This Privacy and Cookies Policy is intended to inform you about how SmartImp treats personal information it collects from you. For more details on Cookies Policy see chapter IX.
SmartImp may update this Privacy and Cookies Policy from time to time. By continuing to use the website of SmartImp after SmartImp has modified the Privacy and Cookies Policy, you are indicating that you agree to be bound by the modified Privacy and Cookies Policy. If the modified Privacy and Cookies Policy are not acceptable to you, please cease using the website of SmartImp. So please read it carefully and review the relevant pages regularly. Any reference in the Privacy and Cookies Policy to “you” or “your” means you as a registered or un registered user of one of the websites of SmartImp. This Privacy and Cookies Policy applies to the use of all the websites of SmartImp and does not extend to any linked third party sites.
I. Basic provision
- The controller of personal data pursuant to Article 4 (7) of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter: " GDPR ") is SmartImp s.r.o. , ID: 27800831 with its registered office at Antala Staška 455/64, 14000 Prague 4, Czech Republic (hereinafter: the “ Controller ”).
- The contact details of the controller are:
address: SmartImp s.r.o., Antala Staška 455/64, 14000 Prague 4, Czech Republic
phone number: +420 774 183 160
- Personal data means any information relating to an identified or identifiable natural person; an identifiable natural person is a natural person who can be identified, directly or indirectly, in particular by reference to a specific identifier, such as name, identification number, location data, network identifier or one or more specific physical, physiological, genetic, mental, economic, cultural or the social identity of that natural person.
- The controller has not appointed a Data Protection Officer.
II. Sources and categories of personal data processed
- The controller processes the personal data you have provided him / her or the personal data that the controller has obtained based on the fulfillment of your order:
- name and surname
- e-mail address
- postal address
- The controller processes your identification and contact data and the data necessary for the performance of the contract.
III. Legal reason and purpose of personal data processing
- The legal reason for processing personal data is
- performance of the contract between you and the controller pursuant to Article 6, paragraph 1, letter b) GDPR,
- fulfillment of the legal obligation of the controller pursuant to Article 6, paragraph 1, letter c) GDPR,
- the legitimate interest of the controller in the provision of direct marketing (especially for sending commercial messages and newsletters) pursuant to Article 6, paragraph 1, letter f) GDPR,
- Your consent to processing for the purposes of providing direct marketing (especially for sending business divisions and newsletters) pursuant to Article 6 (1) (a). a) GDPR in connection with § 7 paragraph 2 of Act No. 480/2004 Coll., Czech Republic, on certain information society services in the case that no goods or services have been ordered.
- The purpose of personal data processing is
- settlement of your order and exercise of rights and obligations arising from the contractual relationship between you and the controller; when ordering, personal data are required, which are necessary for the successful completion of the order (name and address, contact), the provision of personal data in the case is a necessary requirement for concluding and fulfilling the contract, without providing personal data it is not possible to conclude the contract or controller if you are a natural person or a person representing a legal entity
- fulfillment of legal obligations towards the state,
- sending business messages and doing other marketing activities.
- The controller does not perform the automatic individual decision-making in the sense of Art. 22 GDPR.
IV. The period of retention
- The controller stores personal data
- for the time necessary to exercise the rights and obligations arising from the contractual relationship between you and the controller and to assert claims under these contractual relationships (for a period of 15 years from the termination of the contractual relationship).
- until the consent to the processing of personal data for marketing purposes is revoked, for a maximum of 3 years, if personal data are processed based on the consent.
- After the retention period of personal data, the controller deletes the personal data.
V. Recipients of personal data (subcontractors as processors of the controller)
- The recipients of personal data are persons
- involved in the delivery of goods / services / execution of payments based on a contract,
- providing e-shop operation services (Shoptet) and other services in connection with e-shop operation or ordered services,
- The controller does not intend to transfer personal data to a third country (to a non-EU country) or to an international organization other than organizations involved in the delivery of goods / services / execution of payments to third countries according to your order / request .
VI. Processors of personal data
- The processing of personal data is performed by the controller, the following processors may also process personal data for controller:
- e - shop service provider
- Shoptet , a.s. , ID: 28935675
- company and providing services ordered by the customer from the controller:
- SIGFOX SA, 425 rue Jean Rostand, 31670 Labège , France (access to the SIGFOX application)
- Companies providing delivery of goods / services / payment system
- Česká pošta, s.p ., ID 47114983 (carrier)
- PPL CZ s.r.o. , ID: 25194798 (carrier)
- DHL Express (Czech Republic) s.r.o. , ID: 25683446
- UNITED PARCEL SERVICE CZECH REPUBLIC, s.r.o. (UPS ), ID: 25684094 (carrier)
- PayPal ( Europe ) S.à R. L . et Cie , SCA , Luxembourg o (payment system)
- ComGate Payments , a.s. , ID: 27924505 (payment system)
VII. Your rights
- Under the conditions set out in the GDPR, you have
- the right to access personal data pursuant to Article 15 of the GDPR,
- the right to correct personal data pursuant to Article 16 of the GDPR, or restrictions on processing pursuant to Article 18 of the GDPR ,
- the right to delete personal data pursuant to Article 17 of the GDPR ,
- the right to object to the processing pursuant to Article 21 of the GDPR ,
- the right to data portability according to Article 20 of the GDPR a
- the right to withdraw the consent to processing in writing or electronically to the address or e-mail of the controller specified in Article III of these conditions.
- You also have the right to file a complaint with the Office for Personal Data Protection in the case of that you believe your right for privacy has been infringed or go to court.
VIII. Terms of personal data security
- The controller declares that it has taken all appropriate technical and organizational measures to secure personal data.
- The controller has taken technical measures to secure data and personal data repositories in paper form, in particular anti-virus programs and password-protected access on computers of authorized persons accessing the Shoptet application for eshop management, Sigfox application for managing IoT users of telecommunication data services, warehousing and carriers applications and personal data processed there.
- The controller declares that only persons authorized by him have access to personal data.
- A cookie is a small amount of data, which often includes a unique identifier that is sent to your computer web browser from a website's and is stored on your computer’s hard drive. Each website of SmartImp can send its own cookie to your web browser if your browser's preferences allow it. You can use the settings within the browser to control the cookies that are set on the computer.
- Information supplied by cookies can help SmartImp to analyze the profile of users of our websites and help us to provide you with a better user experience. SmartImp uses this type of information to help improve the services it provides to its users.
- Please note that during your visits to our websites, You may notice some cookies that are not related to SmartImp. Cookies can be created by our website or come from third-party websites. SmartImp does not control the dissemination of these cookies and you should check the relevant third party's website for more information. If you wish to control what cookies are set on your device through SmartImp websites, then you can find out how to do this on your browser.
- You acknowledge that if You change your settings and block certain cookies, this means that certain features of our websites or of our services cannot then be provided and accordingly you may not be able to take full advantage of all of the websites' or services’ features. Your web browser may also provide SmartImp with information about your computer, such an IP address and details about the browser that you are using.
- SmartImp uses information provided by your browser or by the link that you have clicked to understand the webpage that directed you to our websites and this may be captured by performance cookies.
X. Final Provisions
- By sending the order from the online order form, you confirm that you are familiar with the conditions of personal data protection and that you accept them in full.
- You agree to these terms by checking your consent via the online form. By checking the consent, you confirm that you are familiar with the conditions of personal data protection and that you accept them in full.
- The controller is entitled to change these conditions. The new version of these terms and conditions will be published on their website and at the same time the new version of these terms and conditions will be sent to you by the e-mail address you provided to the controller.
These conditions take effect on May 25, 2019.