Personal Data Processing Policy
The Company Bossini s.r.o., the operator of the webstore www.geareshop.com, declares that all personal data (hereinafter also referred to as “data”) is treated as strictly confidential and is handled in accordance with applicable legal provisions in the area of personal data protection.
The security of your personal data is our priority. We therefore pay due attention to personal data and its protection. In the Personal Data Processing Policy (the “Policy”), we would like to inform you about how we collect personal data about you and how we then use it.
1. PERSONAL DATA AND ITS PROCESSING
1.1. PERSONAL DATA CATEGORIES
We collect various types of data, depending on which of our services you are using.
If you shop with us, we collect your:
- Name and contact details. First name and surname, email address, delivery address, billing address, phone number, bank details
- Demographic data. Data about gender, date of birth, country and preferred language.
- Data as a result of the duration of the agreement – products bought, customer segment, volume of services provided
If you are on our marketing mailing list, we collect:
- Name and contact details – email address and first name.
- Demographic details – country, gender.
We also process the following personal data:
- Data from communication between GEARESHOP.COM and the customer
- Behavioural records for websites operated by GEARESHOP.COM
1.2. PURPOSE OF PROCESSING PERSONAL DATA:
- Provision of services and their improvement. In order to provide the services offered and improve them to your satisfaction, we process your personal data. This means specifically:
- Processing orders for products or services, ordered via our website. The legal reason is the need to fulfil the purchase agreement and, for selected data, to meet legal obligations (e.g. accounting documents).
- Customer support. To provide customer service and prevent any problems when fulfilling a purchase agreement, we will process your personal data on the basis of the necessary fulfilment of these agreements.
- Communication. We use the data that is collected to communicate with you and to adapt it for each individual. For example, we may contact you by phone, email or some other format to remind you that you have products in your online basket, to help you complete your order, give you the current status of your request, order or return or get more information from you about it, or notify you that you need to take action to keep your account active. If you shop with us as a non-member, we process this data because of legitimate interest, which is in the legitimate interests of GEARESHOP.COM, as described above.
- Improving services. We use data to continuously improve our services and systems, including adding new features, and also to make informed decisions through the use of pooled analysis and business intelligence, all on the basis of our legitimate interest derived from the freedom of business and on the basis of the need to improve the services provided for competitive success. To ensure the adequate protection of your rights and interests, we use personal data in an anonymised form for the purpose of making improvements to our services.
- Protection, security and dispute resolution. We may also process data out of legitimate interest, to ensure the protection and security of our systems and customers, detect and prevent fraud, resolve disputes and enforce our agreements on the basis of legitimate interest.
- Marketing offers.
- Email newsletter (commercial communication)
- We send you commercial communications about similar products to those you have purchased.
- You can always decline commercial communications via the unsubscribe link found in every email or your account.
- If you unsubscribe from commercial communications, we will stop using your electronic contact information for this purpose. We will start using it again if you register or request it specifically.
- The marketing offers you see may be chosen on the basis of other information we have gathered about you over time according to contact details, demographic data, favourites and data about using our products and websites (cookies, IP address, data provided by your browser, click data, commercial communications displayed, products visited). We do not have fully automated processing which would have a legal impact on you.
- If you shop with us as a non-member, we process this data because of legitimate interest, which belongs in the sphere of legitimate conventional marketing.
- If you are not our customer, we will process your data on the basis of your consent.
- You have the right to raise an objection to the processing at any time free of charge. Just contact us.
- Email newsletter (commercial communication)
- Processing of cookies from websites operated by GEARESHOP.COM
- If you have permitted cookies on your web browser, we will process records of behaviour from the cookies located on the websites operated by GEARESHOP.COM to ensure better operation of the GEARESHOP.COM website and for internet advertising by GEARESHOP.COM. More information can be found in a separate chapter of this document.
1.3. TRANSFER OF PERSONAL DATA TO THIRD PARTIES
Your personal information will be passed on to third parties or otherwise arranged only if it is necessary to fulfil a purchase agreement, is based on legitimate interest, or if you have given your consent to this in advance, as follows:
- a) to affiliated companies and processors based on fulfilment of the purchase agreement to perform internal processes and procedures;
- b) to companies issuing credit cards, to providers of payment services to process payments and to banks on the basis of your order, to fulfil a purchase agreement;
- c) to carriers to deliver your order or services and to resolve complaints, including withdrawal from an agreement;
- d) to our partners, in loyalty schemes that you join;
- e) to other service providers and third parties involved in data processing;
- f) to third parties, e.g. legal representatives or courts for enforcement purposes, or entering into any agreement with you;
- g) public authorities (e.g. the police);
- h) third parties carrying out surveys among customers.
If a third party uses data in connection with their legitimate interests, the controller is not liable for this processing. This processing is governed by the personal data processing policy of the relevant companies and individuals.
2. THE CUSTOMER ACCOUNT AND PURCHASING WITHOUT REGISTERING
- As part of the customer account, you will get direct access to your data, including editing, and you can view your data about both completed and incomplete orders and edit your newsletter preferences. You can also manage your personal data and newsletter preferences via the customer account.
- If you do not wish to set up a customer account to make a purchase, you can also shop without registering in our webstore, i.e. as a non-member.
3. PERSONAL DATA SECURITY AND RETENTION PERIOD
3.1. PERSONAL DATA SECURITY
- Your personal data is transmitted to us in encrypted form. We use the SSL (secure socket layer) technology. We secure our websites and other systems using technical and organisational measures against the loss and destruction of your data, unauthorised access to your data or its modification or dissemination.
- We require our processors to prove compliance of their systems with the GDPR.
- Access to your customer account is only possible after entering your personal password. In this context, we would like to draw your attention to the fact that you must not share your access data with third parties and after finishing your activity in your customer account, always close the window of your web browser, especially if you are using a public computer. GEARESHOP.COM is not liable for the misuse of passwords used, unless caused directly by GEARESHOP.COM.
3.2. DURATION OF PROCESSING
We process and store personal data
- for the period necessary to ensure all rights and obligations arising from the purchase agreement, i.e. for the duration of the order and warranty period
- for the period in which GEARESHOP.COM is obliged as the controller to store it in accordance with generally binding legislation. Accounting documents, such as invoices issued by GEARESHOP.COM, are archived according to law for 10 years from being issued.
- Consent to being notified about the availability of products remains valid until the information about availability is sent, but for a maximum of one year, or until consent is withdrawn.
- Consent to marketing offers is valid for four years or until it is withdrawn.
- Review 6 years
- We help the 10 years
- Communication 2 years
- Competitions 1 year
In other cases, the processing of data arises from the purpose of the processing or is determined by data protection legislation.
4. RIGHTS OF DATA SUBJECTS
- If we process your personal data, you may request free information about the processing of your personal data at any time.
- If you believe that we are processing your personal data in a manner contrary to the protection of your personal data and legal conditions for the protection of personal data, you may ask for an explanation and ask for us to remedy the situation that has arisen and, in particular, you may ask for corrections or supplementations to be made, the disposal of your personal data, or the blocking of your personal data.
- You may withdraw your consent to the processing of your personal data at any time. If you withdraw your consent to the processing of your personal data, your personal data will be deleted or anonymised you can do it in your account; however, this does not apply to the personal data GEARESHOP.COM needs to fulfil its statutory obligations (e.g. handling orders already submitted) or to protect its legitimate interests. Personal data is also disposed of if the personal data is not necessary for the designated purpose or if the storage of your data is not permissible for other reasons as specified by the law.
5. THE WEBSITE
- for the shopping basket to work correctly, so that you can complete your order as simply as possible
- to remember your login details, so you don’t have to enter them repeatedly
- to adapt our site to your needs in the best possible way by monitoring visits, your movement on the site and the functions used
- to discover information about advertisements you have browsed so that we do not show you advertising for products you are not interested in
Some cookies may collect information which is then used by third parties and which, for example, directly support our advertising activities (i.e. third-party cookies). For example, information about products purchased on our website may be displayed by an advertising agency as part of the display and customisation of web banner advertisements on your selected website. However, you cannot be identified by this data.
The cookies used on our website can be divided into two basic types. Session cookies are deleted as soon as your visit to our website ends.Persistent cookies remain stored on your device far longer or until you remove them manually (the period for which a cookie is left on your device depends on the cookie’s own settings and your browser settings).
Cookies can also be divided by functionality into:
- analytical, which help us improve the user experience of our website by understanding how people use it
- conversion, which help us analyse the performance of various sales channels
- tracking, which, combined with conversion cookies, help us analyse the performance of various sales channels
- remarketing, which we use to personalise the content of ads and their correct targeting
- essential, which are important for basic website functionality
5.3. REJECTING COOKIES
Settings for cookies are part of your browser. By default, most browsers automatically accept cookies. You can also reject or restrict cookies to the ones you select by using your web browser.
Information about browsers and how to set cookie preferences can be found on the websites below or in other internet browser documentation
Our website contains links to other websites which are practical and contain information. Please note that these sites may be owned and operated by other companies and organisations and have different security and personal data protection policies. Our company has no control over, and nor does it bear any liability for, any information, material, products or services contained on or accessible via these websites.
If you have any questions, comments or requests regarding this Policy, please do not hesitate to contact us.
This Personal Data Protection Policy is valid from 25 May 2018.