Terms and Conditions of the Personal Data Protection
- According to Article 7 paragraph 4 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereafter referred to only as “GDPR”), the Controller of personal data is Play Global s.r.o.[Ltd], ID No 09762264, with its registered seat at Plzeňská 3350/18, Praha 5, 150 00, Czech Republic, incorporated in Commercial Register or other register: Articles of Association/Deed of Foundation, number: N984/2020, NZ1636/2020, Czech Republic, Mgr.[LL.B.]ŠárkaHavlová, Notary Public in Prague
(hereafter referred to only as “Controller“).
- Controller’s contact details:
Address: Plzeňská 3350/18, Praha 5, 150 00, Czech Republic
Telephone: +420 776 339 113
- As personal data is regarded any information about an identified or unidentified natural person; an identified natural person is a natural person who can be, directly or indirectly, identified, in particular by referring to a certain identifier such as for instance name, identity number, locality information, network identifier or one or more special elements of the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person.
- The Controller has not appointed a data protection officer
Sources and Categories of Processed Personal Data
- The Controller processes personal data provided to the Controller by yourself, or personal data which the Controller acquired when fulfilling your order:
- name and surname;
- e-mail address;
- street address;
- telephone number.
- The Controller processes your identification and contact data plus other data necessary to fulfil purchase contracts.
Legal Ground and Purpose for Processing Personal Data
- The legal ground for processing personal data is:
- to fulfil the contract between yourself and the Controller in compliance with Article 6 paragraph 1 letter (b) of GDPR;
- compliance with the Controller's obligations defined in Article 6 paragraph 1 letter (c) of GDPR;
- the Controller’s legitimate interest in rendering the services of direct marketing (especially sending commercial messages and newsletters) in accordance with Article 6 paragraph 1 letter (f) of GDPR;
- your consent to have your personal data processed for the purposes of providing the services of direct marketing (especially sending commercial messages and newsletters) in accordance with Article 6 paragraph 1 letter (a) of GDPR, in conjunction with Article 7 paragraph 2 of Act No. 480/2004 Coll. on certain services rendered by an information company when no order for goods and services has been placed.
- The purpose of processing personal data is
- to fulfil your order and to exercise the rights and obligations established by the contractual relationship between yourself and the Controller; when an order has been placed, to be able to successfully process your order, the Controller needs your personal data (name and surname, contact information). Providing your personal data is an essential requirement for concluding and executing a purchase contract; without the provision of your personal data, the Controller will be unable to conclude and fulfil the purchase order;
- to comply with legal obligations towards the state;
- sending commercial messages and carrying out other marketing activities.
- The Controller does not engage in any automated individual decision-making as defined in Article 22 of GDPR. You have given your explicit consent to have your personal data processed this way.
Time Personal Data Are Stored
- The Controller stores personal data
- for the time necessary to enable the rights and obligations established by the contractual relationship between yourself and the Controller, as well as the entitlements established by this contractual relationship to be exercised (for the period of 15 years after the contractual relationship has been terminated);
- until the consent to process the personal data for marketing purposes is revoked, however not longer than 5 years, if the personal data have been processed based on a consent.
- When the time for which the personal data are stored expires, the Controller will delete the personal data.
Personal Data Recipients (Controller’s Subcontractors)
- Recipients of personal data are entities which
- participate in the deliveries of goods/services/making payments based on purchase contracts;
- render the services of operating the e-shop and other services related to the e-shop’s operation;
- provide marketing services;
- provide bookkeeping and accounting services.
- The Controller intends to pass the personal data to a third country (a country outside of the EU), or to an international organisation. The recipients of personal data in third countries are providers of mailing services / cloud services.
Personal Data Processors
- Personal data are processed by the Controller, but personal data can be also processed for the Controller by the following processors:
- service provider Mailchimp;
- possibly other providers of data processing software, services and applications; however, the Controller at present does not make use of such providers.
- Under the terms and conditions specified by GDPR, you have
- the right of access to your personal data as defined by Article 15 of GDPR;
- the right to rectification of your personal data as defined by Article 16 of GDPR, or to restriction of the processing of your personal data as defined by Article 18 of GDPR;
- the right to erasure of your personal data as defined by Article 17 of GDPR;
- the right to objectthe processing as defined by Article 21 of GDPR;
- the right to data portability as defined by Article 20 of GDPR; and
- the right to revoke your consent to have your personal data processed, in writing or electronically, to the street address or e-mail address specified in Clause III of these Terms and Conditions.
- Furthermore, you have the right to file a complaint to the Office for Personal Data Protection, if you are of the opinion that your right to have your personal data protected has been violated. Alternatively, you can lay court charges.
Measures Adopted to Protect Personal Data
- The Controller declares that they have adopted all suitable technical and organisational measures to secure personal data.
- The Controller has adopted technical measures aimed at securing data warehouses and archival facilities used to store personal data in a hard copy form (passwords, encryptions, anti-virus programs, etc.).
- The Controller declares that only persons authorised by the Controller have access to personal data.
- By sending an order from the Internet order form, you confirm that you have acquainted yourself with these Terms and Conditions of the Personal Data Protection, and that you accept them in their entirety.
- You confirm your acceptance of these Terms and Conditions by ticking off the I Accept box in the Internet form. By ticking off this box, you confirm that you have acquainted yourself with these Terms and Conditions of the Personal Data Protection, and that you accept them in their entirety.
- The Controller reserves the right to amend these Terms and Conditions. The new version of these Terms and Conditions of the Personal Data Protection will be displayed on the Controller’s website, and a copy of the new version of these Terms and Conditions will be sent to your e-mail address which you provided to the Controller.
These Terms and Conditions become effective on June 8, 2021.