This statement has been prepared and published for the purposes of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereanafter „GDPR“).
Personal data - means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Controller - means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
Processor - means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
1. Who proces your personal data? (The Controller)
TryMeeClothing s. r. o., with the registered office Zámostní1155/27, 710 00 Ostrava, Czech Republic, identification number 06986650, registered in the Commercial Register at the Regional Court in Ostrava, File No. C 74063 is as an administrator of the internet store at www.nilmore.com („website“), the controller of your personal data. The contact address for the area of personal data protection: firstname.lastname@example.org.
2. What kind of personal data are we collect and process?
We collect and process these categories of personal data:
- The data necessary for fulfilment of the purchase contract – first name, last name, contact or shipping address, telephone number, payment details.
- he data necessary for handling complaints - name and surname, email or telephone number.
- Information needed to send a bonus for returning our circular products at one of the Nilmore Circular Points - name, surname, email.
- The data necessary for creating a user account – name, date of birth, sex, email, password in a coded form, history of the orders, history of viewed items, reviews.
- The data provided by the approval of the data subject – name, date of birth, email, phone number.
- The data provided in the contact forms – name, email, telephone number.
- The data obtained from surveillance cameras installed in our physical stores.
The categories of data that we obtain by using other services:
- Anonymous data necessary for basic analytics on the website based on legitimate interest according to GDPR via Google Analytics;
- IP address.
3. How we get your personal data
We receive your personal data by:
- The execution of the order in our online store based on purchase contract by your consent with our Commercial Terms;
- in the case of creating a user account in our online store, the legal basis is the expression of consent to the creation of the account and consent to the Commercial Terms;
- when returning our circular products for recycling through Nilmore Circular Points based on your consent to receive a return bonus;
- on the basis of your consent to the sending of commercial communications by e-mail to the e-mail address you entered;
- if you have provided your personal data in another way related to the activity on the website (eg filling in a form);
- entering our physical store, which is monitored by surveillance cameras with recording – all of our physical stores are visibly labelled with an information board warning of the entrance to the monitored area.
4. For which purposes we collect your personal data
We process and collect your personal data if:
- processing is necessary for the performance of a purchase contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract (delivery of the goods, complaint handling);
- processing is necessary for compliance with a legal obligation to which we are subject (tax obligation, archival obligation);
- you have given consent to the processing of your personal data for one or more specific purposes
- consent to the processing for the purposes of providing direct marketing;
- consent to the processing for the purposes of creating and managing your user account on our website;;
- processing is necessary for the purposes of the legitimate interests pursued by us which is:
- providing direct marketing, display of personalized ads, retargeting and remarketing as well as occasional sending of information about the offer to the specified delivery address of the data subject;
- ensuring the safety of the servers;
- to confirm the fulfilment of our obligations and to assert claims or defences against claims or to detect fraud;
- performing basic analysis, traffic measurement and other statistical measures of our website;
- in the case of surveillance cameras at our physical stores, the purpose is to ensure safety, health protection, security of client data and protection of property.
5. Who can access your personal data
We only pass on your data to processors, ie entities with which we cooperate on the basis of a processing contract. This ensures that the system of handling, processing and protection of your personal data is ensured within the scope of the GDPR requirements and that your rights are not violated or limited in any way. It is about:
- web platform Upgates, where is our website situated;
- the delivery companies – we give them your personal data based on the delivery method chosen by you (Česká pošta s.p., PPL CZ s.r.o., Packeta Group, DHL);
- payment gateways providers
- providers of technical solutions enabling easy delivery of your order and notification of order delivery;
- providers of analytic tools that enables us to make traffic measurement of our website;
- providers of technical solutions thanks to which we are able to display personalized content to you;
- ccountant companies;
- you have given consent to the sending of commercial communications to the e-mail address you have entered, we provide the necessary personal data to a third country company (non-EU countries). This recipient provides mailing services: Mailchimp, Atlanta, USA.
- ensuring the correct and smooth operation of the website (recognition of the user‘s equipment, its location and the correct display of the website adapted to his individual needs);
- right configuration of some website functions;
- for the content personalization on the website (language preferences, country preferences, etc);
- maintaining the session of the website user (basket, login to the user account).
- collecting anonymous data for measuring the website traffic for internal purposes;
- direct marketing – showing personalized content, retargeting, remarketing (Google AdWords, Facebook Pixel, Sklik);
- presentation of multimedia content on our website from e.g. YouTube;
- signing up to the user account via social networks e.g. Facebook;
- functions for the popularization of our website on social networks e.g. Facebook, Instagram, LinkedIn, Twitter, YouTube;
- functions for simplifying the communication via our website e.g. Live Chat.
7. How we protect your personal data
As the controller your personal data, we implemented appropriate technical and organisational measures for ensuring that, by default, only personal data which are necessary for each specific purpose of the processing are processed. We undertake that we implemented appropriate technical and organisational measures, such as pseudonymisation, which are designed to implement data-protection principles, such as data minimisation, in an effective manner and to integrate the necessary safeguards into the processing in order to meet the requirements of GDPR and protect the your rights.
Regarding assuring the safety of your personal data we undertake that we implemented all possible technical and organizational measures to ensure the safety of data storage, storage of personal data in paper form, regular data backup.
8. How long we store your personal data
We process and store your personal data for as long as it is necessary to ensure all the rights and obligations arising from the purchase contract, i.e. at least for the duration of your order's execution. By law, we must archive this data for a period of 10 years due to possible financial control.
We store your personal data based on consent for the sending of commercial communications in our database for 5 years. You have the right to withdraw the consent at any time.
We store personal and other data processed to perform analyses and measurements, analyse your preferences and displaying content for a maximum of 6 months.
The camera recordings are stored for the time necessary to evaluate and detect possible incidents and then after 30 days deleted.
9. YOUR RIGHTS
According to the GDPR you have the:
- Right of access to your personal data according to Article 15 of the GDPR;
- Right to rectification to your personal data according to Article 16 of the GDPR;
- Right to erasure (‘right to be forgotten’) according to Article 17 of the GDPR;
- Right to restriction of processing according to Article 18 of the GDPR;
- Right to data portability according to Article 20 of the GDPR;
- Right to object according to Article 21 of the GDPR;
- Right to unsubscribe from sending commercial messages at any time,
- ight to withdraw consent to the processing of personal data in writing or electronically.
All of your rights you can use by contacting us at email@example.com.
You also have the right to file a complaint with the Office for Personal Data Protection if you believe that your right to personal data protection has been violated.
10. Closing provisions
By entering our physical store, you express your consent to the camera monitoring and the camera recording.
We are entitled to change these conditions as needed. We will publish a new version of the terms and conditions of personal data protection on our website and at the same time we will send you a new version of these terms and conditions your e-mail address that you have provided to us.