GDPR

1. The controller of personal data pursuant to Article 4(7) of Regulation (EU) of the European Parliament and of the Council (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter: „GDPR”) is SAIMON, s.r.o.IČ: 11971258 with registered office at Revoluční 1403/28, Praha 1 (hereinafter: „the controller”).

2.The contact details of the controller are
Address: Revoluční 1403/28, Praha 1
Email: info@saimon.cz

3.Personal data means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

4.The controller has appointed a data protection officer. The contact details of the officer are the email: obchod@saimon.cz

1.The controller processes the personal data you have provided to it or the personal data that the controller has obtained on the basis of fulfilling your order.

2:The controller processes your identification and contact data and the data necessary for the performance of the contract.

1.The legal basis for processing personal data is

• performance of the contract between you and the controller pursuant to Article 6(1)(b) of the GDPR,
• the legitimate interest of the controller in providing direct marketing (in particular for sending commercial communications and newsletters) pursuant to Article 6
• your consent to processing for the purposes of providing direct marketing (in particular for sending commercial communications and newsletters) pursuant to Article 6(1)(a) of the GDPR in conjunction with Section 7(2) of Act No. 480/2004 Coll., on certain information society services, in the event that no order for goods or services has been placed.

2.The purpose of processing personal data is

• the processing of your order and the exercise of rights and obligations arising from the contractual relationship between you and the controller; when placing an order, personal data that are necessary for the successful processing of the order are required (name and address, contact), the provision of personal data is a necessary requirement for the conclusion and performance of the contract, without the provision of personal data it is not possible to conclude the contract or for the controller to perform it,
• sending commercial communications and carrying out other marketing activities.

3.On the part of the controller there is automated individual decision-making within the meaning of Article 22 of the GDPR. You have given your explicit consent to such processing.

1The controller retains personal data

• for the period necessary to exercise the rights and obligations arising from the contractual relationship between you and the controller and to assert claims from these contractual relationships (for a period of 15 years from the termination of the contractual relationship).
• until consent to the processing of personal data for marketing purposes is withdrawn, no longer than 3 years, if the personal data are processed on the basis of consent.

2After the period for retaining personal data expires, the controller will delete the personal data.

1.The recipients of personal data are entities

• participating in the delivery of services on the basis of the contract,
• providing marketing services.

2.The controller does not intend to transfer personal data to a third country (a country outside the EU) or to an international organisation.

1.Under the conditions set out in the GDPR, you have

• the right to access your personal data pursuant to Article 15 of the GDPR,
• the right to rectification of personal data pursuant to Article 16 of the GDPR, or to restriction of processing pursuant to Article 18 of the GDPR.
• the right to erasure of personal data pursuant to Article 17 of the GDPR.
• the right to object to processing pursuant to Article 21 of the GDPR and
• the right to data portability pursuant to Article 20 of the GDPR.
• the right to withdraw consent to processing in writing or electronically to the address or email of the controller specified in Article III of these terms.

2.You also have the right to lodge a complaint with the Office for Personal Data Protection in the event that you believe that your right to the protection of personal data has been violated.

1.The controller declares that it has taken all appropriate technical and organisational measures to secure personal data.

2.The controller has taken technical measures to secure data storage facilities and storage facilities for personal data in paper form.

3.The controller declares that only persons authorised by it have access to personal data.

1.By accepting the terms and conditions or signing the service contract, you confirm that you are familiar with the terms of personal data protection and that you accept them in their entirety.

2.The controller is entitled to change these terms. The controller will publish the new version of the personal data protection terms on its website.

These terms enter into force on 1.3.2023.