I. General Provisions
1. The Company RACIO, s.r.o. is the administrator of personal data under Art. 4 point 7 of the European Parliament and of the Council (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and Act no. 110/2019 Coll. For the Czech Republic (Hereinafter: "GDPR").
VAT CZ46970860, based at Narodnich hrdinu 3146 / 22B Breclav 69002 Czech Republic (hereinafter the "Administrator").
2. Contact details of the Administrator
Address: Narodnich hrdinu 3146 / 22B, 69002 Breclav CZ
3. Personal data means any information relating to an identified or identifiable natural person; an identifiable natural person is an individual who can be identified directly or indirectly, in particular by reference to a specific identifier, such as name, identification number, location data, network identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of individuals.
4. The Administrator has not appointed Commissioner for Personal Data Protection.
II. Resources and the categories of processed personal data
1. The Administrator processes personal data which you provide and / or personal infomation which the Administrator gained based on the fulfilment of your order.
2. The Administrator handles your identification and contact information and data only necessary for performance of the contract.
III. Legitimate reason and purpose of the processing of personal data
1. The legitimate reasons the processing of personal data are:
· The contract between you and the Administrator pursuant to Art. 6, paragraph. 1 point. b) GDPR,
· Administrator legitimate interest in providing direct marketing (especially for sending commercial messages and newsletters) in accordance with Art. 6, paragraph. 1 point. f) GDPR,
· Your consent to the processing for the purpose of providing direct marketing (especially for sending commercial messages and newsletters) in accordance with Art. 6, paragraph. 1 point. a) GDPR in conjunction with § 7 para. 2 of Act no. 480/2004 Coll., on certain information about the company services in the event that there is no ordering goods or services.
2. The purpose of processing personal data is:
· Process your order and the rights and obligations arising from the contractual relationship between you and the Administrator; when ordering the required personal data that are necessary for the successful execution of the order (name, address, contact), provision of personal data is a necessary requirement for the conclusion of the contract, without providing personal data is not possible to conclude the contract or fulfill it by the administrator,
· Sending commercial messages and do other marketing activities.
3. On the part of the administrator, there is no automatic individual decision-making within the meaning of Article 22 of the GDPR.
IV. Retention time of personal data
1. The Administrator keeps personal data:
· over the time necessary to exercise the rights and obligations arising from the contractual relationship between you and the Administrator and claims of the contractual relations (for a period of 15 years from the termination of the contractual relationship).
· Continue until the withdrawal of consent to the processing of personal data for marketing purposes, up to 10 years if personal data are processed on the basis of consent.
2. The Administrator delets personal information after the expiry of retention of personal data.
V. Recipients of personal data (administrative subcontractors)
1. Recipients of personal data are persons:
· Involved in the delivery of goods and making payments under the contract,
· Providing services for the operation of e-shop and other services in connection with the operation of e-shop,
· Providing marketing services.
2. The Administrator does not intend to transfer personal data to a third country (to a country outside the EU) or international organization. Recipients of personal data in third countries as providers of mailing services / cloud services.
VI. Your rights
1. Under the conditions set out in GDPR you have:
· the right of access your personal data pursuant to Art. 15 GDPR,
· the right to correct personal data pursuant to Art. 16 GDPR or processing restrictions pursuant to Art. 18 GDPR.
· the right to erasure of personal data pursuant to Art. 17 GDPR.
· the right to object to the processing according to Art. 21 and GDPR
· the right to data portability under Art. 20 GDPR.
· the right to withdraw consent to the processing in writing or electronically to the address or e-mail of the Administrator referred to in Art. III of these conditions.
2. Next, you have the right to file a complaint with the Office for Personal Data Protection in the event that you think was violated your right to privacy.
VII. Terms of security of personal data
1. The Administrator declares that it has taken all appropriate technical and organizational measures to protect personal data.
2. The Administrator has taken technical measures to protect the data storage and storage of personal data in paper form.
3. The Administrator declares that personal data can be accessed only by authorized person.
VIII. Final Provisions
1. By sending an order from the online order form, you confirm that you are aware of / and conditions and privacy that you accept in its entirety.
2. You agree to these terms by checking the approval through an online form. By checking the consent you acknowledge that you are aware of / and conditions and privacy that you accept in its entirety.
3. The Administrator is entitled to change these conditions. The new version of the Terms privacy publish on its website and also will send you a new version of these conditions onto your e-mail address you provide to the Administrators.