FREE SHIPPING ORDERS OVER €250

My Cart

No products in the cart.

Privacy Policy

In accordance with the Regulation (EU) 2016/679 of the European parliament and of The Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (“GDPR”)

 

INITIAL PROVISIONS

The company QLINE Fashion s.r.o., ID No.: 212 49 202, with its registered seat at Praha 5 – Stodůlky, Na Výrovně 3040/3, Postal Code 155 00, registered in the Commercial Register maintained by the Municipal Court in Prague under File No. C 398919 (the „Company“) is an administrator of personal data in the sense of art, 4 para. 7 of the GDPR.

The Company can be contacted via email address info@byqline.com or at the address QLINE Fashion s.r.o., Praha 5 – Stodůlky, Na Výrovně 3040/3, Postal Code 155 00.

The Company is a legal entity registered and existing under the laws of the Czech Republic.

Personal data means any information about an identified or identifiable natural person; identifiable natural person means any natural person which can be directly or indirectly identified, namely with reference to a specific identifier, e.g. name, identification number, location data, network identificator or one or more specific element of physical, physiological, genetic, mental, economic, cultural or social identity of the natural person.

The administrator has not appointed a data protection officer.

 

PURPOSES OF PERSONAL DATA PROCESSING

We process your personal data for the following purposes:

  • Performance of an executed contract and provision of related services;
  • Activities aimed towards executing contracts between the Company and potential customers;
  • Compliance with general legal obligations, namely tax and accounting related;
  • Correspondence;
  • Sending birthday, name day and Christmas wishes;
  • Protection of legal claims of the Company;
  • Dispatching commercial communication and other marketing activities;

(the „Purpose of data processing“)

 

LEGAL BASIS FOR PERSONAL DATA PROCESSING

Personal data is processed on the basis of an executed contract (for the purpose of performance of a specific order or registration of a User account), since the processing of personal data is necessary and without it the contract cannot be executed. Personal data is thus processed in accordance with art. 6 para. 1 letter b) of the GDPR.

The Company also processes personal data in accordance with art. 6 para.1 letter c) of the GDPR, as the personal data processing is necessary to comply with a legal obligation to which the administrator is subject (e.g. verifying signatures or custody of funds) and art. 6 para. 1 letter f) of the GDPR, as the Company processes personal data in order to protect its legitimate interests and the legitimate interests of its clients, customers and other persons (e.g. search and further use of data published in public registers, review of documents provided by the client, etc.).

Another reason for your consent to personal data protection is for the purpose of conducting direct marketing activities (namely dispatch of commercial communication and newsletters) in accordance with art. 6 para. 1 letter f) of the GDPR in connection with Section 7 para. 2 of the Act No. 480/2004 Coll. on certain information society services if no order of goods and services occurred.

No automatic individual decision-making within the meaning of art. 22 of the GDPR is taking place on the part of the administrator. // Automatic individual decision-making within the meaning of art. 22 of the GDPR is taking place on the part of the administrator. You have given your explicit consent to such processing.

RECIPIENTS OF PERSONAL DATA

Your personal data is processed by the Company as the personal data administrator as well as other personal data processors.

Other recipients of personal data are (i) persons co-involved in the delivery of goods / services / payment on the basis of contract, (ii) persons securing the services of operating the Website (eshop) and further services in connection with the operation and (iii) persons providing marketing services.

With all other data processors (e.g. tax advisor etc.), the personal data administrator (the Company) has entered into a relevant agreement which guarantees that the data processor will uphold the same data security principles as the Company when processing personal data.

Správce má v úmyslu předat osobní údaje do třetí země (do země mimo EU) nebo mezinárodní organizaci. Příjemci osobních údajů ve třetích zemích jsou poskytovatelé mailingových služeb / cloudových služeb nebo jiné osoby, které tyto údaje potřebují pro plnění objednávek z důvodů požadavků klienta (tzv. pokud si klient přeje doručit zboží do takové země). The personal data administrator intends to transfer the personal data to a third country (non-EU country) or an international organization. Recipients of personal data in third countries are mailing service providers / cloud service providers or other persons who require the personal data for fulfillment and dispatching of orders due to client requirements (i.e. if the client wishes to deliver goods to such country).

 

TERM OF PERSONAL DATA PROCESSING

Personal data is retained for the duration of the contract, the existence of the User account, the legitimate interest, the Company’s obligation and subsequently for ten (10) years after the end of the legal reason for the processing of personal data, unless binding legislation requires a longer period.

 

RIGHTS OF THE DATA SUBJECT

When processing personal data, the data subject has the following rights in connection with his personal data protection which are specified in this article below.

  • The right to require access to the personal data from the personal data administrator.
  • The right for correction of the personal data the Company processes.
  • The right for personal data processing restriction. Restriction of personal data processing means that the Company is required to label personal data whose processing was restricted and for the duration of the restriction cannot process such data with the exception of its saving. The data subject can invoke the right for personal data processing restriction if:
    • the data subject disputes the accuracy of the data for the time necessary for the Company to verify the accuracy of the data;
    • the processing is unlawful and the data subject refuses the erasure of the personal data and requests the restriction of the use of the personal data instead;
    • if the Company no longer requires the personal data for processing, but the data subject requires it for the determination, exercise or defense of a legal claim;
    • if the data subject has objected to the personal data processing referred to in article 7 below, until the moment it is verified that the legitimate grounds of the Company for the personal data processing outweigh the interests or rights and freedoms of the data subject.
  • The right for erasure of personal data. The right for erasure of personal data does not apply to personal data which, due to potential litigation (e.g. for damages, recovery of unjustified enrichment, etc.) and on the basis of the laws of the Czech Republic, the Company retains after the termination of the contract or after the legitimate interest has ceased to exist, in accordance with article 5 of this privacy policy.
  • Right for personal data portability. The data subject is entitled to request that the Company provide the personal data for the purpose of transferring it to another personal data administrator, or the Company itself transfers the personal data to another personal data administrator. However, this right may only be exercised by the data subject in respect of data which the Company processes by automated means on the basis of the consent of the data subject or a contract concluded with the data subject.
  • The right to withdraw consent to personal data processing in writing or electronically to the Company’s address or email.
  • The right to lodge a complaint with a supervisory authority if the data subject believes that the processing of personal data is in breach of data protection legislation. The data subject is entitled to lodge a complaint with the supervisory authority at the place of his or her residence, place of employment or place where the alleged breach occurred. In the Czech Republic, the supervisory authority is the Office for Personal Data Protection, residing at Pplk. Sochora 27, 170 00 Prague 7, www.uoou.cz.

 

THE RIGHT TO OBJECT TO PERSONAL DATA PROCESSING

If the Company processes personal data for the purposes of its legitimate interests or the legitimate interests of third parties, the data subject is entitled to object to such processing at any time. The data subject may object via the contact details provided in article 1.2 of this privacy policy. If the data subject raises such an objection, the Company shall only be entitled to continue such processing if it demonstrates compelling legitimate grounds for the processing which outweigh the interests or rights and freedoms of the data subject and if the processing is necessary for the determination, exercise or defense of legal claims.

 

MANDATORY PROCESSING AND OBLIGATION TO PROVIDE PERSONAL DATA

The processing of personal data for the purpose of performance of the contract is necessary for the performance of the obligations arising from the contract. Failure to provide the personal data may mean that the Company, through no fault of its own, will not be able to fulfill the obligations arising from the contract. The processing of other personal data is based on the legitimate interest of the Company or the legitimate interest of the Company’s clients.

 

CONDITIONS AND STORAGE OF PERSONAL DATA

Personal data processed in paper form are stored in a locked office. Personal data stored in electronic form are stored on a hard drive in the Czech Republic.

The personal data administrator declares that it has taken all appropriate technical and organizational measures to safeguard personal data.

The personal data administrator has taken technical measures to secure data storage and storage of personal data in paper form, in particular using the Jetpack plugin and forced two factor authentication login for the website administrators., zejména …

The personal data administrator declares that only authorized persons have access to personal data.

 

FINAL PROVISIONS

By submitting an order using the online order form, you confirm that you are aware of this privacy policy and that you accept it in its entirety.

You agree to these terms and conditions by checking the consent box in the online form. By checkmarking the consent box in the consent form, you confirm that you are aware of the privacy policy and that you accept it in its entirety.

The personal data administrator is entitled to change this privacy policy. The personal data administrator will publish the new version of this privacy policy on its website or send you an updated version of the privacy policy to the email address you have provided the personal data administrator with.