top of page

Privacy Policy

Privacy Policy of CoffeeMat s.r.o.

 

Your privacy is our priority. We consider the protection of your personal data part of our social responsibility. Therefore, we would like to inform you about how we process your personal data in connection with the provision of services related to the CoffeeMat application (hereinafter referred to as the “services” and the “application”).

 

I. Basic Provisions

 

    1.    The controller of personal data according to Article 4, Point 7 of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter referred to as “GDPR”) is CoffeeMat s.r.o., ID 17944023, with its registered office at Zelenečská 312/37, 198 00 Prague (hereinafter referred to as the “controller”).

    2.    The contact details of the controller are:

    •    Address: Zelenečská 312/37, 198 00 Prague

    •    Email: info@coffeemat.cz

    •    Phone: +420 731 269 633

    3.    Personal data means any information about an identified or identifiable natural person; an identifiable natural person is a person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, email, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

    4.    The controller has not appointed a data protection officer.

 

II. Sources and Categories of Processed Personal Data

 

    1.    The controller processes personal data that you have provided or personal data that the controller has obtained on the basis of the provision of services.

    2.    The controller processes your identification and contact data and data necessary for the performance of the contract concluded in accordance with the Terms of Service of CoffeeMat, specifically:

    •    Email

    •    Name

    •    Phone number

    •    User ID

 

III. Legal Basis and Purpose of Processing Personal Data

 

    1.    The legal basis for processing personal data is:

    •    The performance of the contract between you and the controller according to Article 6(1)(b) GDPR;

    •    The legitimate interest of the controller in providing direct marketing (particularly for displaying advertisements directly in the application and sending commercial communications and newsletters) according to Article 6(1)(f) GDPR;

    •    Your consent to the processing of personal data for the purposes of direct marketing (particularly for sending commercial communications and newsletters) according to Article 6(1)(a) GDPR in conjunction with Section 7(2) of Act No. 480/2004 Coll., on certain information society services, in cases where no order for goods or services has been placed.

    2.    The purpose of processing personal data is:

    •    To fulfill your order, provide services, and fulfill rights and obligations arising from the contractual relationship between you and the controller; without providing personal data, it is not possible to conclude a contract or fulfill it by the controller; and

    •    To send commercial communications and perform other marketing activities.

    3.    If you purchase our goods or services, your name, surname, email address, and phone number may be used to send commercial communications informing you about goods or services we provide that may interest you. You can unsubscribe from commercial communications at any time via the link in the emails or by sending a message to info@coffeemat.cz.

    4.    The controller does not engage in automated individual decision-making within the meaning of Article 22 GDPR. You have given explicit consent to such processing.

 

IV. Period of Retention of Personal Data

 

    1.    The controller retains personal data:

    •    For the period necessary to exercise rights and obligations arising from the contractual relationship between you and the controller and to assert claims from these contractual relationships, i.e., for ten years from the termination of the contractual relationship; or

    •    If personal data are processed based on consent, for the period until the consent for processing personal data for marketing purposes is revoked, but no longer than five years.

    2.    After the retention period of personal data expires, the controller will delete the data.

 

V. Recipients of Personal Data (Controller’s Subcontractors)

 

    1.    Recipients of personal data are only persons involved in:

    •    Payment transactions (Qerko s.r.o.).

    2.    The controller does not intend to transfer personal data to a third country (i.e., outside the EU) or an international organization.

 

VI. Your Rights

 

    1.    Under the conditions set out in GDPR, you have:

    •    The right to access your personal data according to Article 15 GDPR,

    •    The right to rectify personal data according to Article 16 GDPR or restrict their processing according to Article 18 GDPR,

    •    The right to delete personal data (including canceling registration) according to Article 17 GDPR,

    •    The right to object to processing according to Article 21 GDPR (if personal data are processed based on Article 6(1)(e) or (f) GDPR),

    •    The right to data portability (which you have provided to the controller) according to Article 20 GDPR, and

    •    The right to withdraw consent to the processing of personal data in writing or electronically to the address or email of the controller.

    2.    If you believe that your right to personal data protection has been violated, you have the right to file a complaint with the Office for Personal Data Protection, which is the competent supervisory authority.

 

VII. Conditions for Securing Personal Data

 

    1.    The controller declares that it has taken all appropriate technical and organizational measures to secure personal data. At the same time, we would like to point out that no method of data transmission over the internet is 100% secure and reliable, and therefore absolute security of your personal data cannot be guaranteed.

    2.    The controller has taken technical measures to secure data storage and storage of personal data in paper form, in particular: encrypted passwords, secure operating systems, the use of encrypted communication and encryption of storage, and maintains antivirus software and all other software up to date.

    3.    The controller declares that personal data can only be accessed by authorized persons of the controller and only to the necessary extent.

 

VIII. Final Provisions

 

    1.    By confirming registration in the application, you confirm that you have read and fully accept these privacy policy rules.

    2.    The controller is entitled to change these privacy policy rules. The new version of the privacy policy rules will be published on its website.

    3.    You can exercise your above-mentioned rights, as well as any questions or complaints, at the email address info@coffeemat.cz or through other contact details provided in Article I of these rules.

 

These privacy policy rules are effective from June 1, 2024.

bottom of page