Privacy protection

The business company DataTip, s.r.o. processes personal data in accordance with legal regulations effective as of May 25, 2018, in accordance with Act No. 18/2018 Zzo on the protection of personal data and on the amendment and supplementation of certain laws (hereinafter referred to as the "Act") and also in accordance with Regulation of the EP and the Council of the EU no. 2016/679 on the protection of natural persons in the processing of personal data and on the free movement of such data, which repeals Directive 95/46/EC (General Data Protection Regulation).

The business company DataTip, s.r.o. processes personal data in accordance with legal regulations effective as of May 25, 2018, in accordance with Act No. 18/2018 Zzo on the protection of personal data and on the amendment and supplementation of certain laws (hereinafter referred to as the "Act") and also in accordance with Regulation of the EP and the Council of the EU no. 2016/679 on the protection of natural persons in the processing of personal data and on the free movement of such data, which repeals Directive 95/46/EC (General Data Protection Regulation).

The following information relates to the processing of personal data of visitors and/or customers of the operator's e-shop (hereinafter referred to as the "data subject") carried out by the operator.

Basic provisions

  1. The controller of personal data according to § 5 letter o) Law is the trading company DataTip, s.r.o., ID number 36869112, with registered office at Alžbetina 30, 040 01 Košice (hereinafter referred to as the "operator").
  2. The contact details of the operator are:
    address: Alžbetina 30, 040 01 Košice
    email: info@kiids.shop
    phone: 0918 265 164
  3. Personal data means all information about an identified or identifiable natural person; an identifiable natural person is a natural person who can be directly or indirectly identified, in particular by reference to a certain identifier, for example name, identification number, location data, network identifier or by reference to one or more special elements of physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person.
  4. The operator has not appointed a responsible person for the protection of personal data. In case of any questions regarding personal data, the person concerned can contact the operator at info@kiids.shop .

    Sources and categories of processed personal data

      1. The operator processes personal data provided by the affected person or personal data obtained by the operator on the basis of the fulfillment of the order of the affected person, i.e. on the basis of the concluded contract.
      2. The operator processes the identification and contact data of the person concerned and the data necessary for the performance of the contract, namely: name and surname, or title, postal address, telephone and email contact, IP address, cookie files, or Bank account number.

        Legal reason and purpose of personal data processing

        1. The legal basis (legal reason) for the processing of personal data is:
          • Fulfillment of the contract between the affected person and the operator according to § 13 par. 1 letter b) of the Act. The personal data of the affected person, which the operator processes for the purpose of processing orders and fulfilling the obligations arising from the contract concluded between the affected person and the operator, are: name and surname, postal and email address and telephone number of the affected person. The legal basis for the processing of this voluntarily provided data is the fulfillment of rights and obligations arising from the above-mentioned contract, which would otherwise be impossible to conclude.
          • Legitimate interest of the operator according to § 13 par. 1 letter f) of the Act (in case of withdrawal from the contract or exchange of goods by the affected person, for the operator's accounting). The personal data of the affected person, which the operator processes for the purpose of withdrawal from the contract or exchange of goods by the affected person, are: name, surname, postal address, or account number. The legal basis for the processing of the mentioned personal data is the operator's legitimate interest in fulfilling the rights and obligations arising from the contract concluded at a distance. The personal data of the person concerned, which the operator processes for the purpose of accounting, are: first and last name, postal address, account number.
          • Consent of the person concerned to the processing of personal data according to § 13 par. 1 letter a) of the Act (for the purpose of setting up a user account of the person concerned, for the purpose of correspondence with the operator via the contact form), if no goods have been ordered. The personal data of the person concerned, which the operator processes in the case of correspondence via the contact form, are: first and last name and email address. The personal data that will be voluntarily provided to the operator as part of the use of the contact form will not be published and are used exclusively for the purpose of answering the question or initiative of the person concerned by the operator. The personal data of the person concerned, which the operator processes for the purpose of establishing a user account of the person concerned and providing services intended for registered users, are: name and surname, postal and email address and telephone number of the person concerned.
        2. The purpose of personal data processing is:
            • processing the order of the person concerned and exercising the rights and obligations arising from the contractual relationship between the person concerned and the operator; when placing an order, personal data are required, which are necessary for the successful processing of the order, the provision of personal data is a necessary requirement for the conclusion and fulfillment of the contract, without the provision of personal data it is not possible to conclude the contract or fulfill it on the part of the operator,
            • withdrawal from the contract or return of goods by the person concerned,
            • accounting of the operator,
            • registration of the affected person on the website of the operator, i.e. setting up a user account of the affected person,
            • using contact forms when corresponding with the operator,
            • use of cookies.

          3. There is no automatic individual decision-making by the operator in accordance with § 28 of the Act.

          Personal data retention period

            1. The operator stores personal data:
              • for the duration of the statutory obligations of the operator resulting from generally binding legal regulations, in particular from the Civil Code, the Act on Consumer Protection in the Sale of Goods or the Provision of Services on the basis of a contract concluded at a distance or a contract concluded outside the seller's premises, the Act on Archives and Registries, the Act on accounting and the VAT Act, i.e. in the case of some data on tax documents for at least 10 years;
              • for the period necessary for the exercise of rights and obligations arising from the contractual relationship between the person concerned and the operator and the application of claims from these contractual relationships (for a period of 10 years from the termination of the contractual relationship);
              • for the duration of the interested person's interest in using the services associated with the user account.
            1. After the personal data storage period has expired, the operator will delete the personal data.

            Recipients of personal data (subcontractors of the operator)

              1. Recipients of personal data are persons:
                • participating in the delivery of goods/services/realization of payments based on the contract,
                • providing services for running an e-shop and providing hosting and other services in connection with running an e-shop,
                • ensuring services connected with keeping an accounting agenda (external accountant) and providing accounting software.
              • The operator intends to transfer personal data to a third country (a country outside the EU) or an international organization. Recipients of personal data in third countries are providers of mailing services/cloud services.

              Rights of the data subject

                1. Under the conditions set out in the Act, the person concerned has:
                  • the right to access your personal data according to § 21 of the Act,
                  • the right to correction of personal data according to § 22 of the Act, or restriction of processing according to § 24 of the Act,
                  • the right to erasure of personal data according to § 23 of the Act,
                  • the right to object to the processing of personal data pursuant to § 27 of the Act,
                  • the right to portability of personal data according to § 26 of the Act,
                  • the right to withdraw consent to the processing of personal data at any time in writing to the address of the operator's registered office or electronically to the operator's email listed in art. I. of these conditions,
                • Furthermore, the affected person has the right to file a complaint with the Office for Personal Data Protection if he believes that his right to personal data protection has been violated.

                Terms of personal data security

                1. The operator declares that he has taken all appropriate technical and organizational measures to secure personal data.
                2. The operator has taken technical measures to secure data storage and storage of personal data in paper form. Work computers are protected by an antivirus program and secured against access by unauthorized persons using passwords. Software and applications used to perform business activities are encrypted. To protect personal data, we make backups that are also encrypted. We store legal documents in a lockable cabinet.
                3. The operator declares that only persons authorized by him have access to personal data.

                Final provisions

                1. The possibility of purchasing goods offered on the website of the operator is not primarily intended for visitors under the age of 16.
                2. By submitting an order from the online order form, the affected person confirms that he/she has been familiarized with the terms of personal data protection and that he/she accepts them in their entirety.
                3. The person concerned agrees to these conditions by ticking the consent through the internet form. By ticking the consent, the affected person confirms that he has familiarized himself with the terms of personal data protection and that he accepts them in their entirety.
                4. The operator is entitled to change these conditions. It will publish the new version of the personal data protection conditions on its website and at the same time send the affected person a new version of these conditions to the affected person's e-mail address, which they provided to the operator.

                These terms and conditions take effect on September 1, 2022.