Privacy policy

Privacy Policy

Basic Provisions

The controller of personal data pursuant to Art. 4(7) of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter “GDPR”), is adolphinata s. r. o., registered office Smetanovo nábřeží 334/4, Staré Město, 110 00 Praha 1, the Czech Republic, Company ID No.: 223 76 208 (hereinafter the “Controller”).

Controller’s contact details:

  • Address: Smetanovo nábřeží 334/4, Staré Město, 110 00 Praha 1, the Czech Republic
  • E-mail: nmv@gmail.com

Personal data means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.


Sources and Categories of Processed Personal Data

The Controller processes personal data you have provided or personal data obtained by the Controller in connection with the fulfilment of your order.

The Controller processes your identification and contact details, and data necessary for the performance of the contract.


Legal Grounds and Purpose of Processing Personal Data

The legal grounds for processing personal data are:

  • performance of a contract between you and the Controller pursuant to Art. 6(1)(b) GDPR,
  • the legitimate interest of the Controller in providing direct marketing (especially sending commercial communications and newsletters) pursuant to Art. 6(1)(f) GDPR,
  • your consent to processing for the purposes of direct marketing (especially for sending commercial communications and newsletters) pursuant to Art. 6(1)(a) GDPR in conjunction with Section 7(2) of Act No. 480/2004 Coll., on certain information society services, in cases where no order of goods or services has been placed (§ 7 odst. 2 zákona č. 480/2004 Sb., o některých službách informační společnosti v případě, že nedošlo k objednávce zboží nebo služby).

The purpose of processing personal data is:

  • to process your order and exercise rights and obligations arising from the contractual relationship between you and the Controller; when placing an order, personal data necessary for successful order processing (name, address, contact details) are required; provision of personal data is a necessary requirement for conclusion and performance of the contract – without providing personal data, it is not possible to conclude the contract or fulfil it by the Controller,
  • sending of commercial communications and other marketing activities,
  • keeping of accounting records.

The Controller carries out automated individual decision-making within the meaning of Art. 22 GDPR. You have given your explicit consent to such processing.


Period of Data Retention

The Controller stores personal data:

  • for the period necessary to exercise rights and obligations arising from the contractual relationship between you and the Controller and the assertion of claims from such contractual relationships (for 15 years after the end of the contractual relationship),
  • until consent to processing for marketing purposes is withdrawn, but no longer than 6 years if personal data are processed on the basis of consent.

Consent may be withdrawn by sending an e-mail with the relevant request to customercare@adolphinata.com.

After the expiry of the retention period, the Controller shall delete the personal data.


Recipients of Personal Data

Recipients of personal data are persons:

  • involved in the delivery of goods/services and the execution of payments under the contract,
  • providing online store operation services and other services related to the operation of the online store,
  • providing marketing services.

The Controller does not intend to transfer personal data to a third country (a country outside the EU) or to an international organization. Recipients of personal data in third countries are providers of mailing services/cloud services.


Your Rights

Under the conditions set out in the GDPR, you have the:

  • right of access to your personal data under Art. 15 GDPR,
  • right to rectification of personal data under Art. 16 GDPR, or restriction of processing under Art. 18 GDPR,
  • right to erasure of personal data under Art. 17 GDPR,
  • right to object to processing under Art. 21 GDPR,
  • right to data portability under Art. 20 GDPR,
  • right to withdraw consent to processing in writing or electronically to the address or e-mail of the Controller specified in Section I of this policy.

You also have the right to lodge a complaint with the Office for Personal Data Protection (Úřad pro ochranu osobních údajů) if you believe that your right to data protection has been violated.


Conditions of Personal Data Security

The Controller declares that it has taken all appropriate technical and organizational measures to secure personal data.

The Controller has taken technical measures to secure data storage and storage of personal data in paper form, in particular: passwords, antivirus software, backups, encryption.

The Controller declares that personal data may only be accessed by authorized persons.


Final Provisions

By checking your consent via the online form and submitting an order from this form, you confirm that you are familiar with this Privacy Policy, that you understand its content, and that you accept it in full.

These principles shall enter into force on 2 January 2025.