GDPR
Declaration on the processing of personal data pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the information of data subjects (hereinafter referred to as “GDPR”)
I. Personal Data Controller
The company “KENDRO a.s.”, Company Reg. No.: 241 83 474, Tax Id. No.: CZ24183474, having its registered office at Bašteckého 2553/3, Stodůlky, 155 00 Prague 5, as the personal data controller (hereinafter referred to as the “Data Controller”) hereby informs on the processing of personal data and on the rights of data subjects in accordance with Article 12 of the GDPR.
The contact details of the Data Controller are as follows:
- KENDRO a.s., Company Reg. No.: 241 83 474
- Delivery address: Bašteckého 2553/3, Stodůlky, 155 00 Prague 5
- E-mail address: [email protected]
- Telephone:+420 720 051 891
The Data Controller has not appointed any data protection officer.
II. Legal basis for personal data processing
The legal basis for the processing of your personal data is the fact that:
a) The processing is necessary for the performance of a contract between you and the Data Controller or for implementation of a measure by the Data Controller prior to the conclusion of such a contract within the meaning of Article 6(1)(b) of the GDPR,
b) The processing is necessary for compliance with a legal obligation to which the Data Controller is subject within the meaning of Article 6(1)(c) of the Regulation, in particular:
– management of complaints according to the Civil Code and pursuant to the Consumer Protection Act,
– fulfilment of other obligations imposed on the Data Controller by other legal regulations, in particular by the Value Added Tax Act, by the Income Tax Act and by the Accounting Act,
c) The processing is necessary for the legitimate interest of the Data Controller within the meaning of Article 6(1)(f) of the Regulation, in particular:
– management of your enquiries, complaints or requests,
–support of business activities of the Data Controller, in particular by sending electronic or paper commercial communications of the Data Controller to its customers, provided that it is possible to raise objections to such processing or to opt out of receiving commercial communications in advance (see point VI. of this information),
d) You have given your consent to the processing within the meaning of Article 6(1)(a) of the Regulation, namely:
– the consent to the processing of your personal data for the purpose of sending electronic or paper commercial communications to the Data Controller
III. Scope and purpose of the personal dataprocessing
The purpose of the processing of your personal data is primarily the performance of the contract concluded between you and the Data Controller (concerning the purchase of goods, delivery of goods, etc.), including the possible subsequent resolution of rights from defective performance or liability for defects, as well as the implementation by the Data Controller of measures before execution of such a contract and the performance of related public obligations by the Data Controller. You are not obliged to provide the Data Controller with your personal data;however, the provision of such data is a necessary precondition for the conclusion of a contract with the Data Controller and for its performance, therefore, without the provision of such data it is not possible to conclude the contract or to perform on the part of the Data Controller.
For the above-mentioned purposes, in particular the performance of a contract concluded between you and the Data Controller, the Data Controller processes your identification data (first name(s), surname, date of birth, place of residence or commercial name, administrative identification (registration) number and registered office (place of business), respectively), contact data (including data on possible contact persons), billing data, data concerning thegoods ordered, data related to payment for these goods, your IP address and data on your activities within the framework of https://kendro.cz/. In this context, the Data Controller may further process data about your business activities for its legitimate interest.
In order to deal with your requests, complaints or enquiries (depending on their method and content), the Data Controller processes your identification and contact data and the content of your mutual communication between us.
For the purpose of direct marketing, the Data Controller processes your e-mail address and, where applicable, your identification and delivery data. You can object to such processing (see section VI. of this Information).
No automated individual decision-making within the meaning of Article 22 of the GDPR takes place on the part of the Data Controller.
IV. Period of storage of personal data
Your personal data will be processed for the term of the concluded contract and then for the prescription period of any claim arising from the contract. After this period, the Data Controller will destroy your personal data, unless it is entitled or obliged to process these data in virtue of another legal title. Your personal data will also be processed by the Data Controller for the duration of any litigation proceedings.
However, if the Data Controller processes your personal data on the basis of your consent, then such personal data shall be stored by the Data Controller for no longer than the period for which you have given your consent to such processing, i.e., for a period of five years from the date of the consent, or until your consent is withdrawn if you withdraw it before the expiry of this period.
For the purposes of direct marketing carried out on the basis of the Data Controller’s legitimate interest, your personal data will be stored with the Data Controller for a maximum period of five years from the date of termination of your contractual relationship with the Data Controller.
Where required by a legal regulation, the Data Controller will archive documents containing your personal data for the prescribed period.
IV. Recipients of personal data
The Data Controller will not transfer your personal data to a third country (non-EU country) or to an international organisation.
The Data Controller may transfer your personal data in justified cases and only to the extent necessary to its contractual partners, which the Data Controller needs for its normal operation and the implementation of the contractual relationship with you, for example, information technology suppliers, freight forwarding companies, auction portals with which the Data Controller cooperates and other persons and entities involved in the delivery of goods or services; to other entities in cases where the provision of such data to the Data Controller is required by law, or where it is necessary to protect the legitimate interests of the Data Controller (for example, to the courts, law enforcement authorities, etc.).
VI. Rights of the data subject
Under the conditions set out in the GDPR, you have the right to request from the Data Controller an access to your personal data; the right to rectification of inaccurate or incomplete data; the right to erasure of your personal data or, where applicable, restriction of the data processing; the right to withdraw your consent to the processing of personal data; the right to object to the processing of your personal data, including objections to direct marketing; the right to be informed of a breach of security of your personal data; the right not to be subject to a decision based solely on automated processing, including profiling; and the right to the portability of your personal data.
If you believe that the processing of your personal data has violated or is in contradiction with the GDPR, you have the right, among other things, to file a complaint with the supervisory authority, which is the Office for Personal Data Protection.
VII. Cookie Use Policy
The Data Controller is the operator of the website https://kendro.cz/ (hereinafter referred to as the “Web Site”), which may use temporary or permanent cookies. Cookies are text files containing information which the website operators use to obtain information about visitors and to store their preferences in the online environment. Full use of the Web Site requires the use of cookies; however, it is possible to disable these cookies via your internet browsers, but some features may not be available to you afterwards.
All information is anonymous (they only monitor trends, such as a string of user clicks), and these cannot be linked to a specific individual.
If you wish to delete some cookies that are already stored on your device, please follow the instructions in your browser settings for how to find the files or the directory where the cookies are stored.