Privacy Policy

I. Basic provisions

  1. The controller of personal data according to Article 4(7) of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as: “GDPR”) is the company MOSAIC spol. s r.o., with its registered office at Kunčice 20, Bělotín, 753 64, identification number: 47678470, incorporated in the Commercial Register maintained by the Regional Court in Ostrava, Section C, File 4242 (hereinafter referred to as the “Controller”).
  2. The Controller’s contact details are:

address: Kunčice 20, Bělotín, 753 64

email: info@mosaic.cz

telephon: +420 608 002 545

  1. Personal data means any information about an identified or identifiable natural person; an identifiable natural person is any natural person who can be identified, directly or indirectly, by reference to a certain identifier such as the name, identification number, location data, network identifier, or one or multiple specific features of this natural person’s physical, physiological, genetic, mental, economic, cultural, or social identity.
  2. The Controller has not appointed a data protection officer.

II. Sources and categories of the personal data being processed

  1. The Controller processes personal data that you have provided, or personal data that the Controller has acquired when fulfilling your order.
  2. The Controller processes your identification and contact details and data that is necessary for contractual performance.

III. Lawful reason for and purpose of processing

  1. The lawful reason for the processing of personal data is
    • the performance of the contract between you and the Controller according to Article 6(1)(b) GDPR;
  2. The purpose of the processing of personal data is
    • the processing of your order and the exercise of the rights and obligations arising from the contractual relationship between you and the Controller; the personal data that is required when placing an order is necessary for the successful processing of the order (name and address, contact details), and the provision of personal data is necessary for the conclusion and performance of the contract, which cannot be concluded or performed by the Controller unless the personal data is provided;
  3. The Controller does not apply any automated individual decision making within the meaning of Article 22 of the GDPR. You have given your explicit consent to such processing.

IV. Data retention period

  1. The Controller retains the personal data
    • for the period necessary for the exercise of the rights and obligations arising from the contractual relationship between you and the Controller and for claims arising from such relationships (for 15 years following the termination of the contractual relationship).
  2. The Controller shall erase the personal data after the expiry of the retention period.

V. Recipients of personal data (the Controller’s subcontractors)

  1. The recipients of personal data are persons
    • who participate in the delivery of the goods/provision of services/implementation of payments on the basis of the contract;
    • who provide the e-store operation services and other services related to e-commerce operations.
  2. For sending surveys, evaluating your feedback, and analysing our market position, we have employed a processer, who is the operator of the Heureka.cz portal; we may pass on information about the goods purchased and your email address to this processor and for this purpose.
  3. The Controller does not intend to transfer personal data to a third (non-EU) country or an international organisation.

VI. Your rights

 

  1. In accordance with the terms of the GDPR, you have
    • the right to access your personal data according to Article 15 of the GDPR,
    • the right to rectification of your personal data according to Article 16 of the GDPR or to restriction of processing according to Article 18 of the GDPR,
    • the right to erasure of your personal data according to Article 17 of the GDPR,
    • the right to object to processing according to Article 21 of the GDPR, and
    • the right to data portability according to Article 20 of the GDPR,
    • the right to withdraw consent to processing in writing or by electronic means to the Controller has address or email address specified in Article III of this Policy.
  2. You also have the right to lodge a complaint with the supervisory data protection authority if you believe that your data protection rights have been infringed.

VII. Personal data security conditions

  1. The Controller represents and warrants that it has taken the technical and organisational measures necessary to ensure the security of personal data.
  2. The Controller has taken technical measures to secure the data storage and physical storage facilities for personal data.
  3. The Controller represents and warrants that personal data can only be accessed by persons authorised by the Controller.

VIII. Cookies

  1. According to Section 89 of Act No. 127/2005 on electronic communications, you are hereby advised that our website require cookies for its proper operation. Cookies are small data files that are saved in your browser to store information about your settings and preferences.

    Cookies are small files that are generated by the server and automatically saved on your computer. They contain information about the remote server page settings and are mainly used to remember some of the user’s preferences.

    Cookies are intended to make full use of the content and personalised features of the website. Cookies are required in order for certain personalised features to work on this website. Therefore, cookies need to be enabled on your computer, tablet, or mobile device. The cookies that we use cannot harm your computer, and they are not used to store confidential information such as your name, address, or payment details.

    If you wish to disable, block, or delete cookies from our website, you can do so in your browser. As each browser is different, see the “Help” menu in your browser (or the instruction manual for your mobile phone) to find out how to change your cookies settings.

IX. Final provisions

  1. By submitting the order from the online ordering form, you acknowledge that you have read, and accept, the Privacy Policy in its entirety.
  2. You agree to this Policy by checking the consent box in the online form. By checking the consent box, you acknowledge that you have read, and accept, the Privacy Policy in its entirety.
  3. The Controller may amend the Privacy Policy. The Controller will publish the latest version of the Privacy Policy on its website and send the amended version of the Policy to the email address that you have provided to the Controller.

This Privacy Policy becomes effective on 1 March 2021.