info@eurograv.cz
+420 773 279 279
en

INFORMATION ON THE PROCESSING OF PERSONAL DATA IN ACCORDANCE WITH GDPR

I.

Basic Provisions

1. The data controller pursuant to Article 4(7) of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons regarding the processing of personal data and on the free movement of such data (hereinafter referred to as "GDPR") is:

  • Eurograv tech s.r.o.
  • Fügnerova 315, 757 01, Valašské Meziříčí
  • KONTAKT: Roman Hambálek
  • telefon: +420 773279279
  • email: hambalek@eurograv.cz

(hereinafter referred to as the "controller").

2. Personal data refers to all information about an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

3. The controller has not appointed a data protection officer.

II.

1.Sources and Categories of Processed Personal Data

1. The controller processes personal data you have provided or data obtained based on filling out and submitting any contact form on this website or from fulfilling your order.

2. The controller processes your identification and contact details for its internal marketing needs.

3. The controller processes personal data you have provided based on your consent to subscribe to the newsletter. For sending newsletters and commercial communications, we process your first name, last name, and email address for a period of 5 years. Consent is voluntary and can be withdrawn at any time. Unsubscribing from commercial communications is possible in every email footer.

III.

Legal Reason and Purpose for Processing Personal Data

1. The legal reason for processing personal data is:

  • the performance of a contract between you and the controller under Article 6(1)(b) GDPR,
  • the legitimate interest of the controller in providing direct marketing (especially for sending commercial communications and newsletters) under Article 6(1)(f) GDPR,
  • your consent to processing for the purpose of providing direct marketing (especially for sending commercial communications and newsletters) under Article 6(1)(a) GDPR in conjunction with Section 7(2) of Act No. 480/2004 Coll., on certain information society services, if no goods or services have been ordered.

2. The purpose of processing personal data is:


  • ensuring the conclusion and subsequent fulfillment of the contractual obligation between the controller and the buyer (Article 6(1)(b) GDPR). From this relationship, further statutory obligations arise, and the controller must process personal data for this purpose (Article 6(1)(c) GDPR); when ordering, personal data necessary for successful processing of the order (name, address, contact) is required. Providing personal data is a necessary requirement for concluding and fulfilling the contract; without providing personal data, it is not possible to conclude or perform the contract by the controller,
  • sending commercial communications and conducting other marketing activities.

3. The controller does not engage in automated individual decision-making within the meaning of Article 22 GDPR.

IV.

Data Retention Period

1. The controller retains personal data:

  • for the period necessary to exercise the rights and obligations arising from the contractual relationship between you and the controller and to enforce claims from these contractual relationships (a maximum of 10 years from the end of the contractual relationship).
  • for the period until consent for personal data processing for marketing purposes is withdrawn or the purpose for which consent was granted expires, and/or the period for which consent was granted ends, a maximum of 5 years if personal data is processed based on consent and no other legal basis for processing exists.
  • for compliance with statutory obligations for the archiving of accounting documents under Act No. 563/1991 Coll., on Accounting, as amended. Personal data (excluding email addresses and phone numbers) will continue to be processed and retained for 5 years starting from the year following the year the contract between the controller and the buyer was concluded.

2. After the retention period for personal data expires, the controller deletes the personal data.

V.

Recipients of Personal Data (Controller's Subcontractors)

1. Recipients of personal data include services and applications necessary for contract performance or marketing services:

  • those involved in the delivery of goods/services/realization of payments under the contract,
  • those providing e-shop operation services and other services related to the operation of the e-shop and website,
  • those providing marketing services.

2. The controller does not intend to transfer personal data to a third country (a country outside the EU).
VI.

Your Rights

1. Under the conditions set out in the GDPR, you have the:

  • right to access your personal data under Article 15 GDPR,
  • right to correct personal data under Article 16 GDPR or restrict processing under Article 18 GDPR,
  • right to delete personal data under Article 17 GDPR,
  • right to object to processing under Article 21 GDPR,
  • right to data portability under Article 20 GDPR,
  • right to withdraw consent to processing in writing or electronically at the address or email of the controller listed in Article I of these conditions.

2. Additionally, you have the right to lodge a complaint with the Office for Personal Data Protection if you believe your right to data protection has been violated. We would greatly appreciate it if you first inform us of this suspicion so that we can address and rectify any potential issues.

VII.

Cookies

1. When browsing our website, we record your IP address, the duration of your visit, and the page from which you came. We view the use of cookies for measuring website traffic and tailoring the display of the website as a legitimate interest of the controller, as we believe this enables us to offer you better services.

2. The website can also be browsed in a mode that does not allow the collection of personal data. You can disable cookies in your browser. To learn about the cookies we use and their purposes, see the section at the end of this document: Cookie Policy.

VIII.

Conditions for Securing Personal Data

1. The controller declares that it has taken all appropriate technical and organizational measures to secure personal data.

2. The controller has taken technical measures to secure data storage and personal data storage in physical form, including passwords, antivirus software, backups, and lockable cabinets.

3. The controller declares that only authorized persons have access to personal data.

IX.

Final Provisions
1. By submitting an order through the online order form, you confirm that you have read the personal data protection terms and conditions and that you accept them in full.

2. You agree to these terms by checking the consent box through the online form. By checking the consent box or filling out any contact form on this website, you confirm that you have read and fully accept the personal data protection terms and conditions.
3. Personal data subjects who provide their personal data via the registration form to conclude a contract with the controller or consent to data processing do so voluntarily, on their behalf, and the controller does not direct their activity in any way.

4. The controller is entitled to amend these terms. The new version of the personal data protection terms will be published on its website.