Privacy

Privacy policy

Privacy of my customers is very important for me. I would like to inform you about how we process your personal data and about your rights.

I committed to protecting the privacy of the our visitors and customers in accordance with applicable laws and regulations, most notably the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC as you may know as GDPR.

What is personal data?

By meaning “Personal data” you can understand any information that can be connected to you as a private person, for example, name and contact information, IP address, etc.

Why I collect your personal data?

In short, I need your personal data for the purpose of processing and completing an inquiry made by the customer. I collect information about you when you fill in a contact form, make an order, subscribe to our mailing list or email us directly.

List below shows, which data I use:

  • Name and surname;
  • Email;
  • Phone number;
  • Address;
  • IP address;
  • Other information the Client chooses to disclose to us when making the inquiry.

Who is responsible for the processing of your personal data?

The person, who is responsible for this, is Milan Sodoma, Identification number 76579085, with its registered seat at Stepankova 22, Prague 5, 150 00, Czech Republic.

We would like to inform you that your personal data also shall be provided to the following recipients:

  • my payment provider(s) process personal data collected through our website. Also note that our store is hosted on Shopify.
  • e-commerce provider of my e-shop Shopify Inc., you can read their privacy policy here: https://www.shopify.com/legal/privacy
  • if you have opted in to receive email updates from us we distribute all our emails through Mail Chimp, you can read their privacy policy here: https://mailchimp.com/legal/privacy/
  • the providers of statistical and analytical tools used for the functionality of our website
  • the providers of tools used for remarketing and personalised advertisement;
  • the providers of payment gateway services;
  • the providers of delivery services;
  • the providers of marketing and PR optimization services;

How do I get your consent to process your personal data?

When you provide me with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.

If I ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent or provide you with an opportunity to say no.

How do you withdraw your consent?

In case you change your mind, you may withdraw your consent at any time, by contacting me at shop@milansodoma.com or mailing me at:

Milan Sodoma, Stepankova 22, Prague 5, 150 00, Czech Republic.

Disclosure

I may disclose your personal information if I are required by law to do so or if you violate my Terms of Service.

How long will we store your data?

In case of purchasing products from our website, I collect data needed to process and complete this purchase and only for the period required for that. After completing your data are actively erased.

In case of subscribing to my newsletter and giving me consent, I would like to send you updates and information about the products and services of ours and other companies which may be of interest to you. You have a right at any time to stop me from contacting you for marketing purposes or giving your information to other parties. If you no longer wish to be contacted for marketing purposes please send email to shop@milansodoma.com or unsubscribe.

Security

Your privacy protection is important for me. I take reasonable precautions to make sure your personal data are safely stored and protected from being lost, misused, accessed, disclosed, altered or destroyed.

If you provide me with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.

What are your rights?

I would like to inform you, that in case, I collect your data, you have following rights:

1) Right to information

This right provides you with the ability to ask me for information about what personal data is being processed and the rationale for such processing. For example, a customer may ask for the list of processors with whom his or her personal data is shared.

2) Right to access

This right provides you with the ability to get access to your personal data that is being processed. This request provides the right for you to see or view their own personal data, as well as to request copies of the personal data.

3) Right to rectification

This right provides you with the ability to ask for modifications to his or her personal data in case you believe that your personal data is not up to date or accurate.

4) Right to withdraw consent

This right provides you with the ability to withdraw a previously given consent for processing of your personal data for a purpose. The request would then require the company to stop the processing of your personal data that was based on the consent provided earlier.

5) Right to object

This right provides you with the ability to object to the processing of their personal data. Normally, this would be the same as the right to withdraw consent, if consent was appropriately requested and no processing other than legitimate purposes is being conducted. However, a specific scenario would be when a customer asks that his or her personal data should not be processed for certain purposes while a legal dispute is ongoing in court.

6) Right to object to the automated processing

This right provides you with the ability to object to a decision based on the automated processing. Using this right, a customer may ask for his or her request (for instance, a loan request) to be reviewed manually, because he or she believes that automated processing of his or her loan may not consider the unique situation of the customer.

7) Right to be forgotten

Also known as right to erasure, this right provides you with the ability to ask for the deletion of their data. This will generally apply to situations where a customer relationship has ended. It is important to note that this is not an absolute right, and depends on your retention schedule and retention period in line with other applicable laws.

8) Right for data portability

This right provides you with the ability to ask for transfer of his or her personal data. As part of such request, the customer may ask for his or her personal data to be provided back (to him or her) or transferred to another controller. When doing so, the personal data must be provided or transferred in a machine-readable electronic format.

Who can make a rights request and how?

A rights request can be made by an individual or an individual’s legal representative. Such an individual could be a customer, an employee, or personnel of a supplier working for the company. Also, such a request should usually be made in writing.

Changes to my privacy policy

I reserve the right to make changes to this policy at any time and to the extent necessary to meet current legislative or technical requirements. I reserve the right to rectify disruptions in service.