Statement of CAROLLINUM s.r.o. on Personal Data Protection

CAROLLINUM s.r.o., with its registered office at Praha 1, Pařížská 67/11, Postal Code 11000, Identification No. (IČO): 64583350, registered in the Commercial Register maintained by the Municipal Court in Prague, Section C, File 41149 (hereinafter also referred to as the “Controller”), has adopted measures to protect your personal data. To achieve the highest possible level of protection, we will adhere to the following principles.

This statement and the subsequent processing of personal data are governed primarily by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation), (hereinafter referred to as “GDPR”) and Act No. 110/2019 Coll., on the processing of personal data, as amended.

This statement may be amended by us at any time, especially in the event of changes in the relevant legislation relating to personal data protection. Therefore, in your own interest, we recommend monitoring our website for any updates to this statement.

We note that you are not obliged to disclose your personal data to us; however, if you do not provide us with some of the personal data we require, we will only be able to provide you with limited services.

First, we would like to explain some basic concepts to help you better understand the following text of this Statement.

Personal Data

“Personal data means any information relating to an identified or identifiable natural person (data subject). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.”

Special Categories of Personal Data

“These are personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation.”

Data Subject

“A data subject is the natural person to whom the personal data relates and who can be identified or is identifiable based on the personal data.”

Personal Data Controller

“The Controller is the natural or legal person who determines the purposes and means of the processing of personal data and is primarily responsible for the processing.”

Personal Data Processor

“The Processor is a natural or legal person who processes personal data on behalf of the controller based on the controller’s instructions.”

Processing of Personal Data

“Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.”

How and for what purpose we process the data

We process the personal data you provide on the basis of a legal ground pursuant to Article 6(1)(b) of the GDPR, where processing is necessary for the performance of a contract, or pursuant to Article 6(1)(c) for compliance with a legal obligation. Furthermore, also pursuant to Article 6(1)(a) based on your provided consent to the processing of such data in cases where legitimate interests (Article 6(1)(f)) as a legal ground for processing are insufficient or the processing concerns special categories of personal data.

Personal data is processed for the purpose of ensuring and providing the service, product, or information you have expressed an interest in. If you are an existing customer, also to provide information about other services or products similar to those that were the subject of your previous purchase. If you are a new customer, the Controller will only send you commercial communications and offers of products and services if you have given the Controller explicit consent to do so (see current GDPR).

What data we process

In the context of providing our services, we collect the following personal data: a) Salutation / Title b) First name c) Last name d) Contact address e) E-mail address f) Telephone number (if you provide it to us) g) Payment card details (if you used one)

Personal Data Retention Period

We retain the data for the period necessary for the purpose of performance of the contract and further for the period strictly necessary to fulfil legal obligations or protect our rights (usually for a period of 10 years from the termination of the contractual relationship). If you exercise your right to be forgotten or withdraw your consent, the data will, of course, be retained for a shorter period.

Data Transfer – Other Processors

The Controller is entitled to process personal data both automatically and manually, also through designated processors. Personal data is/will be accessible only to authorised employees of the Controller or employees of the processor, and only to the extent necessary for the purposes of processing. Personal data is transferred to other processors only to a minimal extent, and all processing relationships are based on processing agreements in which our processors have guaranteed to adopt measures that ensure the same level of personal data security as provided by our company. Information about the companies that process personal data or conduct marketing research for the Controller can be obtained at the Controller's address.

Commercial Communications, Direct Marketing

Pursuant to Section 7(3) of Act No. 480/2004 Coll., on certain Information Society Services, as amended, and pursuant to Recital 47 of the GDPR, we are allowed to use some of the data you provide for direct marketing within the scope of our existing contractual relationship, even without explicit consent. You have the right to object to further processing for the purpose of direct marketing at any time free of charge. If you do so, personal data will no longer be processed for these purposes.

Cookies

To make our offer relevant to you, our website, https://www.carollinum.cz/cs/, uses cookies (technical, functional, analytical, marketing). They serve to remember your preferences and actions you have performed on them (e.g., login details, language, font size, and other display preferences). You do not have to re-enter this data for a certain period. Our cookies themselves do not identify an individual user; they only identify the device you are using, using a randomly generated identification code. As a user, you can disable or restrict the use of cookies in your browser. However, if you do so, you will not be able to use all the functions offered by our website.

Third parties whose cookies we use for the proper functionality of our website:

• Google: We use the Google Analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies that help us analyse how visitors use our website. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on their servers. Google uses this information to evaluate your use of the website, to compile reports on website activity for website operators, and to provide other services relating to website activity and internet usage. Google may also use the collected data to contextualize and personalize ads within its own advertising network. Information on how Google handles cookies can be found at: https://policies.google.com/?hl=cs.
• Microsoft: Microsoft's tracking code uses cookies to collect user session information. This cookie, stored in the browser, provides data about how the user visited our site, their location, language preferences, and other details. https://learn.microsoft.com/en-us/clarity/setup-and-installation/cookie-consent.
• ROLEX SA: When you visit the Rolex section of our website, certain cookies are managed by ROLEX SA (hereinafter “ROLEX”). If you have consented to their use or if their use is justified by a legitimate interest, ROLEX deploys performance measurement and tracking tools to improve its online presence and ensure you have the best possible user experience tailored to your preferences. Adobe Experience Platform Launch (Tag Manager), Adobe Analytics, and Content Square tools are used to analyse and track user behaviour in the Rolex section. Details on ROLEX’s cookie policy and data protection at Adobe and Content Square can be found via the following links: https://www.rolex.com/legal-notices/cookies, https://www.adobe.com/privacy/policy.html, https://contentsquare.com/privacy-center/.
• PATEK PHILIPPE SA GENÈVE: When visiting the Patek Philippe section of our website, certain cookies are managed by PATEK PHILIPPE SA GENÈVE (“Patek Philippe”). If you have consented to their use or if their use is justified by a legitimate interest, Patek Philippe deploys performance measurement and tracking tools to enhance its website presentation and ensure you have the best possible user experience tailored to your preferences. Google Tag Manager and Google Analytics tools are used to analyse and track user behaviour in the Patek Philippe section. Details on Patek Philippe’s cookie policy and Google’s data protection can be found via the following link: https://www.patek.com/en/legal-notices/cookie-policy.
• Richemont: On certain parts of our sites, we use Richemont cookies to enhance the online experience of our visitors, for example, by remembering your language or product preferences, and to better understand how you use our sites. Cookies help us determine whether you have visited our site before or are a new user. They also help us ensure that the online advertisements you see are better matched to your interests and preferences. More details can be found at https://www.richemont.com/cookie-policy/.
• META: Facebook Conversion Tracking Pixel: This tool allows us to determine whether visitors to our website arrived through an advertisement on Facebook. This enables us to evaluate the effectiveness of Facebook advertisements for statistical purposes and market research. All collected data remains anonymous, meaning no personal information is displayed or transmitted. Facebook stores and processes this data. We provide this information to you based on our current knowledge. Facebook may link the data to your account and use it for its own advertising purposes in accordance with its data policy, which is available at: https://www.facebook.com/about/privacy/. If you wish to withdraw your consent, you can do so on this page: https://www.facebook.com/ads/settings.

Further information on how to manage cookies in popular browsers:

• Google Chrome
• Mozilla Firefox
• Microsoft Edge

If you have any questions regarding our use of cookies or other tracking technologies, please contact us at: carollinum@carollinum.cz.

Security

To achieve the highest possible degree of protection for the personal data you provide, we use certain technologies and administrative, technical, and physical measures. Appropriate technical and organisational measures have been adopted by us to secure your data, as well as technical measures to secure data storage, personal data storage in paper form, regular system updates, and measures to prevent unauthorised persons from accessing the data. Although we strive to protect your personal data from loss, misuse, unauthorised access, modification, or disclosure to the maximum extent possible, it is never possible to ensure 100% control. Therefore, in the event of any incidents that reach a certain level of risk, we will inform you immediately.

Camera Recordings

The Controller monitors the movement of persons in the premises through camera systems with recording for the purpose of property protection and prevention of damage. Areas where cameras are located are always visibly marked with a warning. In this case, following a balancing test, the legal basis for this processing is the legitimate interest of the controller pursuant to Article 6(1)(f) of the GDPR. Unless the recordings are deemed necessary for the purpose of criminal, administrative, or other similar proceedings, they will be deleted no later than 3 days after their acquisition.

Rights of Data Subjects

To honour the principle of transparency in the processing of personal data, we will gladly provide you with information about what personal data we process about you at the contact details provided below.

Firstly, you have the right to access the personal data we process about you. This right primarily consists of obtaining confirmation that we are processing personal data about you and the right to certain information, such as the purpose of processing, the categories of personal data concerned, the planned duration of their processing, etc.

If legally possible, you have the right to change or correct the personal data we hold about you.

You have the right to restrict the processing of personal data. If the processing of personal data is carried out based on your consent, you have the right to restrict this processing or to withdraw this consent at any time. You also have the right to request that we erase your personal data. Exceptions are cases where the processing is carried out due to a legal obligation or due to our legitimate interest.

You also have the right to a copy of the personal data we hold about you, including their sources, purposes and methods of processing, electronic decision-making, and the entities with whom we share your data. We will endeavour to make the information you request available to you within a reasonable time. Depending on the information you request, we may charge a small fee to the extent permitted by applicable law. Subject to the conditions laid down by legal regulations, you also have the right to data portability.

If you believe that the Controller is acting in violation of applicable regulations when processing personal data, you have the right to object to the processing and also the right to lodge a complaint with the Office for Personal Data Protection.

Contact Details

In case of questions, complaints, comments, or exercise of the rights of data subjects, please contact us at the email address: carollinum@carollinum.cz.

 

Privacy and Data Protection Principles

These privacy and data protection principles (hereinafter the “Principles”) are the basic principles governing the CAROLLINUM s.r.o., Pařížská 20, 110 00 Praha 1, VAT No.: 64583350 (hereinafter the “Company”) in the collection and processing of personal data. These Principles implement the Company’s rights, and obligations arising in particular from the following generally binding legal regulations:

1.  Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter the “GDPR”);

2. Act No. 480/2004 Coll., on certain Information Society Services and on the Amendments to some Acts (Certain Information Society Services Act), as amended (hereinafter as the “Certain Information Society Services Act”); and

3. Act No. 127/2005 Coll. on Electronic Communications and on the Amendment to Certain Related Acts (Electronic Communications Act), as subsequently amended (hereinafter the “Electronic Communications Act”).

These Principles apply to all persons visiting the Company’s websites www.carollinum.com (hereinafter the “Websites”), whether or not these persons are in a contractual relationship with the Company.
 

what are personal data

Personal Data, in accordance with the GDPR, shall mean any information about a designated or identifiable natural person (not a legal person). In principle, therefore, it is any information that, whether on its own or in combination with other information, can serve to identify a particular individual (hereinafter the “Personal Data”).
 

What personal data DOES the company process

The Company may collect the following information about you:

1. Personal data that you communicate to the Company yourself

Such Personal Data is, in particular, information that you provide in a completed registration, order, or other form or communicated to the Company by e-mail, telephone, fax, or other similar device. You may also provide the Company with personal information [during competitions], [by submitting a product or service review], [booking training places] or [by sending a general inquiry]. This includes your first name, surname, mailing address, e-mail address, phone number, bank account details, selected payment method, etc.


Your Personal Data will be processed by the Company for the following purposes:
 

NEWSLETTER

If you wish to be informed about our latest products, services, and offers, you can provide the Company with your e-mail address to which these business messages will be sent on a regular basis.

You can unsubscribe at any time, for example by clicking on this link UNSUBSCRIBE or by using the link that is included as part of each newsletter.

If you are an existing Customer of the Company, you may receive information about other services or products similar to those covered by your previous purchase even if you have not filled out the newsletter form. If you do not wish to receive such business offers, you can also use one of the above methods at any time to opt-out of the marketing communications we may send to you.

 

2. Personal information that the Company collects on your behalf

When visiting our Website, the Company may collect some information necessary to ensure the proper and convenient operation of the Website. This information may consist of the Internet Protocol (IP) data used to connect your computer to the Internet, your registration information, browser type and version, time zone settings, browser plug-ins, your visit information, including a valid Uniform Resource Locator (URL), the path to and from the Website (including date and time), the products you viewed or searched for, response times, download errors, the length of visits to certain pages, site visit interaction information (such as scrolling, clicks, and mouse locations), or the way of leaving the page.

 

These Personal Data are used by the Company to administer and improve its Websites and for internal operations, including problem solving, data analysis, testing, research, statistical purposes, and recording the frequency of previews. These Personal Data can also be used to measure ad performance and provide relevant advertising.
 

providing personal information

Personal data that the Company acquires may be transferred [within the group of [●], i.e. the related parties of the Company;] and to third parties (hereinafter the “Processors”) who assist the Company in performing its contractual obligations by mediating certain services (e.g., delivery services). The Company only passes Personal Data to those Processors who provide guarantees of an adequate level of security of your Personal Data and process these Personal Data solely on the basis of a Personal Data Processing Agreement.

In this sense, the Company may transmit Personal Data to the following Processors:

1. External contractors and suppliers to meet the Company’s contractual obligations;

2. Payment service providers and payment processors in order to secure the transfer of funds and the implementation of payment transactions;

3. Providers of postal and delivery services for the purpose of delivering products or services offered by the Company;

4. Website administrators.

Under certain circumstances, the Company may be required to provide your Personal Data to third parties (e.g. law enforcement agencies) in accordance with the generally binding legal regulations.
 

means of personal data protection

In order to protect and minimise the risk of unauthorised access to Personal Data, the Company has adopted organisational and technical measures.

These include:

1. Internal organisational restrictions limiting the range of persons authorised to come into contact with Personal Data; and

2. Ensuring the technical security of the servers and the Company’s Websites against unauthorised access.

Persons in contact with Personal Data are instructed on the privacy policies and are bound by secrecy when processing them.
 

length of Personal Data RETENTION

The Company keeps personal data for as long as is strictly necessary to perform its contractual obligations and for the fulfilment of the obligations that the Company derives from the applicable legal regulations. Personal data that is processed with your consent is retained by the Company only for the duration of the purpose for which the consent was granted.

Once the legitimate reason for processing your Personal Data has expired, the Company will destroy these Personal Data and any existing copies thereof.
 

Cookies

What can you find here?

This website (& ldquo; Website & ldquo;) uses cookies and similar cookie technologies.

In this document you will learn what cookies are and how we use them.

What are cookies?

Cookies are short text files that a visited website sends to your browser. Thanks to cookies, the administrator can differentiate you from other users of the Website and more efficiently record information about your visit and behavior on the website. Cookies are not harmful to your device or its software. As a user, you can disable or limit the use of cookies in your browser.

Cookies can be used for many purposes, such as:

• Make the basic functions of the site work
• Save preferred language
• Traffic analysis to improve your site and
• Marketing purposes, especially displaying ads on the site

What types of cookies do we use?

Here you will find out what types of cookies we can use on the website. You can find the specific cookies we currently use in your browser settings.

Basic (required) cookies

Basic cookies, which are necessary for the Website to fulfill its basic functions and to enable us to operate this Website. These cookies are automatically placed on your computer or other device when you access the Website or perform any of the possible activities on the Website. You cannot disable basic cookies. Without them, the Web would not work properly.

Preferential cookies

Preferential cookies allow the Site to remember information that affects the appearance and behavior of the Site. For example, the region you are in or your preferred language.

We will only store these cookies on your device if you allow us to do so either using the cookie bar or on your browser.

Analytical cookies

Analytics cookies are used primarily by Google Analytics to find out how you use the Website.

Google Analytics uses cookies to analyze how the website is used in order to improve the operation of the website. The information generated by the cookie about your use of the website will be transmitted to and stored by Google, Inc. All data obtained in this way will be processed anonymously. This data is intended solely to evaluate the use of the website. Anonymity is guaranteed that Google, Inc. will not associate your IP address with any other data held by Google. Google, Inc. no other personal information (such as email, name or phone number) will be sent.

Learn more about how Google, Inc. uses analytical cookies, you can find them here:

https://support.google.com/analytics/answer/6004245

We will only store these cookies on your device if you allow us to do so either using the cookie bar or on your browser.

Marketing cookies

Marketing cookies are used to map visitors across websites. These cookies are used to display advertisements relevant to individual users and to pass them on to the operators of the advertisement. It is therefore especially valuable to third-party advertisers. We mainly use Facebook and Google services for this purpose.

We will only store these cookies on your device if you allow us to do so either using the cookie bar or on your browser.

Do you want to change your cookie settings?

If you do not want us to store preference, analytics or marketing cookies in your browser, you can adjust these preferences in your browser. This will prevent you from collecting data about you. For information on setting up a specific browser, visit:

• Internet Explorer: https://support.microsoft.com/
• Google Chrome: https://support.google.com/
• Mozilla Firefox: https://support.mozilla.org/
• Microsoft Edge: https://support.microsoft.com/microsoft-edge
• Opera: https://help.opera.com
• Safari: https://support.apple.com/

 

Also you can change cookie settings in modal dialog of the web.

Configure cookie settings

If you want to change your cookie settings and don't know how, you can also contact us at carollinum@carollinum.cz.

rights of data subjects

In connection with the processing of your Personal Data by the Company, you are entitled to the following Personal Data protection rights:

1. The right to withdraw your consent to the processing of Personal Data, when the processing is based on such consent;

2. The right to request access to your Personal Data and information about what Personal Data is processed by the Company;

3. The right to correct inaccurate Personal Data and also to supplement incomplete Personal Data;

4. The right to delete the processed Personal Data;

5. The right to limit the processing of Personal Data;

6. The right to obtain the Personal Data you have provided to the Company in a structured, commonly used, and machine-readable format, and the right to pass this information to another person;

7. The right to be informed of a Personal Data breach;

8. The right to object to the processing of Personal Data; and

9. The right to file a complaint with the Supervisory Authority, i.e. the Office for Personal Data Protection, at Pplk. Sochora 27, 170 00 Prague 7, or a data box at qkbaa2n.

The above rights and possible complaints may be filed with the Company as the Data Controller in writing to the address below or by email to the following e-mail address amca@amca.cz.

CAROLLINUM s.r.o.
Pařížská 20, 110 00 Praha 1

These Principles are valid and effective as of May 25, 2018.


ROLEX Section

While navigating on the Rolex section of our website, some cookies are controlled by ROLEX SA which applies the following Cookies Policy.