Free from all operators
Ask a question in chat
Telegram
En

Privacy Policy

PRIVACY POLICY
(PROTECTION OF PERSONAL DATA IN ACCORDANCE WITH GDPR)

Goldenhub s.r.o.
Company ID: 232 92 539
Registered office: náměstí 14. Října 1307/2, Smíchov, 150 00 Praha 5, Czech Republic
E-mail: sales@goldenhub.com
Website: https://goldenhub.cz

(hereinafter referred to as the “Controller”)

This Privacy Policy describes the rules for the processing and protection of personal data of customers, business partners and visitors of the online store Goldenhub.cz in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR), Act No. 110/2019 Coll. of the Czech Republic on the processing of personal data, and other applicable legal regulations of the Czech Republic and the European Union.

  1. GENERAL PRINCIPLES OF PERSONAL DATA PROCESSING

The Controller processes personal data lawfully, fairly and transparently, only to the extent necessary, for predetermined and legitimate purposes, and ensures their security and confidentiality.

Personal data are processed in connection with:
– operation of the online store,
– conclusion and performance of sales contracts,
– communication with customers,
– marketing and analytical activities,
– fulfilment of legal obligations.

  1. CATEGORIES OF PROCESSED PERSONAL DATA

The Controller processes in particular the following categories of personal data:

Identification data:
– first name and last name,
– company name and identification number (if applicable).

Contact data:
– e-mail address,
– telephone number,
– delivery address and billing address.

Contractual and transactional data:
– information about ordered goods,
– method of payment,
– method of delivery,
– order history,
– complaints and returns.

Technical and operational data:
– IP address,
– cookies and similar identifiers,
– browser type and version,
– operating system and device type.

Behavioural data:
– visited pages,
– viewed products,
– clicks, preferences and interactions on the website.

Communication data:
– e-mails and other messages exchanged with the Controller.

  1. PURPOSES AND LEGAL GROUNDS OF PROCESSING

Personal data are processed for the following purposes and on the following legal grounds:

3.1 Performance of a contract

Processing necessary for:
– acceptance and processing of orders,
– conclusion and performance of sales contracts,
– delivery of goods,
– processing of payments,
– handling complaints and withdrawals from contracts.

Legal basis:
Article 6(1)(b) GDPR.

3.2 Compliance with legal obligations

Processing necessary for:
– accounting and tax obligations,
– archiving of documents,
– fulfilment of obligations under consumer protection regulations.

Legal basis:
Article 6(1)(c) GDPR.

Relevant legal regulations:
– Act No. 89/2012 Coll., Civil Code,
– Act No. 634/1992 Coll., Consumer Protection Act,
– Act No. 235/2004 Coll., Value Added Tax Act,
– Act No. 563/1991 Coll., Accounting Act.

3.3 Legitimate interests

Processing necessary for:
– protection of the Controller’s legal claims,
– internal administration and records,
– prevention of fraud and abuse,
– improvement of services and website functionality,
– ensuring network and information security.

Legal basis:
Article 6(1)(f) GDPR.

3.4 Marketing activities

Processing for:
– sending commercial communications,
– personalisation of offers and advertising,
– customer satisfaction surveys.

Legal basis:
Article 6(1)(a) GDPR – consent,
or Article 6(1)(f) GDPR – legitimate interest with respect to existing customers.

  1. SOURCES OF PERSONAL DATA

Personal data are obtained:
– directly from users when placing an order or communicating with the Controller,
– automatically through the use of the website (cookies, log files),
– from contractual partners (payment service providers, delivery companies).

  1. RECIPIENTS OF PERSONAL DATA

Personal data may be disclosed only to entities necessary to ensure the operation of the online store and fulfil contractual obligations, in particular:

– payment service providers and banks,
– delivery companies: DHL, Packeta, DPD, GLS,
– accountants and tax advisers,
– IT and hosting service providers,
– marketing and analytical services:
– Google Analytics (Google Ireland Limited),
– Meta Platforms Ireland Limited (Facebook, Instagram).

Personal data are not sold or provided to third parties for their own marketing purposes.

  1. SALE AND DELIVERY

The Controller sells and delivers goods exclusively to Member States of the European Union.

Sale and delivery to Ukraine, Belarus and the Russian Federation are not provided.

  1. TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES

Personal data are primarily processed within the territory of the European Union.

If personal data are transferred to third countries outside the European Economic Area, such transfer is carried out only under conditions ensuring an adequate level of protection, in particular through standard contractual clauses approved by the European Commission and other safeguards pursuant to Articles 44–49 GDPR.

  1. DATA RETENTION PERIOD

Personal data are stored only for the period necessary to achieve the purposes of processing:

– contractual and order data – for the duration of the contractual relationship and at least 10 years thereafter,
– accounting and tax data – for the period required by law,
– marketing data – until withdrawal of consent or objection,
– analytical data – for the period determined by the relevant analytical tools.

After the retention period expires, personal data are securely deleted or anonymised.

  1. RIGHTS OF DATA SUBJECTS

Users have in particular the following rights:

– the right of access to personal data,
– the right to rectification of inaccurate data,
– the right to erasure (“right to be forgotten”),
– the right to restriction of processing,
– the right to data portability,
– the right to object to processing,
– the right to withdraw consent at any time,
– the right to lodge a complaint with a supervisory authority.

  1. SUPERVISORY AUTHORITY

The supervisory authority in the Czech Republic is:

Úřad pro ochranu osobních údajů
Pplk. Sochora 27
170 00 Praha 7
Czech Republic
www.uoou.cz

  1. COOKIES AND SIMILAR TECHNOLOGIES

The Controller uses cookies and similar technologies for:
– ensuring proper functioning of the website,
– analysing traffic and user behaviour,
– personalising content and advertising.

Users may change cookie settings in their browser or via the cookie banner on the website.

  1. SECURITY OF PERSONAL DATA

The Controller applies appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, misuse or disclosure.

  1. CONTACT DETAILS

For questions regarding the processing of personal data or the exercise of your rights, you may contact:

Goldenhub s.r.o.
E-mail: sales@goldenhub.com
Address: náměstí 14. Října 1307/2, Smíchov, 150 00 Praha 5

  1. FINAL PROVISIONS

This Privacy Policy becomes effective upon its publication on the website https://goldenhub.cz.

The Controller reserves the right to update this Privacy Policy at any time in accordance with applicable law.

 

call viber telegram WhatsApp