Through this Privacy Policy (the “Policy”), we inform the data subjects whose personal data we process of all processing activities and data protection privacy policies in accordance with Regulation (EU) 2016/679, on the protection of individuals.
in connection with the processing of personal data (“Regulation” or “GDPR”) in order to ensure the information obligation of SAFE HOME europe sro (hereinafter “SHe”), as the administrator pursuant to Art. 13 GDPR.

PERSONAL DATA MANAGER

The administrator of personal data is the company SAFE HOME europe sro, IČ: 28597991.

BASIC CONCEPTS
GDPR

Regulation (EU) 2016/679 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC is effective from 25 June. 5. 2018.
Data subject

Data subject means an identified or identifiable natural person, where an identifiable natural person is a natural person who can be directly or indirectly identified, in particular by reference to a specific identifier, such as name, identification number, location data, network identifier or one or more specific physical elements. , the physiological, genetic, psychological, economic, cultural or social identity of that natural person.

Personal data

For the purposes of this Regulation, personal data means any information relating to an identified or identifiable natural person, ie a data subject.

Special personal data

Special personal data means data on racial or ethnic origin, political opinions, religion or philosophical beliefs or trade union membership, and the processing of genetic data, biometric data to uniquely identify a natural person and data on health status or sexual life or sexual orientation Individuals.

Processing of personal data

The processing of personal data within the meaning of Art. 4 par. 2 GDPR means any operation or set of operations with personal data or sets of personal data which is carried out with or without automated procedures such as the collection, recording, arrangement, structuring, storage, adaptation or modification, search, inspection, use, disclosure by transmission , dissemination or any other access, alignment or combination, restriction, deletion or destruction.

Administrator

The administrator within the meaning of Art. 4 par. 7 GDPR means a natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. We act as an administrator in relation to your personal data.

Processor

The processor within the meaning of Art. 4 par. 8 GDPR a natural or legal person, public authority, agency or other body which processes personal data for the controller.

Supervisory authority

In the Czech Republic, the Supervisory Authority means the Office for Personal Data Protection (hereinafter referred to as the “ÚOOÚ”).

Automated individual decision making incl. profiling

Automated individual decision-making incl. profiling is generally understood as any form of decision based on the automated processing of personal data, ie without human intervention, consisting, inter alia, in the evaluation of certain personal aspects relating to the data subject, in particular for the purpose of analysis or estimation or analysis or prediction of aspects related to his work performance, economic situation, health status, personal preferences, interests, reliability, behavior, location, or movement.

DATA PROCESSED

In the case of purchasing goods via the e-shop, SHe will process the customer’s personal data in the range of name, surname, e-mail address, telephone contact, billing address and delivery address.

PURPOSE OF PROCESSING

Contract performance, delivery, complaints and disputes

SHe will process the above-mentioned personal data of customers for the purpose of implementing the concluded purchase contract, delivery of the ordered goods, possible complaints and possible legal disputes arising from the concluded purchase contracts.

If the ordered goods are delivered to the address specified in the order at the customer’s request, then SHe will provide the customer’s personal data in the range of name, surname, telephone contact and delivery address to the relevant carrier. SHe may entrust the processing of customers’ personal data to a third party. The persons mentioned above are DHL, PPL, Česká Pošta, Zásilkovna and the SHe business group.

Sales support for our products and related marketing

We will process your e-mail address for the purpose of direct marketing and sending a newsletter, when such a legal reason for processing your personal data is our legitimate interest according to Art. 6 par. 1 letter f) of the general regulation on personal data protection GDPR, when you purchased a product from us or used one of our services.

PROCESSING TIME

SHe will process the above personal data of customers for a period of 5 years from the conclusion of the relevant purchase agreement. If the customer purchases goods with an extended warranty, SHe may process the above personal data of the customer during this period.

USING COOKIES

Cookies are small text files that are stored on a user’s local computer through their web browser and displayed web pages. In order to provide you with social networking services, personalization of advertisements and traffic analysis, we use cookies on this website and by visiting the website you agree to the use of cookies. You can find more information here https://policies.google.com/technologies/cookies?hl=en

Cookies do not serve or allow personal identification of website users. If you do not agree to the collection of cookies when you visit the website, it may prevent the collection of cookies by changing your web browser settings. You can also completely delete the cookie history in your web browser.

PROTECTION OF PERSONAL DATA

To ensure the protection of personal data, we make considerable efforts to prevent their misuse and to protect against unauthorized access. To this end, we have taken a number of IT measures, encrypting the transmission of your data with the https protocol, strengthening network security, increasing password protection and encryption, and increasing access control information for our employees.

We do not transfer your data to countries outside the European Union.

DATA SUBJECT RIGHTS

In connection with the processing of personal data, the data subject has the following rights.
Right of access to personal data

According to Art. 15 GDPR has the right to obtain from the controller a confirmation of whether it processes the data subject’s personal data, information on the purposes of processing, categories of personal data concerned, recipients to whom the personal data were or will be made available, planned processing time, the existence of a right to request correction from the controller or deletion of personal data concerning the data subject or restrictions on their processing or object to such processing, the right to lodge a complaint with the supervisory authority, of all available information on personal data sources, if not obtained from the data subject, the fact that automated decision-making takes place, including profiling, on appropriate safeguards for the transfer of data outside the EU, provided that the rights and freedoms of others and the copy of personal data are not adversely affected.

The confirmation is issued free of charge. However, in the event of a repeated request, SHe is entitled to charge a reasonable administration fee for the copy of personal data.

The right to correct inaccurate data

According to Art. 16 GDPR has the right of the data subject to correct inaccurate personal data.

SHe will correct inaccurate data with regard to technical possibilities and without undue delay.

Right to delete

According to Art. 17 The GDPR has the right to delete personal data concerning it.

SHe automatically deletes personal data if they are no longer needed for the purpose for which they were processed.

If SHe does not prove a legitimate reason for processing this personal data, it will be deleted without undue delay.

The right to restrict processing

According to Art. 18 The GDPR has the right to limit the processing of the data subject until the complaint is resolved if he denies the accuracy of the personal data, the reasons for their processing or if he objects to their processing.

The right to the transferability of personal data

According to Art. 20 GDPR has the right of the data subject to obtain personal data in a structured, commonly used and machine-readable format, and the right to request SHe to transfer this data to another controller.

The data will be transferred to another controller automatically only if it is technically possible.

The right to object to the processing of personal data

According to Art. 21 The GDPR has the right to object to the processing of its personal data due to the legitimate interest of SHe.

SHe will terminate the processing of the data if it does not demonstrate legitimate reasons for the processing which outweigh the interests or rights and freedoms of the data subject, or for the determination, exercise or defense of legal claims.

Where personal data are processed for the purposes of direct marketing, the data subject shall have the right to object at any time to the processing of personal data concerning him or her for that marketing, which shall include profiling as regards such direct marketing. If the data subject objects to processing for direct marketing purposes, personal data will no longer be processed for these purposes.

The right not to be the subject of any decision based solely on automated processing, including profiling

According to Art. 22 The GDPR has the right not to be the subject of any decision based solely on automated processing, including profiling, which has legal effects for it or is significantly affected by it.

SHe does not use personal information for automated decision making and profiling.

Notification obligation regarding the correction or deletion of personal data or restrictions on the controller’s processing

According to Art. 19 GDPR SHe notifies the individual recipients to whom the personal data have been disclosed of any rectification, erasure or restriction of the processing of personal data, except where this proves impossible or requires a disproportionate effort. The controller shall inform the data subject of these recipients if the data subject so requests.

Reporting breaches of the data subject ‘s personal data

According to Art. 34 The GDPR has the right to be informed by the controller without undue delay if a particular breach of personal data security is likely to result in a high risk to the rights and freedoms of individuals.

The right to lodge a complaint with the supervisory authority

If you believe that the processing of your personal data violates the obligations set out in the GDPR, you have the right to file a complaint with the supervisory authority. The supervisory body in the Czech Republic is the Office for Personal Data Protection.

Exercise of these rights

If you exercise the data subject’s rights with SHe, as the data controller, please contact SHe’s registered office in writing.