Privacy Policy
I. Basic Provisions
The Personal Data Administrator under Article 4, Section (7) of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter “GDPR”) is Marek Le Xuan, Holzova 1817 / 2a, 628 00 Brno, Czech Republic, Business Registration ID: 03293319, a natural person acting in accordance with the Trades Licensing Act registered in the Trade Register of the Czech Republic on August 13, 2014 (hereinafter referred to as “Administrator”, “we”, “us”, or “our”).
Contact details of the Administrator are:
- address: Holzova 1817 / 2a, 62800 Brno, Czech Republic
- email address: info@mareklexuan.com
Personal data and information means any information about an identified or identifiable natural person; an identifiable natural person is a natural person that can be identified directly or indirectly, in particular by reference to a particular identifier such as name, identification number, location data, network identifier or one or more specific physical, physiological, genetic, psychological, economic, the social identity of this natural person.
The Administrator is the owner and operator of the website, published on domain “mareklexuan.com”, including all its subdomains and web pages (hereinafter referred to as “Website”).
The Administrator did not appoint a Data Protection Officer.
II. Sources And Category Of Processed Personal Data
The Administrator handles the personal data you have provided to him or the personal data that the Administrator has received as a result of:
- submitting an Order (Purchase Agreement): Your name, email address, phone number, billing and shipping information.
- registering to an Email Newsletter: Your name and email address.
- registering to the Waiting List: Your name and email address.
- submitting a Question: Your name, email address, and question.
- contacting the Administrator: Your name, email address, and message.
- answering a Questionnaire or Survey: Your name, email address, and answers.
- setting a consent to store cookies (including rejection): Your IP address.
The Administrator handles your identification and contact information to deliver you requested information (email newsletter).
The Administrator handles your identification and contact information and data necessary to provide you with requested information, when you contacted the Administrator and submitted a question.
The Administrator handles your identification and contact information and data necessary for the performance of the Purchase Agreement.
III. Legitimate Reason And Purpose Of Personal Data Processing
The legitimate reason for the processing of personal data is:
- fulfilment of the Purchase Agreement between you and the Administrator under Article 6, Section (1), Sub-section (b) of GDPR,
- the legitimate interest of the Administrator in providing direct marketing (in particular for sending marketing communication and newsletters) under Article 6, Section (1), Sub-Section (f) of GDPR.
- Your consent to processing for the purpose of providing direct marketing (in particular for direct communication, sending marketing communication and email newsletters) under Article 6, Section (1), Sub-section (a) of GDPR in conjunction with Article 7, Section (2) of Act No. 480/2004 Coll., on certain services of an information company in the event of non-order of goods or services.
The purpose of processing personal data is:
- fulfilling your order and exercising the rights and obligations arising from the contractual relationship between you and the Administrator; as part of the order personal data needed for successful fulfilment of the order (personal name, address, contact) are requested, the provision of personal data is a necessary requirement for the conclusion and fulfilment of the Purchase Agreement, without the provision of personal data it is not possible to conclude the Purchase Agreement or to fulfil it by the Administrator,
- sending marketing communication and delivering of other marketing activities,
- sending email newsletters,
- direct email communication based on your request.
From the side of the Administrator there is no automatic individual decision-making within the meaning of Article 22 of the GDPR.
The Administrator is profiling within the meaning of Article 4, Section (4) of the GDPR.
IV. Period Of Storage Of Data
The Administrator keeps personal data:
- for the period necessary to exercise the rights and obligations arising out of the contractual relationship between you and the Administrator, the enforcement of the claims under these contractual relationships and for a period required by the law (for a period of 10 years from the termination of the contractual relationship).
- until consent to the processing of personal data for marketing purposes is revoked, for a maximum of 15 years if personal data are processed with consent.
The Administrator will erase all personal information without any unnecessary delays within one year after the end of the retention period.
V. Recipients Of Personal Data (Data Processors and Sub-Processors)
The Administrator intends to pass personal data to third parties to assist the Administrator with processing Your personal data. These third parties are in a contractual agreement with the Administrator in which they are prohibited from utilizing, sharing or retaining Your personal data for any purpose other than dictated by the Administrator.
The recipients of personal data are parties:
- participating in the fulfilment of a Purchase Agreement;
- providing online store operating services and other services related to the operation of an online store;
- providing website hosting, data storing and processing, security, and other IT services;
- providing sales, marketing, accounting, operational and administrative services.
The Administrator intends to pass personal data to countries outside of the European Economic Area (“EEA”). Such transfers are conducted to the countries recognised as countries providing adequate protection according to the adequacy decisions adopted by the European Commission or protected by the data transfer agreement based on existing standard contractual clauses adopted by the European Commission. Overview of the countries of our data processors can be found below.
Processors
Processors are third parties processing Your personal data on our behalf.
| Entity | Service/Activity | Country | Privacy |
|---|---|---|---|
| Backblaze, Inc. | Data backup service Backblaze | USA | Privacy Notice |
| Celonis, Inc. | Process automation platform Make | USA | Privacy Notice |
| Cloudways Ltd. | Website hosting | Malta | Privacy Policy |
| CookieYes Limited | Cookie consent management service CookieYes | United Kingdom | Privacy Policy |
| GitHub Inc. | Data storage and processing platform GitHub | USA | Privacy Statement |
| Google Ireland Ltd. | Communication and CRM service Google Workspace, Analytics and reporting service Google Analytics | Ireland | Privacy Policy |
| Fio banka, a.s. | Payment processor | Czech Republic | Informační memorandum o zpracování osobních údajů |
| Microsoft Ireland Operations, Ltd. | Analytics and reporting service Microsoft Clarity | Ireland | Privacy Statement |
| Notion Labs, Inc. | Productivity tool Notion | USA | Privacy Policy |
| Toggl OÜ | Time tracking service Toggl Track | Estonia | Privacy Policy |
| Zoho Corporation B.V. | Communication service Zoho Mail | Netherlands | Privacy Policy |
VI. Third Party Websites
This Website contains links to third party websites. This Privacy Policy does not cover or control privacy policies of such websites. Please review the privacy policies of such websites before providing your personal information.
VII. Your Rights
Under the conditions defined in the GDPR you have:
- the right of access to your personal data under Article 15 of the GDPR,
- the right to correct personal data under Article 16 of the GDPR, or the restriction of processing under Article 18 of the GDPR,
- the right to delete personal data under Article 17 of the GDPR,
- the right to object the processing under Article 21 of the GDPR,
- the right to data portability under Article 20 of the GDPR,
- the right to withdraw consent to processing,
in writing or electronically to the address or email address of the Administrator referred to in Article I of this Policy. The Administrator will respond to your request within 30 days.
In situations where processing of personal information is required by law, your request to delete personal data or your withdrawal of consent to processing personal data will not be fulfilled and your personal data will not be deleted. In case this situation occurs, the Administrator will inform you about a reason why your personal data cannot be deleted.
You also have the right to file a complaint with the Office for Personal Data Protection (data protection authority for Czech Republic) if you believe that your privacy has been violated.
VIII. Conditions Of Personal Data Security
The Administrator declares that he has taken all appropriate technical and organizational measures to safeguard personal data.
The Administrator has taken technical measures to secure data warehouses and personal data repositories in paper form, especially password-protected access, antivirus, firewall, encryption, backups, lockable spaces.
The Administrator declares that personal data can only be accessed by authorized persons.
IX. Cookies
On this Website, the Administrator uses cookie files, to improve the performance of the Website, evaluate the traffic, and optimize marketing activities. The legal basis for the processing of personal data when using cookies is Article 6, Section (1), Sub-section (f) of the GDPR.
A cookie is a small text file created by visiting each website and stored in your browser. It is used as a standard tool for storing information about how our sites are used. It allows us to record your visit information, so we can distinguish individual users from each other and adapt content to specific preferences, such as language, currency, country, and other settings.
Cookies allow us to analyse user behaviour on a page (for example page counts, length of stay, entry to webpages and exit from webpages, use of website features, search words) using Google Analytics, and this information is used as a source of information for optimizing websites and their content. Analytical information is maintained by Google Inc., Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”), which anonymizes the information and this information cannot be assigned to a particular user. You can easily control Google Analytics analytics processing from your side if you use an add-on program from Google (can only be run from your computer).
This Website allows third-party cookies to be stored in your browser. The ability to store third-party cookies is only permitted or at the request of the Administrator of this Website.
You can change your cookie preferences for this Website any time by clicking the following link - COOKIE SETTINGS. It will let you revisit the cookie consent banner and change your preferences or withdraw your consent completely (excluding necessary cookies).
You can browse our Website in the Incognito mode. Saving cookies can be also restricted or disabled directly in your browser. Restrictions of the cookies may limit the functioning and use of the Website and its functions. The Administrator is not responsible for any problems caused by the restriction of cookies.
More information on how to clear, restrict or disable cookies in various browsers, can be found using links below. For other browsers, please refer to the browser’s support. Please note that this setting had to be done in each browser on all devices separately.
A list of all cookies used on this Website:
Necessary
Necessary cookies are crucial for the basic functions of the website and the website will not work in its intended way without them.
| Cookie | Type | Duration | Description |
|---|---|---|---|
| cky-active-check | https | 1 day | CookieYes sets this cookie to check if the consent banner is active on the website. |
| cookieyesID | https | 1 year | CookieYes sets this cookie as a unique identifier for visitors according to their consent. |
| cky-consent | https | 1 year | The cookie is set by CookieYes to remember the user’s consent settings so that the website recognizes the users the next time they visit. |
| cookieyes-necessary | https | 1 year | CookieYes sets this cookie to remember the consent of users for the use of cookies in the ‘Necessary’ category. |
| cookieyes-functional | https | 1 year | CookieYes sets this cookie to remember the consent of users for the use of cookies in the ‘Functional’ category. |
| cookieyes-analytics | https | 1 year | CookieYes sets this cookie to remember the consent of users for the use of cookies in the ‘Analytics’ category. |
| cookieyes-performance | https | 1 year | CookieYes sets this cookie to remember the consent of users for the use of cookies in the ‘Performance’ category. |
| cookieyes-advertisement | https | 1 year | CookieYes sets this cookie to remember the consent of users for the use of cookies in the ‘Advertisement’ category. |
| cky-action | https | 1 year | This cookie is set by CookieYes and is used to remember the action taken by the user. |
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
| Cookie | Type | Duration | Description |
|---|---|---|---|
| _ga_07VZ3P2VRW | https | 2 years | This cookie is installed by Google Analytics. |
| _ga | https | 2 years | The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site’s analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors. |
| CLID | https | 1 years | Set by Microsoft Clarity. Identifies the first-time Clarity saw this user on any site using Clarity. |
| SM | https | session | Used in synchronizing the MUID across Microsoft domains. |
| _clck | https | 1 years | Set by Microsoft Clarity. Persists the Clarity User ID and preferences, unique to that site, on the browser. |
| _clsk | https | 1 day | Set by Microsoft Clarity. Connects multiple page views by a user into a single Clarity session recording. |
Advertisement
Advertisement cookies are used to deliver visitors with customized advertisements based on the pages they visited before and analyze the effectiveness of the ad campaign.
| Cookie | Type | Duration | Description |
|---|---|---|---|
| MUID | https | 1 year 24 days | Bing sets this cookie to recognize unique web browsers visiting Microsoft sites. This cookie is used for advertising, site analytics, and other operations. |
| ANONCHK | https | 10 minutes | The ANONCHK cookie, set by Bing, is used to store a user’s session ID and also verify the clicks from ads on the Bing search engine. The cookie helps in reporting and personalization as well. |
| SRM_B | https | 1 year 24 days | Used by Microsoft Advertising as a unique ID for visitors. |
| MR | https | Session | Indicates whether to refresh MUID. |
X. Final Provisions
By performing one of the following actions, you acknowledge that you are aware of the Privacy Policy and that you accept it in its entirety:
- sending an order from the online order form,
- confirming you consent (submitting form, registering to a newsletter),
- submitting a public comment,
- contacting us directly on one of Our email addresses.
The Administrator reserves the right to amend this Privacy Policy at any time by posting the updated version on this Website.
This Privacy Policy was published and is effective as of 27th of March, 2024 and abolishes the previous version of the Privacy Policy.