Personal Data Administrator
Mixslim s.r.o. is registered at Zlata 189, Zlata – 250 83, Czech republic, company identification No. 07627335, as a data administrator shall process your personal data.
Type of Data Processed
Personal Data Provided By You
We process personal data provided by you.
Personal Data Obtained Other Than Directly from You
As part of joint marketing campaigns organised together with our business partners, we are entitled to process your personal data and we may combine them for the purposes of campaigns or of due performance of the agreement, as the case may be.
In the event that your personal data is disclosed to a third party, we shall inform you in advance including informing you of the identity of such third party. If anyone discloses your personal data to us, you will have to be informed as well.
Personal Data of Third Persons Provided by You
In the event you provide us personal data of third persons, you are obliged to inform the person concerned and procure his/her consent to this Personal Data Protection Policy.
Personal Data Processed Automatically
When you visit our website, we may collect certain information such the IP address, date and time of the visit to our website, information about your Internet browser, operation system or language settings. We may also process information about your conduct on our website, such as links opened or goods displayed. The details of your conduct on the web are anonymised for the maximum protection of your privacy, the therefore we are not able to match them with a particular person.
If you access our website from your mobile phone or a similar device or through one of our mobile applications, we can process information about your mobile device, too (mobile phone details, etc.).
We automatically process cookies. This is done through Google Analytics, which anonymises your personal data. It means that the cookies are not possible to match with a certain person.
Therefore we cannot monitor (even if we wanted to) the conduct of a certain user on our website. You are ensured maximum anonymity while making purchases on chiashake.eu.
If you access our website from a phone, tablet or similar device, you access the version optimised for such devices. Your personal data is processed similarly to the computer access.
In case you allow the use of location information, we can use the location of your device to provide you better user comfort and relevant offers of goods and services. We may also use the data collected in this way to send you customised commercial communication. If you are not comfortable with this, you can easily unsubscribe from commercial communication. The personalised content may be similarly displayed on our website. Also in this case, you may ban the personalisation.
Why We Collect and Process Your Personal Data
Your personal data is processed for the following reasons:
- Purchase of goods and services: the primary purpose of processing your data is due dispatch and delivery of your order. If a problem occurs, we know who to contact from the data you provided.
- Customer care: if you address us with a question/issue, we have to process your personal data in order to answer/resolve it. The data may be transferred to third parties in certain cases (e.g. delivery company).
- User account: thanks to the personal data entered in your user profile, you will be able to use a number of functions (e.g. if you enter your telephone number, we can easily inform you about the time of the order delivery). You can change the entered details at any time, except for the e-mail address that serves for signing into your user account.
- Electronic marketing: e-mail commercial communication is sent to you upon your consent. You can easily unsubscribe from getting commercial communication by adjusting your user profile settings, using our contact form or sending us an email: email@example.com. In case you create more user profiles in which you enter the same contact details, (e.g. you have several accounts for different e-mail addresses, but the telephone number is the same in all the accounts), an automatic sign-off from commercial communication cannot be effected for all the user accounts due to technical reasons. You have to contact us by phone or through the contact form so that all your user accounts may be unsubscribed.
- Telemarketing: marketing calls are made in order to offer you goods and services and related marketing communication. The legal grounds for the processing of your telephone number is either with your consent or at least our legitimate interest in the conventional direct marketing.
- Marketing competitions: in some cases, the winner may be photographed or recorded mainly for the reason of transparency of our marketing competitions.
- Improvement of services: we are able to offer relevant goods thanks to the history of your orders and conduct on the website (e.g. accessories to the product purchased). Therefore we display such products that are intended just for you and correspond to your needs and interests. In order to optimise web features, we can also use tools testing different variants (A/B testing), such as Google Analytics, Facebook Analytics etc.
- Customer reviews of goods and services: after you purchase products or services from us, your may be asked to evaluate them. You may also post a review on your own initiative.
- Assertion of rights and legal claims and inspection by public authorities: we can also process your personal data in order to assert our rights and legal claims (e.g. in the event that we have an overdue invoice in your name). We may also process your data for inspections by public authorities and other serious reasons.
Legal Grounds for Processing of Personal Data
Conclusion and Performance of Agreement
A large part of your personal data are needed by us in order to conclude the purchase agreement or another contract for goods and services you intend to purchase. After the agreement is concluded, we process your personal data in order to duly deliver the purchased goods, or to render the purchased services. We process in particular billing and delivery details on the above legal grounds.
We also use your personal data to provide you the relevant content, which may be of interest to you. On the grounds of legitimate interest, we process particular personal data, which is processed automatically, and cookies.
We may also send you e-mails and text messages on the same legal grounds.
In case we process your personal data on these legal grounds, you are entitled to raise an objection to such processing by contacting us.
For the purposes of e-mail marketing and telemarketing, we process your personal data upon your consent. If you do not grant your consent and you are our customer, we can send you commercial communication (or call you within telemarketing) even without your consent. In any case, you are entitled to ban such marketing communication simply by emailing us at: firstname.lastname@example.org. We ask for your consent also if we need to verify your ability to pay for the goods delivered to you without your paying the full purchase price in advance.
If you grant your consent to the personal data processing, you are entitled to withdraw it at any time by sending us an email at: email@example.com
Transfer of Personal Data to Third Parties
Your personal data is transferred to third parties in the following cases:
- Delivery of goods: the carrier chosen by you would not be able to deliver the goods ordered unless we transfer the information on where and to whom the goods should be delivered. This data is transferred to the carrier as entered in the order. Such data includes in particular your first name and surname, delivery address, telephone number where the carrier may contact you, and the amount to be paid on delivery, as the case may be. The carrier is only entitled to process the personal data we transfer for the purposes of delivery; the carrier must delete the personal data promptly afterwards.
- Delivery of goods stored for us by a contractual partner: if you order goods which are stored by our contractual partner, we have to transfer your personal data to this contractual partner who shall complete the order. Such data include sin particular your first name and surname, delivery address, telephone number where the carrier may contact you, and the amount to be paid on delivery, as the case may be. The contractual partner has to transfer the data to the carrier that shall deliver the goods; otherwise the carrier would not be able to make the delivery. The contractual partner that stores the goods for us and the carrier are only entitled to process the personal data we transfer to them for the purposes of the goods storage/delivery; they must delete the personal data promptly afterwards.
- Payment Cards: Our company does not possess the details of payment cards used by you. The details of your payment cards are only available to the secure payment gateway and the relevant bank.
- Commercial Communication: in case we send commercial communication (e.g. via e-mail or text message) or if we use telemarketing, we may use a third party to distribute the messages or make phone calls. Such third party is bound by the obligation of confidentiality and is not allowed to use your personal data for any other purpose.
- Public Authorities: in the event that we enforce our rights, your personal data may be transferred to a third party (e.g. an Attorney-at-Law). If we are obliged to transfer your personal data by virtue of law or upon a request by a public authority (e.g. Czech Police), we have to do so.
What Is the Period for Processing Your Personal Data?
We shall process your personal data for the entire duration of the contractual relationship between you and us.
In case your personal data processing is based on consent, your personal data shall be, in general, processed for 7 years or until such consent is withdrawn.
In case you subscribe to commercial communication, your personal data shall be processed for 7 years or until you express your disapproval of such communication. You can easily express your disapproval by adjusting your user profile settings, using our contact form or send us an email to: firstname.lastname@example.org
Please note that the personal data necessary for the due rendering of services or for the fulfillment of all our duties, ensuing either from the contract between us or from generally binding legal regulations have to be processed regardless of whether you granted your consent for the period set out in the relevant legal regulations and in compliance therewith (e.g. tax documents must be processed for at least 10 years).
The data obtained through the user account or in a similar way are processed for the period of using our services and then usually for 5 years after cancellation. Basic identification data and the information why the user account was canceled or information which is a part of operational advance deposits are usually stored for the relevant period.
Personal Data Security
Your personal data is safe with us. We have adopted adequate technical and organisational measures in order to prevent unauthorised access and misuse of your personal data.
At Chia Shake we are concerned about the protection of your personal data. Therefore we regularly check and improve our security. All communication between your device and our web servers is encrypted. Logins are hashed and your data is only stored on servers in secure data centers with limited, carefully controlled and audited access.
We try to use such safety measures that provide sufficient security based on state-of-the-art technology. The safety measures adopted are regularly updated.
Personal Data of Children Younger Than 16 Years of Age
Our online shop is not intended for children under 16. A person under 16 is allowed to use our online shop only upon consent of his or her parent or guardian.
What Are Your Rights Related to Personal Data Protection?
In relation to your personal data, you have in particular the right to withdraw your consent to the processing of your personal data at any time, the right to correct or supplement your personal data, the right to request restriction of processing, the right to raise an objection to or a complaint of the processing of your personal data, the right to access your personal data, the right to request the transfer of your personal data, the right to be informed of a breach of security of your personal data and, under certain conditions, the right to the deletion of certain personal data we process about you (“the right to be forgotten”).
Changes and Amendments
You control your personal data mainly through your user account (https://chiaShake.eu > My account). Here you can delete or change the basic information about yourself. You can also contact us through the our contact form.
In case you believe that your personal data has been processed incorrectly, you can contact us through the contact form. It will be faster and better for you to correct the personal data by yourself in your user profile.
You can ask us to send you the overview of the personal data through this contact form.
You also have the right to access the following information concerning your personal data:
- What are the purposes of processing your personal information
- What are the categories of the affected personal data
- Who is the recipient of your personal data, besides you
- What is the planned period of storage of your personal data
- Whether you have the right to claim the correction or deletion, restriction of personal data processing or to raise an objection to such processing
- Information on the source of the personal data in case we did not obtain them from you
You may also claim the deletion of your personal data (this shall not apply to data in documents that are subject to the obligation of archiving under the law (e.g. invoices or credit notes). In case we need your personal data to determine, execute or defend our legal claims, your request may be rejected (e.g. if we have an overdue invoice in your name or if the complaint procedure is in progress).
Please note that the essential details of your payment card are not stored by our company; they are stored at the payment gateway. Therefore, we are not able to delete such data; you have to address the payment gateway which mediated the payment.
You are entitled to the deletion of data in the following cases:
- The personal data is not needed for the purposes for which it was being processed
- You have withdrawn your consent under which the data was processed and there is no further legal grounds for being processed
- You have objected to the processing of personal data and you believe that after assessing your objection, it will become clear that your interest in the particular situation prevails over ours
- The personal data has been processed unlawfully
- The deletion obligation is stipulated by a special legal regulation
- The personal data concerns a person under 16
You may assert you right through the contact form.
Raising an Objection
Certain personal data is processed on the grounds of our legitimate interest (see section “Legal grounds for processing of personal data”). In the case that you have concrete reasons, you are entitled to raise an objection to the processing of this personal data. The objection can be raised through the contact form.
Restriction of Processing
In case (a) you deny the accuracy of your personal data, (b) your personal data is processed unlawfully, (c) we do not need your personal data for processing purposes, but it is needed to determine, execute or defend your legal claims, or (d) you raised an objection under the preceding paragraph, you shall be entitled to us restricting the processing of your personal data.
In such cases, we may process your personal data only upon your consent (except for the storage or backup of the personal data concerned).
Lodging a Complaint
If you believe that your personal data has been processed unlawfully, you are entitled to lodge a complaint at the Office for Personal Data Protection. However, we will appreciate if you address us first and we can try to resolve your concerns. You can always easily contact us through our contact form or send us an email to: email@example.com
This Personal Data Protection Policy including its parts is valid and effective from 16 October 2018 and it is available in electronic form at https://chiashake.eu/privacy.