Personal data protection

PRINCIPLES OF PERSONAL DATA PROTECTION (GDPR)

1. INTRODUCTION

These principles explain how the Blak e-shop (www.blakprg.com) processes the personal data of visitors and customers, what data we process, for what reason, how long we keep it, to whom we can transfer it, and what your rights are.

2. PERSONAL DATA CONTROLLER

The personal data controller is:

Seller: Tobias Janda

Address: Slunecna 673

ID: 22055321

251 63 Strančice

Czech Republic

Email: info@blak.cz

3. LEGAL FRAMEWORK AND LEGAL BASIS OF PROCESSING

We process personal data in accordance with the legal regulations of the Czech Republic and the European Union, in particular:

1) Regulation (EU) 2016/679 (GDPR)

2) Act No. 110/2019 Coll., on the processing of personal data

We process personal data mainly on the following legal bases:

1) performance of the contract (order processing, delivery of goods, communication)

2) fulfillment of legal obligations (accounting, tax documents, mandatory archiving)

3) legitimate interest (protection against misuse, e-shop security, basic service improvement, direct marketing to a reasonable extent)

4) consent (especially marketing cookies, targeting, newsletter - if used)

You can withdraw your consent at any time if the processing is based on consent.

4. WHAT DATA DO WE PROCESS?

We process the data you provide to us when making a purchase or communicating, typically:

1) first and last name

2) delivery and billing information

3) email and phone

4) order content and related communication

5) data related to payment and delivery

6) data required for a complaint or return of goods

For reasons of security and proper functioning of the e-shop, we may also process technical data:

1) IP address

2) device and browser information

3) data about website behavior (to the extent consistent with cookie settings and consents granted)

5. PURPOSES OF PROCESSING

We process personal data in particular for the purpose of:

1) processing the order and concluding the purchase contract

2) delivery of goods and communication about the order

3) making payment and issuing accounting documents

4) handling complaints and returns

5) customer support

We can also use the data:

1) to secure the e-shop and prevent fraud

2) to improve services and user experience

3) for direct marketing to a reasonable extent (if legally permissible)

4) for marketing purposes only based on consent (e.g. marketing cookies/targeting)

6. COOKIES AND SIMILAR TECHNOLOGIES (INCLUDING PIXELS)

We use cookies and similar technologies on the website:

1) necessary cookies for the proper functioning of the e-shop

2) preference cookies to remember settings

3) analytical cookies for measuring traffic (if consent is given, if required)

4) marketing cookies/pixels for targeting and advertising (only to the extent of consent)

You can change your consent at any time using the cookie settings on the website.

7. WHO MAY HAVE ACCESS TO THE DATA AND TO WHOM WE TRANSFER IT

We make personal data available only to the extent necessary to entities involved in the operation of the e-shop and order fulfillment, typically:

1) e-shop platform operators

2) payment service providers

3) carriers

4) email and analytics providers

5) to customer support and IT management providers

In order to deliver the order, we provide carriers with data to the necessary extent (typically name, address, e-mail, telephone number).

In some cases, data may be transferred to other persons (e.g. accountant, tax advisor, lawyer, IT administrator), always only to the extent necessary and for the purpose of protecting our rights or fulfilling legal obligations.

8. STORAGE PERIOD

We retain personal data for the period necessary to fulfill the purpose of the processing:

1) we store data on orders and accounting documents for the period specified by legal regulations

2) we store other data for a reasonable period of time according to legitimate interest or until consent is revoked (if relevant)

9. DATA SECURITY

We take appropriate technical and organizational measures to protect personal data against misuse, loss and unauthorized access. Only authorized persons and verified providers have access to the data to the extent necessary for a specific purpose.

10. YOUR RIGHTS

You have the right:

1) access to personal data

2) to correct inaccurate data and complete incomplete data

3) for deletion (under the terms of GDPR)

4) to restrict processing (under the terms of GDPR)

5) object to processing based on legitimate interest

6) data portability (if the processing is based on a contract or consent and is automated)

7) withdraw consent (if processing is based on consent)

If you are not satisfied with the way in which we process your data, you have the right to file a complaint with the supervisory authority:

Office for Personal Data Protection (ÚOOÚ).

11. CONTACT FOR GDPR

For any requests, inquiries or exercise of rights, please contact us at:

info@blak.cz