majdovan technologies s.r.o. – Spracovanie osobných údajov

Processing of personal data

PRIVACY POLICY

www.majdovan.com

Protecting the personal information you entrust to us is important to us and we do everything we can to make you feel safe with us. The purpose of this Privacy Policy is to explain to you how your personal data that you provide to us when using our website www.majdovan.com (the "Website") will be processed and protected. We would also like to inform you of your rights in relation to the processing of your personal data.

These Terms and Conditions inform you about the general rules for the processing of personal data when using the Website and Social Media Accounts.

1.DEFINITIONS

1.1. Administrator alebo majdovan technologies s. r. o., Ul. Orechová 901/3A 919 27 Brestovany, IČO: 47434 171, DIČ: 2023871586, zapísaný v Obchodný register Okresného súdu Trnava, oddiel: Sro, vložka č. 32700/T

1.2.  Personal Data- information about a natural person identified or identifiable through one or more detailed factors determining physical, physiological, genetic, psychological, economic, cultural or social identity, including device IP, location data, internet identifier and information collected through cookies and other similar technologies.

1.3. Policythis Privacy Policy, which contains information about the processing of Personal Data on the Site.

1.4.  GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, and repealing Directive 95/46/EC.

1.5 Website- the website administered by the Administrator in the domain www.majdovan.com, accessible via web browsers.

1.6. Shop- the online shop www.majdovan.com accessible via the Website, through which majdovan technologies carries out distance sales of goods.

1.7. User- any natural person visiting the Website or using one or more of the services or functions described in the Policy.

1.8. Device- means an electronic device through which the User accesses the Website.

2. GENERAL INFORMATION

2.1.In connection with your use of the Site, we collect data necessary to provide the services offered as well as information about your activity on the Site. In this respect, we are the controller of your personal data and we place great emphasis on the adequate protection of your personal data. We make sure that our data processing processes comply with the relevant legal provisions, in particular the GDPR. Our aim is to enable you to obtain full information about how we process your Personal Data and to provide you with the tools to enable you to exercise your rights. We set out below information about how we process your Personal Data.

2.2. We process your Personal Data in accordance with the law and take care to keep it up to date and correct. We may therefore remind you to update them from time to time by sending a message to the email address you have provided or by displaying the relevant message on the Site when you log in to your account.

3. HOW CAN I CONTACT THE ADMINISTRATION?

3.1. If you have any questions about how we process your personal data or wish to exercise your rights, please write directly to our Data Protection Officer at info@majdovan.com or at ul. Orechová 901/3A 919 27 Brestovany, or use the contact form via the following link: https://majdovan.com/

4. HOW DO WE OBTAIN YOUR PERSONAL DATA?

4.1. We obtain your Personal Data directly from you for the purposes of the proper performance of our services and the smooth operation of our Website. You primarily provide us with your data through dedicated forms by contacting us, e.g. through the contact form via the link: https://majdovan.com/ We also collect your data when you use other services available on the Site, e.g. browsing the products offered in the Shop.

5. IS THE PROVISION OF PERSONAL DATA MANDATORY?

5.1.It is up to you whether and what personal data you provide to us - it is not compulsory. Please note, however, that in some cases the provision of Personal Data is necessary for the proper performance of the services offered by us or is a condition for the conclusion and performance of a contract, which is described in detail below.

6. HOW DO WE PROCESS YOUR PERSONAL DATA?

USE OF THE WEBSITE

6.1.If you use the Website, your Personal Data (including IP address or other identifiers and information collected through cookies or other similar technologies) we process:

6.1.1.for the purpose of providing electronic services to the extent of providing you with the content collected on the Website - in which case the legal basis for the processing is the necessity of the processing for the purpose of performance of the contract (Art. 6(1)(b) GDPR);

6.1.2. for analytical and statistical purposes - in this case, the legal basis for processing is the legitimate interest of the Controller (Art. 6(1)(f) GDPR), consisting in carrying out analyses of the Users' activity and preferences in order to improve the functions used and the services provided;

6.1.3.for the purposes of proving and enforcing claims or defending against claims - the legal basis for processing is the legitimate interest of the Controller (Article 6(1)(f) GDPR), consisting in the protection of its rights and business interests;

6.1.4.for marketing purposes of the Controller and other entities, in particular related to the presentation of behavioural advertising - the rules for processing Personal Data for marketing purposes are described in the MARKETING section.

6.2.Your activity on the Site, including your Personal Data, is recorded in system logs (a special computer program used to store a chronological overview containing information about events and activities related to the information system used to provide our services). The information collected in the logs is processed primarily for the purpose of providing the services. We process it for technical, administrative purposes, for the need to ensure the security of the information system and the administration of the system, as well as for analytical and statistical purposes - in this respect, the legal basis for processing is the legitimate interest of the Controller (Article 6(1)(f) GDPR).

ORDERING

6.7. Ordering goods or services offered by us involves the processing of your Personal Data. The provision of the data marked as mandatory is required for the purposes of receiving and executing the order and failure to provide it will result in the order not being executed. The provision of other data is voluntary.

6.8.Your Personal Data is processed:

6.8.1. for the purpose of execution of the order placed - the legal basis for processing is the necessity of processing for the purpose of performance of the contract (Art. 6(1)(b) GDPR); to the extent of optional data - the legal basis for processing is your consent (Art. 6(1)(a) GDPR);

6.8.2.for the purpose of compliance with legal obligations imposed on the Controller, arising in particular from tax and accounting regulations - the legal basis for processing is a legal obligation (Art. 6(1)(c) GDPR);

6.8.3.for analytical and statistical purposes - the legal basis for processing is the legitimate interest of the Controller (Art. 6(1)(f) GDPR), consisting in carrying out analyses of the Users' activities on the Website and the Users' purchasing preferences in order to improve the functions used;

6.8.4. for the purpose of proving and enforcing, if necessary, claims or defending against claims - the legal basis for processing is the legitimate interest of the Controller (Art. 6(1)(f) GDPR), consisting in the protection of its rights and business interests.

COMPLAINT AND RETURNS

6.9. The submission of a complaint or return of goods is related to the processing of your Personal Data. The provision of data in the complaint form is not mandatory, but is necessary for the proper processing of the complaint. The provision of data in the form for the return of goods is not mandatory, but is necessary for the effective withdrawal from the contract.

6.10.Your Personal Data is processed:

6.10.1. for the purpose of processing a complaint - the legal basis for the processing of your personal data is the obligation of the Controller arising from the provisions of the Act on the Guarantee for Defects in Goods Sold (Art. 6 para. c) GDPR);

6.10.2.for the purpose of processing the return of goods - the legal basis for the processing of your Personal Data is the Controller's obligation arising from the provisions of the Consumer Act (Art. 6(1)(c) GDPR), if the basis for the return of goods is the provision on the right of withdrawal or the necessity of the processing for the purpose of performance of the contract (Art. 6(1)(c) GDPR). (b) GDPR), if the basis for the return is the rules of our Shop;

6.10.3for the purpose of fulfilling other legal obligations imposed on the Controller, arising in particular from tax and accounting regulations - the legal basis for the processing is a legal obligation (Art. 6(1)(c) GDPR);

6.10.4. for analytical and statistical purposes - the legal basis for the processing is the legitimate interest of the Controller (Art. 6(1)(c) GDPR); 6.10.4. for analytical and statistical purposes - the legal basis for the processing is the legitimate interest of the Controller (Art. 6(1)(f) GDPR), consisting in carrying out analyses of Users' activities on the Website and Users' purchasing preferences in order to improve the functions used;

6.10.5. for the purpose of proving and enforcing, if necessary, claims or defending against claims - the legal basis for processing is the legitimate interest of the Controller (Art. 6(1)(f) GDPR), consisting in the protection of its rights and business interests.

CONTACT FORM

6.11.We offer the possibility to contact us via the contact form. Use of the form requires you to provide the Personal Data necessary for us to contact you and respond to your enquiry. The provision of data marked as mandatory is necessary to receive and process the enquiry and if you do not do so, the enquiry cannot be processed. The provision of other data (e.g. in the content of the enquiry) is voluntary.

6.12.Your Personal Data is processed:

6.12.1.in order to identify and process your enquiry sent via the form provided - the legal basis for processing is the legitimate interest of the Controller (Article 6(1)(f) GDPR), consisting in the need to resolve the reported case and to conduct correspondence addressed to it in connection with its business activities;

6.12.2.for analytical and statistical purposes - the legal basis for processing is the legitimate interest of the Controller (Article 6(1)(f) of the GDPR), consisting in keeping statistics of queries submitted by Users via the Website in order to improve its functionality.

PREVENTING FRAUD

6.13.1.In order to ensure the proper functioning of our store, we verify that Users do not engage in activities that prevent other customers from making purchases, in particular by placing excessive and unusual orders which indicate that they do not intend to keep the products ordered, or by declaring that they are buying as consumers and then reselling the Goods as a business. This analysis is based on your transaction history. By analysing the history of your orders, payments made and returns, our algorithm evaluates whether your account should be blocked or deleted to prevent its misuse. Decisions to block or delete your account are based solely on automated processing and are necessary for the performance of the contract concluded with you (Article 22(2)(a) of the RTA). You have the right to express your own opinion and to challenge such a decision and to ask our staff to re-examine your data. In this case, please contact us in the manner set out in point 3.

7. MARKETING

7.1.We process your Personal Data for the purposes of carrying out marketing activities, which may consist of:

7.1.1. displaying marketing content relevant to your interests (behavioural advertising);

7.1.2.carrying out activities related to the direct marketing of goods and services (sending commercial information by electronic means and telemarketing activities).

7.2. for the purpose of carrying out marketing activities, we use profiling in some cases. This means that we use automated data processing to evaluate selected factors relating to you in order to analyse your behaviour or to make a forecast for the future. This allows us to better tailor the content displayed to your individual preferences and interests.

BEHAVIOURAL ADVERTISING

7.3.Together with our trusted partners, we process your Personal Data, including Personal Data collected through cookies and other similar technologies, for marketing purposes in connection with targeting you with behavioural advertising (i.e. advertising that is tailored to your preferences). The processing of Personal Data in such a situation includes profiling, which only results in the display of tailored advertising based on your Personal Data collected by us and our partners.

DIRECT MARKETING

7.5.If you give your consent, we may use your data to send you marketing content through various channels, i.e. by email (in the form of a newsletter), by MMS/SMS or by telephone. The legal basis for processing your Personal Data in this case is the legitimate interest of the Controller (Article 6(1)(f) GDPR) in connection with your consent consisting in the marketing of the goods and services offered. We only carry out such activities if you have given your consent, which you can withdraw at any time. You can withdraw your consent at any time by clicking on the link we send in each email containing commercial information, by contacting us at info@majdovan.com or by using the contact form. Withdrawal of consent does not affect the lawfulness of data processing in the period prior to withdrawal.

7.6.We may also carry out direct marketing via the traditional postal address you have provided. The legal basis for processing your Personal Data in this case is the legitimate interest of the Controller (Article 6(1)(f) GDPR) consisting in the marketing of the goods and services offered. You may object to the processing of your Personal Data for this purpose at any time. You can express your objection by contacting us at the following e-mail address: info@majdovan.com or via the contact form.

GOOGLE ADS CUSTOMER MATCH

7.8.Marketing of the products and services we offer may also be conducted using Google Ads Customer Match. Google Ads Customer Match is a tool that allows the Administrator to load a hashed database of email addresses (customer list) into Google's tools in order to verify that User Accounts have been created on Google services using the same email addresses (e.g. YouTube, Gmail, others). If a match of email addresses is confirmed, Users of Google services may see ads from the Administrator after logging in.

7.9.In order to increase the accuracy of measuring the effectiveness of our marketing activities using the Google Ads customer match described above, we will also use a tool provided by Google in the form of so-called “enhanced conversions”. This tool allows the Administrator to increase the accuracy of the measurement of conversion (i.e. the purchase of goods on the Shop's website as a result of a redirect from another website). In order to use it, we retrieve conversion data from the Shop website in encrypted form (including data in the range of email addresses) in a privacy-preserving manner, i.e. using a one-way encryption algorithm. For information on enhanced conversions, please visit this link.

8. MANAGEMENT OF USERS' DATA CONSIDERING THE ADMINISTRATOR'S PROFILES ON SOCIAL NETWORKS

8.1. The Administrator has public profiles on the social networks Facebook, Instagram, LinkedIn. In this context, it processes data left by persons visiting these profiles (oi. comments, likes, internet identifiers).

8.2.The personal data of such persons are processed:

8.2.1. in order to enable their activities on the profiles;

8.2.2.for the purpose of the effective operation of the Profiles, presenting Portal Users with information about the initiatives and other activities of the Administrator and in connection with the promotion of various types of events, services and products;

8.2.3.for statistical and analytical purposes;

8.2.4.where applicable, they may be processed for the purpose of enforcing and defending against claims.

8.3. The legal basis for the processing of Personal Data is the legitimate interest of the Controller (Article 6(1)(f) GDPR), consisting of:

8.3.1promoting its own brand and improving the quality of the services provided;

8.3.2. conducting analysis of activity and preferences;

8.3.3.where necessary - for the enforcement of claims and defence of claims.

The above information does not apply to the processing of personal data by administrators of social networking sites.

9. TO WHOM WILL YOUR PERSONAL DATA BE PASSED ON?

9.1.We may pass your Personal Data to the entities with whom we work with in the performance of the services provided by us.

9.2. Depending on the method you choose for delivery of the goods you have purchased or returned, we will provide your data necessary for the delivery or return of the goods to one of the entities with whom we work with at that time.

9.3. Depending on the method of payment you have chosen for the goods purchased, we will provide your details necessary to collect or make payment to one of the entities with whom we are cooperating in the processing of payments.

9.4.We also have the right to disclose selected information about our Users to the competent authorities or third parties who have made a request for such information, based on the corresponding legal basis and in accordance with applicable law.

10. HOW LONG WILL WE PROCESS YOUR PERSONAL DATA?

10.1.   The period for which we process your Personal Data depends on the type of service provided and the purpose of the processing. As a general rule, the data is processed for the duration of the service or the execution of the order, until consent is withdrawn or an effective objection to the processing is raised in cases where the legal basis for the processing is the legitimate interest of the Data Controller.

10.2.The period of processing may be extended if the processing is necessary for the establishment and enforcement of any claims or for the defence of claims, and after that period only if and to the extent required by law. After the expiry of the processing period, the data shall be irretrievably deleted or

11. HOW DO WE PROTECT YOUR DATA?

11.1. In order to minimise the risk of data leakage, destruction and disintegration we use a range of IT and organisational security measures. Security features include tools such as: firewalls, anti-virus and anti-spam security systems, internal processes, data processing and disaster recovery procedures, as well as a multi-level backup system.

11.2.Remember that using the Internet always carries the risk of certain security incidents. However, please be assured that we strive to reduce this risk as much as possible by implementing procedures for regular reviews and updates of IT systems and actively monitoring critical points in the system.

12. WHAT ARE YOUR RIGHTS RELATED TO THE PROCESSING OF YOUR PERSONAL DATA?

12.1.  You have the following rights in relation to the processing of your Personal Data by us:

12.1.1.the right to information about the processing of Personal Data - on this basis, the Controller will provide you with information about the processing of your Personal Data, in particular the purposes and lawful grounds for the processing, the scope of the data stored, the subjects to whom the data is disclosed and the planned date of deletion of the data;

12.1.2.the right to obtain a copy of the data - on this basis, the Controller shall provide you with a copy of your Personal Data that it processes;

12.1.3.the right to rectification - the Controller shall rectify any inconsistencies or errors in the Personal Data processed and complete it if it is incomplete;

12.1.4.The right to erasure - on this basis, you may request the erasure of data the processing of which is no longer necessary to achieve any of the purposes for which it was collected;

12.1.5.the right to restriction of processing - if such a request is made, the Data Controller will cease to carry out operations with your Personal Data - except for operations to which you have consented and the storage of data in accordance with the adopted retention rules - or until the grounds for restricting the processing of the data cease to exist (e.g. the supervisory authority's decision authorising further processing is issued);

12.1.6.the right to data portability - on this basis - to the extent that the data is processed by automated means in connection with a contract or consent - the Data Controller shall issue the data provided by you in a format that allows the data to be read by a computer. You may also request that this data be sent to another entity, provided that the technical possibilities exist in this respect, both on the part of the Controller and on your part;

12.1.7.the right to object to the processing of data for marketing purposes - you may object to the processing of your Personal Data for marketing purposes at any time, without having to provide reasons for such objection;

12.1.8.the right to object to other purposes of data processing - you may at any time - for reasons relating to your particular situation - object to the processing of your Personal Data which is carried out on the basis of the legitimate interest of the Data Controller (e.g. for analytical or statistical purposes or for reasons relating to the protection of property); an objection in this respect should include a statement of reasons;

12.1.9.the right to withdraw consent - where information is processed on the basis of your consent, you have the right to withdraw it at any time, but this does not affect the lawfulness of the processing carried out prior to its withdrawal;

12.1.10.The right to lodge a complaint - if you believe that the processing of Personal Data breaches the provisions of the GDPR or other data protection provisions, you may lodge a complaint with the supervisory authority for the processing of Personal Data, competent for your habitual residence, place of work or place of alleged breach.

12.1.11. the right to human intervention by the controller, to express your own opinion and to challenge decisions based solely on automated processing - in accordance with clause 6.14.

13. APPLYING FOR THE EXERCISE OF RIGHTS

13.2.You may exercise some of the above rights yourself. If you have an account on the Store, you can always access, correct and update your Personal Data.

13.3.You can make a request regarding any of the above rights by contacting our Data Protection Officer at the following email address: info@majdovan.com or at ul. Orechová 901/3A 919 27 Brestovany, or use the contact form via the following link: https://majdovan.com/

13.4.We will try to respond to your request as soon as possible and answer your questions regarding the processing of your data. You will receive a response within 30 days from the date we receive your request. If it turns out that due to the complexity of the request or the number of requests we have received, we are not able to provide you with information about the activities carried out within this period - we will inform you of an extension.

13.5.If we are in doubt as to whether it is you who is making a particular request, we may ask you some additional questions to verify your identity. It is not compulsory to provide these details but failure to do so will result in the request being refused. We may also need additional information to determine the exact content of your request.

13.6.The request may be made in person or through an attorney (e.g. a family member). For data protection reasons, we recommend using a power of attorney certified by a notary public or an authorized legal advisor or attorney, which will expedite the authentication of the request.

13.7. Where a request has been sent to us electronically, we will respond in the same form unless the applicant requests a response in another form. In other cases, the reply will be given in writing. If the time limit for processing the request does not allow us to reply in writing and the scope of the applicant's data processed by us allows us to contact you electronically, the reply will be given electronically.

13.8. We keep information about the request made and the person who made the request to ensure that it is complied with and to enable us to investigate, defend or prosecute any claims made by data subjects. The register of requests is stored in a way that ensures the integrity and confidentiality of the data contained therein.

14.CHANGES TO THE PRIVACY POLICY

14.1.The policy is reviewed from time to time and updated where necessary.

10.04.2025