Privacy Policy

Who are we

Our website address is www.arrigos.cz and offers products of our blacksmith workshop.

What personal data do we collect and why do we collect it

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms

Cookies

If you leave a comment or product review on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Who we share your data with

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service.

Privacy policy

I.
General provisions

1. Subject with IČO (Company Identification Number) 74406213 seated at the address Nová Ves 8, Skalná, ZIP Code 35134 (‘controller‘) is the controller according to the article 4, paragraph 7 of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (‘GDPR‘).
2. Contact e-mail address of the controller is admin@arrigos.cz
3. Personal data are defined as any information relating to an identified or identifiable natural person; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his or her physical, physiological, mental, economic, cultural or social identity.
4. The controller does not appoint a data protection officer (article 37 of GDPR).

II.
Sources and categories of processed personal data

1. The controller processes personal data you provided or personal data obtained in pursuit of the fulfillment of your order.
2. The controller processes your identification and contact data necessary to fulfill your order.

III.
Reason and purpose of processing of personal data

1. Legal reason for processing of personal data is
   a) fulfillment of the agreement between you and the controller according to the article 6, paragraph 1, section a) of GDPR,
   b) rightful interest of the controller to provide direct marketing (namely by sending bussiness messages and newsletters) according to the article 6, paragraph 1, section f) of GDPR,
   c) your consent to the processing of personal data for the purpose of direct marketing (namely by sending bussiness messages and newsletters) according to the article 6, paragraph 1, section a) of GDPR and to § 7, article 2 of the Act no. 480/2004 Sb. ‘o některých službách informační společnosti’ in the absence of order of any goods or service.
2. Purpose of processing of personal data is
   a) to fulfill your order and exercise of rights and obligations consequential to the legal relationship between you and the controller; to complete your order, personal data necessary to the successful fulfillment of your order are required (name and address, contact information). Provision of personal data is a necessary requirement to conclude and fulfill of an agreement, without this provision no agreement can be concluded and no agreement can be fulfilled by the controller.
   b) to send bussiness messages and other marketing activities.
3. The controller does not exercise any automatic individual decision in the sense of the article 22 of GDPR.

IV.
Data retention period

1. The controller keeps the personal data
   a) for a period necessary to exercise rights and obligations consequential to the legal relationship between you and the controller and for the application of the legal claims according to said legal relationship, i.e. for a period of 15 years after the conclusion of the legal relationship,
   b) until your consent to the processing of your personal data for the purpose of marketing is withdrawn (at most for a period of  years).
2. After the data retention period expires, the controller deletes personal data.

V.
Recipients of personal data (subcontractors of the controller)

1. Recipients of personal data are individuals
   a) participating in the delivery of goods/services or the execution of transactions according to an agreement,
   b) providing marketing services.
2. The controller does not indend to give away personal data to any third country (country outside EU) or any international organization.

VI.
Your rights

1. On conditions specified in the GDPR you have
   a) the right to access your personal data according to the article 15 of GDPR,
   b) the right to the correction of personal data according to the article 16 of GDPR or the limitation of personal data processing according to the article 18 of GDPR,
   c) the right to the deletion of personal data according to the article 17 of GDPR,
   d) the right to object against the processing of personal data according to the article 21 of GDPR,
   e) the right to the portability of personal data according to the article 20 of GDPR,
   f) the right to withdraw your consent to the processing of personal data, which you can do in writing or electronically by sending such withdrawal to the post address or e-mail address, respectively, written in the article III of this privacy policy.
2. Furthermore, you have the right to file a complaint with The Office for Personal Data Protection in case you think your privacy rights have been violated.

VII.
Security of personal data

1. The controller declares that he took all suitable technical and administrative measures to protect personal data.
2. The controller declares that he took all suitable technical measures to protect electronic data storage and physical personal data storage.
3. The controller declares that only individuals authorized by the controller have access to personal data.

VIII.
Final provisions

1. By sending and order using the online order form you acknowledge that you are acquainted with this privacy policy and that you accept it in full.
2. You provide your acknowledgement by checking the agreement using the online form. By checking the agreement you acknowledge that you are acquianted with this privacy policy and that you accept it in full.
3. The controller reserves the right to change this privacy policy. New version of this policy will in this case be posted on the website and at the same time you will be sent the new version of this policy to the e-mail address you provided to the controller.

This privacy policy takes effect on 5th September, 2019.