Privacy Policy

Consent to the processing of personal data (GDPR)

I. Basic Provisions

• You hereby grant your consent to the company TEKKIESSTORE, ID: 17896118, with registered office in Bystřice pod Hostýnem, Vsetínská 1482, (hereinafter referred to as: “Administrator“),to the processing of personal data pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as: “GDPR Regulation“), to process the following personal data.

II. Category and type of data processed

• Name and surname, email address, company name, postal address, telephone number can be processed on the basis of consent and necessary processing for the purpose of the necessary performance of the contract.

III. Lawful reason and purpose for processing personal data

3. The lawful reason and purpose for processing personal data is:

• processing necessary for the performance of a contract to which the data subject is a party pursuant to Article 6(1)(b) of the GDPR;
  the processing is necessary for compliance with a legal obligation to which the controller is subject pursuant to Article 6(1)(c) of the GDPR;
  the data subject has given consent to the processing of his or her personal data for one or more specific purposes pursuant to Article 6(1)(a) of the GDPR;
  the processing is necessary for the purposes of the legitimate interests of the respective controller or a third party, for example the provision of marketing in the form of a newsletter or commercial communications pursuant to Article 6(1)(f) of the GDPR Regulation and pursuant to Section 7(2) of Act No. 480/2004 Coll.

3.1 The purpose of processing personal data is:

• Execution of an order resulting from a contractual relationship between the subject and the Administrator pursuant to Act No. 89/2012 Coll., or pursuant to another contractual relationship;
  Storage of your purchase preferences and subsequent customization of the offer on the Administrator’s website;
  Launching marketing and remarketing campaigns on advertising platforms such as Google, Seznam.cz, Microsoft, Facebook, as well as using RTB systems such as Adform, Criteo, Pubmatic and others, using the purchase of advertising through DSPs (Demand Side Platforms) and SSPs (Supply Side Platforms);
  Sending commercial messages (newsletters, push notifications, etc.) as part of marketing and remarketing campaigns using our own or third-party resources (email distribution platform, user notification software).

3.2 Automated individual decision-making is carried out by the controller in accordance with Article 22 of the GPDR. You give your explicit consent to this processing. Consent can be withdrawn at any time, for example by sending an email or letter to the contact details of the company TEKKIESSTORE

IV. The retention period of your data is

4. The retention period of your personal data depends on the purpose for which the personal data will be used, namely:

• For the purpose of fulfilling the contractual relationship between the subject and the Controller: for the period of performance
  For marketing purposes: 8 years
  For the purpose of keeping records of performance: 15 years

4.1 After the expiry of the period defined for the storage of your personal data, these personal data are deleted by the Administrator.

V. Processing of personal data

5. The following processors may also process the subject’s personal data for the controller:

• The providers of the software solutions referred to in Article III, paragraph 3.1, points a), b), c) and d) of this Consent to the processing of personal data;
  Software solution provider, applications, services and other processors that may not currently be used by the Controller;
  The Company: TEKKIESSTORE.

5.2 The controller and the processor shall take measures to ensure that any natural person who acts on behalf of the controller or processor and has access to personal data processes those personal data only on the instructions of the controller, unless the processing is already required by Union or Member State law.

VI. Recipients of personal data of the controller

6. Recipients of personal data are companies or persons who:

• Ensuring the implementation of the contract between the administrator and the entity concerned (e.g. freight forwarding companies, payment processing, premium services, etc.);
  Providing marketing services, see Article III, paragraph 3.1, points a), b), c) and d) of this Consent to the processing of personal data;
  Providing the operation of the www.tekkiesstore.cz website (e.g. partner, marketplace entity, external suppliers, etc.);
  Ensuring the administration of the company’s agenda: TEKKIESSTORE, operating the website www.tekkiesstore.cz, in terms of the law on (e.g. legal advice, accounting, etc.).

6.1 The controller intends to use non-EU services and thus intends to transfer personal data to third countries. The recipients of personal data in third countries are the providers of the platforms listed in Article III, paragraph 3.1, points a), b), c) and d) of this Consent to the processing of personal data.

VII. Your rights

7. According to the provisions in the GDPR, you have the right to:

• The right of access to personal data pursuant to Article 15 of the GDPR and also Article 22 and Article 46 of the GDPR;
  The right to the prompt rectification of personal data pursuant to Article 16 of the GDPR;
  The right to erasure of personal data (“right to be forgotten”) under Article 17 of the GDPR;
  The right to restriction of processing of personal data pursuant to Article 18 of the GDPR;
  The right to data portability under Article 20 of the GDPR;
  The right to object to the processing of personal data concerning you on the basis of Article 6(1)(e) or (f), including profiling based on these provisions, pursuant to Article 20 of the GDPR Regulation;
  The right to withdraw consent to the processing of personal data;
  The right to lodge a complaint with a supervisory authority.

  7.1 The controller shall no longer process the personal data unless it demonstrates compelling legitimate grounds for the processing which override the interests or rights and freedoms of the data subject, or for the establishment, exercise or defence of legal claims.

  7.2 Only you, or where applicable your agent, can obtain information about your personal data. If the Data Controller is not sure of your identity, it may ask you for further information to verify your identity.

VIII. Security of personal data

8. Taking into account the state of the art, the cost of implementation, the nature, scope, context and purposes of the processing, as well as the different likely and differently serious risks to the rights and freedoms of natural persons entailed by the processing, the controller shall put in place, both at the time of the determination of the means of processing and at the time of the processing itself, appropriate technical and organisational measures, such as pseudonymisation, designed to implement data protection principles, such as data minimisation, in an effective manner and to incorporate the necessary safeguards into the processing in order to meet the requirements of this Regulation and to protect the rights of data subjects.

8.1 The controller shall put in place appropriate technical and organisational measures to ensure that only personal data necessary for each specific purpose of the processing are processed by default. This obligation relates to the amount of personal data collected, the scope of processing, the duration of storage and their availability. In particular, these measures shall ensure that personal data are not made available to an unlimited number of natural persons by default without human intervention.

This consent to data processing takes effect on 1 November 2023.