Privacy Policy

I. Effect of privacy policy

Present Privacy and Data Protection policy (hereinafter referred to as: Policy) applies to services and

data management directly related to the website at the following web link: The Policy is valid and effective for indefinite period of time. The Policy may be modified by the Data Manager at any time, however, Data Manager shall preliminarily notify the Users about any modification in appropriate format (Newsletter or pop-up window that appears at login). The notification shall precede the date when modification takes effect, and shall be provided to the User in a timely manner to allow the User to decide about the acceptance or rejection and deletion of his/her registration. The effect and scope of Policy does not extend to questions regulated in the GTC (i.e.: shopping, complaints management). Therefore the Policy does not duplicate information on shopping, payment or delivery processes discussed in the GTC.

II. Definition of terms

1.User: any person that uses the services of the website operated by the Data Manager after completing the adequate purchase process on the website.

2.Personal data: data related to any specified natural person (hereinafter referred to as: involved party) or any conclusion drawn from the data related to the involved party. The personal data will maintain personal qualification throughout the data management process, until the relationship with the involved party can be recovered.

3.Data management: a process, or a sequence of processes, carried out on data, regardless of the applied method, for instance: data collection, registry, saving, classification, storage, modification, use, transmission, disclosure, harmonization or linking, locking, deletion or erasure, and prevention of further data use.

4.Data Manager: HLBS s.r.o.

5.Data Transmission: a process that opens the data access to a specified and authorized third party.

6.Disclosure: a process that opens the data access to the public.

1 / 6

7.Data deletion: irreversible process of making data unrecognizable and unrecoverable

8.Data processing: technical processes related to data management operation, regardless of the method of instrument applied to carry out the processes, or the site of application.

9.Data processor: natural person or legal entity, or any individual or business, or organization that is not a legal entity that carries out data processing of personal data upon the commission of Data Manager -including any commissions based on legal provisions.

10.Automatized data stocks: data stocks that are automatically processed.

11.Instrumental processing: includes the following operations, if they are carried out partly or completely with automatized instruments: data storage, logical and arithmetic operations carried out with data, modification, deletion, recovery or extension of data.

III. Scope and format of managed data

1.Usable data according to User consent: e-mail address, first and surname, delivery address, accounting name and address, phone number.

2.Usable data technically saved during system operation: data of the computer of a logging-in User, which are saved during the service use, by the Data Manager’s system as an automatic result of technical processes (such data particularly include: IP address, or in some cases the operating system and browser type). These automatically saved data will be entered in the system diary during login and logout, without the expressed consent or activity of the User. These data cannot be linked to other personal user data—with exception of data listed under the provisions of law. The data are accessible only and exclusively by the Data Manager.

3.Data Manager is authorized to modify the contents of the registration menu, to delete certain data fields and create new data fields, particularly if user demands and customs make it desirable or justifiable. The Data Manager must inform Users about the changes latest within 15 days preceding the first use of modifications.

2 / 6

4. The Data Manager is not entitled to modify any submitted data.

IV. Purpose and conditions of privacy policy

1.Data Management is preceded by the voluntary consent of users of the webcontent of website, based on preliminary and adequate information. The consent includes the users’ expressed agreement to the use of personal data submitted during the period of use. The legal grounds for data management are constituted in the voluntary consent of the involved user.

2.The purpose of data management is to guarantee the providing of services accessible under the URL address These include: - e-mail address to allow communication

- e-mail address and password to identify User during the login process, - other data serve the performance of services, delivery and accounting.

3.The purpose of automatic data saving is the creation of statistics, the development of IT system and the protection of user rights.

4.The Data Manager is entitled to send electronic mail to the User’s registered email (newsletter or advertisements with promotional purpose related to the service), if the User gave his/her consent during the registration process or during any the period of use.

5.Data Manager cannot use users’ personal data for purposes other than what is specified in this section.

6.Data Manager is not liable for reviewing any submitted personal data for validity or adequacy. The User submitting any personal data is solely and fully liable for the validity and adequacy of submitted data. From the moment of submission of User’s personal email address, User is held responsible for guaranteeing that the services are used only and exclusively by the User and no other persons who may access the same email address. With regards to the liability for service use, the burden of responsibility for all action related to the login with personal email address, encumbers only and exclusively to the User who is registered under the email address.

V. Access to managed data

3 / 6

1.Personal Data of the User may be transmitted to a third party or to authorities only with the preliminary, expressed consent of the User—unless otherwise stated by the provisions of law.

2.The Data Manager maintains the rights to employ Data Processor to carry out specific technical operations.

VI. Time period of data management

1.Data Manager is entitled to manage personal data of the User until the date of the User’s unregistration from the service (i.e. undoing registration with the specific Username). Deletion must take place within 15 days after the arrival of User request for unregistration (that is, the request for deletion).

In case of the unlawful or misleading use of personal data, the suspicion of a criminal offense committed by the User, or a system attack, the Data Manager is entitled to delete User data simultaneously with the unregistration of the User. In case of suspicion of criminal offense or civil liability, the Data Manager is also entitled to store data for the period of investigation.

2.Personal Data provided by the User – even in case the User does not unregister from the services – are accessible for use by the Data Manager until the User does not submit written and expressed request for the termination of his/her data use. The User’s request to terminate data use without unregistration from service use, will not affect the User’s right to service use, however, it is possible that in absence of personal data, a number of services will no longer be available for his/her use. Deletion of data will take place within 15 days after the receipt of User request for deletion.

3.Data saved automatically and technically during system operation, are stored in the system from the moment of data generation through a time period that is necessary for system operation. The Data Manager guarantees that these, automatically saved data must not be linked to other personal data – expect for cases specified by the provisions of law. If the User withdrew his/her consent to personal data use, or unregistered from the services, the User’s person will not be identifiable from the technical data.

VII. User statement on the use of personal data

1.Upon User request, the Data Manager provides information on the use of the User’s data, including the purpose and legal grounds of use, the period of use, as well as the names, addresses, and data

4 / 6

management activities of other eventual data managers. Furthermore, Data Manager provides information on who and why, will eventually receive (or already received) the data. User requests can be sent in written form, by mail or electronically to the Data Manager, to the contact available on the following website: Data Manager is responsible for responding to the requests within 15 days upon receipt. In case of E-mail the date of receipt is considered to be the first working day following the date of the E-mail’s sending.

2.Information providing requirement may only be denied by Data Manager under applicable provisions of law. Data Manager is liable for informing the User about the reason for the denial of information.

3.Any request for the modification or deletion of personal data may be submitted in writing, by mail or electronic mail to the Data Manager to the addresses provided at the website,

4.Specified personal data modification may also take place with the modification of website including the personal profile.

5.Following the performance of request to delete or modify personal data, the deleted materials can no longer be recovered.

VIII. Liability of User

1.User is liable for adhering to the effective regulations, and for refraining from unlawful activities or any violation of other users’ rights, during the period of use.

2.In case anyone is informed about unauthorized disclosure of their personal data on the website, this information may be indicated to the Data Manager. In case personal involvement is indeed supported by evidence, the Data Manager will delete the data.

IX. Liability of Data Manager

1.Data Manager is liable for making every effort and steps of due care to guarantee data protection, to provide appropriate level of protection particularly against unauthorized access, modification, transmission, disclosure, deletion or erasure, and accidental erasure or damage.

5 / 6

2.Personal Data necessary for the use of Data Manager’s Services, are used by the Company only with the consent of involved parties, only and exclusively for specified purpose.

3.In all cases when the data provided by User are to be used by Data Manager for purposes other than those specified in the original agreement, the Data Manager must inform the User and request the User’s preliminary, expressed consent, and allow possibility for the User to deny his/her consent to data use.

4.Data Manager agrees to the appropriate use of data in his/her access, in accordance with the provisions of the data protection regulations, and will not transmit data to unauthorized third party. This condition does not apply to the use of data in statistically amassed form, which may not include, in any form, the name of the involved party, or any other data suitable for personal identification.

X. Enforcement of rights

1.With complaints, excuses related to privacy or website use, Users may directly contact the Data Manager that will make every effort to stop infringement and advance the remedy for any violation of rights.

2.User’s privacy rights may be enforced by court, User may also contact the European Commissioner for Data Protection with complaints, or contact other data protection authorities commissioned by the law.

European Commissioner for Data Protection: Giovanni Buttarelli

Deputy Commissioner: Wojciech Wiewiórowski

Headquarters: Bruxelles (Belgium)


XI. Data Manager’s Contact Information

Company: HLBS s.r.o.

Headquarters: Hlavná 22, 943 01 Štúrovo, SK


Tax registry No.: SK2120396762

Company registration No.: 50 598 724

6 / 6