FREE SHIPPING FROM 80 € TO CZECHIA, GERMANY, HUNGARY, POLAND & SLOVAKIA.
PRIVACY POLICY
I.
BASIC PROVISIONS
1. The controller of personal data within the meaning of Article 4(7) of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter the “GDPR”) is Pigmentarium Pragensis s.r.o., Company ID: 07105231, VAT ID: CZ07105231, with its registered office at Rybná 716/24, 110 00 Prague 1 (hereinafter the “Controller”).
2. The Controller’s contact details are:
address: Rybná 716/24, 110 00 Prague 1, Czech Republic
email: info@pigmentarium.com
phone: +420 604 236 122
3. Personal data means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
4. The Controller has not appointed a Data Protection Officer.
II.
SOURCES AND CATEGORIES OF PROCESSED PERSONAL DATA
1. The Controller processes personal data that you have provided to us or personal data that the Controller has obtained in connection with the fulfilment of your order.
2. The Controller processes your identification and contact details, as well as data necessary for the performance of the contract.
III.
LEGAL BASIS AND PURPOSE OF PERSONAL DATA PROCESSING
1. The legal basis for the processing of personal data is:
— the performance of a contract between you and the Controller pursuant to Article 6(1)(b) GDPR,
— the legitimate interest of the Controller in providing direct marketing (in particular for sending commercial communications and newsletters) pursuant to Article 6(1)(f) GDPR,
— your consent to the processing for the purposes of direct marketing (in particular for sending commercial communications and newsletters) pursuant to Article 6(1)(a) GDPR in conjunction with Section 7(2) of Act No. 480/2004 Coll., on Certain Information Society Services, in cases where no order for goods or services has been placed.
2. The purpose of processing personal data is:
— to process your order and exercise the rights and obligations arising from the contractual relationship between you and the Controller; when placing an order, the personal data required for successful fulfilment of the order (name, address, contact details) are necessary. The provision of personal data is a necessary requirement for the conclusion and performance of the contract. Without providing personal data, it is not possible to conclude or perform the contract by the Controller,
— to send commercial communications and to carry out other marketing activities.
3. The Controller does not carry out automated individual decision-making within the meaning of Article 22 GDPR. Such processing would only take place based on your explicit consent.
IV.
DATA RETENTION PERIOD
1. The Controller retains personal data for the period necessary to exercise the rights and obligations arising from the contractual relationship between you and the Controller and to assert any claims arising from such contractual relationships
2. Retention periods may also be determined by legal regulations (e.g. accounting documents must be kept for 5 or 10 years in accordance with the law).
3. After the expiry of the retention period, the Controller will delete the personal data.
V.
RECIPIENTS OF PERSONAL DATA (CONTROLLER'S SUBCONTRACTORS)
1. Recipients of personal data may include:
— providers of web hosting and IT services,
— providers of payment gateways and banking institutions,
— transport and logistics companies,
— persons involved in the delivery of goods/services or the execution of payments under a contract,
— persons involved in ensuring the operation of services,
— providers of marketing services.
2. The Controller does not intend to transfer personal data to a third country (outside the EU) or to an international organization. However, recipients of personal data in third countries may include, for example, providers of mailing or cloud services.
VI.
YOUR RIGHTS
1. Under the conditions set out in the GDPR, you have the right to:
— access your personal data pursuant to Article 15 GDPR,
— rectification of personal data pursuant to Article 16 GDPR, or restriction of processing pursuant to Article 18 GDPR,
— erasure of personal data pursuant to Article 17 GDPR,
— object to processing pursuant to Article 21 GDPR,
— data portability pursuant to Article 20 GDPR,
— withdraw your consent to processing at any time, in writing or electronically, by sending a request to the Controller’s address or email as specified in Article III of these Terms.
2. You also have the right to lodge a complaint with the Office for Personal Data Protection if you believe that your right to the protection of personal data has been violated.
VII.
CONDITIONS OF PERSONAL DATA SECURITY
1. The Controller declares that it has adopted all appropriate technical and organizational measures to secure personal data.
2. The Controller has implemented technical measures to protect data storage systems and repositories of personal data in paper form, in particular the use of antivirus programs, password protection, and similar safeguards.
3. The Controller declares that access to personal data is granted only to persons authorized by the Controller.
VIII.
FINAL PROVISIONS
1. By submitting an order via the online order form, you confirm that you have read these Privacy Policy Terms and that you accept them in their entirety.
2. You agree to these Terms by ticking the consent box in the online form. By doing so, you confirm that you have read these Privacy Policy Terms and that you accept them in their entirety.
3. The Controller reserves the right to amend these Terms. A new version of the Privacy Policy will be published on the Controller’s website, or sent to your email address provided to the Controller.
IX.
COOKIES
1. The online store uses cookies. Cookies are small text files stored in your browser that help ensure the proper functioning of the website, measure traffic, and improve user experience.
2. Types of cookies used:
— Technical (necessary) – ensure the basic functionality of the website and the shopping process; they cannot be disabled.
— Analytical – allow measurement of website traffic and performance.
— Marketing – enable personalization of content and advertising.
3. Upon the first visit to the online store, the user can choose which types of cookies to allow. The settings can be changed at any time via the cookie banner or the browser settings.
These Terms shall take effect on 1 September 2025.
