Protection of personal data
I. Basic provisions
- The controller of personal data according to Article 4 point 7 of the Regulation of the European Parliament and Council (EU) 2016/679 on the protection of natural persons in relation to the processing of personal data and on the free movement of such data (hereinafter referred to as: "GDPR”) is Project Fleur s.r.o., Company ID: 10677062, with registered office at: Pískařská 3, 143 00 Prague - Modřany (hereinafter referred to as: “administrator“)
- The contact details of the administrator are:
email: info@fleur21.cz
telefon: +420 777 898 346
- Personal data refers to any information about an identified or identifiable natural person; an identifiable natural person is a person who can be identified, directly or indirectly, particularly by reference to a specific identifier, such as a name, identification number, location data, network identifier, or to one or more specific elements of the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
II. Sources and categories of processed personal data
- The administrator processes personal data that you have provided to him/her or personal data that the administrator has obtained based on the fulfillment of your order.
- The administrator processes your identification and contact details and data necessary for the fulfillment of the contract.
III. Legal basis and purpose of processing personal data
- The legal basis for processing personal data is
- fulfillment of the contract between you and the administrator according to Article 6(1)(b) GDPR,
- The legitimate interest of the controller in providing direct marketing (especially for sending commercial communications and newsletters) according to Article 6(1)(f) GDPR,
- Your consent to the processing for the purposes of providing direct marketing (especially for sending commercial communications and newsletters) according to Article 6(1)(a) of the GDPR in connection with Section 7(2) of Act No. 480/2004 Coll., on certain information society services in the event that no order for goods or services has been made.
- The purpose of processing personal data is
- processing your order and the performance of rights and obligations arising from the contractual relationship between you and the administrator; when placing an order, personal data is required, which is necessary for the successful processing of the order (name and address, contact), providing personal data is a necessary requirement for concluding and fulfilling the contract, without providing personal data it is not possible to conclude the contract or for the administrator to fulfill it,
- sending commercial communications and conducting other marketing activities.
- There is no automatic individual decision-making by the administrator in the sense of Article 22 of the GDPR.
IV. Data retention period
- The administrator stores personal data
- for the period necessary to exercise the rights and obligations arising from the contractual relationship between you and the administrator and to assert claims from these contractual relationships (for a period of 15 years from the termination of the contractual relationship).
- For the duration until the consent for the processing of personal data for marketing purposes is revoked, for a maximum of 15 years, if the personal data is processed based on consent.
- After the retention period of personal data has expired, the data controller will delete the personal data.
V. Recipients of personal data
- The recipients of personal data are individuals
- participating in the delivery of goods to customers, executing payments based on the contract,
- suring services for operating an e-shop and other services related to the operation of an e-shop,
- providing accounting services.
- The administrator does not intend to transfer personal data to a third country (to a country outside the EU) or to an international organization.
VI. Cookie Policy
- The administrator uses so-called cookies within the framework of improving service quality, personalizing the offer, collecting anonymous data, and for analytical purposes in their presentation. By using the website, the User agrees to the use of the mentioned technology.
- Essential cookies - Cookies that are strictly necessary for the operation of the website and internet services. Consent is not required for the use of these cookies.
- Analytical and marketing cookies - Cookies falling into this category are used primarily for anonymous tracking of traffic and user activity on our websites. This allows us to monitor what customers like and improve our services.
- How to refuse the use of cookies? Using cookies can be set through your internet browser. Most browsers automatically accept cookies by default. Cookies can be rejected or the use of only certain cookies can be set through your web browser.
Information about browsers and how to set preferences for cookies can be found on the following websites:
Chrome
Firefox
Internet Explorer
An effective tool for managing cookies is also available on the pages http://www.youronlinechoices.com/cz/
VII. Your rights
- Under the conditions set out in the GDPR, you have
- right of access to your personal data under Article 15 GDPR,
- right to rectify personal data according to Article 16 GDPR, or restriction of processing according to Article 18 GDPR.
- right to erasure of personal data according to Article 17 GDPR.
- the right to object to processing under Article 21 of the GDPR and
- right to data portability under Article 20 of the GDPR.
- The right to withdraw consent to processing in writing or electronically to the address or email of the administrator specified in Article III of these terms.
- You also have the right to file a complaint with the Office for Personal Data Protection if you believe that your right to personal data protection has been violated.
VII. Terms of Personal Data Security
- The administrator declares that he has taken all appropriate technical and organizational measures to secure personal data.
- The administrator has taken technical measures to secure data storage and personal data storage in electronic form, particularly by creating passwords and designating authorized persons who have access to this data. These individuals are obliged to maintain confidentiality regarding personal data and security measures, the disclosure of which would jeopardize their security.
- The administrator will ensure their demonstrable commitment to this obligation. The administrator will ensure that this obligation for the administrator and authorized persons will continue even after the termination of the employment or other relationship with the administrator.
- The administrator declares that only authorized persons have access to personal data.
VIII. Final provisions
- By submitting an order through the online order form, you confirm that you are familiar with the privacy policy and that you accept it in its entirety.
- You agree to these terms by checking the consent via the online form. By checking the consent, you confirm that you are familiar with the privacy policy and that you accept it in its entirety.
- The administrator is entitled to change these terms. The new version of the privacy policy will be published on its website and will also send you the new version of these terms to the email address you provided to the administrator.
These terms take effect on November 19, 2021.