Privacy Policy
(” Policy “)
I. Basic provisions
1. These personal data protection principles regulate the handling of personal data in the company Aenze s.r.o., with registered office at Moskevská 1842, Kladno, 272 04, Czech Republic, ID 28534395, registered in the commercial register maintained by the Municipal Court in Prague, section C, entry 148584 (hereinafter referred to as ” Personal Data Manager ”).
2. By the administrator of personal data according to Article 4 point 7 of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons in connection with the processing of personal data and on the free movement of such data and on the repeal of Directive 95/46/EC (hereinafter referred to as ” GDPR “) is the company Aenze s.r.o. (hereinafter referred to as ” Personal Data Controller “).
3. The contact details of the Personal Data Administrator are (i) address Moskevská 1842, Kladno, 272 04, Czech Republic and ( ii ) email: support@digitaltroops.co
4. The personal data administrator has not appointed a personal data protection officer.
II. Sources and categories of processed personal data
1. For the purposes of this Privacy Policy, personal data means any information relating to a specific natural person who can be identified or identifiable with the help of this information. An identifiable natural person is a natural person who can be directly or indirectly identified, in particular by reference to a certain identifier, for example a name, identification number, location data, network identifier or to one or more special elements of physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person.
2. The personal data administrator processes in particular, but not exclusively, the following personal data:
1. Name and surname of a natural person;
2. Contact details of a natural person, i.e. e-mail address, telephone number or residential address, or delivery address;
3. Information about your orders, which is in particular information about the services or products you have ordered from us, including your bank account number;
4. Data about your behavior on the digitaltroops.co website.
III. Legal reason and purpose of personal data processing
1. The legal reason for processing personal data is:
- performance of the contract between you and the Personal Data Administrator pursuant to Article 6 paragraph 1 letter b) GDPR;
- the legitimate interest of the Personal Data Manager in improving the products and services offered by Envitrail , including the implementation of promotions and other events for clients or business partners, according to Article 6, paragraph 1 letter f) GDPR;
legitimate interest of the Personal Data Manager for direct marketing purposes, in particular for sending business communications and newsletters, if the Personal Data Manager addresses an existing client or business partner, pursuant to Article 6 paragraph 1 letter f) GDPR; - Your consent to the processing of personal data for the purposes of providing direct marketing, in particular for sending business communications and newsletters, pursuant to Article 6, paragraph 1 letter a) GDPR in connection with § 7 paragraph 2 of Act No. 480/2004 Coll., on certain information society services, in the current version, in the event that the Personal Data Controller addresses a person who is not an existing client or business partner and whose parties did not order goods or services;
- fulfillment of the requirements of the law according to Article 6 paragraph 1 letter c) GDPR.
2. The purpose of personal data processing is
- the processing of your order and the performance of rights and obligations arising from the contractual relationship between you and the Personal Data Administrator, including the execution and acceptance of payments related to the order; when placing an order, personal data are required that are necessary for the successful processing of the order (name and address, contact), the provision of personal data is a necessary requirement for the conclusion and performance of the contract, without the provision of personal data it is not possible to conclude the contract or it is properly accepted by the Personal Data Administrator fulfill;
- improving the quality of services and products provided to clients and business partners, e.g. by sending commercial messages and carrying out other marketing activities, informing about the improvement or expansion of the portfolio of services offered by Aenze s.r.o.;
- for the purpose of asserting the legitimate claims of third parties, if the Personal Data Administrator receives a legitimate claim from a state or public institution;
We may also process your personal data for other purposes that are not listed above, to the extent required by law and in cases where it is necessary for other legitimate purposes, in particular to ensure the reliable performance of ordered services or products for you and other users.
3. The Personal Data Manager makes automatic individual decisions in the sense of Article 22 of the GDPR. You have given your express consent to such processing.
IV. Personal data security policy
1. We respect the privacy and personal life of the natural persons concerned.
2. We transparently inform the affected persons about our processing of personal data and their related rights and obligations. We help the affected persons with the exercise of their rights.
3. We comply with the technical and organizational measures adopted by us to secure personal data. To secure data repositories and repositories of personal data in paper form.
4. The administrator of personal data declares that only persons authorized by him have access to personal data.
5. The administrator of personal data immediately informs the relevant persons about a breach of personal data security.
6. As a Personal Data Administrator, we collect personal data only to the extent that is absolutely necessary to achieve a specific processing purpose determined by us or by generally binding regulations, and we only keep it for the time necessary to fulfill this purpose. After the expiration of the time necessary to achieve the purpose, we always irrevocably dispose of or anonymize personal data, taking into account the time for which it is necessary to keep personal data in terms of the requirements of the law or possible claims of third parties.
7. We maintain reasonable measures to ensure that the data we process is accurate.
8. We process personal data in a transparent manner, only within the limits of the legitimate and certain purpose of personal data processing, with a limitation only to the absolutely necessary scope of processed personal data.
9. As a Personal Data Administrator, we only use the services of such personal data processors who guarantee compliance with the obligations established by applicable legal regulations in the field of personal data protection.
V. Data retention period
1. We choose the specific storage period of personal data taking into account the nature of the personal data and the purposes of their processing.
2. The personal data manager stores personal data:
1. for the period necessary to exercise the rights and obligations arising from the contractual relationship between you and the Personal Data Administrator, taking into account the time needed to exercise any claims arising from these contractual relationships, or taking into account the time required by legal regulations (standardly for a period of 3 years from the end of the contractual relationship);
2. until the consent to the processing of personal data for direct marketing purposes is revoked.
3. After the expiration of the period and purpose of personal data storage, the Personal Data Manager will delete the personal data.
VI. Recipients of personal data (subcontractors of the Personal Data Manager)
Recipients of personal data are persons
1. participating in the delivery of goods / services / realization of payments based on the contract;
2. involved in ensuring the operation of services;
3. providing marketing services.
6. If personal data is transferred to third parties, it is transferred by the service provider in accordance with the requirements of legal regulations and using the security mechanisms established by the GDPR.
7. The controller of personal data intends to transfer personal data to a third country (a country outside the EU) or an international organization. Recipients of personal data in third countries are providers of Google’s mailing services / cloud services.
8. The personal data manager will transfer personal data to a third country, provided that the recipient of the personal data provides appropriate guarantees of effective protection of the data subject and the transferred personal data.
VII: Rights of the data subject – Your rights
1. In accordance with and under the conditions set out in the GDPR, you have:
1. The right to be informed about the processing of your personal data;
2. the right to access your personal data according to Article 15 GDPR;
3. the right to correct personal data according to Article 16 of the GDPR, or to restrict processing according to Article 18 of the GDPR;
4. the right to erasure of personal data according to Article 17 GDPR;
5. the right to object to processing according to Article 21 GDPR;
6. the right to data portability according to Article 20 GDPR;
7. the right to request the restriction of the processing of your personal data;
8. the right to notify that you do not agree to the processing of your personal data;
9. if we make automated decisions about you or profile you, you have the right to tell us that you do not agree with a decision we have made by automated means, including based on profiling, and to request that a human be involved in such decision;
10. the right to withdraw consent to processing in writing or electronically to the address or email of the Personal Data Manager listed in Article I, paragraph 3 of these Principles.
2. You also have the right to file a complaint with the Office for Personal Data Protection if you believe that your right to personal data protection has been violated.
VIII. Final provisions
1. By submitting an order from the online order form, you confirm that you are familiar with this Privacy Policy, that you agree with it and that you accept it in its entirety.
2. You agree to this Policy by ticking your consent via the online form. By checking consent, you confirm that you are familiar with this Privacy Policy and that you accept it in its entirety.
3. The administrator of personal data is authorized to change this Policy. It will publish a new version of the Personal Data Protection Policy on its website, or send you a new version of this Policy to the e-mail address you provided to the Personal Data Administrator.
These Policies take effect on 1/4/2024.