PRINCIPLES FOR THE PROTECTION OF PERSONAL AND OTHER PROCESSED DATA

This is a summary of how Lipa 47 s.r.o., ID No. 032 48 771, with its registered office at Šumavská 763/3, Liberec III – Jeřáb, 460 07 Liberec, Czech Republic, registered in the Commercial Register maintained by the Regional Court in Ústí nad Labem, File No. C 34457, works with personal data, and the main principles of protection of your personal data and other processed data in accordance with the GDPR (as specified below) and Act No. 110/2019 Coll., on the processing of personal data (the “Act On PPD”).

 

  1. What is GDPR (General Data Protection Regulation)
  1. “GDPR” or General Data Protection Regulation - is the generic name for the Regulation (EU) 2016/679 of the European Parliament and of the Council from April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (the “GDPR”), came into force on May 25, 2018 and is the legal framework for the protection of personal data in the European area with the aim of defending the rights of EU citizens against unauthorised handling of their data, including personal data.

 

  1. Who processes your data
  1. The controller of your personal data is:

Lipa 47 s.r.o., ID No. 032 48 771, with its registered office at Šumavská 763/3, Liberec III – Jeřáb, 460 07 Liberec, Czech Republic, registered in the Commercial Register maintained by the Regional Court in Ústí nad Labem, File No. C 34457,

(the “Administrator”).

  1. The contact details of the Administrator are as follows:

Address: Česká 591, 473 01 Nový Bor, Czech Republic

E-mail: info@annavonlipa.com        

Telephone No.: +420 602 462 511

  1. This data shall be processed by the controller according to the terms and conditions set out below.
  2. The Administrator may be contacted by e-mail or by phone, as specified above in Clause 2.2.
  3. The Administrator has not appointed a personal data protection officer.

 

  1. What personal data we process about you
  1. We only process personal data that you provide us in connection with the use of our services (for example, subscribing to our newsletter or ordering goods) or in connection with the conclusion of a purchase contract in the case of the purchase of our goods. This includes the following data that you provide to us when you register for one of our services:
  1. name and surname, date of birth, personal ID No. (if you provide it to us when ordering);
  2. e-mail address;
  3. telephone number (for the purpose of delivering the ordered goods or informing you of the status of your order);
  4. contact and/or delivery address (for the purpose of delivery of the ordered goods);
  5. payment details (credit card number) stored for your account (only when you make a purchase on our e-shop);
  6. other data that you voluntarily fill in yourself, for example in the contact form;

as well as data that we obtain from your use of our website:

  1. cookies (in the case of online services); subject to the conditions set out below;
  2. IP address;
  3. other online identifiers (in particular, the incoming web page – information about which website you are accessing our website from, date and time of access, details of your browser and operating system) where applicable.

 

  1. Why we process your personal data
  1. We process your personal data for the following reasons:
  • to sell you goods and/or provide you with services that you have expressed an interest in (to enable you to order goods and/or services, to process your order, including its possible delivery to send you a newsletter);
  • to enable us to record contracts for possible future use to defend the rights and obligations of the parties (protection of legal claims);
  • to improve the quality of our services and, where appropriate, to add new services in which you express interest;
  • to analyse and measure interest in our services and products;
  • to analyse your preferences and display content that is of real interest to you;
  • to give us an advantage in organising our marketing campaigns;
  • to send you commercial communications in the form of newsletters. In the newsletters you will find invitations to events we organise, information about new products or special offers. We do not send them more often than once a month; However, you can easily unsubscribe directly by clicking the “unsubscribe” button in the newsletter or by emailing info@annavonlipa.com
  • so that we can answer your questions sent via our contact forms.

 

  1. Who has access to your data
  1. Your personal data is safe with us. We only work with partners who are demonstrably trustworthy and who can guarantee the security of your personal data.
  2. None of our partners may use your personal data for purposes other than those described in this policy, nor may they provide it to anyone else.
  3. Third parties who may have access to your personal information include:
  • persons participating in the delivery of goods or services or realization of payments based on the Purchase Contract;
  • persons providing marketing services;
  • persons who provide technical operation of a service for us or operators of the technologies we use for our services;
  • persons who ensure the security and integrity of our services and websites and who also test this security on a regular basis;
  • shipping service providers who deliver your orders to you;
  • persons to whom we provide data for the purpose of analyzing traffic to our websites;
  • payment gateway operators (payment card operators) in the case of online payments;
  • the operators of technical solutions that enable us to show you only content and advertising that is relevant to you.
  1. Under certain legal conditions, we are then obliged to transfer some of your personal data to, for example, the Police of the Czech Republic, or other law enforcement authorities, including specialised departments and other public authorities, on the basis of applicable legislation. In these cases, the legal basis for processing is the fulfilment of a legal obligation to which the Administrator is subject. The Administrator does not intend to transfer personal data to a third country (non-EU country) or an international organisation.
  2. The Administrator does intend to transfer personal data to a third country (a country outside the EU) or an international organization. Recipients of personal data in third countries are providers of mailing services or cloud services.

 

  1. How long we process and store your data
  1. We shall only process your personal data for as long as necessary in relation to each individual processing purpose.
  2. Therefore, we shall process your personal data for as long as you use our services (i.e. for the duration of the contractual relationship between us), and subsequently for as long as necessary to exercise the rights and obligations arising from the contractual relationship and to assert claims under those contractual relationships, i.e. until any claims are time-barred or any disputes have been resolved, but no longer than 10 years from the termination of the contractual relationship (taking into account the maximum statutory objective limitation period), unless another legal regulation requires the retention of contractual documentation for a longer period (the legal basis for the processing in this case is the legitimate interest of the Administrator).
  3. Personal data processed based on your consent, as the legal basis for their processing, shall be archived for a period of 5 years, unless your consent to the processing of personal data is withdrawn by you.
  4. We are required by law to keep your billing data for 10 years. After the retention period has expired, the Administrator will delete the personal data.

 

  1. For what legal reasons do we process Your personal data?
  1. We may process your personal data:
  • for the performance of a contract between us, to the extent that the personal data is necessary for such performance;
  • on the basis of our legitimate interest (in particular processing for direct marketing purposes);
  • on the basis of your consent (in particular processing for direct marketing purposes where there is no order for goods or services);
  • for the performance of obligations imposed on us by law.

 

  1. Can we process your personal data without your consent?
  1. Yes, we can process your personal data without your consent, but only for the following purposes:
  • the provision of a service or product (performance of a contract between you and us);
  • to comply with legal obligations imposed on us by generally binding legislation (e.g. we are obliged to store traffic and location data on the basis of Act No. 127/2005 Coll., on electronic communications); or
  • processing that is necessary for the purposes of our legitimate interests (e.g. for direct marketing if you are already our customer; ensuring the security of our websites). The possibility and lawfulness of such processing follows directly from the GDPR and other applicable and effective legislation. Direct marketing means sending out our newsletters. However, you can unsubscribe from receiving them at any time in the above-mentioned manner.

 

  1. Security of Your personal data
  1. Any personal data you provide to us is secured by standard procedures and technologies. We regularly review our system and apply security measures that, where possible, prevent unauthorised access to your personal data and which provide sufficient security in light of the current state of technology. In order to keep your personal data secure, access to this data is password protected and sensitive data is encrypted when transmitted between your browser and our website.

 

  1. Withdrawal of consent to the processing of your personal data
  1. You can withdraw your voluntary consent to the processing of your personal data at any time, free of charge, by sending an e-mail to: info@annavonlipa.com        
  2. Withdrawal of consent does not always imply an obligation for the controller to destroy the personal data, as the withdrawal of consent is for a specific purpose for which the personal data are processed, and the controller may process the personal data for other purposes for which it uses a legal basis for processing other than the data subject’s consent. In other words, in case of withdrawal of consent, the controller is obliged to stop processing personal data for the purposes defined in the consent. If consent was the only legal ground for processing, the destruction of the personal data will usually follow. Thus, withdrawal of consent does not affect the processing of personal data that we process on a legal basis other than consent (i.e. in particular if the processing is necessary for the performance of a contract, legal obligation or for other reasons specified in applicable law).

 

  1. Are you obliged to provide your personal data? What if you do not provide personal data?
  1. You voluntarily provide us with your personal data as well as your consent to its processing. You are therefore not obliged to provide us with your personal data or consent to its processing. If you do not give us your consent to process your personal data, or subsequently withdraw it, we may not be able to continue to provide you with some of our services, or we may not be able to provide them to you to the full extent or quality.

 

  1. Your rights in relation to data protection
  1. In particular, you have the following rights in relation to your personal data:
  • the right to withdraw your consent at any time;
  • the right to correct or complete your personal data;
  • the right to request restriction of processing;
  • the right to object to or complain about processing in certain cases;
  • the right to request data portability;
  • the right of access to personal data;
  • the right to contact the Data Protection Authority;
  • the right to be informed of a personal data breach in certain cases;
  • the right to erasure of personal data (the right to be “forgotten”) in certain cases; and
  • other rights set out in the Act On PPD and the GDPR.

 

  1. Declaration of the Administrator
  1. The Administrator declares that the processing does not involve automated decision-making, including profiling, as referred to in Article 22(1) and (4) of the GDPR.

 

  1. Commercial communications
  1. The Administrator is entitled, based on its legitimate interest, to send you commercial communications to your electronic address obtained in connection with the sale of a product or service, with information about similar goods, services or the controller’s business, even if you do not complete the purchase but provide us with your email address.
  2. You may opt-out of receiving these commercial communications free of charge before completing your order through the web interface or also in response to any commercial communication you receive from the Administrator as described in this commercial communication.
  3. You also have the possibility at any time to object to the processing of your personal data on the grounds of legitimate interest of the controller and personal data processed for direct marketing purposes. If you object, your personal data will no longer be processed for these purposes.

 

  1. Cookies
  1. Like all other websites, www.annavonlipa.com use cookies. These are text files containing small amounts of information that are downloaded to your computer, mobile or other device when you visit a website. Each time you visit the website again, the cookies are then sent back to the original website or to another website that recognises them. This includes information such as the type of device and browser used, language preferences or the pages visited. They also allow you to see advertising for products that match your personal interests and preferences.
  2. Cookies are not dangerous, they are not used to collect any sensitive personal data, but they are important for privacy protection. We do not use cookies to identify website users or to misuse login credentials. We use cookies to recognize repeat visits to our website. The cookie stores the user’s preferred local and language settings and a randomly assigned identifier for your visit. We collect cookie information on our site to better track the number of new and repeat visitors and for internal analysis of the pages you visit. We use this information to improve the navigation of our website and the services we provide. Another group consists of third party cookies (e.g. Google Analytics to analyse traffic to a particular website or service, or cookies from operators of advertising systems that run on our site). These cookies are controlled by third parties and we do not have access to read or write this data.
  3. Several types of cookies can be distinguished. The first type are so-called technical cookies, which are necessary for the functionality of the website and generally do not contain your personal data. In this case, the Administrator does not need to obtain your consent to process them. The other types of cookies are those that contain personal data or cookies on the basis of which personal data is collected. Your consent is required for their processing. Such cookies will usually be marketing cookies in particular. Consent to the processing of your personal data contained in cookies is expressed by ticking the box next to the individual purposes for which you have chosen to give us consent to process them.
  4. Cookies containing your personal data will be deleted in connection with your right to erasure under the GDPR no later than 13 months after their last use.
  5. For all types of cookies, including cookies that do not contain personal data, information according to this Privacy Policy on the identity of the controller, the purpose and method of processing, and the categories of third parties who may have access to the personal data applies. In the case of cookies that do not contain personal data, this information applies instead of personal data directly in relation to such cookies.
  6. If you do not wish to store cookies, it is also possible to block their use on this website: http://www.youronlinechoices.com/cz/vase-volby. You have the option to refuse the use of cookies. However, in some cases it may not be possible to view a particular service of ours without the use of cookies.

 

  1. How to contact us
  1. If you have any questions about data protection or withdraw your consent to further processing of your personal data, please contact us by email at info@annavonlipa.com

 

  1. Other provisions
  1. By submitting an order from the online order form, you confirm that you are familiar with the terms of personal data protection and that you accept them in their entirety.
  2. You agree to these terms of personal data protection by ticking the consent through the internet form. By checking consent, you confirm that you are familiar with the terms of personal data protection and that you accept them in their entirety.
  3. The Administrator is authorized to change these terms of personal data protection on its website, or send you a new version of these terms to the e-mail address you provided to the Administrator.
  4. These terms and conditions take effect on 15.04.2024
 
Back shopping