Processing of Personal Data in Accordance with EU Regulation
In connection with the General Data Protection Regulation (GDPR), we kindly ask for your consent to the processing of your personal data on the e-shop www.vino-tokaj.sk. The purpose of the GDPR is to provide a higher level of protection for your personal data and transparency about their processing and your rights.
Your personal data is processed exclusively in accordance with applicable legislation. Personal data is processed only with the client's consent, and it is entirely at their discretion whether to provide or withhold consent. Providing consent is entirely voluntary, and once given, it can be revoked at any time. We are bound by the scope of the provided consent and fully respect it.
1. Purpose of Processing
We will process your personal data for the purpose of fulfilling your orders, ordered services, invoicing, or for the purpose of delivering orders to your contact address.
2. Scope of Processing
We process the following customer data, which is necessary for order fulfillment and is consciously provided by you:
- Name
- Surname
- Street and house number
- Postal code
- City
- State
- Country
- Phone number
- Company name
- IČO
- DIČ
- IČ DPH
- Email address
Data provided unconsciously:
- IP address
3. Processing Duration
Your personal data will be securely stored, collected, processed, and archived for accounting records and documents for a period of 10 years (based on Article No. 431/2002 Z.z. on accounting as amended) from the date of the last processed order.
4. Cookies
For the purpose of customizing the content of our e-shop to your preferences, we use Cookies. Cookies are small data files that our e-shop stores in your web browser during your visit. If you do not agree with the use of Cookies, set your own rules for the use of Cookies in the web browser on your device. If you disable the use of Cookies, the functionality of the e-shop may be limited.
5. Web Metrics and Analytics
These include conversion or pixel tags, or small graphic images that may be embedded in the code of our e-shop, allowing the identification of the user for the purpose of recording their behavior and measuring traffic.
We use the following systems:
6. Advertising and Promotional Services
In the e-shop, we use your contact information, apart from order processing, to send advertising or commercial announcements. This involves processing the following data:
- Name
- Surname
- Email address
Data of users who have subscribed to receive newsletters from the e-shop (Newsletter) are sent and processed by a third party outside the EU - the Rocket Science Group company, which operates the Mailchimp service and complies with the principles of the European Data Protection Regulation. They are available at the website mailchimp.com
7. Right to Access Data
The e-shop user has the right to obtain information about the purpose and scope of the processing of their personal data.
8. Right to Data Portability
The obligation of the data controller is to provide the data subject with all information processed about them in a structured, commonly used, machine-readable format. By exercising this right, the user gains control over their personal data and has the option to transfer it to another controller in the obtained form.
The data download tool is available to the user in the "Account > Personal Data Protection (GDPR)" section of their customer account.
9. Right to Data Correction
The user has the right, in case of suspicion of incorrect storage of data, to request the data controller to correct it. Users can modify their data in the "Account" section of their customer account.
10. Right to Limit Data Processing
The user has the right to request the data controller to limit the processing of their personal data or to make selected personal data inaccessible or temporarily remove published data.
11. Right to Data Erasure
The user has the right to erase their personal data without undue delay if they are no longer necessary for the purpose for which they were collected or processed and there is no legal reason for their potential archiving. Upon a request for data erasure, all data will be permanently deleted, and related orders (if any) will be anonymized.
12. Right to be Forgotten
The user has the right to take reasonable steps, including technical measures, to delete all references to their personal data and their copies if there is no legal reason for their potential archiving.
13. Right to Object
The user has the right to object to the processing of personal data, or if they have no option to exercise the right to erasure.
14. Right to Lodge a Complaint
The user has the right to lodge a complaint with the supervisory authority if they believe that the processing of their personal data is in breach of the GDPR.
15. Recording User Requests
The e-shop operator is obliged to record all user requests related to downloading, correcting, and deleting their data.
16. Data Protection Security
We have modern technical and security mechanisms ensuring the protection of processed data against unauthorized access or transmission, loss, destruction, or other possible misuse.
If consent and personal data are not provided, we will not be able to provide any services based on the European Regulation on Personal Data Protection.