Conditions of personal data protection
1. The Controller of personal data pursuant to Article 4 (7) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (“GDPR”) is an online store: https://eshop.honnerdesign.com/en/, operated by Jiří Honner (Hereinafter referred to as the “Controller”).
2. The contact details of the Controller are:
Jiří Honner
Branišov 60
373 84 Dubné
IN: 63901030
TIN: CZ6606011203
E-mail: jirihonner@honnerdesign.com
3. Personal data means any information relating to an identified or identifiable natural person. An identifiable natural person is a natural person who can be identified, directly or indirectly, in particular by reference to a specific identifier, such as name, identification number, location data, network identifier or one or more specific physical, physiological, genetic, mental, economic, cultural or social identities of that natural person.
4. The Controller did not appoint a data protection representative.
5. The Controller exclusively processes the personal data provided by the Buyer or personal data obtained by the Controller on the basis of the fulfilment of the Buyer’s order.
6. The Controller processes the identification and contact data that are necessary for the performance of the contract.
Legal reason and purpose of personal data processing:
The legal reason for processing personal data is:
- Performance of the contract concluded between the Buyer and the Controller pursuant to Article 6, paragraph 1, letter b) GDPR;
- The legitimate interest of the Controller in the provision of direct marketing (especially the sending of commercial communication and newsletters) pursuant to Article 6, paragraph 1, letter f) GDPR
- Consent of the Buyer to processing for the purposes of providing direct marketing (especially for sending commercial communication and newsletters) according to Article 6, paragraph 1 letter a) GDPR in connection with § 7 paragraph 2 of Act No. 480/2004 Coll., on certain services of the information society, in the event that no goods or services have been ordered.
The purpose of processing personal data is:
- Settlement of the Buyer’s order and the exercise of rights and duties arising from the contractual relationship between the Buyer and the Controller. When ordering, personal data are required that are necessary for the successful execution of the order (name and address, contact). Provision of personal data is a necessary requirement for concluding and fulfilling the contract. Without providing personal data it is not possible to conclude the contract or perform it.
- Sending commercial communication and performing other marketing activities.
7. The Controller makes an automatic individual decision pursuant to Article 22 of the GDPR. The Buyer provides his/her explicit consent to such processing.
Principles of using cookies
What are cookies?
Cookies are small data files that are stored on your device using a web browser. The information contained in the cookies is created by the website server and can be used when the user visits the website again from the same device. Cookies are created to record information about the user’s behaviour on the site. For instance, login information or clicks on individual links are recorded. Cookies do not contain sensitive data.
Cookies are used especially for:
- User identification via network identifiers
- Preservation of user preferences
- Helping users to complete their tasks on the website without having to re-enter information when navigating from page to page or re-visiting the page
- Searching for errors and bugs on the website – for recording user activity
- Creating marketing and ads relevant to users
Types of cookies
Cookies can be organized according to the time for which they are stored and according to the entity to which they belong.
According to the storage period, cookies are divided into:
- Short-term cookies, which are deleted when the Internet browser is closed
- Long-term cookies, which are stored in the browser of the device for a predetermined time
However, this period may not exceed 13 months from the last use of cookies. You can manually delete this type of cookie from your browser.
According to the entity that issues cookies, it is possible to divide them into:
- First-party cookies, which are created by the web server of the site you are currently visiting
- Third-party cookies, which are stored by a domain other than the one being visited. This is possible using a link, such as Google, Seznam, Facebook, etc., that is stored outside the domain.
Purpose of processing, categories, sources and recipients of personal data
Legal reason |
Purpose |
Data |
Source of data |
Recipients of personal data (processors) |
Performance of the contract |
Response to the request sent via the contact form |
Personal data of clients (e-mail) |
Contact form |
Subcontractors, mailing services, cloud storage |
Legitimate interest |
Providing direct marketing (especially for sending business messages and newsletters) |
Client contact details |
Information from orders |
Mailing services, cloud storage, subcontractors |
Legitimate interest |
Routine traffic analysis, server error detection, and prevention of server fraud and attacks |
For 50 months: IP addresses and web browsing data, pages viewed and actions on the page. |
User traffic on the web, displaying the page with an error |
Google Analytics, web hosting services and possibly other analytics services |
Agreement |
Retargeting |
For a maximum of 13 months: Third party cookies, IP addresses, browser data and web browsing data |
View specific pages on the web |
Retargeting advertising platforms (AdWords, Sklik, Facebook) |
Agreement |
Get demographic reports in traffic statistics |
Third-party cookies, demographics (age, gender, interests, interest in buying and other categories) |
DoubleClick cookie, Android ad ID, iOS ID for advertisers |
Google Analytics |
Agreement |
Marketing and web promotion |
E-mails, prospective customers’ names, IP addresses and other technical identifiers |
Newsletter form |
Web hosting company and services for sending e-mails |
Prohibition of the use of cookies
When managing cookies, you can decide which ones to enable and which to disable using your internet browser. You can disable the use of only some or all types of cookies at once. As mentioned above, if you disable the use of all cookies, some parts of our website may malfunction.
More information about banning cookies, as well as settings in individual browsers can be found here:
8. The Controller stores personal data:
- For the time necessary to exercise the rights and obligations arising from the contractual relationship between the Buyer and the Controller and to exercise the right arising from these contractual relationships.
- Until the consent to the processing of personal data for marketing purposes is revoked, for a maximum period of 10 years, if the personal data is processed on the basis of the consent.
After the retention period of personal data, the Controller deletes the personal data.
9. Recipients of personal data may be other persons involved in the delivery of goods / services / execution of payments on the basis of a contract.
10. The Controller does not intend to transfer personal data to a third country (non-EU country) or to an international organization.
11. Buyer’s rights in relation to GDPR if the above conditions are met:
- The right of access to personal data pursuant to Article 15 of the GDPR
- The right to correct personal data pursuant to Article 16 of the GDPR
- The right to delete personal data pursuant to Article 17 of the GDPR
- The right to restrict processing pursuant to Article 18 of the GDPR
- The right to data portability pursuant to Article 20 of the GDPR
- The right to object to the processing pursuant to Article 21 of the GDPR
- The right to withdraw consent to the processing of personal data in writing or electronically to the address or e-mail of the Controller mentioned above.
12. The Buyer has the right to file a complaint with the Office for Personal Data Protection if he/she believes that his/her right to personal data protection has been violated.
13. Conditions of personal data security:
The Controller declares that it has taken all appropriate technical and organizational measures to secure personal data.
The Controller has taken technical measures to secure data storages and personal data storages in paper form.
The Controller declares that only persons authorized by him/her have access to personal data.
14. By sending the order via the Seller’s website, the Buyer confirms that he/she has read the terms and conditions of personal data protection and that he/she accepts them to the full extent.
15. The conditions of personal data protection are also published on the Seller’s website.
These conditions take effect on 1.6.2021.