Privacy Protection Rules

Disclaimer: This translation of Privacy Protection Rules is only informal. In case of a legal dispute, the Czech version is binding.

The operator of e-shop Mgr. Karel Bartoš, internet address CIN 10989617 headquarters Návrší 728, Hranice, 351 24  is processing personal data provided by the buyer to conform to and affirm Terms and Conditions to process electronic order, delivery realization, payment accounting, and necessary communication between parties to the contract for the duration as specified by law.

Basic principles

1. The controller of personal data in accordance with chapter 4 paragraph 7 of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)(further referred to as "GDPR") is Mgr. Karel Bartoš IČO 10989617 headquarters Návrší (hereinafter referred to as "controller");

2. Contact data of the controller are: e-mail:, tel.:  +420 774 521 162;

3. Personal data in this context means any information relating to an identified or identifiable natural person performing a purchase on the webshop (hereinafter referred to as "purchaser"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Sources of Processed Personal Data

1. The controller processes personal data provided to them with consent by the buyer, which was acquired based on fulfilling the purchasing contract, and during the processing of electronic orders in the webshop.

2. The controller processes only identification and contact data that are necessary for the fulfillment of purchasing contract;

3. The controller processes personal data for the purpose of delivery, billing, and for the necessary communication between the contract parties for the time defined by law. Personal data will not be publicized and will not be transferred to other countries.

Purpose of Personal Data Processing

The controller processes buyer's personal data for the following purposes:

1. For the purpose of registering a user account don't eh web page;

2. For the purpose of processing buyers' electronic order (name, address, e-mail, phone number);

3. For the purpose of compliance with obligations and duties resulting from the purchasing contract between the buyer and the controller;

4. Consenting for use of personal data is a requirement for concluding purchasing contract. Without personal data concluding the purchasing contract is not possible.

Time for Personal Data Retention

1. The controller retains the personal data for the time necessary for compliance with obligations and duties resulting from the purchasing contract between the buyer and the controller and for 3 years after its conclusion;

2. After the time for personal data retention has passed, the controller is obligated to delete them.

Recipients and Processors of Personal Data

Third parties receiving the buyers' personal data are the controllers' suppliers. The services provided by these suppliers are inextricably connected with successfully concluding the purchasing contract and the electronic order between the controller and the buyer.

The controllers' suppliers are:

  • Webnode AG (web shop system);
  • Česká pošta, s.p. (delivery);
  • Google Analytics (web page analytics);

Buyers' Rights

In accordance with the law, the buyer has the right to:

1. Acces their personal data;

2. Correct their personal data;

3. Delete their personal data;

4. Object to the processing;

5. Transfer the data;

6. Withdraw the consent with personal data protection either in writing or on e-mail address:;

7. To deliver a complaint to The Office for Personal Data Protection if they suspect that their rights for personal data protection were infringed upon.

Securing of Personal Data

1. The controller declares that they have adopted all suitable technical and organizational measures necessary for securing the buyers' personal data;

2. The controller has adopted technical measures to secure the media storing the personal data, especially securing access to the computer with a password, usage of antivirus software, and regular PC maintenance.

Final Provisions

1. By submitting an electronic order on the web page the buyer confirms that they were informed about privacy protection rules and that they accept them in full;

2. The buyer consents to these rules by checking a box in the order;

3. The controller can change these rules at any time. The controller is obligated to publicize the new version on their web page.

These rules come into effect on January 12. 2022.