Information about the processing of personal data of customers and potential customers

Of JUNGLE INTERIORS, s.r.o., a corporation having its registered office at Prague 5, Mahenova 9/181, ID No. 26454327, registered in the Commercial Register maintained by the Municipal Court in Prague, section C, entry 83348

In accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and the instruction of data subjects (hereinafter the "General Regulation"), we hereby inform you, how our company, as a controller of the personal data (hereinafter only the "Administrator") processes your personal data and the rights and obligations associated with it.

1. PERSONAL DATA

Personal data means any information relating to an identified or identifiable natural person (hereinafter referred to as “Data Subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. The Controller has not appointed a Data Protection Officer.

2. SOURCES AND CATEGORIES OF PERSONAL DATA PROCESSED

The Controller processes personal data that a customer or potential customer has provided to it or personal data that the Controller has obtained due to performing under an agreement based on a customer’s order.

The subject of processing are the following categories of personal data:

Address and identification information used for clear and unmistakable identification of data subjects, such as first name, surname, date of birth, home address, and others;
Contact information such as contact address, telephone number, e-mail address, and others;
Other information, such as bank account details;
Other information required for performance under a purchase Agreement.

Data subjects whose data is processed by the personal data controller and for whom this information is intended, are: customers and potential customers.

3. LEGAL GROUNDS FOR AND PURPOSE OF PERSONAL DATA PROCESSING

Legal grounds for personal data processing are:

Performance of an agreement between you and the Controller pursuant to 6(1) (b) GDPR;
The Controller’s legitimate interest in the provision of direct marketing (in particular, the sending of commercial communication and newsletters) pursuant to 6(1) (f) GDPR;
Consent to processing for the purpose of the provision of direct marketing to potential customers (sending of commercial communication and newsletters) pursuant to 6(1) (a) GDPR in conjunction with Section 7(2) of Act No. 480/2004 Coll., on certain information society services, in the event that goods or a service were not ordered.

Personal data of data subjects are processed for the following purposes:

A purpose arising from negotiations about a contemplated contractual relationship;
A purpose arising from the performance of an agreement between the subject and the Controller; for an order, personal data is required which is necessary for the successful handling of the order (name and address, contact information), the provision of personal data is a necessary prerequisite for the conclusion and performance of an agreement, the agreement cannot be concluded without the provision of personal data and an agreement cannot be performed by the Controller without them;
Protection of the rights of the subject, the Controller, the recipient, or other persons concerned;
Performance of statutory obligations by the Controller;
Protection of vital interests of the data subject;
Purposes arising from subjects’ consent to processing.

4. PERIOD FOR WHICH PERSONAL DATA IS PROCESSED

The Controller processes personal data:

For a period required for the exercise of rights and compliance with obligations arising from a contractual relationship between you and the Controller and for a period required for the making of claims arising from such relations (for a period of 5 years after the termination of the contractual relationship)
In the event of personal data processing on the basis of a consent, for the period for which the consent was given or until the consent is withdrawn.

After the expiration of the period of the processing of personal data, the Controller shall erase the personal data.

5. CATEGORIES OF PERSONAL DATA RECIPIENTS

The recipients of personal data are persons

Taking part in the supply of goods/services and execution of payments on the basis of an agreement;
Providing e-shop operation services and other services in connection with the operation of an e-shop;
Proving marketing services;
Processors on the basis of an agreement with the Controller to the extent of data required for the purpose of processing;
Persons providing legal advice or bookkeeping/accounting.

The Controller does not intend to transmit personal data to a third country (outside of the EU) or to an international organisation. The recipients of personal data in third countries are mailing services / cloud services providers.

6. INFORMATION ABOUT THE RIGHTS OF DATA SUBJECTS

You are entitled to the following with respect to our company as the personal data Controller:

Request access to the personal data processed by the Controller, which means the right to obtain from the Controller a confirmation whether personal data pertaining to you is or is not being processed, and where that is the case, you have a right to access that personal data and other information specified in Article 15 GDPR;
Request rectification of personal data processed with respect to you if they are not precise. With a view to the purpose of processing, you have in certain cases the right to request supplementation of incomplete personal data;
Request erasure of personal data in cases regulated in Article 17 GDPR;
Request restriction of data processing in cases regulated in Article 18 GDPR;
Obtain personal data pertaining to you which we process in an automated manner for the performance of an agreement concluded with you, in a structured, commonly used, and machine-readable format; you have the right to request that the Controller transmit that data to another controller subject to the conditions and restrictions specified in Article 20 GDPR; and
You have a right to object to processing within the meaning of Article 21 GDPR on grounds relating to your particular situation.

Furthermore, you have the right to make a submission to the Office for Personal Data Protection directly if you believe that your personal data is not being processed in accordance with legal regulations, and to do so at the place of your usual residence, at the place of your employment, or at the place where the alleged violation occurred. If you have sustained harm other than property damage due to the processing of your personal data, a special act shall apply to the process of the exercise of your claim.

7. CONDITIONS FOR PERSONAL DATA SECURITY

Processing is performed manually in paper and in electronic form or by automated means with the use of computer equipment, while adhering to all security principles applicable to personal data administration and processing. To that end the Controller has taken technical and organisational measures, in particular those that ensure that unauthorised or random access to data does not occur, or their alteration, destruction, or loss, unauthorised transmission, unauthorised processing, or other types of abuse of such personal data. All entities to which personal data may be disclosed shall respect the right of data subjects to privacy protection and shall proceed in line with applicable personal data legislation.

The Controller declares that only persons authorised by it have access to personal data.

8. CONTROLLER’S CONTACT INFORMATION

Controller’s contact information:

Jungle Interiors, s.r.o.
Údolní 212/1
147 00, Prague 4
Czech Republic
ID No.: 26454327
TIN: CZ26454327