PERSONAL DATA PROCESSING PRINCIPLES
We collect cookies to make our e-shop work properly!
The cookies are short text files thanks to which your next visit will be easier and you’ll find the website more useful. We use technical cookies which make our website work correctly for you. Subject to your consent, we can also make use of analytical and marketing cookies to create a tailor-made offer reflecting your priorities and preferences to the maximum possible extent. You will find more information about the cookies, their setting and protection of personal data here.
We do not intend to swamp you with spam; on the contrary, your trust and comfort are our topmost priorities. Thanks, ANNA HORA team.
1. Information about “Anna Hora”
Your trust is important for us. The protection of your privacy when processing personal data is important for us. Our personal data processing principles should give you an idea how we handle your personal data.
The www.annahora.com portal (hereinafter “the Website” or “the Web Pages”) is operated by the company
Anna Hora s.r.o., Jinonická 804/80, Praha 5 (hereinafter “Anna Hora”, “we” or “us”)
Anna Hora is responsible for the processing of your personal data according to the General Data Protection Regulation (hereinafter “GDPR”) and Czech personal data protection legislation.
We process your data:
• only subject to your consent granted in accordance with Article 6, Paragraph 1, Subparagraph a) of the GDPR (for example if you subscribe for our newsletters on our web), or
• if it is necessary for the performance of a contract in accordance with Article 6, Paragraph 1, Subparagraph b) of the GDPR (so that, for example, we are able to deliver the goods which you have ordered), or
• if processing is necessary to comply with the legal obligation stipulated in Article 6, Paragraph 1, Subparagraph c) of the GDPR ( so that, for example, we are able to make out an invoice and file it throughout the period of time required by the law), or
- on the basis of our legitimate interests or legitimate interests of third parties in accordance with Article 6, Paragraph 1, Subparagraph f) of the GDPR (so that, for example, we are able to claim our rights arising from a Contract).
2. How we perceive the term “your data”
The term “your data” denotes your personal data, i.e. data about you (from now on, we will use the term “your data” or “personal data”). We process, in particular, the following personal data:
- your name, address, e-mail address, phone number, encrypted password to your customer account and potentially also your birth date,
• information about your order, products that you have bought, services that you have made use of, payment method data, your preferences for certain product types.
3. When we process your data
We can process your data in any of the following situations:
• if you open a user account with us (Part I)
• if you order from us (Part II).
• when you contact us (Part III.),
• for advertising and promotional purposes (Part IV),
• when using cookies (Part V)
- Registration/opening of a user account
We need your e-mail address and a password which you select (the password is stored in an encrypted form and we do not have access to it) to register and set your user account. The e-mail address serves as an access code to the user account. Your successful registration will be confirmed by an e-mail.
You can also enter your personal data, in particular your first name, surname, e-mail address, and potentially also your phone number, mailing address and date of birth. The user account is used, in particular, to order goods and monitor your orders and their progress. You can work with you user account, including the information entered into it, at any time, using the “My Account” menu.
The purpose of the information entered into the user account is to make the use of our services more comfortable for you (the legal base of the processing of personal data is therefore the performance of a contract in accordance with Article 6, Paragraph 1, Subparagraph b) of the GDPR).
We process the information obtained through user accounts during the time the account is used and five years thereafter.
- Processing of your data for the purpose of your order
If you order something from us, your personal data is used to conclude and execute the Contract and to process your order, including payment and delivery ( the legal base of the processing of personal data is therefore the performance of a contract in accordance with Article 6, Paragraph 1, Subparagraph b) of the GDPR).
As soon as you have selected the mode of payment, you will be asked for information needed to use the selected provider of payment services. This payment information is passed directly to the provider and we do not store it.
We will process your personal data as long as we will keep sending you goods that you have ordered. Then we will keep your personal data:
- for a period of 10 years from the date of delivery of the goods which you ordered, to protect our, but also your, legitimate rights (e.g. for the purpose of dealing with potential complaints or other disputes),
- for a period needed to comply with archiving rules and regulations stipulated in relevant legislation (e.g. the Accounting Act, the Archives and Records Service Act, the Value-Added Tax Act etc.).
- Processing of your data when you contact us
There are several ways to contact us. You can contact our customer service:
- via WhatsApp,
- by phone,
- by mail,
- by e-mail,
- using the contact form on our website,
- using the “watchdog” form on our website thanks to which you can monitor availability of specific goods.
To be able to process your request, we collect your name, e-mail address, phone number, customer number, order number and ordered goods, as well as other information you may provide to us. If you use the “watchdog” form, we will obtain and process only your e-mail address.
The legal base of the processing of personal data is therefore the performance of a contract in accordance with Article 6, Paragraph 1, Subparagraph b) of the GDPR (performance of the contract – processing of the user’s data is needed to perform under the contract, to answer questions or to dispel concerns).
We will keep the information obtained in the manner outlined above for the same period of time as order-related data; as to questions not concerning orders of goods or using the “watchdog” form, we will keep your data for one year since we obtained it.
- Processing of your data for advertising and promotional purposes
1. Information newsletter
The legal base for sending our newsletter is:
- your consent in accordance with Article 6, Paragraph 1, Subparagraph a) of the GDPR (you are not our customer, but you have subscribed for our newsletter on our website),
- our legitimate interest in accordance with Article 6, Paragraph 1, Subparagraph f) of the GDPR (if you are our customer, we do not need your consent to send you our newsletter).
You can cancel the information newsletter subscription at any time in any of the following ways:
- by clicking on the relevant link which you can find in the footer of every business message
- in the settings of your user account
- by sending an e-mail to firstname.lastname@example.org, or using any other contacts mentioned in the present document.
2. Social networks
The company Anna Hora is active and present on social networks and platforms (Instagram a Pinterest) to communicate with interested parties and users and to inform them about new offers of the company. However, we do not have any control whatsoever over the processing and further uses of the data acquired on such networks and platforms by their operators or intermediaries. You will find more details in data policies of the operators and intermediaries.
Cookies are text files stored in a computer or another electronic device of every visitor of a web interface, which support correct operation of a website (functional or technical cookies), analyses of the use of a web interface (analytical cookies) and targeting of advertisements (advertisement or marketing cookies).
There are so-called session (non-persistent) cookies, which are deleted as soon as you close your browser, and permanent (persistent) cookies, which are stored in your device for a longer or even indefinite period of time.
You were informed about the use of cookie files and specific cookies during your first visit of our website. At that time, you could also decide which cookies could be stored in your device.
Depending on which cookies you have selected, the information stored in them will be sent to our website or another website they belong to during your next visit of our website from the same device. The cookies therefore help us to optimize the content and appearance of our website according to your preferences.
The legal base of the processing of cookies as personal data is our legitimate interest in accordance with Article 6, Paragraph 1, Subparagraph f) of the GDPR (so that we could provide contents which will be attractive for you).
Using the “Cookies setting” pushbutton in your web browser, you can see the cookies collected by our website, including for how long, and also choose the cookies you want to accept or reject. Please be aware that if you reject in particular functional (technical) cookies, you may not be able to make use of all functions of the website.
4. Your rights
Insofar as the processing of personal data is concerned, you can contact us and demand:
- Information about the purpose and nature of the personal data processed by Anna Hora, including information about potential recipients of this data outside Anna Hora. General information about personal data processing activities are contained herein.
- Access to data which have provided to us, no matter whether during the registration, while communicating with us, or when placing an order. If you exercise this right, we will confirm to you whether and which personal data is processed, and this information, together with information about its processing, will also be made available for you.
- Correction of inaccurate or incomplete personal data.
- An explanation and remedy of a faulty condition (e.g. blocking, repair, supplementing or disposal of personal data), if you believe Anna Hora is processing personal data in contravention of principles of protection of your personal and private life or of applicable legislation.
- Deletion of personal data (the so-called “right to be forgotten”) or restricted processing of personal data, if it is no longer needed for intended purposes or if Anna Hora does not have any legitimate reason to process your personal data, including withdrawal of your consent with the data processing.
- Furthermore, you can raise an objection against the processing of personal data in cases when we process it for the purpose of our legitimate interests (e.g. for the purpose of distributing newsletters).
- If you believe we treat your personal data in contravention of applicable legislation and regulations, you can also contact the Office for Personal Data Protection (https://www.uoou.cz).
Your rights are described in detail in the GDPR.
5. Security and safety
Anna Hora takes care of your data’s security. The treatment and handling of personal data is in full compliance with applicable legislation and regulations, including General Data Protection Regulations (GDPR). Anna Hora puts a great deal of emphasis on technical and organizational support and protection of the data it processes.
All personal data in the electronic format is stored in databases and systems accessible only to people who need the information contained therein for the purposes defined in this document and on the need-to-know basis. The access to the information is protected by a password and a firewall. Anna Hora regularly tests the security of personal data and continuously improves it protection.
Some personal data of our customers may also be processed by:
- carriers delivering our goods,
- our external advisors (accountants, lawyers, tax consultants etc.),
- external experts cooperating with our company (IT, marketing specialists etc.),
- designers of our website,
- providers of webhosting,
- The Rocket Science Group LLC (the provider of Mailchimp software) whose seat is outside EU (in the United States), which means that personal data is transferred outside the European Union; with the Privacy Shield cancelled, this provider makes use of a standard contract clause approved by the European Union, and you therefore do not have to worry about your personal data,
- companies collecting cookies.
Naturally, the subjects listed above also guarantee a high level of personal data protection demanded by our company and relevant legislation and regulations.
6. Contact information
If you wish to comment on the personal data processing or to exercise any of your rights, you can do so at email@example.com, or using the telephone number +420 773 583 533.
This document shall take effect as of June 1, 2022.