Login
Forgotten password
Register
Popular products 0
Breadcrumb.HomePage
|
GDPR

Statement of CAROLLINUM s.r.o. on Personal Data Protection


CAROLLINUM s.r.o., with its registered office at Praha 1, Pařížská 67/11, Postal Code 11000, Identification No. (IČO): 64583350, registered in the Commercial Register maintained by the Municipal Court in Prague, Section C, File 41149 (hereinafter also referred to as the “Controller”), has adopted measures to protect your personal data. To achieve the highest possible level of protection, we will adhere to the following principles.

This statement and the subsequent processing of personal data are governed primarily by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation), (hereinafter referred to as “GDPR”) and Act No. 110/2019 Coll., on the processing of personal data, as amended.

This statement may be amended by us at any time, especially in the event of changes in the relevant legislation relating to personal data protection. Therefore, in your own interest, we recommend monitoring our website for any updates to this statement.

We note that you are not obliged to disclose your personal data to us; however, if you do not provide us with some of the personal data we require, we will only be able to provide you with limited services.

First, we would like to explain some basic concepts to help you better understand the following text of this Statement.

Personal Data

“Personal data means any information relating to an identified or identifiable natural person (data subject). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.”

Special Categories of Personal Data

“These are personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation.”

Data Subject

“A data subject is the natural person to whom the personal data relates and who can be identified or is identifiable based on the personal data.”

Personal Data Controller

“The Controller is the natural or legal person who determines the purposes and means of the processing of personal data and is primarily responsible for the processing.”

Personal Data Processor

“The Processor is a natural or legal person who processes personal data on behalf of the controller based on the controller’s instructions.”

Processing of Personal Data

“Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.”

How and for what purpose we process the data

We process the personal data you provide on the basis of a legal ground pursuant to Article 6(1)(b) of the GDPR, where processing is necessary for the performance of a contract, or pursuant to Article 6(1)(c) for compliance with a legal obligation. Furthermore, also pursuant to Article 6(1)(a) based on your provided consent to the processing of such data in cases where legitimate interests (Article 6(1)(f)) as a legal ground for processing are insufficient or the processing concerns special categories of personal data.

Personal data is processed for the purpose of ensuring and providing the service, product, or information you have expressed an interest in. If you are an existing customer, also to provide information about other services or products similar to those that were the subject of your previous purchase. If you are a new customer, the Controller will only send you commercial communications and offers of products and services if you have given the Controller explicit consent to do so (see current GDPR).

What data we process

In the context of providing our services, we collect the following personal data: a) Salutation / Title b) First name c) Last name d) Contact address e) E-mail address f) Telephone number (if you provide it to us) g) Payment card details (if you used one)

Personal Data Retention Period

We retain the data for the period necessary for the purpose of performance of the contract and further for the period strictly necessary to fulfil legal obligations or protect our rights (usually for a period of 10 years from the termination of the contractual relationship). If you exercise your right to be forgotten or withdraw your consent, the data will, of course, be retained for a shorter period.

Data Transfer – Other Processors

The Controller is entitled to process personal data both automatically and manually, also through designated processors. Personal data is/will be accessible only to authorised employees of the Controller or employees of the processor, and only to the extent necessary for the purposes of processing. Personal data is transferred to other processors only to a minimal extent, and all processing relationships are based on processing agreements in which our processors have guaranteed to adopt measures that ensure the same level of personal data security as provided by our company. Information about the companies that process personal data or conduct marketing research for the Controller can be obtained at the Controller's address.

Commercial Communications, Direct Marketing

Pursuant to Section 7(3) of Act No. 480/2004 Coll., on certain Information Society Services, as amended, and pursuant to Recital 47 of the GDPR, we are allowed to use some of the data you provide for direct marketing within the scope of our existing contractual relationship, even without explicit consent. You have the right to object to further processing for the purpose of direct marketing at any time free of charge. If you do so, personal data will no longer be processed for these purposes.

Cookies

To make our offer relevant to you, our website, https://www.carollinum.cz/cs/, uses cookies (technical, functional, analytical, marketing). They serve to remember your preferences and actions you have performed on them (e.g., login details, language, font size, and other display preferences). You do not have to re-enter this data for a certain period. Our cookies themselves do not identify an individual user; they only identify the device you are using, using a randomly generated identification code. As a user, you can disable or restrict the use of cookies in your browser. However, if you do so, you will not be able to use all the functions offered by our website.

Third parties whose cookies we use for the proper functionality of our website:

  • Google: We use the Google Analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies that help us analyse how visitors use our website. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on their servers. Google uses this information to evaluate your use of the website, to compile reports on website activity for website operators, and to provide other services relating to website activity and internet usage. Google may also use the collected data to contextualize and personalize ads within its own advertising network. Information on how Google handles cookies can be found at: https://policies.google.com/?hl=cs.
  • Microsoft: Microsoft's tracking code uses cookies to collect user session information. This cookie, stored in the browser, provides data about how the user visited our site, their location, language preferences, and other details. https://learn.microsoft.com/en-us/clarity/setup-and-installation/cookie-consent.
  • ROLEX SA: When you visit the Rolex section of our website, certain cookies are managed by ROLEX SA (hereinafter “ROLEX”). If you have consented to their use or if their use is justified by a legitimate interest, ROLEX deploys performance measurement and tracking tools to improve its online presence and ensure you have the best possible user experience tailored to your preferences. Adobe Experience Platform Launch (Tag Manager), Adobe Analytics, and Content Square tools are used to analyse and track user behaviour in the Rolex section. Details on ROLEX’s cookie policy and data protection at Adobe and Content Square can be found via the following links: https://www.rolex.com/legal-notices/cookies, https://www.adobe.com/privacy/policy.html, https://contentsquare.com/privacy-center/.
  • PATEK PHILIPPE SA GENÈVE: When visiting the Patek Philippe section of our website, certain cookies are managed by PATEK PHILIPPE SA GENÈVE (“Patek Philippe”). If you have consented to their use or if their use is justified by a legitimate interest, Patek Philippe deploys performance measurement and tracking tools to enhance its website presentation and ensure you have the best possible user experience tailored to your preferences. Google Tag Manager and Google Analytics tools are used to analyse and track user behaviour in the Patek Philippe section. Details on Patek Philippe’s cookie policy and Google’s data protection can be found via the following link: https://www.patek.com/en/legal-notices/cookie-policy.
  • Richemont: On certain parts of our sites, we use Richemont cookies to enhance the online experience of our visitors, for example, by remembering your language or product preferences, and to better understand how you use our sites. Cookies help us determine whether you have visited our site before or are a new user. They also help us ensure that the online advertisements you see are better matched to your interests and preferences. More details can be found at https://www.richemont.com/cookie-policy/.
  • META: Facebook Conversion Tracking Pixel: This tool allows us to determine whether visitors to our website arrived through an advertisement on Facebook. This enables us to evaluate the effectiveness of Facebook advertisements for statistical purposes and market research. All collected data remains anonymous, meaning no personal information is displayed or transmitted. Facebook stores and processes this data. We provide this information to you based on our current knowledge. Facebook may link the data to your account and use it for its own advertising purposes in accordance with its data policy, which is available at: https://www.facebook.com/about/privacy/. If you wish to withdraw your consent, you can do so on this page: https://www.facebook.com/ads/settings.

Further information on how to manage cookies in popular browsers:

  • Google Chrome
  • Mozilla Firefox
  • Microsoft Edge

If you have any questions regarding our use of cookies or other tracking technologies, please contact us at: carollinum@carollinum.cz.

Security

To achieve the highest possible degree of protection for the personal data you provide, we use certain technologies and administrative, technical, and physical measures. Appropriate technical and organisational measures have been adopted by us to secure your data, as well as technical measures to secure data storage, personal data storage in paper form, regular system updates, and measures to prevent unauthorised persons from accessing the data. Although we strive to protect your personal data from loss, misuse, unauthorised access, modification, or disclosure to the maximum extent possible, it is never possible to ensure 100% control. Therefore, in the event of any incidents that reach a certain level of risk, we will inform you immediately.

Camera Recordings

The Controller monitors the movement of persons in the premises through camera systems with recording for the purpose of property protection and prevention of damage. Areas where cameras are located are always visibly marked with a warning. In this case, following a balancing test, the legal basis for this processing is the legitimate interest of the controller pursuant to Article 6(1)(f) of the GDPR. Unless the recordings are deemed necessary for the purpose of criminal, administrative, or other similar proceedings, they will be deleted no later than 3 days after their acquisition.

Rights of Data Subjects

To honour the principle of transparency in the processing of personal data, we will gladly provide you with information about what personal data we process about you at the contact details provided below.

Firstly, you have the right to access the personal data we process about you. This right primarily consists of obtaining confirmation that we are processing personal data about you and the right to certain information, such as the purpose of processing, the categories of personal data concerned, the planned duration of their processing, etc.

If legally possible, you have the right to change or correct the personal data we hold about you.

You have the right to restrict the processing of personal data. If the processing of personal data is carried out based on your consent, you have the right to restrict this processing or to withdraw this consent at any time. You also have the right to request that we erase your personal data. Exceptions are cases where the processing is carried out due to a legal obligation or due to our legitimate interest.

You also have the right to a copy of the personal data we hold about you, including their sources, purposes and methods of processing, electronic decision-making, and the entities with whom we share your data. We will endeavour to make the information you request available to you within a reasonable time. Depending on the information you request, we may charge a small fee to the extent permitted by applicable law. Subject to the conditions laid down by legal regulations, you also have the right to data portability.

If you believe that the Controller is acting in violation of applicable regulations when processing personal data, you have the right to object to the processing and also the right to lodge a complaint with the Office for Personal Data Protection.

Contact Details

In case of questions, complaints, comments, or exercise of the rights of data subjects, please contact us at the email address: carollinum@carollinum.cz.