EN
0

Personal Data Protection

The operator of the server Foulshop.com, the company FOUL s.r.o. (hereinafter only as the “Processor”), processes personal data of users of the mentioned website in compliance with the REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter only as the “GDPR”).

Unregistered user

1. Scope of processing

When purchasing goods or services offered by the Operator on the website foulshop.com, users may be invited to insert their personal data: first name, surname, e-mail address and phone number. These data and content serve as a mean to implement the relevant transaction between a user and the company FOUL s.r.o. The Operator expressly states that they do not collect and process any personal data, which would not be voluntarily provided to them by users themselves.

2. Purpose of processing

The purpose for which such data may be processed arises from the needs necessary to conclude and complete a contract, i.e. the sale of goods and services. In general, the mentioned personal data will be processed by the Operator for the purpose of the sale of services and products offered on the website foulshop.com.

All personal data provided by a user (i.e. a data subject) to the Operator will be stored and adequately protected against their misuse during the whole period of processing in compliance with relevant provisions of the REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL.

3. Period of processing

The period of personal data processing is during the duration of the statutory obligation to store accounting documents defined by Act No. 563/1991 Coll., on accounting.

4. Automated decision-making, including profiling

The Operator may collect and analyse information connected with use of the website foulshop.com by users. Such information may be obtained through “cookies”, small text files placed by the server to user’s hard drive. Every user is allowed to set their browser to not allow “cookies”.

Users’ personal data are processed automatically and manually and they may be made accessible to Operator’s workers and processors with whom the Operator concluded a personal data processing agreement, or other persons authorized according to the rules defined in the REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL. The Operator does not perform any profiling.

5. Legal basis of processing

Personal data of Data subjects are processed based on the needs necessary to conclude and complete a contract, i.e. the sale of goods and services. A Consent with personal data processing is not necessary for this processing.

6. Transfer to third persons

The Operator does not transfer users’ personal data to third persons, except for:
- The external accounting office with which the Operator has concluded a Personal data protection agreement,
- Affiliated entities (according to rules of the European law), i.e. enterprises which are co-/owned or co-/controlled by the company FOUL s.r.o, or by which the company FOUL s.r.o. is co-/owned or co-/controlled.

7. Transfers to third countries

The Operator of the portal foulshop.com does not transfer users’ personal data to third countries.

8. Buyer

The buyer acknowledges that they are obliged to indicate their correct and true personal data (in orders performed through the web interface of the e-shop), and that they shall inform the seller about any change of their personal data without undue delay.

9. User's rights

If a data subject requests the foulshop.com for information about processing of their personal data, the Operator shall provide this information without undue delay in compliance with the GDPR and follow provisions of Articles 16 – 22 of the REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL. Each data subject which discovers or believes that the Operator or a particular processor of personal data performs processing of their personal data in conflict with a protection of user’s (data subject’s) private and personal life or in conflict with the GDPR, especially when such personal data are inaccurate with respect to the purpose of their processing, they may request explanation from the Operator or a particular processor and ask the Operator or a processor to remedy such situation. Especially, this may be blocking, rectification, addition or disposal of personal data.

A user (data subject) shall be entitled to:

a) request the controller to obtain access to personal data (Article 15) related to the data subject, their rectification (Article 16) or erasure (Article 17), restriction of processing (Article 18), object to processing (Article 21), and also to data portability (Article 20);
b) not be a subject of any decision made solely on any automated decision-making, including profiling,
c) file a complaint with a supervisory body.