PRIVACY POLICY

I. BASIC PROVISIONS

  1. Personal Data Manager, according to Article 4 Section 7 of the regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as: „GDPR”) is Matěj Bystroň identification number 76259773 headquartered 583 01, Sloupno 28, Czech Republic (hereinafter referred to as: „Data Manager“).
  2. Contact information of the Data Manager:

Address: Sloupno 28, 583 01, Czech Republic

Email: info@norvely.com

Phone number: (+420) 792 35 33 10

  1. Personal information is all information about an identified or identifiable natural person; identifiable natural person is a natural person that can be identified directly or indirectly, in particular by reference to a particular identifier such as name, identification number, location data, network identifier or one or more specific factors, physiological, genetic, mental, economic, cultural or social.
  2. The Data Manager has not appointed a privacy officer.

 

II. SOURCES AND CATEGORIES OF PROCESSED PERSONAL DATA

  1. The Data Manager handles the personal data you have provided to him or the personal data that the Data Manager has received while processing your order.
  2. The Data Manager handles your identification and contact details and the data necessary for the fulfillment of the contract.

 

III. LEGAL MASON AND PURPOSE OF PERSONAL DATA PROCESSING

  1. The legal reason for the processing of personal data is:
  • fulfillment of the contract between you and the Data Manager under Article 6 Section 1 Point b) of the GDPR,
  • the Data Manager’s legitimate interest in providing direct marketing (for sending business announcements and newsletters) according to Article 6 Section 1 Point f) of the GDPR,
  • Your consent to processing for the purpose of providing direct marketing (for sending business announcements and newsletters) according to Article 6 Section 1 Point a) of the GDPR in connection with § 7 Section 2 of the Law n. 480/2004 of the Statute, about certain information society services in the absence of an order for goods or services.
  1. The purpose of processing personal data is:
  • processing your order and performing the rights and obligations arising from the contractual relationship between you and the Data Manager; personal information is required to successfully process the order (name and address, contact). The provision of personal data is a necessary requirement for the conclusion and fulfillment of the contract, without the provision of personal data it is not possible to conclude the contract or fulfill it by the Data Manager,
  • sending business messages and doing other marketing activities.
  1. There is not automatic individual decision making within the meaning of Article 22 of the GDPR. You have given your explicit consent to such processing.

 

IV. PERIOD OF DATA STORAGE

  1. The Data Manager keeps personal data:
  • for the period necessary to exercise the rights and obligations arising from the contractual relationship between you and the Data Manager and the claims arising from these contractual relationships (for a period of 15 years from the termination of the contractual relationship).
  • until the consent to the processing of personal data for marketing purposes is revoked, at the longest for 15 years, if the personal data is processed by consent.
  1. After the retention period of the personal data passes, the Data Manager will delete the personal data.

 

V. RECIPIENTS OF PERSONAL DATA (SUBCONTRACTORS OF THE DATA MANAGER)

  1. The recipients of personal data are individuals:
  • contributing to the delivery of goods / services / execution of payments under the contract,
  • providing e-shop services and other services related to the operation of the e-shop,
  • providing marketing services.
  1. The Data Manager does not intend to provide personal data to a third country (outside the EU) or an international organization. Third-party recipients of personal data are cloud services providers.
  2. Provided services providing marketing and support services:
  • Česká pošta - a provider of parcel delivery services
  • Zásilkovna - a provider of parcel delivery services
  • DPD - a provider of parcel delivery services
  • GLS - a provider of parcel delivery services
  • PayU - the payment system operator
  • PayPal - the payment system operator
  • Facebook - logs cookies, use site, buy conversion
  • Google analytics - logs cookies, use site, buy conversion
  • Google Adwords - logs cookies and web usage
  • Google purchases - Review request, logs email if you agree in the order process
  • Zboží.cz - records purchase conversions and email
  • Sklik - logs cookies, use site, buy conversion

 

VI. YOUR RIGHTS

  1. Under the terms of the GDPR you have:
  • the right of access to your personal data according to Article 15 of the GDPR,
  • the right to correct personal data according to Article 16 of the GDPR, or limitation of processing according to Article 18 of the GDPR.
  • the right to delete personal data according to Article 17 of the GDPR.
  • the right to object to the processing of your personal data according to Article 21 of the GDPR,
  • the right to data transferability according to Article 20 of the GDPR,
  • the right to withdraw consent to processing in writing or electronically to the address or email of the Data Manager referred to in Article III of these conditions.
  1. You also have the right to file a complaint for the Office For Personal Data Protection in case you believe that your privacy has been violated.

 

VII. PERSONAL DATA PROTECTION CONDITIONS

  1. The Data Manager claims to have taken all technical and organizational measures to secure personal data.
  2. The Data Manager has taken technical measures to secure data repositories and personal data repositories in written form.
  3. The Data Manager declares that personal data can only be accessed by authorized persons.

 

VIII. Do we use cookies?

  • Like most sites on the Internet, we also use so-called cookies. Learn more on a separate page.
  • Our site uses Google remarketing to reach people who have visited our site in the past with targeted advertising. Third-party vendors (including Google) may display our ads on various sites on the Internet. You can disable this feature from Google at www.google.com/settings/ads. Our site also uses Facebook remarketing.
  • Our website uses retargeting technology from Sklik service operated by Seznam.cz, a.s. This allows us to show our visitors, who have already shown interest in our products, our ads on the Seznam.cz, a.s. You can unsubscribe from this site from ad targeting.
  • If you want to influence which information is collected about you or. to opt out of some systems, you can do so on this site:
  • Google
  • Facebook

 

XI. FINAL PROVISIONS

  1. By submitting an order from the online order form, you acknowledge that you are aware of the privacy policy and that you accept it in its entirety.
  2. You agree with these terms by ticking the consent via the online form. By confirming your consent, you acknowledge that you are aware of the privacy policy and that you accept it in its entirety.
  3. The Data Manager is authorized to change these conditions. A new version of the privacy policy will be published on the Data Manager’s website and at the same time, the Data Manager will send you a new version of these terms to your e-mail address that you have provided to the manager.

 

These terms come into effect on 2.2.2023.