Protection of personal data

PRIVACY POLICY

www.janakuricova.com

 

The protection of the personal data you entrust to us is important to us and we do everything we can to make you feel safe with us. The purpose of these Terms of Personal Data Processing is to explain to you how your personal data, which you provide to us when using our website https://www.janakuricova.com (hereinafter referred to as the “Website”), will be processed and protected. At the same time, we would like to inform you about your rights in connection with the processing of your personal data.

These Terms inform you about the general rules for the processing of personal data when using the website and Social Media Accounts. Please note that the specific conditions for the processing of your personal data depend on the purpose of the personal data processing.

1. DEFINITIONS

1.1. Administrator or Ing. Jana Kuricová – Grösslingová 67 Bratislava – Old Town, 81109. Company ID: 54487129, VAT Number: 1086247294

1.2. Personal data – information about a natural person identified or identifiable by one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person, including device IP, location data, internet identifier and information collected through cookies and other similar technologies.

1.3. Policy – this Privacy Policy, which contains information about the processing of Personal Data on the Website.

1.4. GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

1.5. Website – websites managed by the Administrator on the domain www.janakuricova.com accessible via web browsers.

1.6. Store – online store https://www.janakuricova-vip.com/ available via the Website, through which Ing. Jana Kuricová sells goods remotely.

1.7. User – any natural person visiting the Website or using one or more services or functions described in the Policy.
1.8. Device – means an electronic device through which the User gains access to the Website.

2. GENERAL INFORMATION

2.1. In connection with your use of the Website, we collect data necessary to provide the services offered as well as information about your activity on the Website. In this regard, we are the controller of your personal data and we place great emphasis on their adequate protection. We ensure that our data processing processes comply with the relevant legal provisions, in particular the GDPR. Our goal is to enable you to obtain complete information about how we process your Personal Data and to provide you with tools that will allow you to exercise your rights. Below we provide information about how we process your Personal Data.

2.2. We process your personal data in accordance with the law and ensure that it is up-to-date and correct. We may therefore remind you from time to time to update it by sending a message to the e-mail address you have provided or by displaying a relevant message on the Website after logging into your account.

3. HOW CAN I CONTACT THE ADMINISTRATOR?

3.1. If you have any questions regarding how we process your personal data or want to exercise your rights, please write to us at the e-mail address: executive@janakuricova.com or at Grösslingová 67 Bratislava – Staré mesto, 81109.

4. HOW DO WE OBTAIN YOUR PERSONAL DATA?

4.1. We collect your Personal Data directly from you for the purpose of properly implementing our services and the smooth functioning of our Website. You provide us with your data primarily through dedicated forms, during purchases in our Store, by subscribing to our newsletter. We also collect your data when you use other services available on the Website, e.g. when you browse products offered in the Store.

5. IS THE PROVISION OF PERSONAL DATA OBLIGATORY?

5.1. It is up to you whether and what personal data you provide to us – it is not mandatory. However, please note that in some cases, the provision of Personal Data is necessary for the proper implementation of the services we offer or is a condition for the conclusion and performance of a contract, which is described in detail below.

6. HOW DO WE PROCESS YOUR PERSONAL DATA?
USING THE WEBSITE

6.1. If you use the Website and are not a registered User (i.e. you do not have an account on the Website), your Personal Data (including IP address or other identifiers and information collected through cookies or other similar technologies) that we process:

6.1.1. for the purpose of providing electronic services to the extent of providing you with content collected on the Website – in such a case, the legal basis for processing is the necessity of processing for the purpose of fulfilling the contract (Article 6(1)(b) GDPR);

6.1.2. for analytical and statistical purposes – in such a case, the legal basis for processing is the legitimate interest of the Administrator (Article 6(1)(f) GDPR), consisting in performing analyses of Users’ activity and their preferences in order to improve the functions used and the services provided;

6.1.3. for the purposes of possibly proving and enforcing claims or defending against claims – the legal basis for processing is the legitimate interest of the Administrator (Article 6(1)(f) GDPR), consisting in protecting its rights and business interests;

6.1.4. for marketing purposes of the Administrator and other entities, especially related to the presentation of behavioral advertising – the rules for processing Personal Data for marketing purposes are described in the MARKETING section.

6.2. Your activity on the Website, including your personal data, is recorded in system logs (a special computer program used to store a chronological overview containing information about events and activities related to the information system used to provide our services). The information collected in the logs is processed primarily for the purpose of providing services. We process them for technical, administrative purposes, for the need to ensure the security of the information system and system management, as well as for analytical and statistical purposes – in this regard, the legal basis for processing is the legitimate interest of the Administrator (Article 6(1)(f) GDPR).

ACCOUNT REGISTRATION AND OPERATION

6.3. Persons who register on the Website are asked to provide data necessary for the creation and operation of an account. In order to facilitate the operation, you may provide additional data, thereby expressing your consent to their processing. Such data can be deleted at any time. The provision of data marked as mandatory is necessary for the creation and operation of an account, and if you do not do so, the account will not be created. The provision of additional data is voluntary.
6.4. Your Personal Data is processed:

6.4.1. for the purpose of providing services related to the operation and maintenance of the account on the Website – the legal basis for processing is the necessity of processing for the purpose of fulfilling the contract (Article 6(1)(b) GDPR) and to the extent of optional data – the legal basis for processing is consent (Article 6(1)(a) GDPR);

6.4.2. for analytical and statistical purposes – the legal basis for processing is the legitimate interest of the Administrator (Article 6(1)(f) GDPR), consisting in performing analyses of Users’ activity on the Website and the manner of using the account, as well as Users’ preferences in order to improve the functions used;

6.4.3. for the purposes of possibly proving and enforcing claims or defending against claims – the legal basis for processing is the legitimate interest of the Administrator (Article 6(1)(f) GDPR), consisting in protecting its rights and business interests;

6.4.4. for marketing purposes of the Administrator and other entities – the rules for processing Personal Data for marketing purposes are described in the MARKETING section.

6.6. If the User publishes any Personal Data of other persons on the Website (including their names and surnames, addresses, telephone numbers or e-mail addresses), he may do so only if he does not violate the law and the personal rights of these persons.

PLACE ORDERS

6.7. Ordering goods or services offered by us is related to the processing of your Personal Data. Providing data marked as mandatory is required for the purpose of accepting and executing the order and failure to provide it results in the order not being executed. Providing other data is voluntary.
6.8. Your Personal Data is processed:

6.8.1. for the purpose of executing the order placed – the legal basis for processing is the necessity of processing for the purpose of fulfilling the contract (Article 6(1)(b) GDPR); to the extent of optional data – the legal basis for processing is your consent (Article 6(1)(a) GDPR);

6.8.2. for the purpose of implementing the legal obligations imposed on the Administrator, arising in particular from tax and accounting regulations – the legal basis for processing is a legal obligation (Article 6(1)(c) GDPR);

6.8.3. for analytical and statistical purposes – the legal basis for processing is the legitimate interest of the Administrator (Article 6(1)(f) GDPR), consisting in performing analyses of Users’ activities on the Website and Users’ purchasing preferences in order to improve the functions used;

6.8.4. for the purposes of possibly proving and enforcing claims or defending against claims – the legal basis for processing is the legitimate interest of the Administrator (Article 6(1)(f) GDPR), consisting in protecting his rights and business interests.

COMPLAINT AND RETURN

6.9. Filing a complaint or returning goods is related to the processing of your Personal Data. Providing data in the complaint form is not mandatory, but is necessary for the correct handling of the complaint. Providing data in the return form is not mandatory, but is necessary for the effective withdrawal from the contract.
6.10. Your Personal Data is processed:

6.10.1. for the purpose of handling a complaint – the legal basis for processing your personal data is the Administrator’s obligation arising from the provisions of the Act on Warranty for Defects of Sold Goods (Article 6, paragraph 1, letter c) GDPR);

6.10.2. for the purpose of handling the return of goods – the legal basis for processing your Personal Data is the Administrator’s obligation arising from the provisions of the Act on Consumers (Article 6, paragraph 1, letter c) GDPR), if the basis for returning goods is the provision on the right to withdraw from the contract or the necessity of processing for the purpose of fulfilling the contract (Article 6, paragraph 1, letter b) GDPR), if the basis for returning goods is the rules of our Store;

6.10.3. for the purpose of implementing other legal obligations imposed on the Administrator, resulting in particular from tax and accounting regulations – the legal basis for processing is a legal obligation (Article 6(1)(c) GDPR);

6.10.4. for analytical and statistical purposes – the legal basis for processing is the legitimate interest of the Administrator (Article 6(1)(f) GDPR), consisting in performing analyses of Users’ activities on the Website and Users’ purchasing preferences in order to improve the functions used;

6.10.5. for the purposes of possibly proving and enforcing claims or defending against claims – the legal basis for processing is the legitimate interest of the Administrator (Article 6(1)(f) GDPR), consisting in protecting its rights and business interests.

FRAUD PREVENTION

6.11.1. In order to ensure the proper functioning of our store, we verify that users do not engage in activities that prevent other customers from making purchases, in particular by placing excessive and unusual orders, which indicate that they do not intend to keep the ordered products, or by declaring that they purchase as consumers and subsequently resell the Goods as entrepreneurs. This analysis is carried out on the basis of your transaction history. By analyzing the history of your orders, payments made and returns of goods, our algorithm evaluates whether it is necessary to block or delete your account in order to prevent its misuse. Decisions to block or delete your account are based solely on automated processing and are necessary for the performance of the contract concluded with you (Article 22(2)(a) GDPR). You have the right to express your own opinion and to challenge such a decision and to ask our employees to re-examine your data. In such a case, please contact us as specified in point 3.

7. MARKETING

7.1. We process your Personal Data for the purpose of carrying out marketing activities, which may consist of:

7.1.1. displaying marketing content corresponding to your interests (behavioral advertising);
7.1.2. carrying out activities related to direct marketing of goods and services (sending commercial information by electronic means and telemarketing activities).

7.2. In order to carry out marketing activities, we use profiling in some cases. This means that, thanks to automatic data processing, we evaluate selected factors related to your person in order to be able to analyze your behavior or create a forecast for the future. This allows for better adaptation of the displayed content to your individual preferences and interests.

BEHAVIORAL ADVERTISING
7.3. Together with our trusted partners, we process your Personal Data, including Personal Data collected through cookies and other similar technologies, for marketing purposes in connection with targeting you with behavioral advertising (i.e. advertising that is tailored to your preferences). The processing of personal data in such a situation also includes profiling, the result of which is only the display of tailored advertising based on your Personal Data obtained by us and our partners.

DIRECT MARKETING

7.4. If you give your consent, we may use your data to send you marketing content via various channels, i.e. by e-mail (in the form of a newsletter), by MMS / SMS or by telephone. The legal basis for the processing of your Personal Data in this case is the legitimate interest of the Administrator (Article 6 (1) (f) GDPR) in connection with your consent consisting in the marketing of the offered goods and services. We carry out such activities only if you have given your consent, which you can withdraw at any time. You can withdraw your consent at any time by clicking on the link we send in each e-mail containing commercial information, by contacting us at the e-mail address: executive@janakuricova.com. The withdrawal of consent does not affect the lawfulness of data processing in the period before its withdrawal.

7.5. We may also carry out direct marketing via the traditional postal address provided by you. The legal basis for the processing of your Personal Data in this case is the legitimate interest of the Controller (Article 6(1)(f) GDPR) in marketing the offered goods and services. You may object to the processing of your Personal Data for this purpose at any time. You may express your objection by contacting us at the following e-mail address: executive@janakuricova.com.

GOOGLE ADS CUSTOMER MATCH
7.6. The marketing of the products and services we offer may also take place using Google Ads Customer Match. Google Ads Customer Match is a tool that allows the Administrator to load a hashed database of email addresses (customer list) into Google tools in order to verify whether User Accounts have been created on Google services using the same email addresses (e.g. YouTube, Gmail, etc.). If the email addresses match, the Administrator’s ads may be displayed to Users of Google services after they log in.

7.7. In order to increase the accuracy of measuring the effectiveness of our marketing activities using the Google Ads customer match described above, we will also use a tool provided by Google in the form of the so-called “enhanced conversions”. This tool allows the Administrator to increase the accuracy of measuring conversions (i.e., the purchase of goods on the Store’s website as a result of redirection from another website). In order to use it, we retrieve conversion data from the Store’s website in encrypted form (including data in the range of email addresses) in a way that ensures privacy, i.e. using a one-way encryption algorithm. Information about enhanced conversions can be found at this link: Enhanced conversions – Google Ads – Help.

8. PROCESSING OF DATA OF USERS VISITING THE ADMINISTRATOR‘S PROFILES ON SOCIAL NETWORK

8.1. The Administrator has public profiles on social networks Facebook, Instagram, LinkedIn, Youtube. In connection with this, it processes data left by persons visiting these profiles (among others, comments, likes, internet identifiers).
8.2. Personal data of such persons are processed:

8.2.1. in order to enable them to carry out activities on the profiles;

8.2.2. for the purpose of effective operation of the profiles, presenting information to the Portal Users about the Administrator’s initiatives and other activities and in connection with the promotion of various types of events, services and products;

8.2.3. for statistical and analytical purposes;

8.2.4. they may also be processed for the purposes of enforcing and defending claims.

8.3. The legal basis for the processing of Personal Data is the legitimate interest of the Administrator (Article 6(1)(f) GDPR), consisting in:

8.3.1. promoting your own brand and improving the quality of the services provided,

8.3.2. conducting activity and preference analyses,

8.3.3. if necessary – for the enforcement of claims and defense against claims.
The above information does not apply to the processing of personal data by administrators of social networking sites.

9. TO WHOM WILL YOUR PERSONAL DATA BE TRANSFERRED?

9.1. We may transfer your Personal Data to entities with which we cooperate in the implementation of the services provided by us.
9.2. Depending on the payment method you have chosen for the purchased goods, we will provide your data necessary for the collection or payment to one of the entities with which we cooperate in the field of payment processing.

9.3. We also have the right to disclose selected information about our Users to competent authorities or third parties who have submitted a request for such information, based on the appropriate legal basis and in accordance with applicable law.

10. HOW LONG WILL YOUR PERSONAL DATA BE PROCESSED?

10.1. The period of processing of your Personal Data depends on the type of service provided and the purpose of the processing. The data are generally processed for the duration of the service or the execution of the order, until the consent is withdrawn or an effective objection is raised against the processing of the data in cases where the legal basis for the processing of the data is the legitimate interest of the Administrator.

10.2. The period of processing of the data may be extended if the processing is necessary for the establishment and enforcement of any claims or for the defense against claims, and after this period only if and to the extent required by law. After the processing period, the data are irretrievably deleted or anonymized in such a way that the data subject can no longer be identified.

11. HOW DO WE PROTECT YOUR DATA?

11.1. We use a range of IT and organisational security measures to minimise the risk of data loss, destruction and disintegration. Security features include tools such as: firewalls, anti-virus and anti-spam security systems, internal processes, data processing and disaster recovery procedures, as well as a multi-level backup system.

11.2. Please remember that using the Internet always carries the risk of certain security incidents. However, we assure you that we strive to reduce this risk as much as possible through the implementation of procedures for regular reviews and updates of IT systems and active monitoring of critical points in the system.

12. WHAT ARE YOUR RIGHTS RELATED TO THE PROCESSING OF YOUR PERSONAL DATA?

12.1. In connection with the processing of your Personal Data by us, you have the following rights:

12.1.1. the right to information about the processing of Personal Data – on this basis, the Administrator will provide you with information about the processing of your Personal Data, in particular about the purposes and legal grounds for the processing, the scope of the stored data, the entities to whom they are disclosed and the planned date of data deletion;

12.1.2. the right to obtain a copy of the data – on this basis, the Administrator will provide you with a copy of your personal data that it processes;

12.1.3. the right to rectification – the Administrator is obliged to remove any inconsistencies or errors in the processed Personal Data and to supplement them if they are incomplete;

12.1.4. the right to erasure – on this basis, you can request the erasure of data whose processing is no longer necessary to achieve any of the purposes for which they were collected;

12.1.5. the right to restriction of processing – if such a request is made, the Administrator will cease to carry out operations with your Personal Data – with the exception of operations to which you have consented and the storage of data in accordance with the adopted retention rules – or until the reasons for restricting data processing cease to exist (e.g. a decision of the supervisory authority authorizing further data processing is issued);

12.1.6. the right to data portability – on this basis – to the extent that the data are processed by automated means in connection with a concluded contract or consent – the Administrator issues the data provided by you in a format that allows data to be read by a computer. You may also request that this data be sent to another entity, provided that there are technical possibilities in this regard, both on the part of the Administrator and on your part;

12.1.7. the right to object to the processing of data for marketing purposes – you may object to the processing of your Personal Data for marketing purposes at any time, without having to justify such an objection;

12.1.8. the right to object to other purposes of data processing – you may at any time – for reasons related to your particular situation – object to the processing of your Personal Data, which is carried out on the basis of the legitimate interest of the Administrator (e.g. for analytical or statistical purposes or for reasons related to the protection of property); the objection in this regard should contain a justification;

12.1.9. the right to withdraw consent – if the information is processed on the basis of your consent, you have the right to withdraw it at any time, which does not affect the lawfulness of the processing carried out before its withdrawal;

12.1.10. the right to lodge a complaint – if you believe that the processing of Personal Data violates the provisions of the GDPR or other provisions on Personal Data Protection, you may lodge a complaint with the supervisory authority for the processing of Personal Data, relevant to your habitual residence, place of work or place of the alleged violation.

12.1.11. the right to human intervention by the administrator, to express one’s own opinion and to challenge decisions based solely on automated processing.

13. SUBMISSION OF REQUESTS RELATED TO THE EXERCISE OF RIGHTS

13.1. You can exercise some of the above rights yourself. If you have an account in the Store, you can always access your Personal Data and correct and update them.
13.2. You can submit a request regarding all of the above rights by contacting our Data Protection Officer at the following e-mail address executive@janakuricova.com or at Grösslingová 67 Bratislava – Staré mesto, 81109.

13.3. We will try to respond to your request as soon as possible and answer your questions regarding the processing of your data. You will receive a response within 30 days from the date of receipt of your request. If it turns out that due to the complexity of the request or the number of requests we have received, we are unable to provide you with information about the activities carried out within this period – we will inform you of its extension.

13.4. If we have doubts as to whether it is you who is making a specific request, we may ask you a few additional questions to verify your identity. Providing this information is not mandatory, but failure to provide it will result in the refusal to comply with the request. We may also need additional information to determine the exact content of your request.

13.5. The request may be submitted in person or through a proxy (e.g. a family member). For data protection reasons, we recommend using a power of attorney certified by a notary or an authorized legal advisor or proxy, which will speed up the verification of the authenticity of the request.

13.6. If the request was sent to us electronically, we will respond in the same form, unless the applicant requests a response in a different form. In other cases, the response will be provided in writing. If the deadline for processing the request does not allow for a written response and the scope of the applicant’s data processed by us allows us to contact you electronically, the response will be provided electronically.

13.7. We store information about the submitted request and the person who submitted the request in order to ensure its compliance and to be able to investigate, defend or prosecute any claims of the data subjects. The register of requests is stored in a manner that ensures their integrity and the confidentiality of the data contained therein.

14. CHANGES TO THE PRIVACY POLICY

14.1. The Policy is continuously reviewed and updated as necessary.

12.06.2025