Conditions for the protection of personal data (GDPR)
Trendcharge s.r.o. IČ 07009348 with registered address Sudkova 553/3 Prague 10 10900 is, in accordance with Article 4 point 7 of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“GDPR”), a controller of personal data (the “Controller”).
Contact information for the Controller:
Personal data means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
The Controller has not appointed a data protection officer.
Sources and categories of processed personal data
The Controller processes personal data that you have provided to it and/or personal data that the Controller obtains on the basis of processing your orders.
The Controller processes your identification and contact data and data necessary for fulfilling agreements.
Lawful basis and purpose for processing personal data
The legal basis for processing personal data is:
the performance of a contract between you and the Controller pursuant to Article 6 (1) b) GDPR,
the legitimate interest of the Controller to provide direct marketing (in particular for the sending of commercial messages and newsletters) pursuant to Article 6 (1) f) GDPR,
your consent to processing for the purposes of providing direct marketing (in particular for the sending of commercial messages and newsletters) pursuant to Article 6 (1) a) GDPR in connection with § 7 (2) of Act No. 480/2004 Sb., on certain Information Society Services in the event of no order for goods and services.
The purpose for the processing of personal data is:
the performance of your order and the exercising of rights and obligations arising from the contractual relationship between you and the Controller; when placing an order personal data necessary for successful completion of the order (name and address, contact details) is requested; the provision of personal data is a prerequisite for concluding and performing a contract. Without the provision of personal data a contract cannot be concluded or performed on the part of the Controller;
the sending of commercial messages and other marketing.
On the part of the Controller automated individual decision-making, pursuant to Article 22 GDPR, does/does not take place. You have provided your explicit consent to such processing.
Period for keeping data
The Controller keeps personal data for the period necessary to exercise the rights and obligations arising from the contract between you and the Controller, and for exercising the rights arising from these contractual relations (for a period of 5 years after expiry of the contractual relationship).
For a period until consent is withdrawn to the processing of personal data for marketing purposes, for a year at most, if the personal data is processed on the basis of consent.
After expiry of the period for keeping personal data the personal data is deleted by the Controller.
Recipients of personal data (contractors of the Controller)
Recipients are persons contributing to the supply of goods / services / executing payment transactions on the basis of a contract, providing e-shop services and other services connected with operating an e-shop, providing marketing services.
The Controller intends/doesn’t intend to transfer personal data to a third country (outside the EU) or a multinational organisation. Recipients of personal data in third countries are providers of mailing services / cloud services.
Under the conditions stated in the GDPR you have a right to:
access your personal data under Article 15 GDPR,
rectify personal data under Article 16 GDPR, and to restrict processing under Article 18 GDPR.
erasure of personal data under Article 17 GDPR,
object to the processing under Article 21 GDPR, and
to data portability under Article 20 GDPR.
The right to withdraw consent to processing shall be exercised in writing or electronically to the address or email address of the Controller stated in Article III of these conditions.
You also have the right to file a complaint with the office for the Protection of Personal Data in the event you suspect that your right to the protection of personal data has been breached.
Conditions for the protection of personal data
The Controller declares that it has taken all suitable technical and organisational measures to secure the safety of personal data.
The Controller has adopted technical measures to secure data storage devices.
The Controller declares that only persons it has authorised have access to personal data.
By sending an order via the internet order form you confirm that you have read the conditions for the protection of personal data and that you accept them in full.
By pressing agree on the internet form you agree to these conditions. By pressing agree you confirm that you have read the conditions for the protection of personal details and that you accept them in full.
The Controller is entitled to amend these conditions. Any new version of the conditions for the protection of personal data will be published on our website and will also be sent to you via the e-mail address you provided to the Controller.
These conditions come into effect on 1.11.2019.