Personal data processing policy applicable from 1 June 2024

1. Basic provisions

1.1 What does this policy cover?

This policy contains information about the scope and conditions of the processing of your personal data that we carry out in the course of or in connection with our business activities, in particular when providing our product(s) (services), operating our website, user interface, communicating with you, etc.

1.2 Who is the controller of my personal data?

Your personal data is managed by us, PINYA s.r.o., a company with registered office at Tuřanka 1222/115, Slatina, 627 00 Brno, ID No.: 293 12 922, registered in the Commercial Register kept at the Regional Court in Brno under file number C 73455. We are also the operator of the website www.pinya.hr. Our contact details can be found on our website in the About us, contacts section.

1.3 Why do you process my personal data?

We process your personal data in order to

  • to negotiate with you on the conclusion of contracts, in particular to send you price quotations for the product (services) according to the parameters specified by you, to create and process your orders and inquiries for the product (services), to provide you with price quotations for the product (services) you require;
  • to enter into contracts with you;
  • supply you with the products (services) you order from us;
  • to issue invoices and other documents to you for the products (services provided);
  • recognize your payments of the product (service) price, shipping costs or other charges;
  • to deal with any complaints you may have;
  • operate and improve our website
  • operate your user accounts if you take advantage of the registration option on the website;
  • address any questions or comments you may have about the products (services) we offer;
  • deal with any complaints you may have against our company;
  • enforce our rights under any purchase or other contracts we enter into with you if you fail to fulfil your obligations to us under those contracts, e.g. fail to pay the price of the product (service) you have purchased;
  • to resolve any disputes, whether judicial or extrajudicial, that may arise between you and us arising out of contracts or otherwise;
  • to contact you for marketing purposes, in particular to send you our business communications (newsletters), especially about the products (services) we offer, news in our range, discounts, interesting events and other interesting things related to our company's activities (e.g. trade fairs, exhibitions);
  • to generate statistics about our business activities, traffic to our website, or the use of our other services;
  • promote our company and its activities;
  • properly maintain our business administration and accounting records and comply with our tax obligations;
  • to archive our documentation.

1.4 What personal data do you process?

For the above purposes, we process

a) Your identification data, in particular your name, surname, academic degrees, birth number, date of birth, age, VAT number, address of residence, address of registered office (if you are a natural person), position within the legal entity you represent, gender;

b) Your contact details, in particular the delivery or other contact address you provide, telephone number (landline, mobile), email address, fax number;

c) Your payment details, in particular your bank account number, credit card number, variable symbol, possibly also a specific symbol, a note from the sender or recipient, or any other details you provide in the payment;

d) data about your orders, in particular about the product(s) (services) you have ordered;

e) network data that we obtain when you access and use our website, in particular your IP address, MAC address of the device you use the site, data about your access to the site, activity on the site, the length of your visit to the site, cookies, data about the location of the device you use the site; we use in particular Google Analytics, Google Search Console, Customerscore to obtain this information.io (registration number: 195 80 045), Smartlook.com, s.r.o. (registration number: 195 08 830);

f) Your user account access details.

1.5 And do you process all my personal data for all the purposes you specify?

No, it's not. We process personal data in accordance with the principle of data minimisation and purpose limitation. This means that we only process your personal data for the purposes for which it is necessary and only to the extent necessary to fulfil that purpose.

1.6 What entitles you to process my personal data?

We process your personal data on the basis of the reasons set out in the legislation, in particular the General Data Protection Regulation (GDPR) (full name Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), as amended.

We always process your personal data in accordance with the GDPR on the basis of one of the legal grounds set out in Article 6 of the GDPR. These grounds are in particular:

a) Your consent to the processing of your personal data;

(b) the necessity of processing your personal data for the performance of the contract you have concluded with us or for the implementation of measures taken prior to the conclusion of the contract;

c) the existence of our legitimate interest in processing your personal data;

(d) the necessity of processing your personal data for the performance of our obligations.

1.7 What are your legitimate interests in processing my personal data?

Our legitimate interests in processing your personal data are

a) operating and developing our business;

b) improving the quality of the products and services we provide;

c) operating our website, user interface, providing and improving its functionality;

d) promotion of our business activities, in particular the products (services) we offer, events we organise, etc;

(e) the enforcement of our legal claims;

f) ensuring the security of our website, its users and their user accounts;

g) protection of our property, protection of life, health and property of our employees, business partners, clients, as well as all persons who are on the premises of our company.

1.8 How long do you process my personal data?

This depends on the purpose and reason for which we process the personal data. This period cannot usually be determined precisely, given the scope of the data processed and the variety of purposes. Therefore, the period of processing of your personal data is defined by the following criteria.

If we process your personal data on the basis of your consent to the processing, then we process your personal data for the duration of this consent.

In other cases, we process your personal data for the time necessary to achieve the purpose for which we process it, including subsequent administration associated with the termination of processing and deletion of personal data.

If just one of the grounds on which we process your personal data for a particular purpose ceases, this does not automatically mean that we are obliged to stop processing it. As long as we have another reason for processing it (e.g. our legitimate interest in processing it ceases to exist, but the processing of your personal data is still necessary for us to perform a contract between us or our legal obligations), we may continue to process your personal data until all legal grounds for processing it cease to exist. However, if you withdraw your consent to the processing of your personal data, we will no longer continue to process your personal data for the purpose for which the withdrawn consent was originally given.

1.9 How do you obtain my personal data and to whom do you pass it on?

We primarily process the personal data that you provide to us and we primarily process it ourselves for our own purposes. We also use, for example, cookies to collect and further process certain personal data. You can read more about the use of cookies here[www.pinya.hr].

However, in certain cases, we may receive your personal data from or transfer it to third parties. These parties may include, but are not limited to:

  • our accountants and tax advisors,
  • our attorneys,
  • our business partners, e.g. Digital Solutions s.r.o. (ID: 259 98 706) (DigiSign application for digital signing), ECOMAIL.CZ, s.r.o. (ID: 027 62 943)
  • our IT administrators,
  • data storage providers,
  • our group companies,
  • persons who provide us with marketing and PR services (customer evaluation, etc.),
  • persons involved in the processing of the order, payment of the price, i.e. our payment service providers (payment gateways),
  • public authorities (in particular courts, authorities),
  • law enforcement authorities (in particular the police and prosecutors).

We may also obtain your personal data from publicly accessible sources such as public registers (in particular the commercial register), the trade register, the insolvency register or the land register.

1.10 Do I have to provide you with my personal data?

In some cases, the provision of personal data is necessary in order for us to comply with our contractual or other obligations, pursue our legitimate interests, etc. For example, in order for us to enter into a contract with you and provide you with products (services), we need to know in particular your identification and contact details. Where possible, we try to inform you in advance about which data must be provided (e.g. by reminding you "optional" in the forms on the website).

2. Rights related to the processing of personal data

2.1 How do I get information about the processing of my personal data?

Upon your written request, we will provide you with information about the scope and conditions of the processing of your personal data. In addition to this request, you can also request a copy of your personal data that we process in the same way.

We will respond to requests in the same way you submit them (i.e. either electronically or in paper form), unless you ask us to respond in another way in your request.

If you request multiple copies of your personal data in paper form, we will charge you an administrative fee of CZK 30 for each copy in excess of one.

2.2 What can I do if I find an error in my personal data that you process?

In this case, please send us a request for correction of your personal data, stating what the error is and what the correct data is. If the error is in the data held in your user account, you can correct the error yourself after logging into your account, unless it is a data point that cannot be changed directly after logging into your user account (for more on this, see Article IV).

2.3 What can I do if I find that the personal data you are processing is incomplete?

In this case, please send us a request to supplement your personal data, specifying how the personal data we process should be supplemented and for what purpose. However, please note that if the data you wish to supplement the personal data already processed is not necessary for the processing for the purpose you have requested, we are not obliged to supplement the data.

2.4 What can I do if I find that you are processing my personal data more than necessary?

As we have already stated above, we only process your personal data for the purposes for which it is necessary and only to the extent necessary for the fulfilment of that purpose. If you nevertheless find that we are processing more of your personal data than is necessary for any of the purposes, you can send us a written request to restrict the processing. In the request, please inform us of the reasons why you believe that we are processing more of your personal data than is necessary for the purpose. We will carefully evaluate your request and, if we find it justified, we will implement measures to limit the scope of processing.

2.5 What can I do if I don't want you to keep my personal data?

In this case, you will send us a written request for the deletion of your personal data. We will carefully examine the request and, if we find it justified, we will delete your personal data. The reasons for which you can request the erasure of your personal data can be found in Article 17 of the GDPR. However, in certain cases we may not comply with your otherwise reasonable request. Please also refer to Article 17 of the GDPR for the cases in question (e.g. if the processing is necessary for the exercise of the right to freedom of expression and information).

2.6 Can I transfer my personal data that you process to another controller?

At your written request, we will provide you with your personal data in a machine-readable format or, if you ask us to do so, we will provide it directly to another controller that you specify for this purpose in your request. Please note, however, that this right only applies to personal data that we process for the performance of a contract between you and us, and only if we process it in automated form.

2.7 What can I do if I don't like the way you process my personal data?

If we process your personal data for reasons of legitimate interest, you may object to such processing in writing. In response to your objection, we will assess whether our legitimate interest in such processing continues and whether it is overridden by the interest in protecting the rights and freedoms of natural persons. If we find that your objection is justified, we will cease the processing of your personal data to which you have objected.

It is also possible to lodge a complaint against the processing of personal data with the supervisory authority in the field of personal data processing, which in the Czech Republic is the Office for Personal Data Protection.

3. Consent to the processing of personal data

3.1 When do you need my consent to process my personal data?

We only require your consent to process your personal data in cases where we cannot process your personal data for the given purpose on the basis of any other legal grounds. We therefore only ask for your consent in exceptional cases, e.g. for marketing purposes or for the processing of personal data via cookies, except for those without which our website would not function properly.

3.2 Do I have to give you consent?

Consent is completely voluntary and you can withdraw your consent at any time. In particular, consent is not a condition for the provision of other services.

3.3 How can I withdraw my consent?

If you wish to withdraw your consent to the processing of your personal data, please send an e-mail or a letter to the above contact details. Consent given for the purpose of sending newsletters (commercial communications) can also be withdrawn by clicking on the link to unsubscribe from commercial communications. This link is included in every e-mail with a commercial communication. You can withdraw your consent to the use of cookies at any time by setting cookies directly on our website (www.pinya.hr).

3.4 Can commercial communications be sent to me without my consent?

If you have provided us with your e-mail address in connection with the sale of products offered by us or the provision of our services, we may, in accordance with the Act on Certain Information Society Services (Act No. 480/2004 Coll.), send you commercial communications to this e-mail address without your consent. In this case, we process your e-mail address on the basis of our legitimate interest. This is our interest in the promotion of our business activities, in particular the products (services) we offer, discounts and other events related to our company.

However, you can object to this processing (see paragraph 2.7 for more information on the right to object).You also have the option to unsubscribe from receiving commercial communications free of charge by clicking on the relevant link in each e-mail containing commercial communications. If we receive your objection to receiving them or if you unsubscribe from receiving them, we will no longer send you commercial communications to the e-mail address in question.

4. Registration, user account

4.1 How do I create a user account?

You can obtain a user account by registering on our website. In order to register, you must complete and submit the registration form. The information marked with an asterisk must be completed in the registration form in order for the registration to take place and for the user account to serve its purpose.

4.2 How do I log in to my user account?

You will log in to your user account using the login name and password you have chosen.

4.3 What precautions must be taken to secure the user account?

Your personal data is collected in your user account. It is therefore essential that you are aware of the risks arising from possible unauthorised access to your user account by third parties, in particular the risks associated with the possible misuse of your user account and the personal data collected therein.

As the operator of the www.pinya.hr website, we ensure, to the best of our abilities, the highest possible level of security of the website and therefore the security of your user accounts and your personal data collected therein. However, without you also taking the necessary measures to secure your user accounts and your personal data, any security efforts on our part are useless.

First of all, you must not disclose your user account login details, especially your password, to anyone.

When choosing a password, it is essential to remember that weak (simple) passwords can be easily cracked by third parties (hackers), either by using specialised password cracking tools or simply by guessing or guessing. Therefore, it is crucial that you choose a strong enough (complex) password that cannot be easily cracked by third parties. Your password must meet the requirements specified in the registration form. The system will not allow you to set a password that does not meet these requirements.

In addition, you must always log out of your user account immediately after you have finished working with it. Otherwise, you are making it easy for a third party who gets access to the computer on which you have been working with your user account to misuse your user account and your personal data.

Therefore, we ask you to take all necessary measures to secure your user accounts and your personal data collected therein. The above examples may provide guidance, but are not an exhaustive list of the measures you should follow.

Please remember that you are responsible for any misuse of your user accounts or the data collected in them that occurs due to your error.

4.4 How can I cancel my user account?

Upon your written request, we will cancel your user account without undue delay after receiving your request. Please send us your request electronically (by e-mail) to the e-mail address [obchod@pinya.cz], or by letter to PINYA s.r.o., Tuřanka 1222/115, Slatina, 627 00 Brno.

4.5 Can you cancel my user account without a request?

Yes, we can cancel your user account ourselves, without your request, but only if:

(a) you do not log in to your user account for more than 24 months;

b) you violate your obligations under your contract with our company, including the General Terms and Conditions and this Personal Data Processing Policy, in particular if you violate your obligations in relation to the security of your user account and the protection of personal data stored therein.

5. Final provisions

5.1 Can these policies be changed? And where can I find the current version?

This Privacy Policy is subject to change by us. You can always find the current version on our website.

5.2 If a written form is required, does this include email?

Yes, if this Personal Data Processing Policy requires an action to be in writing, it can also be done by email.

5.3 From when does this Personal Data Processing Policy apply?

The Personal Data Processing Policy as amended shall apply from 1.6.2024.

PINYA s.r.o.

Other versions

Personal data processing policy applicable from 1 June 2024
Personal data processing policy valid from 14 March 2023
In order for the website to work properly and so that we know what to improve on the website, we need your consent to store cookies. By clicking on the "Accept" button you agree.
Options
Reject
Accept