Privacy Policy

**Personal Data Processing Policy**

**I. Basic Provisions**

The controller of personal data, in accordance with Article 4(7) of the European Parliament and Council Regulation (EU) 2016/679 on the protection of natural persons concerning the processing of personal data and on the free movement of such data (hereinafter: "GDPR"), is MENAGE Miroslav Slávik, ID 74415999, with its registered office at Josefská 9, 60200 Brno (hereinafter: "Controller").
The Controller's contact details are as follows: MENAGE, Josefská 9, 60200 Brno, email: info@menage.cz, phone: +420608360360.
Personal data refers to all information about an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, by reference to a particular identifier, such as a name, identification number, location data, online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
The Controller has not appointed a Data Protection Officer.

**II. Sources and Categories of Processed Personal Data**

The Controller processes personal data that you have provided or personal data obtained by the Controller as a result of fulfilling your order or through communication channels such as email or online contact forms.
The Controller processes your identification and contact data and information necessary for fulfilling the contract.

**III. Legal Reason and Purpose of Personal Data Processing**

The legal basis for processing personal data is:
- the fulfillment of a contract between you and the Controller under Article 6(1)(b) GDPR,
- the Controller’s legitimate interest in providing direct marketing (especially for sending business communications and newsletters) under Article 6(1)(f) GDPR,
- your consent to processing for direct marketing purposes (especially for sending business communications and newsletters) under Article 6(1)(a) GDPR in conjunction with Section 7(2) of Act No. 480/2004 Coll., on certain services of the information society, if no goods or services were ordered.
The purpose of processing personal data is:
- to process your order and exercise rights and obligations arising from the contractual relationship between you and the Controller; when ordering, personal data necessary for the successful fulfillment of the order (name, address, contact details) are required. Providing personal data is a necessary requirement for concluding and fulfilling the contract. Without providing personal data, it is not possible to conclude or fulfill the contract on the part of the Controller.
- sending business communications and engaging in other marketing activities.
There is no automatic individual decision-making by the Controller within the meaning of Article 22 GDPR.

**IV. Data Retention Period**

The Controller stores personal data:
- for the time necessary to exercise rights and obligations arising from the contractual relationship between you and the Controller and to assert claims arising from these contractual relationships (for 15 years after the termination of the contractual relationship).
- for the time until consent to processing personal data for marketing purposes is revoked, but no longer than 24 months, if personal data are processed based on consent.
After the expiration of the data retention period, the Controller will delete personal data.

**V. Recipients of Personal Data (Controller’s Subcontractors)**

Recipients of personal data are:
- Persons involved in the delivery of goods, such as Česká Pošta a.s., Uloženka s.r.o., Zásilkovna s.r.o., Direct Parcel Distribution s.r.o., GLS s.r.o.
- Payment processors based on the contract, such as GoPay s.r.o. and SumUp Payments Ltd.
- Service providers operating the e-shop and related services, such as Shoptet s.r.o. and Manon-účto s.r.o.
- Providers of marketing services, such as Heureka shopping s.r.o.
The Controller intends to transfer personal data to a third country (a country outside the EU) or an international organization. Recipients of personal data in third countries are email service providers, such as Mailchimp Ltd.

**VI. Websites**

**Cookies**
Our website uses cookies to ensure our offer is relevant, interesting, and user-friendly for you. Cookies are small text files stored on your computer, smartphone, or other device used by your browser. More information about cookies can be found here. We use cookies, for example, to:
- ensure the proper functioning of the shopping cart so that you can complete your order as easily as possible,
- remember your login details, so you don’t have to enter them repeatedly,
- tailor our website to your needs by tracking visits, your movement on the site, and the functions used,
- obtain information about the viewing of ads, so we don’t show you ads for products you’re not interested in.
Some cookies may collect information that is subsequently used by third parties to support our advertising activities (so-called “third-party cookies”). For example, information about purchased products on our website may be displayed by an advertising agency in the form of internet ad banners on websites you view. However, you cannot be identified based on this data.

**2. Use of Cookies**
Cookies used on our website can be divided into two basic types. Short-term “session cookies” are deleted as soon as you leave our website. Long-term “persistent cookies” remain stored on your device much longer or until manually deleted (the duration of cookies depends on their settings and your browser configuration).

Cookies can also be categorized based on their functionality as:
- Analytical cookies, which help us improve the user experience by understanding how users use the site,
- Conversion cookies, which allow us to analyze the performance of different sales channels,
- Tracking cookies, which in combination with conversion cookies help analyze the performance of different sales channels,
- Remarketing cookies, which are used for personalizing ad content and targeting correctly,
- Essential cookies, which are important for the basic functionality of the website.

**3. Refusal of Cookies**
Cookie settings are part of your web browser. Most browsers automatically accept cookies by default. You can reject or restrict the use of cookies via your web browser settings.

You can find information about browsers and how to set your cookie preferences on the following websites or in the documentation of your browser:
- Chrome
- Firefox
- Internet Explorer
- Android
- iPhone and iPad
An effective tool for cookie management is also available at http://www.youronlinechoices.com/cz/

**VII. Your Rights**

Under the conditions stipulated in GDPR, you have:
- the right to access your personal data under Article 15 GDPR,
- the right to rectification of personal data under Article 16 GDPR or restriction of processing under Article 18 GDPR,
- the right to erasure of personal data under Article 17 GDPR,
- the right to object to processing under Article 21 GDPR,
- the right to data portability under Article 20 GDPR,
- the right to withdraw consent to processing either in writing or electronically at the address or email of the Controller provided in Article III of these terms.

You also have the right to file a complaint with the Office for Personal Data Protection if you believe your right to data protection has been violated.

**VIII. Personal Data Security Conditions**

The Controller declares that it has taken all appropriate technical and organizational measures to secure personal data.
The Controller declares that no personal data are stored in physical form.
The Controller declares that only authorized persons have access to personal data.

**IX. Final Provisions**

By submitting an order via the online order form, you confirm that you are familiar with the personal data protection terms and that you fully accept them.
You agree to these terms by ticking the consent box via the online form. By ticking the consent box, you confirm that you are familiar with the personal data protection terms and that you fully accept them.
The Controller reserves the right to change these terms. The new version of the personal data protection terms will be published on the Controller’s website, and you will be notified by email to the address you provided to the Controller.

These terms take effect on May 25, 2018.

Grafický návrh vytvořil a nakódoval Shoptak.cz