top of page

Privacy Policy

1. Who Is the Personal Data Controller

The controller of personal data is the operator of this e-shop, which sells backpacks and bags (hereinafter referred to as the “Controller”).

The Controller processes personal data in accordance with applicable legal regulations, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR).

2. What Personal Data We Process

We process only personal data that are necessary for the operation of the e-shop, in particular:

  • first and last name

  • billing and delivery address

  • email address

  • telephone number

  • order and payment details

3. Purpose of Personal Data Processing

Personal data are processed for the following purposes:

  • processing orders and concluding purchase contracts

  • delivery of goods

  • communication with customers

  • compliance with legal obligations (e.g. accounting and tax obligations)

With the customer’s consent, personal data may also be used for sending marketing communications.

4. Legal Basis for Processing

Personal data are processed on the basis of:

  • performance of a contract

  • compliance with legal obligations

  • legitimate interest of the Controller

  • consent of the data subject (e.g. for marketing purposes)

5. Recipients of Personal Data

Personal data may be disclosed only to trusted third parties involved in the operation of the e-shop, such as:

  • shipping and delivery companies

  • payment service providers

  • accounting and tax advisors

  • technical service providers (e.g. website operation)

Personal data are not transferred outside the European Union unless this is necessary and legally compliant.

6. Data Retention Period

Personal data are retained only for the period strictly necessary:

  • for the duration of the contractual relationship

  • for the period required by law

  • for the duration of the granted consent

7. Rights of Data Subjects

Customers have the right to:

  • access their personal data

  • request correction or erasure of personal data

  • request restriction of processing

  • object to processing

  • data portability

  • lodge a complaint with the Data Protection Authority

8. Personal Data Security

The Controller has adopted appropriate technical and organizational measures to protect personal data against misuse, loss, or unauthorized access.

9. Final Provisions

These Personal Data Protection Principles are effective as of the date of their publication on the e-shop’s website.

bottom of page