In particular, the processing of personal data is governed by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (“GDPR”)

Affected person – buyer/visitor of the website,

Operator of the internet shop shop.supersolar.sk

SUPERSOLAR s. r.o.
Prievidzská 217/5
972 01 Bojnice

IČO: 54793327
DIČ: 2121790209
IČ DPH: SK2121790209

The company is registered in the Commercial Register of the District Court of Žilina in sec. s.r.o., v.no. 80286/L.
SUPERSOLAR s r.o. is not a registered payer of value added tax.

Telephone contact: +421 902 158 576
Electronic address: [email protected],

hereinafter referred to as “the operator”

We declare that your personal data is a priority for us and is processed exclusively in accordance with applicable legislation. We only process personal data with the consent of the client.

 

1. What data do we process?

 

We process this personal data in accordance with Regulation (EU) No 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) (“Regulation 2016/679”):

• Name
• last name
• street and house number
• POSTCODE
• City
• State
• telephone contact
• email
• IP address

The primary personal data processed is the personal data you provide to us when registering on supersolar.sk or when creating your order.

 

1.1 Data collected through cookies.

 

For better targeting of advertising campaigns and improvement of the offer and services, the supersolar.sk online shop uses information about the goods purchased by our customers. If you have enabled the storage of cookies in your browser and agree to their use, the operator obtains data about your visit to the website, products viewed and other activity on the website.

1.2 Data collected via Facebook pixel for better targeting of advertising campaigns.

1.3 Google LLC (online marketing tools)

1.4 The Controller does not collect or process any other sensitive personal data including, for example, data about your health, religion or beliefs.

 

2. Who has access to personal data?

 

Your personal data will only be passed on to third parties or otherwise communicated if this is necessary for the performance of the purchase contract, on the basis of a legitimate interest or if you have given your prior consent to this. We only pass on to processors the data that is strictly necessary for them to provide their services. These include:

• order processing: SUPERSOLAR s.r.o,
• shipping companies: direct parcel distribution SK s.r.o.,
• to electronic payment processing companies in order to process payment based on your order: Shoptet Pay.,
• Accounting companies: in order to fulfil our tax obligations, we provide your personal data on tax documents in the scope of name, surname, title and delivery address, contact details: telephone number and e-mail address, to the accounting company TAXAT, s.r.o., which processes them for the purpose of settlement according to the mediation contract,
• For marketing purposes: Facebook, Inc., Google LLC (online marketing tools), MailChimp (for newsletter purposes).

2.1 Due to the scope and subject of its activities, the Controller is not obliged to appoint a responsible person pursuant to Section 44 of Act No. 18/2018 Coll. on the Protection of Personal Data. However, if you have any questions regarding your personal data, please write to us at: [email protected].

2.2 The website operator is responsible for the processing of personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as the GDPR). The data subject shall have the right, upon written request to the controller, to obtain information about his or her personal data which are subject to processing or the erasure or correction of his or her personal data by the controller.

 

3. Purposes of the processing of personal data

 

3.1 We use your name and surname and contact details to process your order, i.e. to fulfil the contract between www.supersolar.sk and the customer. Data processing in this case includes all activities from the registration of the order, its processing, including payment and delivery of the ordered goods to your address. If the data is not provided we cannot process your order.

3.2 Communication with the client.
Personal data is used for the purpose of communicating with you. For example, we may contact you for the following reasons:

• a reminder of your goods in the online basket,
• help with completing your order,
• providing information about the current status of your order, dispatch of your order, receipt of payment for your order, complaints, etc.
• obtaining other necessary information to process your order

3.3 Processing of personal data for the purpose of sending marketing information
If you have agreed to receive our newsletter by email, we use your contacts to send you promotional notifications, notifications about events, news, discounts, etc. This involves the processing of the following data:

• Name
• e-mail address

This data is processed by a third party company, MailChimp, which complies with the principles of Regulation 2016/679. You can always refuse consent to receive the newsletter via the unsubscribe link at the end of each email. You can also unsubscribe directly by contacting us by email or telephone.

 

4. Security of personal data and processing time

 

4.1 The Controller takes care of the security of your data. The handling of personal data is carried out in full compliance with applicable law, including the General Data Protection Regulation (GDPR). When processing personal data, the controller places great emphasis on the technical and organisational security of the data processed. Although we have not appointed any person to act as data protection officer (this obligation is not mandatory by law), the security of your personal data is of paramount importance to us. In order to ensure the protection of your personal data, we have taken the necessary technical and organisational measures, we have selected responsible service providers.

4.2 The transmission of personal data takes place in encrypted form using the SSL (Secure Socket Layer) network protocol. All personal data in electronic form is stored in databases and systems that can only be accessed by those who need to handle the personal data immediately for the purposes set out in this policy, and then only to the extent necessary. Access to this personal data is password and firewall protected. The security of personal data is regularly tested by the Controller and the protection is continuously improved.

4.3 How long do we process the data?
The controller processes personal data for the purpose of fulfilling the contract for the entire period of processing the order, including payment and delivery of the goods. By law, we subsequently store some data contained in accounting documents (based on Article 431/2002 Coll. on Accounting, as amended) Business marketing communications by email newsletter are sent to users for as long as the consent to receive them lasts. However, the longest period of time for which commercial communications are sent is 10 years. We process the data collected for marketing purposes via cookies for as long as you consent to the use of cookies, i.e. for as long as you allow the storage of cookies in your browser, or until such time as an objection is raised against the processing of your data for this purpose.

4.4 The provision of personal data is a contractual obligation.

 

5. Information on the rights of the data subject

 

On request or in person at the controller, the data subject shall have the right to:

• to be informed and to request access to, rectification, erasure or restriction of the processing of his/her personal data §§ 21, 22, 23 of the Act;
• object to the processing of your personal data § 27 of the Act;
• for the portability of personal data § 26 of the Act;
• file a petition with the Office for Personal Data Protection of the Slovak Republic if you believe that your right to the protection of personal data has been violated,
• erasure of personal data (the so-called right to be forgotten) or limited processing if they are no longer necessary for the purposes stated or if we no longer have a legitimate reason to process the personal data, including where you do not consent to further processing. We will destroy your data completely when the above conditions are met.

5.1 Clients of the Controller may object to the processing of personal data in the case of sending newsletter notifications or evaluating shopping preferences, on the basis of which we will immediately terminate the processing of personal data for these purposes.

5.2 The data subject is obliged to provide true and up-to-date personal data. The rights of the data subject are governed by Chapter 3 of the GDPR. The data subject has the right to: lodge a complaint with a supervisory authority, object to processing, request access to personal data concerning the data subject from the controller, to rectification or erasure or restriction of processing of personal data, as well as the right to data portability.

 

6. Contact

 

If you have any questions or concerns, please contact us by email at [email protected] or by phone +421 902 158 576. We will be at your disposal.

 

7. Effectiveness

 

These rules are effective from 27.12.2022