- The personal data controller referred to in article 4 point 7 of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter: ‘GDPR‘) is Nuteo s.r.o., identification number: 07126484 with SídlemRychtářov 198, 682 01 Vyškov, Czech Republic (hereinafter: “Administrator“).
- Admin Contact information is
Address: Rychtářov 198, 682 01 Vyškov, Czech Republic
Phone: + 420 734 722 544
- Personal data means all information relating to an identified or identifiable natural person; An identifiable natural person is a natural person who can be identified, directly or indirectly, in particular by reference to a particular identifier, such as name, identification number, locator data, network identifier or one or more special elements of the physical , physiological, genetic, psychological, economic, cultural or social identity of this individual.
- The administrator has appointed a trustee for the protection of personal data. The contact details of the responsible
Name: Barbora Maloňová
Phone: + 420 734 722 544
Sources and categories of personal data processed
- The administrator processes the personal data that you have provided to him or the personal information that the administrator has received by the fulfillment of your order.
- The administrator processes your identification and contact details of the data necessary for the performance of the contract.
Legal reason and purpose of processing personal data
- Legal reason for the processing of personal data is
- Performance of the contract between you and the administrator Article 6 1 (a) b) GDPR,
- Legitimate interest of the controller in providing direct marketing (in particular for sending commercial communications and newsletters) under art. Article 6 1 (a) f) GDPR,
- Your consent to the processing for the purpose of providing direct marketing (in particular for sending commercial messages and newsletters) pursuant to art. Article 6 1 (a) A) GDPR in conjunction with § 7 para. 2 of Act No. 480/2004 Coll., on some information society services in the event that there was no order of goods or services.
- The purpose of processing personal data is
- The execution of your order and the exercise of the rights and obligations arising from the contractual relationship between you and the Administrator; When ordering personal data required for successful execution of the order (name and address, contact), the provision of personal data is a necessary requirement for the conclusion and performance of the contract, without providing personal data, it is not possible to conclude the contract or By the administrator to fulfil,
- Sending commercial communications and other marketing activities.
- What data we collect during the purchase process in our e-shop and how we store it
While visiting our site, we will monitor
- Products already displayed: We may use this information to display products that have already been viewed.
- Location, IP address and browser type: We use this information for example. To count taxes and postage
- Delivery address: We ask you to provide this information because of the preliminary calculation of the shipping price before you create your order and you will receive the goods.
If you buy us, we will request information from you such as your name, billing address, shipping address, email address, phone number, credit card/payment information, and optional account information such as your username and password. This information will be used for purposes such as:
- Send your account and order information
- Responding to your requests including refunds and claims
- Payment processing and fraud prevention
- Setting up your account in our store
- Compliance with any legislation we have, for example tax calculation
- Improve our e-shop offer
- Send marketing Messages if you choose to subscribe.
- If you create an account, we store your name, address, email and phone number, which will be used in the future to fill the checkout page.
- We usually store your information for as long as we use it for the purposes for which it was requested and it is no longer legally necessary to store it. For example, we keep the order information for 5 years for tax and accounting purposes. This information includes your name, email, billing and shipping address.
- We will also keep comments or reviews If you choose to publish them.
- The administrator does not have automatic individual decision-making within the meaning of article 22 GDPR.
Data retention Period
- The administrator keeps personal information
- For as long as is necessary to exercise the rights and obligations arising from the contractual relationship between you and the Administrator and the enforcement of claims from these contractual relations (for a period of 15 years from the end of the contractual relationship).
- As long as the consent to the processing of personal data for marketing purposes is revoked, not more than 5 years if personal data are processed by consent.
- After the personal data retention period expires, the administrator deletes the personal information.
Recipients of personal data (sub-contractors of the administrator)
- Recipients of personal data are persons
- Involved in the supply of goods/services/implementation of payments under the contract,
- Providing e-shop services and other services in connection with the operation of the e-shop,
- providing marketing services.
- The administrator may transfer personal data to a third country (non-EU country) or international organization. Recipients of personal data in third countries are mailing service providers, marketing analysis, marketing, payment gateways, shipping providers and third party embedding.
- We share information with third parties that assist us in processing your orders and the services we provide that may be located abroad (even in a non-EU country) For example:
- Mailing Service-Marketing purposes
- Services Operating Security Plugins – The purpose is to secure the E-shop from attack by robots and hackers
- Third-party payment processes-we accept payment cards via the GoPay service. When you process your payment, some of your information will be transferred to GoPay, including information needed to process or support your payment, such as your total sales amount, credit card information, or billing information.
- Comments and user reviews placed on our e-shop by our visitors can be controlled through an automated spam detection service that can be located abroad (even in a non-EU country).
- Under the conditions set out in GDPR, you
- Right of access to your personal data under art. 15 GDPR,
- Right to repair personal data pursuant to art. 16 GDPR, where applicable, limitation of processing in accordance with article. 18 GDPR.
- Right to erasure of personal data pursuant to art. 17 GDPR.
- The right to object to the processing under art. 21 GDPR and
- Right to data portability under art. 20 GDPR.
- The right to revoke consent to the processing in writing or electronically to the address or email administrator referred to in art. III to these conditions.
- You also have the right to lodge a complaint with the Office for Personal Data protection in the event that you believe that your right to the protection of personal data has been infringed.
Personal Information Security Terms
- The administrator declares that he has taken all appropriate technical and organisational measures to secure personal data.
- The administrator has adopted technical measures to secure data repositories and personal data stores in paper form. In particular, security of access to data storage, administration of e-shop and hosting services using passwords. Furthermore, the use of anti-spam applications installed inside the e-shop, the use of encrypted access by users of the e-shop using secure protocol HTTPS and regular data backup, when backups are secured using passwords. The data in the paper form are secured by mechanical means (locked).
- The administrator declares that personal data can only be accessed by authorized persons.
- The administrator is authorized to change these terms. The new version of the privacy terms will be published on its website and also send you a new version of these terms and conditions with your email address provided to you by the administrator.
These conditions shall take effect from the date of 1.9.2018.