Personal data protection
We respect everyone's privacy. Therefore, we would like to inform you how we use personal data. We encourage you to read this policy so you know what to expect and how to respond.
Who is responsible for the processing of personal data?
The controller of your personal data www.beviro.cz is P2D2, s.r.o., with registered office at P2D2 s.r.o., Korunní 2569/108, Praha 10100, ID No.: 06801781, VAT No.: CZ06801781, e-mail: firstname.lastname@example.org, registered in the Commercial Register maintained by the Regional Court in Plzeň, file No. C35774 (hereinafter also referred to as the "Controller"). The Administrator protects all personal data processed as strictly confidential and handles it in accordance with the applicable legal regulations in the field of personal data protection. The security of your personal data is a priority for us.
1. Introductory provisions
1.1 What is personal data?
Personal data means any information that identifies or can identify a specific natural person. In particular (but not limited to) personal data are:
Identifying information such as name, surname, identification number, tax identification number, gender;
contact details, such as home address, telephone number, email address;
other data, such as information obtained through cookies, IP address (network identifier) including browser type, device and operating system, time and number of accesses to the web interface and other similar information
1.2 What governs our handling of personal data?
Within the meaning of the General Data Protection Regulation (Regulation (EU) 2016/679, hereinafter also referred to as "GDPR"), the Controller is the controller of your personal data, i.e. it collects, stores and uses (and otherwise processes) your personal data for the performance of its business activities (the individual purposes for which personal data is processed are defined in more detail below), which consists in particular in the provision of consultancy services in the field of the use of medicinal herbs, including the organisation of professional seminars and educational or social events.
This Personal Data Processing Policy applies to (i) the processing of personal data by the Controller during your use of the www.be-viro.com website (the "Website"), (ii) the processing of personal data by the Controller during communication with you by email or telephone, (iii) the processing of personal data by the Controller during the course of a business relationship with clients and suppliers, (iv) the processing of personal data in the performance of the Controller's legal obligations, and (v) the processing of personal data that is necessary for the purposes of protecting the Controller's legitimate interests.
The Personal Data Processing Policy describes the purposes of personal data processing and the methods of processing, informs about the individual categories of personal data processed, their potential recipients, the retention period of personal data and your rights in relation to the protection of personal data.
2. Collection and use of personal data
2.1 How do we obtain your personal data?
You provide us with your personal data in particular when you fill in an order on our e-shop and when you subscribe to our newsletter. If there is any change to your personal data, please inform us.
Furthermore, when you visit and use the web interface, some personal data may be collected and stored via cookies. You can read more about cookies below.
2.2 For what purposes is your personal data processed?
The performance of a contract (contracts for the purchase of goods; relationships with business partners, such as carriers);
The performance of legal obligations (in particular obligations in terms of accounting and tax legislation, i.e. the transmission of personal data to the tax authorities or other public authorities in accordance with the relevant legislation);
Sending commercial communications and offering services (the Controller may send commercial communications or newsletters, in particular in the field of cosmetics, and offer products via e-mail);
Protection of the legitimate interest of the Controller (protection of the Controller's rights and legally protected interests, for example, on certain measures against the laundering of the proceeds of crime, protection of the network against harmful conduct or protection against abuse of the website);
Protecting the legitimate interest of third parties (in particular customers);
Dealing with requests sent via electronic forms (in particular in case of your interest in cooperating with the Controller or any questions).
2.3 The controller is entitled to process the following personal data according to the purpose of processing:
Data subjects' data Purposes of processing
Name and surname Fulfillment of contract, Fulfillment of legal obligations, Sending commercial communications and offering services and products, Protection of the legitimate interest of the controller, Handling requests sent via electronic forms
Contact address Performance of contract, Performance of legal obligations, Sending commercial communications and offering services and products, Protection of the legitimate interest of controllers, Handling of requests sent via electronic forms
E-mail Fulfilling the contract, Fulfilling legal obligations, Sending commercial communications and offering services and products, Protecting the legitimate interest of controllers, Handling requests sent via electronic forms
Telephone number Fulfilling the contract, Fulfilling legal obligations, Sending commercial communications and offering services and products, Protecting the legitimate interest of controllers, Handling requests sent via electronic forms
Account number and other transaction data Fulfilling the contract, Fulfilling legal obligations, Protecting the legitimate interest of controllers
Identification number, VAT number Fulfillment of contract, Fulfillment of legal obligations, Protection of the legitimate interest of controllers
Any other information relating to the client or third parties Fulfilling the contract, Fulfilling legal obligations, Sending commercial communications and offering services and products, Protecting the legitimate interest of third parties
2.4 On what basis do we process this personal data?
We may process the personal data entered when ordering goods without your explicit consent on the basis of and for the purpose of concluding and performing a contract, i.e. for the purpose of delivering the goods. Furthermore, we may process this data on the basis of and for the purpose of fulfilling our statutory obligations (in particular registration obligations, archiving of tax documents, etc.) and on the basis of our legitimate interest for the purpose of protecting our legal claims.
We are entitled to use your e-mail address without your express consent on the basis of our legitimate interest to send you commercial communications concerning our goods similar to those you have ordered from us. You may refuse to receive commercial communications at any time.
If you give us your consent by confirming this on the web interface, we may process your personal data entered on the web interface, in particular when you complete your order, for the purpose of sending you commercial communications and direct marketing or for other purposes to which you have expressly agreed. If you are under 16 years of age, your legal guardian is required to give consent. If in doubt, we may ask for confirmation of your age.
We process personal data collected through cookies on the basis of your consent (which you give by setting your browser accordingly). We use the personal data collected through cookies mainly for the purposes of providing user support, improving our services, including analysing user behaviour and marketing.
We can only use your personal data for a purpose other than that for which it was collected with your consent.
2.5 For how long do we use the data?
We only use the personal data entered in the context of ordering goods for as long as necessary to fulfil the contract and comply with legal obligations or to protect our legal claims.
If you give us explicit consent to the processing of personal data or if we use your e-mail address to send you commercial communications, the data will be used for the duration of the web interface on which we offer goods similar to those you have ordered from us.
3. What rights do you have in relation to personal data?
3.1 Right to withdraw consent to the processing of personal data
If we process your personal data only on the basis of your consent (i.e. without any other lawful reason), you may withdraw this consent at any time.
You can withdraw your consent to the processing of your personal data at any time by:
by sending an email to our contact email address email@example.com;
by telephone on our contact number: +420 728 228 339
in writing by letter sent to our delivery address: P2D2 s.r.o., Korunní 2569/108, Praha 10100;
in the case of commercial communications - in the manner specified in each e-mail containing commercial communications (by clicking on the unsubscribe link or in any other manner).
Withdrawal of consent does not affect the lawfulness of data processing carried out for the purpose of fulfilling a legal obligation.
3.2 Right of access to personal data
You have the right to ask us whether we are processing your personal data. If we are processing your data, you have the right to access this personal data and in particular the following information:
the purpose of the processing;
the categories of personal data processed;
the recipients or categories of recipients to whom the personal data will be disclosed;
the period for which the personal data will be stored.
Upon your request, we will provide you with a copy of the data processed. We may charge you an administrative fee for additional copies, not exceeding the cost of making and transmitting those additional copies.
3.3 Right to rectification
If your personal data is inaccurate or incomplete, you have the right to request immediate rectification, i.e. correction of inaccurate data and/or completion of incomplete data.
3.4 Right to object to processing
You have the right to object at any time to the processing of your personal data where we process it for direct marketing purposes, including any automated processing of personal data. Once you have objected, we will no longer process your personal data for these purposes.
3.5 Right to erasure ("right to be forgotten")
You have the right to request that we delete your personal data if:
the personal data is no longer necessary for the purposes for which it was collected or processed;
you have withdrawn your consent to processing;
you have objected to the processing of personal data;
the personal data have been unlawfully processed.
If there are no lawful grounds for refusing erasure, we are obliged to comply with your request.
3.6 Right to restriction of processing
You have the right to request that we restrict the processing of your personal data if:
you contest the accuracy of your personal data;
the processing is unlawful and you request restriction of the processing of your personal data instead of erasure;
we no longer need your personal data for the purposes of processing but you require it for the establishment, exercise or defence of legal claims;
you object to the processing.
When restricting processing, we are only entitled to store your personal data; further processing is only possible with your consent or for legal reasons.
If the processing of your personal data is restricted due to an objection to processing, the restriction lasts for the time necessary to determine whether we are obliged to comply with your objection.
If the processing of personal data is restricted due to a denial of the accuracy of the data, the restriction lasts for as long as the accuracy of the data is verified.
3.7 Right to data portability
You have the right to obtain the personal data you have provided to us in a structured, commonly used and machine-readable format and to have it transferred to another data controller.
3.8 How can you exercise your rights?
You can exercise your rights in relation to your personal data by using our contact details. All information and actions will be provided to you without undue delay.
We will be as helpful as possible in protecting your personal data. However, if you are not satisfied with the handling, you have the right to contact the competent authorities, in particular the Data Protection Authority (http://www.uoou.cz), which supervises the protection of personal data. This provision is without prejudice to your right to address your complaint directly to the Data Protection Authority.
In particular, if your residence, place of employment or place of alleged personal data breach is located outside the Czech Republic in another Member State of the European Union, you may contact the competent supervisory authority in that Member State.
4. Management and security of personal data
4.1 Who processes your personal data?
We are the controller of personal data within the meaning of the GDPR.
To the extent necessary for the performance of the contract or other obligations, we are entitled to transfer your personal data to other persons, e.g. persons involved in the performance of the contract or our obligations. Where appropriate, we may also entrust other processors and recipients with the processing of personal data. We will also tell you who specifically processes your personal data on the basis of your enquiry. Your personal data will be transferred to countries outside the European Union if necessary for the performance of a contract or for any other reason in accordance with the rules for such transfers set out in the GDPR.
In particular, your personal data is processed by:
MailChimp - The Rocket Science Group LLC;
cz - OLYMPIC s.r.o.;
Zásilkovna s.r.o. - distribution company;
PPL - distribution company;
ABRA - Flexibee - invoicing software;
SHOPTET - ecommerce system;
Heureka Shopping s.r.o.
It is possible that in the future we may decide to use other applications or processors to facilitate and improve the quality of processing. However, we promise you that in such a case, I will place at least the same demands on the processor in terms of security and quality of processing as on myself.
4.2 Security of personal data
We value your personal data and will ensure that it is adequately protected. We have put in place the necessary technical measures and policies to protect this data from unauthorised persons and misuse and will update these as necessary and as technology develops.
5.1 What is a cookie?
A cookie is a small file that a website stores on your computer, tablet or smartphone via your browser. This file allows the website to "remember" your actions or preferences in the long term.
Most internet browsers support cookies; however, users can set their browsers to refuse certain cookies or types of cookies. In addition, these files can be deleted at any time.
To learn about the way you use the information on our site and to make it easier for you to use the services we provide. For example, some cookies remember information about the language used or preferences so that you do not have to set them again on our site. Others tell us where you are located so that we can offer you our nearest branch in your area. Apart from that, they also allow us to offer you specific materials, such as videos on our site. We can then provide you with targeted offers of our products and services on other parties' websites based on information about your online behaviour.
5.2 What types of cookies do we use?
Own and third-party cookies
We use both our own and third party (third party) cookies on our website.
Proprietary cookies are cookies generated by your own domain and generally record information about the language used, location and preferences, or provide basic site functionality.
Foreign cookies are generated and managed by other entities, such as our business partners or service providers. These cookies may be needed to generate certain forms, such as job applications, or certain advertisements placed outside of our site.
Session cookies are temporary files that help our site remember the progress of your visit. They expire once you close your web browser.
Persistent cookies are used to store preferences within our site and remain on your computer, tablet or mobile device even after you restart it or close your browser. These files are used to analyse user behaviour and identify trends so that we can then improve the functionality of our site for you and other visitors. These files also allow us to offer you targeted advertising and measure the effectiveness of our site and advertising.
5.3 How are cookies used for advertising purposes?
Cookies and advertising elements (web beacons, pixels and anonymous ad network tags) make it easier for us to serve relevant ads more effectively. They also assist in the collection of aggregate survey data and performance data for advertisers. Pixels improve the display of ads and provide us with information about their function and effective display. Because your web browser can request ads and web beacons directly from ad servers on the network, their administrators can display, edit or set up custom files just as if you had requested them from their own site.
We do not create profiles of your behavior on other sites, but we do offer you relevant advertising based on aggregate data from our partners based on your interests. We do not provide the personal data we collect to advertisers. By changing your cookie settings, you can disable the offering of targeted advertising outside of our site. You will still see ads, but they will not be tailored to your interests because the cookie will not be available.
5.4 How are third party cookies used?
Changes to this policy
This policy is valid and effective as of May 25, 2018.