Privacy Policy

1.

Personal Data Manager Article 4 (7) of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data (GDPR) is as follows:

  • Lenka Eliášová
  • ID No: 05434891
  • Location: Cooperative 797, Ústí nad Orlicí, 562 06
  • E-mail: Lenka@tajemstvijamu.cz
  • Telephone: +420 775 999 498

2. Types of personal data

Personal data means any information about an identified or identifiable natural person, such as name, identification number, location data, network identifier or other identity elements.

3. Data processing

  • Payment data: We use third-party payment gateways (Stripe) to process payments. The administrator does not keep credit card numbers or other sensitive payment data.
  • Google Analytics: We use Google Analytics to track and analyze the traffic of our website. Google Analytics collects anonymous data about visitors such as IP addresses, browser type, operating system and website traffic. These data are used to evaluate the use of the website and improve its functions. Google Analytics can use cookies to collect these data.
  • Data processors: Personal data will be shared with:
    • Contracting carrier for delivery of goods (e.g. Czech Post, Zásilkovna, GLS).
    • We do not transfer data to a third country or international organisation.

4. Purpose of processing

  • Implementation of the contract: Order handling and provision of services.
  • Marketing: Sending business communications and newsletters (on the basis of consent or legitimate interest).
  • Attendance analysis: Improving user experience based on data obtained through Google Analytics.

5. Duration of data retention

  • Contractual data: 15 years after termination of contractual relationship.
  • Marketing data: Until withdrawal of consent, maximum 5 years.
  • Analytical data: Google Analytics keeps data in accordance with its service conditions. Generally, data is stored for a maximum of 26 months.

6. Your Rights

According to GDPR, you have the right:

  • Access to personal data (Article 15).
  • For the correction of data (Article 16).
  • To object to processing (Article 21).
  • Data portability (Article 20).
  • Cancel consent (in writing or by e-mail).

7. Data security

The controller shall take technical and organisational measures to protect personal data and shall ensure that only authorised persons have access to the data.

8. Changes in conditions

The administrator reserves the right to change these terms and conditions. New versions will be published on the website and sent by email.

Validity: This Privacy Policy shall enter into force at the time of its publication.