I. Basic provisions
1. The controller of personal data pursuant to Article 4(7) of the Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as "GDPR") is Ace Sport s.r.o., with business registration number (IČ) 63887355 and registered address at Sedláčkova 472/6, Písek 39701 (hereinafter referred to as the "administrator").
2. The Administrator’s contact details are as follows
Address: Sedláčkova 472/6, Písek 39701
Phone: +420 602468321
3. Personal data refers to all information about an identified or identifiable natural person; an identifiable natural person is a person who can be directly or indirectly identified, in particular by reference to a specific identifier such as a name, identification number, location data, network identifier, or one or more special elements of the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
4. The administrator has not appointed/named a Data Protection Officer. The contact details of the Data Protection Officer, if appointed, are as follows:
II. Sources and categories of personal data processed
1. The administrator processes personal data that you have provided to them or personal data obtained by the controller in the course of fulfilling your order.
2. The administrator processes your identification and contact information, as well as data necessary for the performance of the contract.
III. Legal basis and purpose of personal data processing
1. The legal basis for processing personal data is as follows:
2. The purpose of processing personal data is
3. The administrator does not engage/engages in automatic individual decision-making within the meaning of Article 22 of the GDPR. You have provided your explicit consent for such processing.
IV. Data retention period
1. The Administrator retains personal data
2. After the data retention period has elapsed, the controller will erase personal data.
V. Recipients of personal data (Controller’s subcontractors)
1. The recipients of personal data are individuals
2. The administrator does not/does intend to transfer personal data to a third country (outside the EU) or an international organization. Recipients of personal data in third countries are providers of mailing services/cloud services.
VI. Your rights
1. Under the conditions set forth in the GDPR, you have
2. You also have the right to file a complaint with the Office for Personal Data Protection in the event you believe that your right to personal data protection has been violated.
VII. Conditions for Personal Data Security
1. The administrator declares that they have implemented all appropriate technical and organizational measures to secure personal data.
2. The administrator has implemented technical measures to secure data storage and storage of personal data in paper form, ensuring that all data is securely stored and encrypted.
3. The administrator declares that only authorized personnel have access to personal data.
VIII. Final provisions
1. By submitting your order through the online order form, you confirm that you are acquainted with the terms of personal data protection and fully accept them.
2. You agree to these terms by checking the consent box through the online form. By checking the consent box, you confirm that you are acquainted with the terms of personal data protection and fully accept them.
3. The administrator is authorized to modify these terms. The new version of the personal data protection terms will be published on its website, and simultaneously, the administrator will send you the new version of these terms to the email address you have provided.
These terms shall become effective as of January 20, 2020.