FREE DELIVERY AND RETURNS within Slovakia and Czechia up to 14 days
INFORMATION IN CONNECTION WITH THE PROCESSING OF PERSONAL DATA WITH RESPECT TO THE OPERATION OF SOMstore
According to Art. 13 GDPR (hereinafter referred to as the “Regulation”)
Controller – Smart City s. r. o. (Ltd.), with its registered office at Mlynské Nivy 16, 821 09 Bratislava, Slovak Republic, Reg. No. (IČO): 47 243 091 (hereinafter referred to as the “Controller“) hereby provides the data subjects, visitors to the SOMstore online shop (hereinafter referred to as “SOMStore”) (hereinafter referred to as the “Data Subject“) with information on the processing of their personal data.
What personal data are processed?
The Controller may process (directly or through third parties – processors) the following information about the Data Subject:
What is the purpose of the processing?
The purpose of the processing of personal data of the Data Subject is to:
What is the legal basis of the processing?
Právnym základom pre spracovanie Vašich osobných údajov získaných je:
The legal basis of the processing of your personal data obtained is:
Is there an automated decision-making or profiling process during the processing of personal data?
No automated profiling or automated individual decision-making occurs during the processing of the Data Subject’s personal data, which would have any legal effects on the Data Subject, or other effects that would similarly significantly affect the Data Subject.
To whom will personal data be provided?
Personal information of the Data Subject is strictly protected by the Controller. The Controller does not use the personal data of the Data Subject for any purpose other than the above-stated purposes. To ensure the attainment of such a purpose, the Controller may provide the personal data of the Data Subject only to a certified supplier of technologies used by the Controller, and only to the extent necessary to perform its contractual obligations in relation to the Controller and provided that the protection of personal data is ensured.
How does the Controller handle the personal data of the Data Subject?Since the protection and care of the personal data of the Data Subject is important to the Controller, the Controller has taken and continuously ensures appropriate security measures to protect the personal data of the Data Subject is from any destruction, loss, unauthorized disclosure or other forms of unauthorized operation. These include the use of encryption technologies, logging, the adoption of pseudonymisation or anonymisation of data (if possible), as well as ensuring the continued confidentiality, integrity and resilience of processing systems and regular testing, assessment and evaluation of the effectiveness of technical and organizational measures to ensure data security for the data of the Data Subject.
Personal data of the Data Subject shall not be transferred by the Controller, either directly or through third parties, outside the territory of the European Union and the European Economic Area.
What is the period for which the personal data are processed?
The Controller processes the personal data of the Data Subject:
The Controller may process the Personal Data of the Data Subject for a longer period than stated above only if it is necessary due to the performance of Controller‘s obligations arising from legal regulations, or if it follows from the decisions of public authorities, or it is necessary for the exercise of Controller‘s rights.
Depending on their duration, cookies can be divided into:
a) Temporary cookies (so-called session cookies), which are deleted from your computer when you close the browser;
b) Permanent cookies (so-called persistent cookies), which remain intact in your browser for a long time until they expire, or you remove them manually (the time of storing cookies in your browser depends on the cookie settings and your browser settings).
And depending on their functions, they can be divided into:
We also use third-party cookies, on the basis of which several websites are monitored in order to provide you with personalized content and advertising on third-party websites and other sales channels.
We use conversion cookies on our website to measure the number of orders that were sent after a customer visited our website by clicking on an ad on our advertising partners’ websites or by linking to a link placed on those partners’ websites. We hereby perform an analysis of the performance of our individual sales channels, on the basis of which financial settlement is made between us and our advertising partners. It is not possible to identify you by means of conversion cookies, therefore it is not personal data. Our advertising partner will only receive information about the total number of users who clicked on the ad or placed an order with us.
What are the rights of the Data Subject during the processing of personal data?
The rights of the Data Subjectto his or her personal data are specified below. If the Data Subjectis interested in exercising any right or wishes to obtain more information about it, he or she may contact the Controller via the contact details below. The exact conditions for the exercise of individual rights are defined in Chapter III of the Regulation, and not all rights may be applicable in a particular situation.
In the event of the exercise of any right, the Controller may first request additional information in order to confirm the identity of the person who exercised the right.
Right of access to data
The Data Subject shall have the right to gain access to information on personal data concerning him or her that are being processed by the Controller. If the Data Subject has any questions regarding processing, he or she may contact the Controller at the contact details below.
Right to rectification
The Data Subject has the right to obtain from the Controller without undue delay the rectification of inaccurate personal data concerning him or her. The Data Subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
Right to erasure
The Data Subject shall have the right to obtain from the Controller the permanent erasure of personal data concerning him or her. The Data Subject may exercise this right, for example, if he or she considers that the personal data are no longer necessary in relation to the purposes for which they were collected or if the consent to the processing has been withdrawn.
Right to the restriction of processing operations
The Data Subject shall have the right to obtain from the Controller restriction of processing, for example, if the Controller no longer needs the personal data, but they are required by the Data Subject.
Right to personal data portability
The Data Subject shall have the right to receive the personal data concerning him or her in a structured, commonly used and machine-readable format and have right to have the personal data transmitted directly from the Controller to another controller, where technically feasible.
Right to lodge a complaint with the supervisory authority
If the Data Subject intends to lodge a complaint regarding the processing of his or her personal data by the Controller, the Data Subject may contact the Controller at any time or directly submit a formal complaint to the local supervisory authority. A list of local supervisory authorities can be found at https://edpb.europa.eu/about-edpb/board/members_en.
Contact details of the Controller and the data protection officer
In case of any questions concerning the processing of personal data by the Controller and in case of exercising any right of the Data Subject, it is possible to contact the Controller at the e-mail address: firstname.lastname@example.org; telephone no.: +421 903 982 448.
The Controller has also designated a data protection officer in connection with the performance of its duties that can be contacted in case of any questions. The contact person of the Controller is Erika Wild, contact address Twin City C, Mlynské Nivy 16, 821 09 Bratislava, e-mail address: email@example.com, telephone number: +421 918 723 243.
 Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)