Principles of personal data processing and protection
These Principles of Personal Data Processing and Protection (the "Principles") are the basic principles which Démos trade, a.s., based at Škrobálkova 630/13, Kunčičky, 718 00 Ostrava, Identification Number: 253 97 478 (the "Company") follows when obtaining and processing personal data as a personal data administrator. These Principles implement the Company's rights and obligations arising mainly from the following generally binding legal regulations:
- European Parliament and Council Regulation (EC) No. 2016/679 on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of Such Data and Repealing Directive No. 95/46/EC (General Data Protection Regulation) (“GDPR”);
- Act No. 480/2004 Coll., on Certain Information Society Services and on Amendments to Certain Acts (Act on Certain Information Services), as amended (the "Act on Some Information Society Services"); and
- Act No. 127/2005 Coll., on Electronic Communications and on Amendment to Certain Related Acts (the Electronic Communications Act), as amended (the "Electronic Communications Act").
These Principles shall apply to all persons visiting the Company`s website www.demos-trade.com and demos24plus.com (the “Websites") and all Company's customers ("Data Subjects").
By using the Company's Websites, you acknowledge and agree to be bound by these Principles.
Personal data, in accordance with the GDPR, mean any information about a designated or identifiable natural person (not a legal person). In principle, therefore, it is any information which, whether alone or in summary, with other information, can serve to identify a particular individual ("Personal Data").
Which Categories of Personal Data Are Processed
The Company processes identification data, contact details, descriptive data, payment data, billing data, access data, access and entitlement data, service request data (including cookies), warehouse data, delivery data, order data and data about business cooperation.
Use of Personal Data
Company`s Personal Data are processed for the following purposes:
- providing Company`s products and services, whether within the Website or through standard supplier-customer relationships;
- internal evaluation of provided products and services and possible improvements of their provision; and
- protection of Company`s legitimate interests (for example, for the purposes of website security and functionality, for marketing or litigation purposes).
If you are a Company`s customer or have given a consent, the Company is authorised to use your Personal Data to send news from the world of furniture, special offers and other business communications. Sending business communications can be withdrawn at any time, either in the trading portal setting, if you have access to it, or simply by cancellation through the sent business communications or via the email address stated below.
Transmitting Personal Data
The Personal Data which the Company acquires about Data Subjects are further transmitted:
- within the Demos trade group, i.e. to Company`s related parties;
- to Company`s business partners, such as carriers, cutting centres, banks, insurance companies, marketing agencies, IT infrastructure providers (e.g. Websites), which subsequently process Personal Data for the Company or separately in accordance with the purpose of their provision but also on the basis of the Company`s legitimate interests (e.g. in the context of credit risk coverage); and
- to other third parties to which the Company is entitled (for example, a general court in the event of a dispute) or obliged (for example, law enforcement bodies) to provide Personal Data in accordance with generally binding statutory provisions.
Personal Data Protection Means
In order to protect and minimise the risk of unauthorised access to Personal Data, the Company has adopted organisational and technical measures.
These include, in particular, the technical security of the servers and the Company's Website against unauthorised access.
Persons in contact with Personal Data are also bound by confidentiality in accordance with Article 28(3)b) of the GDPR.
When operating its Websites, the Company uses so-called cookies, which are text files of a small extent ("Cookies") sent from the Company's server to the Data Subject browser/equipment and which are returned to the Company's server when re-visiting the Company`s Websites, which enables the Company to tailor better the content of the Websites to individual Data Subjects. By using Cookies, the Company:
- has information about the Data Subject on past searches;
- stores the Data Subjects' credentials; and
- adapts the contents of the Websites to the Data Subject.
The Company uses the following types of Cookies:
- technical cookies, which allow the basic operation of the Websites;
- relational Cookies, which are needed to properly display the Website and are automatically deleted when the Data Subject leaves the Website;
- permanent Cookies, which allow the identification of the Data Subject, its access to the Website, and its behaviour on the respective Website. Based on permanent Cookies, a specific Data Subject is then identified when re-visiting the Website. Permanent Cookies can be further used, in particular, to measure and advertise the activity of Data Subjects on the Website; and
- Ad Cookies, which allow individual Data Subjects to display targeted advertising to a respective advertising system based on the competence of individual Cookies.
Of course, you may disable using Cookies in specific cases or block them long-term through your browser. In such a case, however, it is likely that certain services and functions of the Company's Websites will not be fully functional or available.
The Company uses the Google Analytics services provided by Google LLC on the Websites. Google Analytics allows the Company to collect, process, and evaluate data (including, but not limited to, Personal Data) about Website visits.
For further information about the protection and processing of your personal data, as well as your requests, please use the following email address: firstname.lastname@example.org .
Data Subjects Rights
Data Subjects have the following rights related to their Personal Data protection:
- the right to withdraw the consent to the processing of Personal Data if processing is subject to it;
- the right to request access to Personal Data and the information specified in Article 15(1) of the GDPR;
- the right to correct inaccurate Personal Data and also to supplement incomplete Personal Data;
- the right under the conditions laid down in Article 17 of the GDPR to delete Personal Data;
- the right, under the terms and conditions of Article 18 of the GDPR, to restrict Personal Data processing;
- the right, under the terms and conditions provided for in Article 20 of the GDPR, to obtain Personal Data concerning him/her, which he/she has provided to the Company, in a structured, commonly used and machine-readable format, and the right to pass such data to another person;
- the right to be informed, under the terms and conditions of Article 34 of the GDPR, of a violation of Personal Data security;
- the right, under the terms and conditions of Article 21 of the GDPR, to object to the processing of Personal Data; and
- the right to lodge a complaint with the Supervisory Authority, i.e. with the Office for Personal Data Protection, at the address Pplk. Sochora 27, 170 00 Prague 7, or through a data box at the address qkbaa2n.