Personal data protection principles

Initial provisions

These personal data protection principles describe the manner of obtaining, using and further handling of personal data obtained via divesoft.com.

Controller

The personal data controller is:

Divesoft s.r.o. Comp. Reg. No. 267 22 101 having its registered office at K Haltýři 756/14, Troja, 181 00 Praha 8 maintained by the Municipal Court in Prague under file No. C 89580

Legislation

When handling personal data we proceed in accordance with the Czech Republic legislation and directly applicable European Union regulations, in particular by the Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC, as amended (hereinafter “GDPR").

Obtaining personal data

You give your personal data to us in particular when you are completing an order, or when setting up a user account. If there is any change in your personal data, inform us please.

When visiting and using a web interface, further personal data may be obtained and stored using cookies.

Personal data

When completing an order or during registration you provide us with the following personal data:

a) first name and surname
b) contact address
c) e-mail address
d) telephone number

Purpose of personal data processing

The purpose of personal data processing is:

a) contract performance – in order to deliver goods or provide a service and in case of registration for allowing access, administration and management of a user account. This data processing is based on Article 6(1) (b) GDPR and serves for performing a contract.
b) fulfilling obligations set by the law – in particular obligations to maintain records, archiving of tax documents etc. This data processing is based on Article 6(1) (c) GDPR and serves for fulfilling legal obligations.
c) purposes of the legitimate interests – sending commercial messages (newsletters) about our goods and services to those who purchased our goods or set up a user account and agreed with sending of commercial messages. Commercial messages relate mainly to news in our business assortment and discount. Commercial messages are sent to your e-mail and you can revoke it at any time. This data processing is based on Article 6 (1) (f) GDPR and serves to our legitimate interest.
d) given consent – sending the aforementioned commercial messages to those who signed up for their subscription without having purchased any good or services or set up a user account. Commercial messages are sent to your e-mail and you can revoke it at any time. This data processing is based on Article 6 (1) (a) and Article 7 of the GDPR.

Personal data processing for sending commercial messages

If you are our customer, we have a legitimate interest for sending our commercial messages, because we reasonably believe that you are interested in our news. If you are not our customer, we will only send you commercial messages with your consent. In order for us to be able to send you our commercial messages on current products, discount offers, accessories offers or consumable material to already purchased products, we process the following personal data: first name and surname and e-mail address.
The aforementioned personal data will not be provided to third parties except for e-mail services provider which provides bulk sending of the newsletter. The provider has clearance for secure personal data processing and has undertaken to observe the regulation. The provider is located in the United States of America and is registered in the EU-USA privacy shield.
The EU-USA privacy shield is available at: https://www.privacyshield.gov. The European Commission issued a decision on adequate protection in relation to this shield, in the mode under Article 45(9) GDPR, therefore such transmission of personal data does not require a special permission.
You can revoke sending of commercial messages at any time by using the link provided in each our newsletter e-mail or by using the settings of your account or any time when you order our goods.

Processing duration

For the duration of mutual contractual relation or for a period set by legal regulations. Personal data for the purpose of sending commercial messages and for the period for which you are subscribed and 3 years after you have unsubscribed.

Your rights

As the data subject you have all rights arising from generally binding legal regulations for protection of personal data, in particular the right to:

a) recall consent with personal data processing,
b) access to personal data,
c) personal data rectification,
d) personal data deletion,
e) limitation of personal data processing,
f) raise objection against personal data processing,
g) transfer personal data to other controller,
h) file a complaint with the Office for Personal Data Protection if you believe that the controller proceeds contrary to generally binding legal regulations for personal data protection when processing personal data.

Processors

We use personal data processors which provide administration of e-shop, delivery services and e-mail sending for provision of services and personal data processing.
The processors process data solely upon our instructions, we concluded contract for personal data processing with them and they are obliged to maintain generally binding legal regulations for personal data protection.
All processors have been carefully selected and they will have access to your personal data only in the scope and for time period necessary for provision of a service or in the scope in which you allowed processing and using personal data.

Personal data security

We undertook to adopt such measures to prevent from unauthorized or accidental access to personal data, their change, destruction or loss, unauthorized transmissions, or other unauthorized processing, as well as other personal data misuse. This obligation will survive termination of employment or contractual relation.

Our employees or other natural persons processing personal data based on a contract, and other persons, are obliged to keep in confidentiality all personal data, even after termination of employment or contractual relation.

Cookies

Cookies are text files stored in a computer or other electronic device of each visitor divesoft.com, which allow functioning of a web interface. It is a small amount of data which a viewed webpage sends to your device where it is stored. When you visit the previously viewed webpage next time it will use the stored cookies to identify whether you have visited the page already and what parts of the web you are viewing. Cookies also allow you to save your settings.
Not all cookies collect personal data. Certain cookies only allow correct functioning of web interface. You can refuse to use cookies by selecting the relevant setting in your browser.
Note that if you refuse cookies you will not be able to finish your order.
The webpage interface uses these services working with information obtained through cookies: Google Analytics and possibly other services provided by Google, Inc and Facebook Pixel provided by Facebook Inc.

Contact

Please use the below contacts for all questions concerning personal data processing:

Divesoft s.r.o., with the registered office at Hálkova 2495, 413 01 Roudnice nad Labem, Czech Republic
Web: divesoft.com
E-mail: info@divesoft.com Telephone: +420 416 857 057