How We Handle Your Data
We are Grios s.r.o.
To provide our products and services and operate our website, we process certain personal data.
The processing of personal data is primarily governed by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation – “GDPR”).
1. Processing of Personal Data
A) Processing of personal data when using the contact form
If you inquire about our products or services, we will use the contact details you provide, mainly through the inquiry form. These include: name, surname, email, phone number, IP address.
Why?
We use this data to contact you to follow up on your inquiry about our products and services.
On what legal basis?
Processing is based on Article 6(1)(b) of the GDPR – performance of a contract or taking steps prior to entering into a contract at your request.
How long will we process the data?
If no cooperation follows, we will process your data for no more than 5 years from our last communication.
B) Processing of personal data in case of a purchase
If you make a purchase, we will process the data you provide. This mainly includes billing details: name, surname, address, email, phone number, company ID, VAT ID.
Why?
We need to process personal data to fulfill our contract – to deliver our products or services to you. We will also use your contact details to communicate with you about your order status, returns, or your questions.
We will also process personal data to comply with our legal obligations (especially for accounting and tax purposes, and to handle complaints or other matters).
On what legal basis do we process the data?
Processing is based on Article 6(1)(b) GDPR – performance of a contract, and Article 6(1)(c) GDPR – compliance with a legal obligation.
How long will we process the data?
For the duration of our service and then for 5 years from the last delivery of goods or services.
C) Newsletters (Commercial Communications)
If you are a purchasing customer and did not opt out during purchase, we will use your email address to send our newsletters.
On what legal basis?
This is permitted by § 7(3) of Act No. 480/2004 Coll., on Certain Information Society Services, unless you opted out during the purchase.
How long will we process the data?
5 years from your last purchase. You can unsubscribe from newsletters at any time via email.
2. Who Can Access the Data?
Your data remains with us. However, some companies or individuals may access the data because they help us run our website. These include:
- Web hosting provider
- Shipping and logistics companies
- Email service provider
- Marketing agency
Personal data is processed only within the European Union.
3. What Else Should You Know
We do not have a designated Data Protection Officer.
We do not use automated decision-making or profiling.
If you have any questions regarding personal data, contact us at grios@grios.cz or call us at +420 608 831 575.
Your Rights Regarding the Processing of Personal Data
Under the GDPR, you have the right to request information about the personal data we process about you, request access to such data, request updates or corrections, request restriction of processing, request a copy of the data being processed, request deletion of data in certain cases, and in some situations exercise your right to data portability. You can object to processing based on legitimate interest.
If you believe that we are not handling your data properly, you have the right to file a complaint with the Data Protection Authority or take legal action.
These terms are effective as of May 25, 2018.
