Personal Information PolicyValid from 18th July 2019.
Personal Information ControllerIdentity of the Personal Information Controller: Michael P. Thiele, Luzna 2, 160 00 Praha 6, Czechia
Contact details: [email protected]
Legal Basis for Personal Information processingWe process your personal information because it is necessary:
- For the performance of a contract to which you are the party
- In order to take steps at your request prior to entering into a contract
- For compliance with a legal obligation to which the controller is subject
- For our ability to respond to you in the case the shipment does not get delivered to you by the local post office in your destination (for whatever reason) and the post returns it to us. As this procedure can take several months, we need to keep your data for some time to be able to respond to you and seek your decision about the returned shipment.
Purpose of Personal Information processingWe process your personal information solely for the purpose of fulfilling your order and resolution of probable disputes and returns. We do not use it for any marketing purposes.
When you proceed to checkout and fill in the checkout form but do not complete your order, we process:
- Your name, address, email, phone, IP address and browsing history
- We erase the information after 15 days
When you complete the order, we process:
- Your name, address, email, phone, IP address and browsing history
- We erase the information from our electronic storages after six full months following the month in which you placed your order
Process of Personal Information processing- When you proceed to checkout and fill in the checkout form, we store the personal information in our website database hosted by Infomart 2000 in the United States for 15 days for unfinished orders or for six full months following the month in which you placed your order.
- If you select payment processed by PayPal, we forward your name, address, email and phone to PayPal so that you do not have to type them to their payment gateway again. Processing of your personal information by PayPal is subject to your separate agreement with PayPal. Once you complete your payment through PayPal, we receive confirmation email to our internal mailbox hosted by Google, containing your name, address, email and phone. We erase this email the day after we send your order to you. Your name, address, email and phone remains stored in the PayPal database and made accessible to us for 36 complete months after your payment has been done. Then it gets erased by PayPal.
- If you select wire transfer payment, we receive your Payor details in the account statement from our bank where it remains stored and accessible to us. We print it and store in hardcopy in our archive for 10 full years. Then we destroy it and erase it from bank statement list.
- Once you complete your order, we receive confirmation email containing your name, address, email and phone to our internal mailbox hosted by Google. We erase it from there the day after we send the order to you.
- For orders below 10.000 CZK (approx. 400€): We print your name and address on your receipt which we put into the shipment box. We store anonymized copy of the receipt on local harddisk in our office and as a hardcopy in our archive for 10 full years. Then we erase and destroy it.
- For orders exceeding 10.000 CZK (approx. 400€): We print your name and address on invoice which we send to you and keep it stored on local harddisk in our office and as a hardcopy in our archive for 10 full years. Then we erase and destroy it. We handover tax documents including invoices to local accounting firm 158 s.r.o. which elaborates the personal information on our behalf for the purpose of our compliance with local legal obligations each month. They return the tax documents to us after closure of the fiscal year each next March.
- For Priority Parcel and door-to-door shipping services: your name and address is processed by the Czech Post or the selected shipping carrier for the purpose of fulfilment of your order and pursuant to their personal information policies.
Access to personal information is limited to:
- the store owner who is the personal information controller at the same time
- in the case of invoices above 10.000 CZK: to the accounting firm we use for elaborating of our tax evidence
- in the case of Priority Parcel and door-to-door shipping services: to the Czech Post or the selected shipping carrier
We utilize Google Analytics and Google webmaster Tools which collect anonymized browsing data from our website.
Storage of Personal Information
Where we store your personal information and how is it secured:
- in the database of our website, hosted by Infomart 2000, 6691 Nob Hill Road, Tamarac, FL33321, USA. Infomart 2000 is compliant to the EU-US Privacy Shield. The store platform is PCI compliant. Personal information is stored in the United States. Access to the personal information is restricted to the store owner and protected by name/password authentication. Data entered into website checkout form is encrypted using dedicated SSL.
- in our internal mailboxes hosted by Google (for order confirmation messages) and by Google (for PayPal payment confirmation messages). Access to the data is restricted to the store owner and protected by name/password authentication.
- on harddisk inside personal computer in our office in Prague, Czechia. Access to the data is restricted to the store owner and protected by name/password authentication.
- printed on invoices over 10.000 CZK, stored in archive in our office in Luzna 2, Praha 6, 16000 Czechia and temporarily in the office of our accounting firm 158 s.r.o., Pocernicka 509, Praha 10, 10800 Czechia.
Your rights related to Personal Information processing
You have the following rights. You can execute them by emailing a request to [email protected] We will process the requests within 24 hours.
- Right to be forgotten:
You may request us to delete your data from our order database and associated mailboxes, to cancel your account or to cancel your subscription to our newsletter.
- Right to object:
You may opt out of our websites emails and mailing list.
- Right to rectification:
You may request us to update your subscriber/contact data in our store and mailing lists.
- Right of access:
- Right of portability:
You may request us to export any of your personal data.
Backup for Future Use
If you give us explicit permission by ticking the appropriate checkbox in the checkout form, we may notify you of current promotions, specials and new additions to the Prague Souvenirs site. You may unsubscribe from our newsletters by following the unsubscribe instructions in any email you receive from us.