I. BASIC PROVISIONS

  1. OEF s.r.o. se sídlem Bukovka 73, 533 41 Lázně Bohdaneč Česká republik, VAT: 08174539is the personal data controller referred to in Article 4 (7) of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter “GDPR”) registered office: OEF s.r.o., VAT:CZ08174539, Bukovka 73, 533 41 Lázně Bohdaneč Czech republic (hereinafter referred to as the “Administrator”).
  2. The administrator’s contact details  are contact@obsceneextreme.cz.
  3. Personal Data means any information about an identified or identifiable natural person; an identifiable natural person is a natural person who can be identified, directly or indirectly, in particular by reference to an identifier, such as name, identification number, location data, network identifier, or one or more specific physical, physiological, genetic, psychological, economic, cultural or identity of the individual.
  4. The administrator has not appointed a data protection officer.
  5. Our web address is: www.store.obsceneextreme.cz

II. LEGAL REASON FOR PERSONAL DATA PROCESSING

  1. The legal reason for processing personal data is
  • performance of the contract between you and the administrator pursuant to Art. b) GDPR (hereinafter referred to as “Performance of the Contract”)
  • the legitimate interest of the controller in providing direct marketing (in particular for sending commercial communications and newsletters) pursuant to Article 6 (1) (a). f) GDPR (hereinafter referred to as “Eligible Interest”)
  • Your consent to processing for the purpose of providing direct marketing (in particular for sending commercial communications and newsletters) pursuant to Article 6 (1) (a) a) GDPR in conjunction with Section 7 (2) of Act No. 480/2004 Coll., on Certain Information Society Services, in the absence of an order for goods or services (hereinafter “Consent”).

2. There is no automatic individual decision-making within the meaning of Article 22 of the GDPR. You have given your explicit consent to such processing.

III. PURPOSE OF PROCESSING, CATEGORIES, SOURCES AND RECIPIENTS OF PERSONAL DATA

Legal reason Purpose Data Data source Recipients of personal data (processors)
Contract performance Reply to demand sent via contact form Client Personal Information (email) Contact form Mailing services, cloud storage
Contract performance Providing direct marketing (especially for sending business messages and newsletters) Client contact details Order information Mailing services, cloud storage
A legitimate interest Common traffic analysis, server error detection and fraud prevention and attack For 50 months: IP addresses and web browsing data, page views and page actions. User movement on the web, displaying an error page Google Analytics, Mailing services, cloud storage…
Agreement Targeted ad (retargeting) For up to 13 months: Third Party Cookies, IP Addresses, Browser Data, and Web Browsing Data View pages on the web Advertising platforms for retargeting(Facebook)
Agreement Get demographic reports in traffic statistics Third-party cookies, demographics (age, gender, interests, interest in buying, and more) DoubleClick cookie, Android ID, iOS ID for advertisers Google Analytics
Agreement Web marketing and promotion Emails, potential customer names, IP addresses, and other technical identifiers Newsletter form Web hosting company and e-mail services

IV.DATA RETENTION PERIOD

1. Unless otherwise stated in the preceding paragraphs, the Administrator stores personal information

  • for the period necessary to exercise the rights and obligations arising from the contractual relationship between you and the trustee and the exercise of claims under these contractual relationships (for 15 years after the termination of the contractual relationship).
  • for as long as the consent to the processing of personal data for marketing purposes is revoked, if personal data are processed by consent.

2. After the personal data retention period has expired, the administrator deletes personal data.

V. COOKIES

  1. If they are in point III. The following rules apply to the processing of cookies between your personal data.
    • The rules for using or blocking cookies can be set by each user in their web browser, thereby indicating their acceptance of their processing. You can look at návod na zablokování cookies.
    • User can set permission or rejection of all or only some cookies (eg third party cookies). Blocking cookies may affect the usability of the website and the services.
    • On this site, visitors who agree to place cookies in their browser through the appropriate behavior settings for individual browser cookies are provided with information from the following companies:
  2. If you object to the processing of technical cookies necessary for the operation of the website, then the full functionality and compatibility of the website cannot be guaranteed.

VI. RECIPIENTS OF PERSONAL DATA (SUBCONTRACTORS OF THE CONTROLLER)

  1. The administrator intends to transfer personal data to a third country (outside the EU) or an international organization. Recipients of personal data in third countries are providers of mailing services, data and file repositories, analysis tools and direct marketing services.

VII. YOUR RIGHTS

  1. You have the terms set out in the GDPR
    • the right to access their personal data under Article 15 of the GDPR,
    • the right to correct personal data under Art. 16 GDPR, or limitation of processing under Art.18 GDPR,
    • the right to delete personal data pursuant to Art. 17 GDPR,
    • the right to object to the processing under Art. 21 GDPR,
    • the right to data portability under Art. 20 GDPR,
    • právo odvolat souhlas se zpracováním písemně nebo elektronicky na adresu nebo email správce uvedený v čl. III těchto podmínek.
  2. Furthermore, you have the right to file a complaint with the Data Protection Office if you believe that your right to personal data has been violated.

VIII. PRIVACY POLICY TERMS

  1. The administrator declares that he has taken all appropriate technical and organizational measures to safeguard personal data.
  2. The administrator has taken technical measures to secure data storage and personal data repositories in paper form, especially…
  3. The administrator declares that only personally authorized persons have access to personal data.

IX. FINAL PROVISIONS

  1. By submitting an order from the online order form, you acknowledge that you are familiar with the privacy policy and accept it in its entirety.
  2. You agree to these terms by ticking the consent via the online form. By confirming your consent, you acknowledge that you are familiar with the terms of your privacy and that you accept it in its entirety.
  3. The Administrator is entitled to change these terms. He will publish a new version of the Privacy Policy on his website and at the same time he will send you a new version of these terms and conditions of your e-mail address that you provided to the administrator.

These conditions come into effect on 1.4.2021.