PRIVACY POLICY AND COOKIE NOTICE

/ Privacy Policy & Instruction

provided by the controller to the data subject when collecting personal data from the data subject and instructions on cookies of the www.hockeyfamilyfashion.com /

 

I. Operator

 

1.1. The identity and contact details of the Controller are:

 

Business name: Hockey Family, s. r. o.Registered office: Krásnohorská 2318/47, Košice - city district Pereš 040 11, Slovak Republic

Registered in the Commercial Register of the Municipal Court of Košice, Section Sro, Insert No. 57316/VIČO: 55603572

Tax ID: 2122037060

VAT ID: SK2122037060Bank account: SK3311000000002942154440.

The seller is a value added tax payer

 

1.2. E-mail contact and telephone contact to the Operator is:

 

Email: [email protected]

Tel.: +421948452960

 

1.3. Address of the Controller for sending documents:

 

Hockey Family, s. r. o., Budapeštianska 2438/30, 040 13 Košice, Slovak Republic

 

1.4.The operator hereby shall, in accordance with Article 13(1) and (2). Regulation (EU) 2016/679 of the European Parliament and of the Council of 27.4.2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC General Data Protection Regulation (hereinafter referred to as the "Regulation"), hereinafter in accordance with Act No. 18/2018 Coll. Act on Personal Data Protection and on Amendments to Certain Acts, as amended and in accordance with Act No. 452/2021 Coll. The Electronic Communications Act, as amended, provides the Data Subject - (Buyer) from whom the Operator (Seller) obtains personal data relating to him/her, with the following information, instructions and explanations:

 

II. References

 

2.1. These principles and instructions on the protection of personal data form part of the General Terms and Conditions published on the Seller's Website.

2.2. Pursuant to §3, paragraph 1, letter n), of Act No. 102/2014 Coll., the Seller informs the consumer that there are no specifically relevant codes of conduct to which the Seller has committed to adhere to them, while a code of conduct means an agreement or a set of rules that define the conduct of the Seller who has committed to comply with this code of conduct in relation to one or more specific commercial practices,  or commercial sectors, if these are not provided for by law, regulation or other legal regulation or measure of a public authority) that the seller has undertaken to comply with, and the manner in which the consumer may become acquainted with them or obtain a copy thereof.

 

III. Personal data protection and use of cookies. Instruction and explanation of cookies, scripts, and pixels

3.1. The Website Operator provides the following brief explanation of the functionality of cookies, scripts and pixels:

3.1.1.Cookies are text files that contain a small amount of information that is downloaded to your device when you visit a website. With this file, the website stores information about your actions and preferences (such as login, language, font size and other display settings) for a certain period of time, so that you do not have to re-enter them the next time you visit the website or browse its individual pages

A script is a piece of program code that is used to make a website function properly and interactively. This code will run on the operator's server or on your device.

Pixels are small, invisible text or images on a website that are used to monitor website traffic. In order for this to happen, various data is stored via pixels.

3.1.2.Cookies sa delia

Technical or functional cookies – ensure the proper functioning of the Controller's website and its use. These cookies are used without consent.

Statistical cookies – The Operator obtains statistics on the use of its website. These cookies are only used with consent.

Marketing / Advertising cookies – Used to create advertising profiles and similar marketing activities. These cookies are only used with consent.

Performance cookies - collect information about how the site is used - which pages the visitor opens the most and whether they receive error messages from any site. These cookies do not store any information that allows the user to be identified.

3.2.How to control cookies:

3.2.1.You can control and/or delete cookies  at your discretion – see page aboutcookies.org for details. You can delete all cookies stored on your computer or other device, and you can set most browsers to prevent them from being stored.

3.3. The Controller's website uses the following cookies:

All cookies used by the Controller can be found on the https://www.cookieserve.com/ website  by entering the Operator's web address https:// www.hockeyfamilyfashion.com

Technical or functional cookies – the information is accessed by the Website Operator. Cookie duration 2 years.

Statistical cookies - the information is accessed by the Website Operator. Cookie duration 2 years.

Marketing and advertising cookies - the information is accessed by the Website Operator. Cookie duration 2 years.

3.3.1.Cookies made available to third parties:

Google Analytics, Google Ads: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. For more information on privacy protection, please see https://support.google.com/analytics/topic/2919631?hl=sk&ref_topic=1008008

META Pixels: Facebook Ireland Ltd. 4 Grand Canal Square, Grand Canal Harbour Dublin 2, Ireland. For more information on privacy protection, please https://www.facebook.com/about/privacy/

 

IV. Processed personal data

 

4.1. The Operator processes the following personal data on its website: name, surname, residence, e-mail address, home phone number, mobile phone number, billing address, delivery address, data obtained from cookies, IP address.

 

V. Contact details of the Data Protection Supervisory Officer

 

5.1.The Controller has appointed a Data Protection Officer in accordance with Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data. Contact:

Email: [email protected]

Tel.: +421948452960

 

5.2. The Operator is also the Seller within the meaning of the term set out in the General Terms and Conditions of this Website.

 

VI. Purposes of processing the personal data of the Data Subject and the period of personal data processing

 

6.1.The purposes of processing the personal data of the Data Subject are in particular:

 

6.1.1. Recording, creating and processing contracts and client data for the purpose of concluding contracts with third parties.

 

6.1.2. processing of accounting documents and documents related to the Operator's business activity.

 

6.1.3. compliance with legal regulations in connection with the archiving of documents and documents, e.g. according to Act No. 431/2002 Coll., the Accounting Act as amended and other relevant regulations.

 

6.1.4. activity of the Controller in connection with the fulfillment of the request, order, contract and similar institutes of the Data Subject.

 

6.1.5. Newsletters, marketing and similar advertising activities of the Operator. In the case of granting the consent of the Data Subject to the Operator for marketing and similar advertising activities.

 

6.2. The Controller shall store the personal data of the Data Subject only for the period necessary for the purpose of performing the contract and their subsequent archiving in accordance with the statutory deadlines imposed on the Controller by law. In the event that the Data Subject has consented to the sending of advertising emails and similar offers, the personal data of the Data Subject is processed for these purposes until the Data Subject withdraws his/her consent. However, for a maximum of 10 years.

 

VII. Legal basis for the processing of the Data Subject's personal data

 

7.1 In the event that the Controller carries out the processing of personal data based on the consent of the Data Subject, this processing will be initiated only after the consent has been granted by the Data Subject.

 

7.2. In the event that the Controller processes the personal data of the Data Subject for the purposes of negotiating pre-contractual relations and concluding and performing the purchase contract, and the related delivery of goods, products or services. The data subject is obliged to provide personal data for the proper performance of the purchase contract, otherwise it is not possible to ensure performance. Personal data for a given purpose is processed without the consent of the data subject.

 

VIII. Recipients or categories of recipients of personal data

 

8.1.The recipients of the Data Subject's personal data will be, or at least may be:

 

8.1.1. statutory bodies or their members of the Controller.

 

8.1.2. persons performing work activities in an employment or similar relationship for the Operator.

 

8.1.3. sales representatives of the Operator and other persons cooperating with the Operator in the performance of the Operator's tasks. For the purposes of this document, all natural persons performing dependent work for the Operator on the basis of an employment contract or agreements on work performed outside the employment relationship shall be considered employees of the Operator.

 

8.1.4.The recipient of the Data Subject's personal data will also be the Controller's co-workers, business partners, suppliers and contractual partners, in particular: an accounting company, a company providing services related to the creation and maintenance of software, a company providing legal services to the Controller, a company providing advice to the Controller, companies ensuring the transport and delivery of products to buyers and third parties, marketing companies, companies operating social networks, companies providing payment gateways and other payment methods.

 

8.1.5. The recipients of personal data will also be courts, law enforcement authorities, tax authorities and other state authorities, if so provided by law. The personal data will be provided by the Controller to the given authorities and state institutions on the basis of and in accordance with the legal regulations of the Slovak Republic.

 

8.1.6.List of third parties – processors and recipients who process the personal data of the Data Subject:

 

General Logistics Systems Slovakia s.r.o., Budča 1039, 962 33 Budča, Slovak Republic – a third party providing transport services

 

Tatra banka, a.s., Hodžovo námestie 3 811 06 Bratislava 1 – third party providing the CardPay payment gateway

 

PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24, Boulevard Royal, 2449, LUXEMBOURG, Luxembourg - third party payment gateway

 

LUCAS s.r.o., Dargovská 1214/3 040 01 Košice – third party providing accounting

 

IX. Information on the transfer of personal data to third countries and the period of their storage:

 

9.1.Not applicable. The Controller does not transfer personal data of persons to third countries.

 

X. Notice of the existence of the relevant rights of the Data Subject:

 

10.1.The data subject has, inter alia, the following rights, where:

 

10.1.1.Clause 10.1 is without prejudice to the other rights of Data Subjects.

 

10.1.2. The Data Subject's right of access to data pursuant to Article 15 of the Regulation, which includes:

 

the right to obtain confirmation from the Controller as to whether the Data Subject processes personal data and, if so, to what extent. At the same time, if they are processed, they have the right to ascertain their content and request information from the Controller about the reason for their processing, in particular information about: the reason for their processing, the categories of personal data concerned, the recipients or categories of recipients to whom the personal data have been or will be provided, in particular in the case of recipients in third countries or international organizations, the expected period of storage of personal data, or,  if this is not possible, information on the criteria for its determination, on the existence of the right to request from the Controller the rectification of personal data relating to the Data Subject or their erasure or restriction of processing and on the existence of the right to object to such processing, on the right to lodge a complaint with a supervisory authority if the personal data have not been obtained from the Data Subject, any available information as to their source,  the existence of automated decision-making, including profiling, as referred to in Article 22(1) and (4). of the Regulation and, in these cases, at least meaningful information about the procedure used, as well as the significance and envisaged consequences of such processing of personal data for the Data Subject, about the appropriate safeguards under Article 46 of the Regulation regarding the transfer of personal data if the personal data is transferred to a third country or an international organization.

 

10.1.3. the right to be provided with a copy of the personal data that is being processed, subject to the condition that the right to be provided with a copy of the processed personal data must not have adverse consequences on the rights and freedoms of others.

 

10.1.4. the right of the Data Subject to rectification pursuant to Article 16 of the Regulation, the content of which is the right to: have the Controller rectify incorrect personal data relating to the Data Subject without undue delay. the right to complete incomplete personal data of the Data Subject, including by providing a supplementary statement of the Data Subject, the right of the Data Subject to erasure of personal data (the so-called "right to be forgotten") under Article 17 of the Regulation, the content of which is:

 

10.1.5. the right to obtain from the Controller the erasure of personal data concerning the Data Subject without undue delay if any of the following reasons is met:

the personal data are no longer necessary for the purposes for which they were collected or otherwise processed, the Data Subject withdraws the consent on the basis of which the processing is carried out, provided that there is no other legal basis for the processing of the personal data, The Data Subject objects to the processing of personal data pursuant to Article 21(1). of the Regulation and no legitimate grounds for the processing of personal data prevail or the Data Subject objects to the processing of personal data pursuant to Article 21(2). Regulation, personal data were processed unlawfully, personal data must be erased in order to comply with a legal obligation under the law of the European Union or the law of a Member State to which the Controller is subject, personal data were obtained in connection with the offer of information society services pursuant to Article 8(1). Regulation;

 

10.1.6.the right for the Controller, who has disclosed the personal data of the Data Subject, to take appropriate measures, including technical measures, with regard to the available technology and the costs of implementing the measures, to inform other controllers who carry out the processing of personal data that the Data Subject requests them to delete all references to such personal data, copies or replicas, whereby the following applies:the right to erasure of personal data containing the rights under Article 17(1) and (2). The Regulation does not arise if the processing of personal data is necessary:

 

10.1.7.na exercise of the right to freedom of expression and information.

 

10.1.8.na compliance with a legal obligation that requires processing under the law of the European Union or the law of a Member State to which the Controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller.

 

10.1.9.for reasons of public interest in the area of public health in accordance with Article 9(2)(h) and (i) of the Regulation as well as Article 9(3). Regulation.

 

10.1.10.na the purposes of archiving in the public interest, for the purposes of scientific or historical research or for statistical purposes pursuant to Article 89(1). of the Regulation, to the extent that it is likely that the right referred to in Article 17(1). the Regulation will make it impossible or seriously difficult to achieve the objectives of such processing of personal data; or to establish, exercise or defend legal claims;

 

10.1.11. the right of the Data Subject to restriction of the processing of personal data pursuant to Article 18 of the Regulation, the content of which is:

 

10.1.12. the right for the Controller to restrict the processing of personal data in respect of one of the following cases: the Data Subject challenges the accuracy of the personal data during the period enabling the Controller to verify the accuracy of the personal data, the processing of personal data is unlawful and the Data Subject objects to the deletion of the personal data and requests the restriction of their use instead, the Controller no longer needs the personal data for the purposes of processing,  but it is necessary for the Data Subject to establish, exercise or defend legal claims, the Data Subject has objected to the processing pursuant to Article 21(1). of the Regulation, until it is verified whether the legitimate reasons on the part of the Controller outweigh the legitimate reasons of the Data Subject;

 

10.1.13. the right that, in the event that the processing of personal data has been restricted, such restricted personal data processed may be processed only with the consent of the Data Subject or for the establishment, exercise or defence of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of important public interest of the European Union or of a Member State;

 

10.1.14. the right to be informed in advance about the lifting of the restriction on the processing of personal data;

 

10.1.15. the right of the Data Subject to comply with the notification obligation towards recipients pursuant to Article 19 of the Regulation, the content of which includes: the right for the Controller to notify each recipient to whom personal data have been provided of any rectification or erasure of personal data or restriction of processing carried out pursuant to Article 16, Article 17(1) and Article 18 of the Regulation, unless this proves impossible or requires disproportionate effort,  the right for the Controller to inform the Data Subject about these recipients if the Data Subject so requests;

 

10.1.16. the right of the Data Subject to data portability pursuant to Article 20 of the Regulation, which includes: the right to receive personal data relating to the Data Subject and provided to the Controller in a structured, commonly used and machine-readable format and the right to transmit such data to another Controller without being prevented by the Controller, if:

 

a) the processing is based on the consent of the Data Subject pursuant to Article 6(1)(a) of the Regulation or Article 9(2)(a) of the Regulation, or on a contract pursuant to Article 6(1)(b) of the Regulation, and at the same time

b) the processing is carried out by automated means, and at the same time:

 

10.1.17. the right to receive personal data in a structured, commonly used and machine-readable format and the right to transmit this data to another Controller without being hindered by the Controller, will not have adverse consequences for the rights and freedoms of others;

 

10.1.18. the right to transfer personal data directly from one controller to another controller, insofar as technically possible;

 

10.1.19. the right of the Data Subject to object under Article 21 of the Regulation, which contains:

 

10.1.20. the right to object at any time on grounds relating to the specific situation of the Data Subject to the processing of personal data concerning him/her that is carried out on the basis of Article 6(1)(e) or (f) of the Regulation, including objection to profiling based on these provisions of the Regulation;

 

10.1.21. in the event of the exercise of the right to object at any time on grounds relating to the specific situation of the Data Subject to the processing of personal data concerning him/her, which is carried out on the basis of Article 6(1)(e) or (f) of the Regulation, including objection to profiling based on these provisions of the Regulation, the right for the Controller not to further process the personal data of the Data Subject, unless he/she proves the necessary legitimate grounds for processing,  which override the interests, rights and freedoms of the Data Subject, or the grounds for establishing, exercising or defending legal claims

 

10.1.22. the right to object at any time to the processing of personal data concerning the Data Subject for the purposes of direct marketing, including profiling to the extent that it is related to direct marketing; however, if the Data Subject objects to the processing of personal data for direct marketing purposes, the personal data may no longer be processed for such purposes;

 

10.1.23.in relation to the use of information society services, the right to exercise the right to object to the processing of personal data by automated means using technical specifications;

 

10.1.24. the right to object, on grounds relating to the specific situation of the Data Subject, to the processing of personal data concerning the Data Subject, if the personal data are processed for the purposes of scientific or historical research or for statistical purposes pursuant to Article 89(1). Except where the processing is necessary for the performance of a task for reasons of public interest;

 

10.1.25. the data subject's right related to automated individual decision-making pursuant to Article 22 of the Regulation, the content of which is:

 

10.1.26. the right not to be subject to a decision which is based solely on automated processing of personal data, including profiling, and which produces legal effects concerning or similarly significantly affects the Data Subject, except in the cases provided for in Article 22(2). Regulation (i.e. except where the decision: (a) is necessary for the conclusion or performance of a contract between the Data Subject and the Controller,

 

10.1.27. permitted by the law of the European Union or by the law of a Member State to which the Controller is subject, which also provides for appropriate measures to ensure the protection of the rights and freedoms and legitimate interests of the Data Subject, or (c) based on the express consent of the Data Subject.

 

XI. Information on the right of the Data Subject to withdraw consent to the processing of personal data:

 

11.1.The data subject is entitled to withdraw his/her consent to the processing of personal data at any time, without affecting the lawfulness of the processing of personal data based on the consent granted before its withdrawal.

The data subject is entitled to withdraw his/her consent to the processing of personal data at any time – in whole or in part. The partial withdrawal of consent to the processing of personal data may relate to a certain type of processing operation(s), while the lawfulness of the processing of personal data to the extent of the remaining processing operations will remain unaffected. Partial withdrawal of consent to the processing of personal data may relate to a specific purpose of personal data processing/certain specific purposes of personal data processing, while the lawfulness of personal data processing for other purposes will remain unaffected.

The right to withdraw consent to the processing of personal data may be exercised by the Data Subject in paper form to the address of the Controller registered as its registered office in the Commercial Register at the time of withdrawal of consent to the processing of personal data or in electronic form by electronic means (by sending an e-mail to the Controller's e-mail address specified in the identification of the Controller in this document).

 

XII. Information on the right of the Data Subject to lodge a complaint with a supervisory authority:

 

12.1.The data subject has the right to lodge a complaint with a supervisory authority, in particular in the Member State of his/her habitual residence, place of work or place of the alleged infringement, if he/she considers that the processing of personal data concerning him/her is contrary to the Regulation, all without prejudice to any other administrative or judicial remedy.

The data subject has the right to have the supervisory authority to which the complaint has been lodged to inform him/her, as the complainant, of the progress and outcome of the complaint, including the possibility of bringing a judicial remedy under Article 78 of the Regulation.

 

12.2. The supervisory authority in the Slovak Republic is the Office for Personal Data Protection of the Slovak Republic, Hraničná 12, 820 07 Bratislava 27, Slovak Republic. Tel. contact: +421 /2 3231 3214, Email: [email protected],

 

XIII. Information related to automated decision-making, including profiling:

 

13.1.Since the Controller does not involve the processing of the Data Subject's personal data in the form of automated decision-making, including profiling referred to in Article 22(1) and (4). The Controller is not obliged to provide information pursuant to Article 13(2)(f) of the Regulation, i.e. information on automated decision-making, including profiling, and on the procedure used, as well as on the significance and expected consequences of such processing of personal data for the Data Subject. Not applicable.

 

XIV. Final Provisions

14.1. These Principles and Instructions on Personal Data Protection and Instructions on Cookies form an integral part of the General Terms and Conditions and the Complaints Procedure. Documents – General Terms and Conditions and the Complaint Procedure of this Website are published on the domain of the Seller's Website.

14.2.This Privacy Policy shall enter into force and effect upon its publication on the Seller's Website on 24.10.2024

 

 

This e-shop is certified https://www.pravoeshopov.sk