processing personal data is the performance of the contract pursuant to Article 6(1)(b) of the GDPR, the fulfillment of the controller's legal obligation pursuant to Article 6(1)(a) of the GDPR, c) GDPR and the legitimate interest of the Provider pursuant to Article 6(1)(f) GDPR. The legitimate interest of the Provider is the processing of personal data for direct marketing purposes.

1.5 The Provider uses the services of subcontractors to fulfill the license agreement, in particular the mailing service provider (personal data is not stored in 3rd countries) and the web hosting provider. The subcontractors are checked for the secure processing of personal data. The Provider and the web hosting subcontractor have concluded a personal data processing agreement, according to which the subcontractor is responsible for the proper security of the physical, hardware and software perimeter, but is not directly liable to the user for any leakage or violation of personal data.
1.6 The Provider stores the user's personal data for the period necessary to exercise the rights and obligations arising from the contractual relationship between the Provider and the user and to assert claims from these contractual relationships (for a period of 10 years from the termination of the contractual relationship). After its expiration, the data will be deleted.

1.7 The user has the right to request from the provider access to his/her personal data pursuant to Article 15 GDPR, rectification of personal data pursuant to Article 16 GDPR, or restriction of processing pursuant to Article 18 GDPR. The user has the right to erasure of personal data pursuant to Article 17(1)(a), and (c) to (f) GDPR. Furthermore, the user has the right to object to processing pursuant to Article 21 GDPR and the right to data portability pursuant to Article 20 GDPR.
1.8 The user has the right to file a complaint with the Office for Personal Data Protection if he/she believes that his/her right to personal data protection has been violated.
1.9 The user is not obliged to provide personal data. However, providing personal data is a necessary requirement for concluding and fulfilling the contract and without providing personal data, it is not possible to conclude the contract or for the provider to fulfill it.

1.10 The Provider does not make any automatic individual decision-making within the meaning of Article 22 of the GDPR.
1.11 By binding confirmation of the order, the User:
1.11.1 agrees to the use of his/her personal data also for the purposes of electronically sending commercial communications, advertising materials, direct sales, market surveys and direct product offers by the Provider and third parties, but not more often than once a week, and at the same time
1.11.2 declares that the sending of information pursuant to paragraph 7.11.1 is not considered unsolicited advertising within the meaning of Act No. 40/1995 Coll. as amended, because the User expressly agrees to the sending of information pursuant to paragraph 7.4.1 in conjunction with Section 7 of Act No. 480/2004 Coll.
1.11.3 The user may withdraw his consent under this paragraph at any time in writing at info@jedishop.cz
1.12 The Provider uses cookies in its presentation to improve the quality of services, personalize the offer, collect anonymous data and for analytical purposes. By using the website, the User agrees to the use of the aforementioned technology.

II. Rights and obligations between the controller and the processor (processing agreement)

2.1 The Provider is a processor in relation to the personal data of the users' clients pursuant to Article 28 of the GDPR. The user is the administrator of such data.
2.2 These terms and conditions govern the mutual rights and obligations in the processing of personal data to which the Provider has gained access as part of the fulfillment of the license agreement concluded in the form of acceptance of the general terms and conditions at https://www.jedishop.cz/cz-sekce-obchodni_podminky.html (hereinafter referred to as the "license agreement") concluded with the User on the date of establishment of the user account.
2.3. The Provider undertakes to process personal data for the User to the extent and for the purpose specified in Article 1.4 of these terms and conditions. The means of processing will be automated. The Provider will collect, store on information carriers, store, block and destroy personal data as part of the processing. The Provider is not authorized to process personal data in violation of or beyond the scope specified in these terms and conditions.

2.4 The Provider undertakes to process personal data for the User to the following extent:
a) regular personal data,
b) special categories of data pursuant to Article 9 of the GDPR, which the User has obtained in connection with his own business activities (which include passwords and accesses, data that may contain other personal data for the purpose of fulfilling the services)
2.5. The Provider undertakes to process personal data for the User for the purpose of providing the Shop5 e-shop platform in the form of a license agreement.
2.6. Personal data may only be processed at the Provider's or its subcontractors' workplaces pursuant to Article 1 of these terms and conditions, namely within the territory of the European Union.
2.7. The Provider undertakes to process personal data of the User's clients for the User, all for the period necessary to exercise the rights and obligations arising from the contractual relationship between the Provider and the User and to assert claims arising from these contractual relationships (for a period of 10 years from the termination of the contractual relationship).

2.8 The User grants permission to engage a subcontractor as a further processor pursuant to Article 28(2) of the GDPR, which is the hosting provider of the Shop5 application. The User further grants the Provider general permission to engage another processor in the processing of personal data, however, the Provider must inform the User in writing of all intended changes regarding the acceptance of further processors or their replacement and provide the User with the opportunity to object to such changes. The Provider must impose on its subcontractors in the position of processors of personal data the same obligations for the protection of personal data as set out in these terms and conditions.
2.9. The Provider undertakes that the processing of personal data will be secured in particular in the following manner:
1. Personal data is processed in accordance with legal regulations and on the basis of the User's instructions, i.e. for the performance of all activities necessary for the provision of the Shop5 e-shop platform in the form of a license agreement.

2. The Provider undertakes to technically and organizationally ensure the protection of the processed personal data in such a way that unauthorized or accidental access to the data, their alteration, destruction or loss, unauthorized transfers, their other unauthorized processing, as well as other misuse cannot occur, and that all obligations of the personal data processor arising from legal regulations are continuously ensured in terms of personnel and organization during the period of data processing.
3. The technical and organizational measures taken correspond to the level of risk. With their help, the Provider ensures the constant confidentiality, integrity, availability and resilience of the processing systems and services, and promptly restores the availability of personal data and access to them in the event of physical or technical incidents.
4. The Provider hereby declares that the protection of personal data is subject to the Provider's internal security regulations.

8. After the end of the provision of the performance associated with the processing, according to Article 1.6 of these Terms and Conditions, the Provider is obliged to delete all personal data or return them to the User, unless it is obliged to store personal data on the basis of a special law.
9. The Provider shall provide the User with all information necessary to prove that the obligations under this Agreement and the GDPR have been fulfilled, and shall allow audits, including inspections, carried out by the User or another auditor authorized by the User.
2.10 The User undertakes to immediately report all facts known to him that could adversely affect the proper and timely fulfillment of obligations arising from these Terms and Conditions and to provide the Provider with the cooperation necessary for the fulfillment of these Terms and Conditions.

III. Final provisions

3.1 These terms and conditions shall expire upon the expiry of the period specified in Article 1.6 of these terms and conditions.
3.2 The User agrees to these terms and conditions by checking the consent form. By checking the consent form, the User indicates that he/she has read these terms and conditions, that he/she agrees with them and that he/she accepts them in their entirety.
3.3 The Provider is entitled to change these terms and conditions. The Provider is obliged to publish a new version of the terms and conditions on its website without undue delay, or send the new version to the User to his/her e-mail address.
3.4 The Provider disclaims all liability for the loss or other misuse of the personal data of the e-shop owner.
3.5 The Provider's contact details in matters relating to these terms and conditions: +420 775 889 991, katka@shop5.cz.
3.6 Relationships not expressly regulated by these terms and conditions are governed by the GDPR and the laws of the Czech Republic, in particular Act No. 89/2012 Coll., Civil Code, as amended.
These terms and conditions come into effect on 25 May 2018.

Mrkněte na náš Instagram

Above | Page print