PERSONAL DATA PROCESSING POLICY

 (PRIVACY POLICY)

 

Introduction.    

This Personal Data Processing Policy, hereinafter also referred to as “Privacy Policy”, defines the purposes and general principles of personal data processing, as well as the implemented measures of protection of personal data of Visitors (Users/Buyers of Goods) of www.JNSmore.eu website by the Seller of goods.

The Personal Data Processing Policy (hereinafter referred to as the Policy) applies to all information that can be obtained by the Seller of Goods about the Visitors (Users/Buyers of Goods) of www.JNSmore.eu. 

The Policy is drawn up in accordance with the Regulation of the European Parliament and of the Council (EU) 2016/679 of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and on the repeal of Directive 95/46/EC (hereinafter referred to as “GDPR”), the Law of the Czech Republic on Transposition to the European Regulation GDPR No. 110/2019 Coll. and other applicable laws and regulations and determines the procedure for processing personal data and measures to ensure the security of personal data taken by the Controller.

The terms of this Policy may be accepted by the User/Buyer of Goods only in full, without any reservations, limitations and exceptions. Ignorance of the provisions of this Policy does not exempt the User/Buyer of Goods from responsibility for non-compliance with its terms.

The Policy applies to all Users/Buyers of Goods (registered and non-registered visitors to the website, employees of the Controller who have been granted access to personal data solely for the purposes of performing their job duties directly related to the processing of personal data, as well as to other persons when it is necessary for them to participate in the processing of personal data, and also in cases of transferring personal data to them in accordance with the established procedure on the basis of agreements, contracts, orders for processing of personal data.

Key Terms:

“Site” means a set of information resources available on the Internet at www.JNSmore.eu.

“Controller” is any natural or legal person, public authority, public body, institution or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; the controller or the criteria for its determination may be established by Union or Member State law in cases where, the purposes and means of that processing are determined by Union or Member State law (Article 4(7) GDPR)

The Controller determines the purposes and means of personal data processing, in accordance with the Regulation of the European Parliament and of the Council (EU) 2016/679 of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and on the repeal of Directive 95/46/EC (“GDPR”), the Czech Republic Transposition Act to the European Regulation GDPR No. 110/2019 Coll. and other applicable laws and regulations.

With regard to personal data of Visitors (Users/Buyers of Goods) of the website www.JNSmore.eu the Controller is – Ecotrademarket s.r.o., identification code (ICO): 08316228, TIN (DIC): CZ08316228, registered office: Radiova 1325/5, 102 00 Praha 10 – Hostivar, Czech Republic, the entity selling Goods from the website by remote (online) means, being the owner of the website located at www.JNSmore.eu.

“User/Buyer of Goods” means any person who has visited the Site www.JNSmore.eu, registered or not registered on the Site, who has the intention to purchase the Goods, as well as to perform other actions on the Site, or who purchases the Goods using the Site for himself/herself and/or a third party (end consumer) for the purpose of their use for personal, family, household and other needs not related to the entrepreneurial activity.

“Personal Data” is any information relating to a “data subject”, i.e. an identified or identifiable natural person; an identifiable natural person is a person who can be directly or indirectly identified, in particular by reference to an identifier such as name, identification number, location data, online identifier, or to one or more factors specific to physical, physiological, genetic, mental, economic, cultural or social identity of this natural person (Art 4 para 1 GDPR);

“Processing” is any action (operation) or set of actions (operations) performed on personal data, with or without the use of automated means, including collection, recording, organization, structuring, accumulation, storage, adaptation or modification, downloading, viewing, use, disclosure by transmission, dissemination or otherwise making available, matching or combination, reduction, deletion or destruction (Art 4 para 2 GDPR);

“Pseudonymization” (“Impersonalization”) is the processing of personal data in such a way that it can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is stored separately and technical and organizational measures are in place to prevent it from being attributed to an identified or identifiable natural person (Art 4 para 5 GDPR);

“Consent” of the data subject is a voluntary, specific, informed and unambiguous expression of will in which the data subject, by means of a statement or a clear affirmative action, consents to the processing of his or her personal data (Art 4 para 11 GDPR);

Place of storage of personal data: all personal data of data subjects processed by the Controller are stored by the Controller in the territory of the European Union

“Transfer of personal data to a third country” (cross-border transfer of personal data) – the transfer of personal data in the processing or intended to be processed after transfer to a third country or an international organization is only subject to the provisions of Regulation 2016/679 of the European Parliament and of the Council (EU) of 27 April 2016. The transfer of personal data to a third country or international organization may take place if the third country, territory or one or more designated sectors in that third country or the relevant international organization provides an adequate level of protection (Art 44-45 GDPR).

!!! It is IMPORTANT to UNDERSTAND that when the Personal Data Subject (User/Buyer of Goods) and the Controller are located in the European Economic Area, even if in different Member States, and personal data from the User/Buyer of Goods directly reach the Controller, for example through a form filled in by the User/Buyer of Goods on the website of the Controller, such transfer does not constitute a cross-border transfer of personal data (transfer of data to third countries).

“Destruction of personal data” – any actions as a result of which personal data are irretrievably destroyed with the impossibility of further recovery of the content of personal data.

Processing of special categories of personal data is the processing of personal data concerning racial and national origin, political opinions, religious or philosophical beliefs, intimate life!!! Ecotrademarket s.r.o. does not process special categories of personal data.       

1. General Provisions

1.1 The purpose of this Policy is:

– making Users/Buyers of Goods of the www.JNSmore.eu website fully aware of what personal data the Controller collects and on what grounds, as well as the reasons why the Controller collects and uses this data and to whom it is transferred;

– explaining how the Controller uses the personal data that the Users/Buyers of Goods of www.JNSmore.eu provide to the Controller;

– explaining the rights of the Users/Buyers of Goods of www.JNSmore.eu with regard to the personal data collected by the Controller and how to protect their confidentiality.

1.2. Procedure for Acceptance of this Policy

1.2.1 This Personal Data Processing Policy is an offer agreement.

1.2.2 The fact of acceptance of this Policy of personal data processing means full unconditional consent of the User/Buyer of Goods with its terms and conditions and acceptance of the User/Buyer of Goods confirming its conclusion (signing). Ignorance of the provisions of the Privacy Policy does not release the User/Buyer of Goods from responsibility for non-compliance with its terms.

1.2.3 The User/Buyer of Goods accepts the terms of this Personal Data Processing Policy and provides consent to the Controller to process and transfer personal data by clicking any of the buttons on the website:

  • “Register”,
  • “Confirm”,
  • “Continue”,
  • “Accept”,
  • or clicking on the link sent to the User’s / Buyer’s e-mail to activate his/her account on the Site.

The specified buttons, as well as following the link, represent an interactive element of the Site, which sends to the Site system a command on acceptance (electronic signing/acceptance) by the User/Buyer of the Goods of legally significant documents, links to which are sent by e-mail or displayed in a checkbox on the Site and are recognized as an action equal to a handwritten signature.

1.2.4 The processing of personal data of a person under the age of majority, unless another age is provided for by a Member State of the European Union, is legal only with the consent of the legal representative (parents, guardians, custodians, etc.) (Art 8 GDPR).

The Controller shall take the necessary steps to verify that the consent is given by the legal representative, taking into account the available technologies.

In accordance with the terms of this Policy, by clicking one of the following buttons: “Register”, “Confirm”, “Continue”, “Accept” or by clicking on a link, the User/Buyer of Goods confirms that he/she is of legal age and has the right to give consent to the Controller to process his/her personal data.

 1.2.5 If the User/Buyer of Goods does not accept this Personal Data Processing Policy, any further actions of the User/Buyer of Goods to order Goods through the Site will not be possible, as the Controller will not be able to perform them.

1.2.6 This Policy applies only to the Site www.JNSmore.eu. The Controller does not control and is not responsible for third party websites to which the User/Buyer of Goods can go via the links available on the Site.

1.2.7 The Controller does not verify the accuracy of personal data provided by the User/Buyer of Goods of the Site and is not responsible for the unreliability of personal data provided by the User/Buyer of Goods.

2. Data Collection

2.1. Data Collection Objectives.

The Controller respects the principles of privacy of natural persons and properly protects their personal data and processes personal data as this is necessary for the fulfillment of the contract concluded via www.JNSmore.eu, i.e. for the provision of the service, which is in accordance with Art 6, par 1, lit b GDPR), as well as for the purpose of:

  • registration of the User/Buyer of Goods on the Site, creation of a Personal Account on the Site, as well as providing services to the User/Buyer of Goods, including the presentation of offers for the sale of Goods, fulfillment of orders and provision of services directly related to the purchase of Goods through the Site (which complies with Art 6, par 1, lit b GDPR);
  • for possible contact and response to a problem/question communicated via a feedback form or any other available method indicated on the Site (which complies with Art 6, par 1, lit a GDPR);
  • to contact and answer a question regarding the Goods offered for sale, transmitted by means of a feedback form or other available means specified on the Site (which complies with Art 6, par 1, lit a GDPR);
  • for handling of complaints and claims (which complies with Art 6, par 1, lit c GDPR);
  • for compensation of damages related to the concluded insurance contract (which complies with Art 6 par 1 lit f GDPR), where the legally justified purpose is the right to compensation for damages;
  • for archival purposes (which corresponds to Art 6, par 1, lit c GDPR);
  • for statistical purposes (which complies with Art 6, par 1, lit f GDPR), where the legally justified purpose of the Controller is the possession of information on the statistics of the activities carried out by the Controller, which allows for the improvement of these activities.

2.2 The personal data of the Users/Buyers of Goods are processed and protected in accordance with the legal regulations that apply in the field of personal data protection, in particular, the provisions of the Regulation of the European Parliament and of the Council (EU) 2016/679 of April 27, 2016. on the protection of individuals with regard to the processing of personal data and on the free movement of such data and on the repeal of Directive 95/46/EC (“GDPR”), the Czech Republic Transposition Act to the European Regulation GDPR No. 110/2019 Coll. and other applicable legal regulations.

The Controller does not transfer, sell or provide the collected personal data to other persons or institutions, except to ensure the fulfillment of obligations arising from legal regulations or with the consent of the person to whom the data relates.  The Controller may transfer personal data for processing to other entities only under the conditions set forth in this Policy in compliance with applicable legal regulations.

2.3 List of personal data processed by the Controller.

The User/Buyer of Goods, registering on the website through the registration form, specifies:

2.3.1. surname, first name, patronymic (if any) of the User/Buyer of Goods;

2.3.2. contact phone number of the User/Buyer of Goods;

2.3.3. electronic mail (e-mail) address;

2.3.4. language

2.3.5. address of the Goods delivery (country, city, postal code, street, house, apartment);

2.3.6. place of residence of the User/Buyer of Goods (country, city, postal code, street, house, apartment);

2.3.7. identity document data; 

2.3.8. payment details.

2.4 The User/Buyer of Goods is informed that the Controller applies cookie technologies on the Site in relation to the User/Buyer of Goods. Full information on the use of technologies is set out in the Cookies Policy posted at the following address on the Site: https://jnsmore.eu/cookie-policy/ .

2.5 The provision of subject data is voluntary, and the indication of first and last name, address of residence is necessary for the realization of the Controller’s obligation to execute orders of Users/Buyers of Goods.

2.6 During registration, the User/Buyer of Goods specifies a login and password to protect his/her account on the Site. The User/Buyer of Goods is prohibited to transfer his/her login and password to third parties. The User/Buyer of the Goods is obliged to take all possible actions to protect login and password from use by unauthorized persons, including accidental access. 

3. Use of data

3.1 Personal Data may be transferred to other subjects who process the data on their own behalf, namely:

  • persons to whom the Controller has transferred or assigned, in whole or in part, its rights and obligations related to its relations with Users/Buyers of Goods, including the fulfillment of Orders of Users/Buyers of Goods;
  • to persons processing the collection, storage and delivery of orders to the User/Buyer of Goods, including postal or courier services;
  • banks and payment intermediaries (depending on the form of payment chosen by the User/Buyer of Goods) – for the return of funds not due;
  • – to payment intermediaries (if the User/Buyer of Goods chooses such form of payment) – for payment execution;
  • state authorities or other entities authorized on the basis of legal norms to perform the duties assigned to the Controller (tax service, law enforcement agencies, etc.);
  • to entities maintaining the Controller’s teleinformation systems (including hosting companies, IT service providers);
  • entities that provide legal, accounting, tax, debt collection or consulting services to the Controller.

4. Rights of the User/Buyer of Goods (subject of personal data) related to the processing of personal data

4.1 The User/Buyer of Goods has the following rights in relation to his/her personal data:

4.1.1 The right to revoke consent at any time, without affecting the compliance with the right of processing that was carried out on the basis of consent prior to its revocation (provided that the processing is carried out on the basis of consent).

4.1.2 The right of access (Article 15 GDPR) – the ability to retrieve or access their data.

4.1.3 The right to rectification (Article 16 GDPR) – the right to request the correction of information that has lost validity or is inaccurate but is still being processed by the Controller.

4.1.4 The right to data erasure (Article 17 GDPR) – also known as the “right to be forgotten”. The right to request the Controller to delete his/her data.

4.1.5 Right to restriction of processing (Article 18 GDPR) – The data subject has the right to obtain from the Controller the restriction of processing, for example if the accuracy of the personal data is disputed or if the Controller no longer needs the personal data for the purposes of processing, but the data subject needs them for the establishment, exercise or defense of legal claims, etc.

4.1.6 The right to data portability (Article 20 GDPR) – The data subject has the right to receive the personal data concerning him or her that he or she has provided to the Controller in a structured, commonly used and machine-readable format, and has the right to transfer the data to another Controller without hindrance by the Controller to whom the personal data were provided.

4.1.7 Right to objection (Article 21 GDPR) – The data subject has the right to object at any time, for reasons relating to his or her particular situation, to processing of personal data concerning him or her. If the data subject objects to the processing for direct marketing purposes, the personal data will no longer be processed for such purposes.

4.1.8 The right to lodge a complaint with a supervisory authority (Article 77 GDPR). A complaint may be lodged with the Office for the Protection of Personal Data.

5. Data storage time

5.1 The User/Buyer of Goods grants Consent to the Controller for the processing, transfer of personal data for the following period of time – indefinitely!

5.2 The Controller shall store the personal data in a form that allows to identify the User/Buyer of Goods for no longer than required for the purposes of personal data processing.

5.3 The condition for termination of personal data processing may be the achievement of the purposes of personal data processing, expiration of the consent of the User/Buyer of Goods or withdrawal of consent by the User/Buyer of Goods or his/her legal representative, as well as deletion of the account on the Site.

5.4 Data for marketing purposes:

  • in the case of data processing based on consent – until it is withdrawn or the marketing activity is completed;
  • in the case of data processing based on a legally valid purpose – until an objection is made or the marketing activity is completed.

6. Information Security

6.1 The Controller shall apply appropriate security measures to protect data from unauthorized access, modification, public disclosure or destruction. The security measures applied include both technical solutions contained in the service, which consist particularly in proper encryption of data transmitted via the Internet, strict control of physical access to computers and storage media on which personal data are registered, as well as the introduction and application of appropriate storage procedures and rules of conduct with personal data. All persons processing the personal data of the Users/Buyers of Goods shall have appropriate authorizations issued by the Controller and shall undergo regular training in the field of personal data protection.

6.2 The Controller creates backup copies and may use other similar measures to prevent accidental damage or destruction of the personal data of the Users/Buyers of Goods.

6.3 Payment by bank card or electronic transfer is supported by the respective services. These services are responsible for the data indicated in their forms, which are also protected by appropriate technical solutions.

7. Processing method

The controller shall process personal data by automated and non-automated methods, with or without the use of computer facilities.

8. Commercial Notifications (Messages)

8.1 Commercial notification (message) is an information mailing, including news, advertising and marketing, sent to the e-mail address and cell phone number of the User/Buyer of Goods.

This is a free service, which consists in informing the Users/Buyers of Goods about the Controller’s offers, events and other information related to the Controller’s commercial activities by sending periodic e-mails, messages, sms-notifications to inform them about the arrival of new goods/services, promotions, events, discounts, their results, conducting absentee surveys to study opinions about goods/services, sending news and other information, including advertising and marketing information.

8.2 If the Controller does so without using electronic means of communication, the legal basis for such activities is Art 6, par 1, lit f GDPR, where the legally justified purpose of the Controller is to carry out marketing activities.

8.3 However, if the Controller uses electronic means of communication for this purpose, i.e. e-mail, telephone, then taking into account other applicable legal regulations, the Controller processes data only on the basis of the User’s/Buyer’s Consent (which is in accordance with Art 6, par 1, lit a GDPR).

The consent of the User/Buyer of Goods to the use of data (e-mail address, telephone number) for sending commercial notifications (messages) to the User/Buyer of Goods, as well as for receiving these messages is given by the User/Buyer of Goods personally when registering on the Site.

The User/Buyer of Goods has the right to refuse to receive commercial notifications (messages) at any time without explaining the reasons for refusal by clicking the “Unsubscribe” or “Refuse” button located in the body of the mailing letter, or by contacting the Customer Service (call-center).

IMPORTANT: service messages informing the User/Buyer of Goods about the Order, including the stages of its processing and fulfillment, changes in the operation of the Site, changes in the Personal Account of the User/Buyer of Goods, as well as other messages, one way or another related to the fulfillment of the Order are not advertising and therefore cannot be rejected by the User/Buyer of Goods.

9. Links to other websites

The website www.JNSmore.eu may contain links to other websites placed for the convenience and information of the User/Buyer of Goods. The Controller is not responsible for the information posted there and the privacy policy applied. The User/Buyer of Goods should independently check the Personal Data Policy of such sites each time he/she visits them.

10. Final provisions

10.1 The Controller shall not be liable:

  • for any inaccuracy, error or incompleteness of the information provided on the Site;
  • for any damage caused as a result of unlawful actions of third parties aimed at distorting the information or objects contained on the Site;
  • and/or infection of the Site with viruses and other malicious programs;
  • for the information provided by the User/Buyer of Goods on the Site in a publicly available form;
  • for temporary unavailability of the Site and/or its components due to maintenance, the need to eliminate technical failures or defects, or for other reasons.

10.2 Users/Buyers of Goods who have provided the Controller with inaccurate information about themselves, or information about another subject of personal data without the consent of the latter, shall be held liable in accordance with the law.

10.3 In the event of force majeure, as well as accidents or failures in the hardware and software systems of third parties cooperating with the Controller, or actions (inaction) of third parties aimed at suspending or terminating the operation of the Site, the operation of the Site may be suspended without prior notice to the User/Buyer of Goods.

10.4 The Controller reserves the right to change the terms and conditions of this Policy and all its integral parts without the agreement of the User/Buyer of Goods and to notify the latter by posting on the Site a new version of the Policy or any integral part thereof that has undergone changes.

The new version of the Policy or any part thereof comes into force from the moment of publication on the Site, unless another date for the entry into force of the changes is determined by the Controller when they are published. The current version of this Policy is publicly available on the Site.

10.5. Revocation of the previously given consent to the processing of the personal data of the User/Buyer of Goods or his/her legal representative is carried out by sending by the User/Buyer of Goods or his/her legal representative of the application in the form of an electronic document (signed scanned copy of the application) to the Controller at the e-mail address [email protected] with an indication in the subject line of the letter “Revocation of previously granted consent to the processing and storage of personal data” or in simple written form at the office address specified in clause 10.6. of this Policy.

The User/Buyer of Goods or his/her legal representative are obliged to stop using the Site immediately after they send a Withdrawal of consent to the processing and storage of personal data to the Controller.

All actions of the User/Buyer of Goods or his/her legal representative, committed using the Site after sending the application, have no legal force and do not give rise to legal consequences for the Controller, and the Controller stops processing the personal data of such a User/Buyer of Goods and destroys their personal data.

10.6.      Controller Contacts for Personal Data Protection Issues

On issues related to the protection of personal data, the User/Buyer of Goods can contact the Controller’s specialist by e-mail, telephone or in writing at the office address:

 

E-mail:  [email protected]

Tel.: +420 770 606 774
Address: Radiova 1325/5, 102 00 Praha 10 – Hostivar, Czech Republic