Terms and Conditions of Personal Data Protection

I.  FUNDAMENTAL PROVISIONS

  1. HAYSIDE CZ s.r.o., IČ:07882050, residing at Chlumova 5429/1a, 586 01 Jihlava, is the

Controller of personal data pursuant to Art. 4 Clause 7 of the Regulation (EU) 2016/679  of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as „GDPR”)

  1. The Controller´s contact information: Chlumova 5429/1a, 586 01 Jihlava
    email address: info@haysidecz.cz

phone number: +420 602 577 584

  1. „Personal data“ means any information related to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly,  in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.  
  2. The Controller has not appointed any personal data protection commissioner.

II. RESOURCES AND CATEGORIES OF PROCESSED PERSONAL DATA

  1. The Controller processes personal data that you gave him/her, or personal data that were acquired by the Controller upon your order fulfilment.
  2. The Controller processes both your identification and contact data and the data necessary for contract fulfilment.

III. LEGAL GROUNDS FOR AND PURPOSE OF PERSONAL DATA PROCESSING

  1. Legal grounds of personal data processing are
    • performance of the contract between you and the Controller pursuant to Art. 6 Clause. 1 Letter. b) of the GDPR,
    • legitimate interest of the Controller to provide direct marketing (in particular sending commercial notices and newsletters) pursuant to Art. 6 Clause. 1 Letter. f) of the GDPR,
    • your consent with data processing for the purposes of providing direct marketing (in particular to send commercial notices and newsletters) pursuant to Art. 6 Clause. 1 Letter. a) of the GDPR in connection with Sec. 7 Clause 2 of the Act no. 480/2004 Sb.(Collection of Laws) on Some Services of Information Society in case that no order for goods or services was placed,
  2. Purpose of personal data processing are
    • fulfilling  your order and exercising rights and duties resulting from the contractual relationship between you and the Controller;  when you place your order you will be required to provide your personal data that are necessary for successful order fulfilment (name, address, contacts); supplying personal data is an essential requirement for completion and performance of the contract, it is not possible to complete a contract or to fulfil it on the part of the Controller without supplying personal data,
    • sending commercial notices and performing other marketing activities.
  3. There is no automated individual decision-making on the part of the Controller under Art. 22 of the GDPR.

IV. DATA STORING TIME

  1. The Controller stores personal data
    • for an indefinite period of time
    • until your consent to personal data processing for marketing purposes is withdrawn.
  2. The company undertakes to erase your contact after your consent has been withdrawn.

V. RECIPIENTS OF PERSONAL DATA (SUB-CONTRACTORS OF THE CONTROLLER)

  1. Recipients of personal data are persons
    • participating in delivery of goods / services / execution of payments under the contract,
    • ensuring the services related to operation of the eShop and other services connected with operation of the eShop,
    • ensuring marketing services.
  2. The Controller does not intend to disclose personal data to a third country (other than EU-country) or an international organization. The recipients of personal data in third countries are providers of mailing services / cloud services.

VI. YOUR RIGHTS

  1. Your rights under the GDPR: 
    • right to access to your own personal data under Art. 15 of the GDPR.
    • right to correction of your personal data under Art. 16 of the GDPR or to restriction of their processing under Art. 18 of the GDPR.
    • right to erasure of personal data under Art. 17 of the GDPR.
    • right to raise an objection to data processing under Art. 21 of the GDPR and
    • right to data portability under Art. 20 of the GDPR.
    • right to withdraw your consent with data processing, in  writing or electronically to the address or email of the Controller indicated in Art. III of these Terms and Conditions.
  2. Further, you have the right to lodge a complaint with the Personal Data Protection Authority if you consider that your personal data protection right has been infringed.

VII. PERSONAL DATA SECURITY TERMS AND CONDITIONS

  1. The Controller declares that he has adopted all appropriate technical and organisational measures to ensure the security of personal data.
  2. The Controller has adopted technical measures to secure both data and document storage facilities,
  3. The Controller declares that only persons appointed by him/her have access to personal data.

VIII. FINAL PROVISIONS

  1. By placing your order via the online form you confirm that you have got acquainted with personal data protection terms and conditions and that you fully accept them.
  2. Check the box in the online form to indicate that you agree to these terms and conditions. By checking this consent checkbox you confirm that you are acquainted with personal data protection terms and conditions and that you fully accept them.
  3. The Controller is entitled to change these terms and conditions. The new version of personal data protection terms and conditions shall be published on his/her internet web page and at the same time sent to you using your email address you gave the Controller.

These Terms and Conditions come into effect on 19th May 2019.