The Controller of personal data within the meaning of Article 4(7) of Regulation (EU) 2016/679... is ... ID No. ... with its registered office at ... (hereinafter the “Controller”).
Contact details of the Controller:
Address: ...
Email: ...
Phone: ...Personal data means any information relating to an identified or identifiable natural person.
The Controller has / has not appointed a Data Protection Officer.
Contact details of the DPO: ...
#1
The Controller processes personal data you have provided or obtained in connection with the performance of your order.
The data processed includes identification, contact details, and information necessary for contract performance.
#2
The legal basis for processing personal data is:
performance of a contract under Article 6(1)(b) GDPR
the Controller’s legitimate interest in direct marketing (Article 6(1)(f) GDPR)
your consent for marketing purposes (Article 6(1)(a) GDPR)
The purposes of processing include:
fulfilling your order and contractual obligations
sending marketing communications and promotional content
There is no automated individual decision-making by the Controller.
#3
The Controller retains personal data:
for the duration necessary to exercise rights and obligations arising from the contractual relationship
until consent is withdrawn, for a maximum of ... years
After the retention period, the personal data will be deleted.
#4
Data recipients include:
parties involved in the delivery of goods / services / payment processing
service providers managing IT systems
marketing service providers
Personal data is / is not transferred to third countries outside the EU.
#5
Under the GDPR, you have the right to:
access your personal data
correct inaccurate data
request erasure of your data
restrict processing
data portability
object to processing
withdraw consent
You also have the right to lodge a complaint with the Data Protection Authority.
#6
The Controller declares that appropriate technical and organizational measures have been taken to secure personal data.
Only authorized persons have access to the personal data.
#7
By submitting your order, you confirm that you have read and accepted this Privacy Policy.
The Controller is entitled to amend this Policy. A new version will be published on the website or sent to your email.
This Privacy Policy is effective as of 25 May 2018.