PERSONAL DATA PROTECTION

(PRIVACY POLICY)

of the brandVALEN&MASAR
held byGlobal Trade Systems s.r.o.
having its registered office at Kloboukova 1231/75, Chodov, 148 00 Praha 4
identification number: 291 29 010
registered in the Commercial Register maintained by the Municipal Court in Prague, section C, entry 202431
(hereinafter referred to as “VALEN&MASAR” or “Global Trade Systems s.r.o.”)
for the conclusion of purchase agreements and contracts for work on the basis of the product offering presented at https://valenmasar.cz

When a visitor browses the web interface of the https://valenmasar.czwebsite, contacts VALEN&MASAR through a web form, by telephone, e-mail communication, social media, or provides any type of personal data to VALEN&MASAR, the personal data thus provided is processed by Global Trade Systems s.r.o. in accordance with the principles set out below.To that end, Global Trade Systems s.r.o. provides the information below for use by all personal data providers.

1. WHO IS THE PERSONAL DATA CONTROLLER?

The controller of personal data administered under the brand VALEN&MASAR is Global Trade Systems s.r.o., a corporation having its registered office at Kloboukova 1231/75, Chodov, 148 00 Prague 4, identification number: 291 29 010, e-mail: hello@valenmasar.cz (hereinafter referred to as the “Controller”).

In what situations does VALEN&MASAR process personal data?

  1. 1. Personal data processing WITH THE CONSENT of the provider – customer

    Legal title:Consent.

    VALEN&MASAR will only request consent of the personal data provider if it makes any untargeted type of a general marketing offering or general commercial communication towards the personal data provider.

    Such consent to the processing of personal data for the sending of marketing offers and commercial communication may be withdrawn by the personal data provider at any time, in written form, sent to the Controller’s address or in electronic form sent by e-mail to:hello@valenmasar.cz

  1. Personal data processing WITHOUT the provider’s – customer’s CONSENT

    VALEN&MASAR processes personal data without the personal data processor’s consent on the basis of the following legal titles and for the following purposes:

    1. Legal title:Performance of a contract.
      Purpose:
      – performance of an agreement concluded, including the provision of performance and related communication.

    2. Legal title:Taking measures upon request prior to the conclusion of an agreement.
      Purpose:
      – provision of information upon the request of the personal data provider concerning the conditions of the conclusion of the agreement, availability of services, service terms, etc.
    3. Legal title: Protection of the Controller’s rights and legitimate interests.
      Účel:
      – collection of the Controller’s receivables from the customer;
      – Directly targeted commercial offers based on the customer’s request, consisting of an offer of relevant products and services provided by VALEN&MASAR prior to the conclusion of an agreement or in connection with the performance of an agreement or in connection with the registration of the customer.
    4. Legal title:Performance of a legal obligation arising from law.
      Purpose:
      – providing cooperation to government authorities on the basis of the law and within its bounds, including the processing of data on the basis of the law, such as accounting, performance of tax obligations, etc.

2. WHAT PERSONAL DATA DOES THE CONTROLLER PROCESS?

Based on the legal title, VALEN&MASAR processes the following data:

  • identification data (name, surname, date of birth);
  • contact details (telephone number, e-mail address, postal address);
  • identification number and tax identification number, if the customer is a business;
  • social network contact details;
  • IP address of an accessing device (and position derived therefrom);
  • identification and technical parameters of the device;
  • information about behaviour on the web;
  • information about products and services provided;
  • information from mutual communication (whether conducted in person, in writing, by telephone, or otherwise);
  • payment information (e.g., information from paid orders, services, etc.);

3. FROM WHAT SOURCES DOES THE INFORMATION COME?

The personal data processed by the Controller comes exclusively from the personal data provider, meaning that it is data provided by the customer, for example, in connection with the conclusion of an agreement, its subject matter, or the customer provided them with his consent for the purpose of marketing offers or commercial communication.The Controller may receive personal data of a customer, if it does not yet have such personal data, from another person, but always solely in connection with the performance of a contract that has been entered into by, or with the consent of, the provider, which the provider granted to the person providing the personal data.

4. WHO IS THE RECIPIENT OF PERSONAL DATA

VALEN&MASAR transmits personal data only in well-justified cases and only to the necessary or specified extent, to the following categories of recipients:

  • contractual partners that VALEN&MASAR requires for the everyday functioning and execution of a contractual relationship, namely:
    • to information technology providers with whose assistance the Controller operates its website or carries out its activities.The Controller shall be responsible for compliance with the obligation of such persons to protect the personal data;
    • to providers of accounting and tax services, for compliance with statutory obligations;
    • to providers of courier or postal services (carrier), but only to the extent of first name and surname, mailing address, the telephone number at which the carrier may contact the customer, and if the goods were not paid for in advance, also the amount that is to be paid upon the delivery of the goods.The carrier may process personal data only for the purpose of the delivery of the goods and then shall delete the personal data without delay;
    • for sending out commercial communication (e.g., by e-mail), the Controller uses the online service MailChimp.This entity is bound by confidentiality and is not entitled to use personal data for any other purpose, for which compliance the Controller is responsible.
  • to other entities if the Controller is mandated to provide personal data by legal regulations or if it is necessary for the protection of the Controller’s legitimate interests (e.g., to courts, Czech Police, etc.).

5. HOW LONG DO WE PROCESS PERSONAL DATA?

VALEN&MASAR processes personal data for the duration of a contractual relationship.In the event of personal data processing on the basis of consent, personal data will generally be processed for a period of 10 years or until the consent is withdrawn.

VALEN&MASAR notes that personal data required for the due provision of a service or for compliance with all of VALEN&MASAR’s obligations, whether they arise from an agreement or generally binding legislation, will be processed regardless of the consent given or withdrawal thereof for a period set by applicable legal regulations or in line therewith (e.g., tax documents for at least 10 years).

6. PROVIDER’S RIGHTS IN PERSONAL DATA PROCESSING

As the personal data provider, a customer has the following rights:

  • Right to access – the right to ask the Controller for access to the personal data that the Controller processes with respect to the customer, in particular to the following extent:
    • specific purposes of the processing of the personal data provided;
    • categories of personal data concerned;
    • other recipients of personal data, aside from the Controller;
    • planned period for which the personal data is processed by the Controller;
    • whether a customer has the right to request rectification or deletion of personal data or restriction of their processing or to lodge an objection against such processing;
    • information about the source of the personal data, where it was not obtained from the customer.
  • Right to rectification – the customer’s right to ask the Controller to correct imprecise or incomplete personal data;
  • Right to deletion – the customer’s right to ask the Controller to delete the personal data (if the Controller has not done so itself) in any of the following situations:
    1. personal data is no longer required for the purposes for which it was collected or otherwise processed;
    2. the consent on the basis of which personal data was being processed has been withdrawn and there are no other legal grounds for their processing;
    3. an objection has been raised against being the subject of decision-making based on automated processing of personal data and there are no overriding legitimate grounds for their processing, or an objection has been raised against personal data processing for direct marketing purposes;
    4. personal data has been processed illegally;
    5. personal data must be deleted in order to comply with a legal obligation set in EU legislation or in the legislation of a Member State applicable to the Controller;
  • Right to restriction of processing – the customer’s right to ask the Controller to restrict the processing of his personal data in any of the following situations:
    1. the customer has denied the precision of the personal data, for the period required for the Controller to verify the exactness of such personal data;
    2. personal data processing is unlawful, but the customer has refused to have the data deleted and instead has requested a restriction of their use;
    3. the Controller no longer needs the data for the purpose of processing, but the customer demands them for the establishment, exercise or defence of legal claims;
    4. An objection has been raised against personal data processing pursuant to Article 21(1) GDPR, until it is verified whether the Controller’s legitimate interests override those of the [data subject/customer]
  • Right to data portability – in cases envisaged by the GDPR, a customer is entitled to obtain the personal data pertaining to him, in a structured, commonly used and machine-readable format; this right must not prejudice the rights and freedoms of other persons;
  • Right to withdraw consent – where personal data processing is based on consent, a customer is entitled to withdraw his consent at any time to personal data processing for the purpose for which the consent was given;
  • • Right to object – the right to raise an objection with the Controller at any time against the processing of personal data for direct marketing purposes carried out on the basis of the Controller’s legitimate interest
  • Right to complain – the customer’s right to lodge a complaint with the supervisory authority: Office for Personal Data Protection, Pplk. Sochora 27, 170 00 Prague 7, www.uoou.cz

7. COOKIES

Some pages of the shop web interface use cookies – small files placed in an Internet browser when a visitor visits a web interface. Cookies are used in order to offer better customised options in the future, thanks to recognising and remembering a visitor’s specific browsing preferences.

Cookies serve several purposes.The following cookies are used on the VALEN&MASAR website:

  • Technical cookies (required): help a website to be allow basic functions, such as page navigation and access to secured sections of a website.A website cannot function correctly without those cookies.
  • Preference (functional) cookies: allow a website to remember information that alters the behaviour or look of a website, for example, the preferred language or region.In that case, a password is always encrypted.The use of these cookies is not required but makes a visit to a website far more pleasant and easier.
  • Statistical and marketing (analytical) cookies: help a website owner obtain an understanding of how visitors use its website.They collect and provide information anonymously.Analytical cookies are collected on the shop’s web interface using a digital marketing service and script of Google Inc., which then anonymises the data.After anonymisation, the data is no longer personal, as anonymised cookies cannot be attributed to a specific visitor or a specific person.VALEN&MASAR cannot ascertain from cookies how a specific user behaved on the shop’s web interface (what pages he visited, what goods he viewed, etc.).VALEN&MASAR uses information learned from those cookies for advertising processes: on the basis of this data, it is able to display advertising on third-party websites it considers relevant to the visitor.

A visitor to the VALEN&MASAR website can control what cookies are processed.To that end, the visitor can usethis add-on program from Google (which can be launched only from a computer).Or the visitor can use any commonly-used internet browser (e.g., Internet Explorer, Safari, Firefox, Chrome)with the anonymous browsing function on, which prevents the saving of data about websites visited, or can ban the storing of cookies in his browser altogether.If a visitor bans the processing of technical and functional cookies, however, he disables certain functionalities.By turning off analytical cookies, the customer will not prevent marketing offers from being displayed, but they will be less relevant to him.

If a visitor/buyer uses the VALEN&MASAR website without taking the measures described above, it agrees to the use of cookies by VALEN&MASAR.