Customer support:+420 731 499 951info@plasti-co.cz
    Home / Terms of personal data protection

    Terms of personal data protection

    I. General Provisions

    The controller of personal data pursuant to Article 4(7) of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as “GDPR”) is:

    webclick s.r.o.
    Company ID: 24391255
    VAT ID: CZ24391255
    Registered office: Knovízská 2410/2, Chodov, 149 00 Prague
    Registered in the Commercial Register maintained by the Municipal Court in Prague, file no. C 440370
    (hereinafter referred to as the “Controller”)

    Controller’s contact details:

    Return address and correspondence:
    T. G. Masaryka 536, 570 01 Litomyšl-Město

    Email: info@plasti-co.cz
    Phone: +420 778 088 012

    Personal data means any information about an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, network identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

    The Controller has not appointed a Data Protection Officer.

    II. Sources and Categories of Processed Personal Data

    The Controller processes personal data that you have provided or personal data obtained based on the fulfillment of your order, in particular:

    • first name and surname
    • email address
    • postal address
    • phone number

    The Controller processes identification and contact data and data necessary for the performance of the contract.

    III. Legal Basis and Purpose of Processing Personal Data

    The legal basis for processing personal data is:

    • performance of a contract between you and the Controller pursuant to Article 6(1)(b) GDPR,
    • compliance with a legal obligation of the Controller pursuant to Article 6(1)(c) GDPR,
    • legitimate interest of the Controller in providing direct marketing (especially sending commercial communications and newsletters) pursuant to Article 6(1)(f) GDPR,
    • your consent to the processing of personal data for direct marketing purposes pursuant to Article 6(1)(a) GDPR in connection with Section 7 of Act No. 480/2004 Coll., on certain information society services.

    The purpose of processing personal data is:

    • processing your order and exercising rights and obligations arising from the contractual relationship,
    • fulfilling legal obligations towards the state (e.g. accounting and tax obligations),
    • sending commercial communications and marketing information.

    There is no automated individual decision-making by the Controller within the meaning of Article 22 GDPR.

    IV. Data Retention Period

    The Controller stores personal data:

    • for the period necessary to exercise rights and obligations arising from the contractual relationship and to assert claims from these relationships (for a maximum of 15 years from the termination of the contractual relationship),
    • for the period until consent to processing for marketing purposes is withdrawn, but no longer than 15 years.

    After the retention period expires, the Controller deletes the personal data.

    V. Recipients of Personal Data (Controller’s Subcontractors)

    Recipients of personal data are persons:

    • involved in the delivery of goods or execution of payments,
    • ensuring the operation of the e-shop (e.g. Shoptet platform),
    • providing marketing services,
    • providing accounting and IT services.

    The Controller may use third-party tools (e.g. Mailchimp), which may involve the transfer of data outside the EU. In such cases, transfers are carried out only on the basis of appropriate safeguards under GDPR (e.g. standard contractual clauses).

    VI. Personal Data Processors

    Personal data is processed by the Controller. Personal data may also be processed for the Controller by:

    • email marketing service providers (e.g. Mailchimp),
    • e-shop solution providers (e.g. Shoptet),
    • accounting and IT service providers,
    • possibly other software service providers.

    VII. Your Rights

    Under the conditions set out in GDPR, you have:

    • the right of access to your personal data pursuant to Article 15 GDPR,
    • the right to rectification pursuant to Article 16 GDPR,
    • the right to erasure pursuant to Article 17 GDPR,
    • the right to restriction of processing pursuant to Article 18 GDPR,
    • the right to object to processing pursuant to Article 21 GDPR,
    • the right to data portability pursuant to Article 20 GDPR,
    • the right to withdraw consent to the processing of personal data at any time.

    You also have the right to lodge a complaint with the Data Protection Authority (www.uoou.cz) if you believe that your right to personal data protection has been violated.

    VIII. Personal Data Security Conditions

    The Controller declares that it has taken appropriate technical and organizational measures to secure personal data.

    The Controller has implemented measures to secure data storage and paper documents.

    Only authorized persons have access to personal data.

    IX. Final Provisions

    By submitting an order via the online order form, you confirm that you have been acquainted with the personal data protection conditions and that you accept them.

    Consent to the processing of personal data is granted via the online form, where required.

    The Controller is entitled to amend these conditions. The new version will be published on its website.

    These conditions come into effect on February 24, 2026.