fbpx

FREE DELIVERY AND RETURNS within Slovakia and Czechia up to 14 days

All categories
All brands
All categories
All brands
All categories
All brands
All brands

Privacy Policy

INFORMATION IN CONNECTION WITH THE PROCESSING OF PERSONAL DATA WITH RESPECT TO THE OPERATION OF SOMstore
According to Art. 13 GDPR (hereinafter referred to as the “Regulation”)

Controller – Smart City s. r. o. (Ltd.), with its registered office at Mlynské Nivy 16, 821 09 Bratislava, Slovak Republic, Reg. No. (IČO): 47 243 091 (hereinafter referred to as the “Controller“) hereby provides the data subjects, visitors to the SOMstore online shop (hereinafter referred to as “SOMStore”) (hereinafter referred to as the “Data Subject“) with information on the processing of their personal data.


What personal data are processed?
The Controller may process (directly or through third parties – processors) the following information about the Data Subject:

  • a) In the case of a visit to SOMstore, the cookies necessary for the operation of SOMstore (more detailed information on the use of cookies can be found below in this document);
  • b) In the case of account registration, first name, surname, password, address of the permanent residence (place of business), telephone number, e-mail. Account registration is voluntary. The Data Subject may choose whether to register the account. If the Data Subject decides not to register an account, it will not be possible to deliver some additional SOMstore functionalities that are available to the Data Subjects with a registered account (change of order, etc.);
  • c) In the case of order execution and related order administration, first name, surname, delivery address, telephone number, e-mail, personal data, if any, provided in the order note by the Data Subject, payment data.


What is the purpose of the processing?
The purpose of the processing of personal data of the Data Subject is to:

  • a) Ensure the proper technical functioning and improvement of the technical aspect of SOMstore, user comfort in the use of SOMstore and the provision of customised promotions through third-party services;
  • b) Ensure the provision of additional SOMstore functionality and increase user comfort in the use of basic SOMstore functionalities;
  • c) Execute purchase contracts based on the data of the Data Subject and make related claims;
  • d) Eliminate defects and problems encountered by the Data Subject while using SOMstore.


What is the legal basis of the processing?
Právnym základom pre spracovanie Vašich osobných údajov získaných je:

The legal basis of the processing of your personal data obtained is:

  • a) Legitimate interests pursued by the Controller according  to Article 6 par. 1 f) of GDPR;
  • b) Performance of a contract according  to Article 6 par. 1 b) of GDPR;
  • c) Performance of a contract according  to Article 6 par. 1 b) of GDPR;
  • d) Performance of a contract according  to Article 6 par. 1 b) of GDPR.


Is there an automated decision-making or profiling process during the processing of personal data?
No automated profiling or automated individual decision-making occurs during the processing of the Data Subject’s personal data, which would have any legal effects on the Data Subject, or other effects that would similarly significantly affect the Data Subject.


To whom will personal data be provided?
Personal information of the Data Subject is strictly protected by the Controller. The Controller does not use the personal data of the Data Subject for any purpose other than the above-stated purposes. To ensure the attainment of such a purpose, the Controller may provide the personal data of the Data Subject only to a certified supplier of technologies used by the Controller, and only to the extent necessary to perform its contractual obligations in relation to the Controller and provided that the protection of personal data is ensured. 


How does the Controller handle the personal data of the Data Subject?Since the protection and care of the personal data of the Data Subject is important to the Controller, the Controller has taken and continuously ensures appropriate security measures to protect the personal data of the Data Subject is from any destruction, loss, unauthorized disclosure or other forms of unauthorized operation. These include the use of encryption technologies, logging, the adoption of pseudonymisation or anonymisation of data (if possible), as well as ensuring the continued confidentiality, integrity and resilience of processing systems and regular testing, assessment and evaluation of the effectiveness of technical and organizational measures to ensure data security for the data of the Data Subject.

Personal data of the Data Subject shall not be transferred by the Controller, either directly or through third parties, outside the territory of the European Union and the European Economic Area.


What is the period for which the personal data are processed?
The Controller processes the personal data of the Data Subject:

  • a) For a period of time necessarily required for attaining the purpose of the processing of personal data;
  • b) For a period of account registration and any claims in this regard;
  • c) For the duration of the contract and any claims or legal obligations in this regard;
  • d) For a period of time necessarily required for attaining the purpose of the processing of personal data.

The Controller may process the Personal Data of the Data Subject for a longer period than stated above only if it is necessary due to the performance of Controller‘s obligations arising from legal regulations, or if it follows from the decisions of public authorities, or it is necessary for the exercise of Controller‘s rights.


Cookies
For example, cookies are used to remember items added in the shopping cart in the e-shop. Cookies also enable the site to remember your preferences (e.g., language or login) and use them on your next visit. It is also possible to use cookies to collect statistics on user activity, such as the number of unique visitors to the site per month, which are very valuable for the Controller, or enable the provision of a better and more user-friendly service.

Depending on their duration, cookies can be divided into:

a) Temporary cookies (so-called session cookies), which are deleted from your computer when you close the browser;
b) Permanent cookies (so-called persistent cookies), which remain intact in your browser for a long time until they expire, or you remove them manually (the time of storing cookies in your browser depends on the cookie settings and your browser settings).

And depending on their functions, they can be divided into:

  • a) Essential cookies, which are necessary for the functionality of our website,
  • b) Performance cookies, which allow our website to remember information that changes, how the website behaves or looks (e.g., preferred language or region where you are), these cookies are not necessarily required for the functioning of our website but increase the functionality and practicality of its use,
  • c) Analytical cookies, which help us with the analysis of your experience on our website (so-called User Experience) and thanks to which we understand how you use our website,
  • d) Conversion cookies, for the analysis of the performance of individual sales channels,
  • e) Tracking cookies, which in combination with conversion cookies help us to measure the performance of sales channels.

We also use third-party cookies, on the basis of which several websites are monitored in order to provide you with personalized content and advertising on third-party websites and other sales channels.

We use conversion cookies on our website to measure the number of orders that were sent after a customer visited our website by clicking on an ad on our advertising partners’ websites or by linking to a link placed on those partners’ websites. We hereby perform an analysis of the performance of our individual sales channels, on the basis of which financial settlement is made between us and our advertising partners. It is not possible to identify you by means of conversion cookies, therefore it is not personal data. Our advertising partner will only receive information about the total number of users who clicked on the ad or placed an order with us.


What are the rights of the Data Subject during the processing of personal data?
The rights of the Data Subjectto his or her personal data are specified below. If the Data Subjectis interested in exercising any right or wishes to obtain more information about it, he or she may contact the Controller via the contact details below. The exact conditions for the exercise of individual rights are defined in Chapter III of the Regulation, and not all rights may be applicable in a particular situation.

In the event of the exercise of any right, the Controller may first request additional information in order to confirm the identity of the person who exercised the right.

Right of access to data
The Data Subject shall have the right to gain access to information on personal data concerning him or her that are being processed by the Controller. If the Data Subject has any questions regarding processing, he or she may contact the Controller at the contact details below.

Right to rectification
The Data Subject has the right to obtain from the Controller without undue delay the rectification of inaccurate personal data concerning him or her. The Data Subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

Right to erasure
The Data Subject shall have the right to obtain from the Controller the permanent erasure of personal data concerning him or her. The Data Subject may exercise this right, for example, if he or she considers that the personal data are no longer necessary in relation to the purposes for which they were collected or if the consent to the processing has been withdrawn.

Right to the restriction of processing operations
The Data Subject shall have the right to obtain from the Controller restriction of processing, for example, if the Controller no longer needs the personal data, but they are required by the Data Subject.

Right to personal data portability
The Data Subject shall have the right to receive the personal data concerning him or her in a structured, commonly used and machine-readable format and have right to have the personal data transmitted directly from the Controller to another controller, where technically feasible.

Right to lodge a complaint with the supervisory authority
If the Data Subject intends to lodge a complaint regarding the processing of his or her personal data by the Controller, the Data Subject may contact the Controller at any time or directly submit a formal complaint to the local supervisory authority. A list of local supervisory authorities can be found at https://edpb.europa.eu/about-edpb/board/members_en.


Contact details of the Controller and the data protection officer
In case of any questions concerning the processing of personal data by the Controller and in case of exercising any right of the Data Subject, it is possible to contact the Controller at the e-mail address: som@somstore.sk; telephone no.: +421 903 982 448.

The Controller has also designated a data protection officer in connection with the performance of its duties that can be contacted in case of any questions. The contact person of the Controller is Erika Wild, contact address Twin City C, Mlynské Nivy 16, 821 09 Bratislava, e-mail address: dataprivacy@hbreavis.com, telephone number: +421 918 723 243.

[1] Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)