Outdoorweb.eu

Privacy of personal data
When processing personal data, we adhere to the principles of personal data processing and also focus on legality, correctness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity and confidentiality of personal data.

Introductory provisions

We declare that all internal processes relating to the processing of personal data are carried out in accordance with Act No. 101/2000 Coll. on the Protection of Personal Data and on the Amendment of Certain Acts, as amended, as well as in accordance with REGULATION (EU) No. 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), otherwise known as GDPR.

The Company is the sole controller of personal data. However, we work with a number of processors with whom we have signed processing agreements (see below).

What data do we process and why?
Below is the full (maximum) range of data that can be processed. In the specific processing, the scope of the data is narrowed down to only those data that we actually need to process in order to achieve the specific purpose.

Keep in mind that outdoorweb.cz cooperates mainly with companies and the processing of certain data is necessary for us to fulfil our cooperation with these companies, especially in the case of invoicing.

The following are the data we process for the purpose of contract performance and based on our legitimate interest for the purpose of business cooperation, user account maintenance, direct marketing and improving our services:

First and last name (contract performance, business activities and direct marketing)
Company name (contract performance, business activities and direct marketing)
E-mail address (contract performance, business activities and direct marketing)
Phone number (contract performance and business activities)
Billing, mailing and delivery address (contract performance and business activities)
Number and VAT number (contract performance and business activities)
Password (to ensure the operation of the user account on the e-shop)
Employer, Job title / function (for the purpose of communication with company employees)
Signature and car registration number (for confirmation of delivery notes in the case of receipt of goods for invoice)
Bank account number (for matching payments in accounting - to speed up the agenda you can enter it as an optional data when registering on the e-shop, otherwise we process it in the framework of incoming payments)

IP address
By visiting our company's website, you also provide us with personal data about your IP address, location, browser, system or screen resolution. This personal data is collected by Google web analytics and is only used for our use to analyse and improve our services. As this data is collected and processed for our legitimate interests, your consent to this processing is not required. The legal basis for this processing is necessity for the purposes of our legitimate interests. For more information about Google's privacy policy, please see their privacy policy.

Services used
In connection with the services we provide, we also process your personal data relating to the services provided, in particular data about the type of services provided, their scope and price. This processing is in the interest of the data subject themselves. It also serves our need for the purpose of analysing and improving our services. As this data is collected and processed for the purpose of legitimate interests, your consent to this processing is not required. The legal basis for this processing is necessity for the purposes of our company's legitimate interests.

Accounting a.j.
We also process our customers' personal data for the purpose of fulfilling legal obligations. For the reasons required by the Accountancy Act and other legal regulations, in particular in the field of taxation, we keep documents (in electronic or paper form) containing personal data, in particular invoices and documents from which the legal reason for issuing an invoice is derived, for the period prescribed by law.

Newsletter
We also use customers' personal data to send our Newsletter. We never provide personal data for third party marketing purposes. We process the personal data, which is your e-mail address, first and last name, for the purpose of sending you electronically our communications regarding our company's products and services, without your consent in accordance with the law, as this is in the legitimate interest of our company. This is so-called direct marketing. As a condition of sending the Newsletter, which may contain commercial communications, the customer has a clear and distinct possibility to refuse consent to such use of the e-mail address in a simple and free way. If you inform us that you do not consent to the sending of these communications, marked as Newsletter, we will stop processing your personal data for this purpose. The legal basis for this processing is necessity for the purposes of our company's legitimate interests.

The legal basis for the processing of your personal data is the fact that this processing is necessary for the purposes of the legitimate interests of the controller or a third party within the meaning of Article 6(1)(f) of Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter referred to as the "Regulation").
The purpose of processing your personal data is the sending of commercial communications by the controller to you within the meaning of Act No. 480/2004 Coll, on certain information society services and on amendments to certain acts (Act on certain information society services), as amended (hereinafter referred to as the "Act on certain information society services").
We do not perform automated decision-making, i.e. there is no automated individual decision-making by the controller within the meaning of Article 22 of the Regulation.

Cookies
In order to facilitate the functionality of the website, an overview of its functioning and also for its protection, personal data about website visitors are collected, stored in so-called "cookies" - small files allowing to store specific information about the PC of website visitors during their visit to the website. Cookies help us to determine the frequency of visits, the number of visitors and to adjust our services to make them convenient and efficient, including identifying users when using online applications and storing preferred user settings. Cookies cannot penetrate a user's system.

It is not necessary to obtain the user's consent for cookies strictly necessary for the operation of the website and Internet services. For all other cookies, consent must be obtained, but this can be obtained by adjusting the settings of common browsers.

The user determines in the settings of his/her PC or browser whether the browser should allow the website to store cookies on the end device. This setting can be regarded as consent to the processing of personal data. The browser is a tool for mediating consent.

Online card payment
In connection with the implementation of the European PSD2 directive, multiple customer authentication, so-called strong customer authentication, occurs on the issuer's side during payment transactions. This applies to all transactions made with a card issued by a European issuer and processed by a European processor. This provision requires the paying customer to be authenticated in such a way as to prove that he or she is the actual, authorised cardholder with regard to the legitimate interest in the transaction. The verification of the paying customer occurs before the payment is authorised and the funds are debited from the cardholder's account.

The following data is only stored by payment card issuers for the purpose of a possible TRA (Transaction Risk Analysis) exception to allow for a simpler purchasing process. Kondor, s.r.o. transmits this data on the basis of legitimate interest.

First and last name
E-mail
Phone number
Billing address
Shipping address
Special categories of personal data
We do not process personal data falling into a special category (indicative of national, racial or ethnic origin; political opinions; trade union membership; religion and philosophical beliefs; criminal convictions; health; sexual life; genetic data and certain biometric data), nor personal data of children.

How long is personal data processed?
We only process your personal data for the duration of the reason for processing the personal data. However, due to the Act of 1 April 2004 No. 235/2004 Coll., on value added tax, your data may be stored for up to 10 years after the end of the cooperation.

E-shop account
In the interest of the data subject, access to accounts created by registering via the e-shop are valid for 10 years. This period is always extended when an order or enquiry is placed.

Tax documents a.j.
We automatically shred archived paper documents after the legal period of 10 years has expired.

Data in IS
Personal data in our information system is also processed for the purpose of contract performance. Due to the Value Added Tax Act and also in the interest of the data subject, they can be processed up to 10 years after the end of the last cooperation.

Newsletters
We send direct marketing newsletters for a maximum of 3 years after the last cooperation has ended. It is always possible to unsubscribe from the newsletter. Either by using the link at the end of each newsletter or by contacting the Company directly. It is also possible to opt-out of these commercial communications directly when registering on the e-shop.

Is personal data passed on to third parties?
In no case do we pass on your personal data for marketing and other needs of third parties.

Your personal data is only passed on to the following companies for the purposes of fulfilling the contract and for the pursuit of our legitimate interests, provided that they act as processors and a processing contract is signed between them and the Company.

Simplia, s.r.o. - website operation, e-shop
Google, Inc. - web analytics
Shipping companies PPL, Zasilkovna and possibly other contracted carriers
Global Payments Inc. and credit card issuer (transfer of information for the purpose of strong client authentication)
Paypal. com - payment company
MONPEKO, s.r.o. - accounting company

Who has access to personal data?
In addition to the processors listed above, the Company's employees may have access to the personal data of data subjects. Thanks to internal procedures and a system of rights, it is ensured that only the minimum necessary persons have access.

How is the security of your data ensured?
We implement a range of security measures to ensure the security of your personal data to prevent loss, falsification, manipulation, misuse or unauthorised access. The website is protected by encryption using an SSL certificate. Access to personal information is only granted to employees who need it to perform their jobs (such as billing or customer service) and these employees are bound by confidentiality. Computers/servers used to store personal data are secured and data is backed up. We have defined clear working procedures in order to protect your personal data.

Is your data transferred abroad?
We never transfer your data abroad outside the European Union (EU).

Data Subject Rights
An individual has several rights with respect to their personal data under the GDPR. We aim to resolve requests from data subjects whose personal data we process as quickly as possible, but no later than the legal deadline of 30 days. However, we must be sure of the identity of the applicant.

We process these requests free of charge, unless they are unreasonably repetitive or require excessive effort on our part.

You have the right to:

Access to personal data - you have the right to access the personal data we process about you and to information about the purpose of the processing, the intended duration of the processing.
Correction of personal data - if you find that the data we process is inaccurate or incomplete, you can request its correction. If we discover the inaccuracy ourselves and carry out the correction, we will inform you.
Erasure of personal data - unless it is contrary to our interest or to any law, you can request the erasure of your personal data, which we carry out through anonymisation.
limitation of processing - you have the right to limit the processing of your personal data, in practice, for example, at the time of processing other requests (erasure, rectification, objection, etc.).
transferability of personal data - you have the right to obtain your personal data in a common machine-readable format and transfer this data to another controller. If technically feasible, this data can be transferred from one controller to another.
object to processing - you have the right to object to the processing of your data at any time. If we comply with your request, we will not process the data further and, where possible, we will delete it unless we can demonstrate that we have compelling reasons for processing it.
Contact information and exercise of rights
As our business does not require us to have an official data protection officer, please contact us to exercise your rights

Please note that in exercising your rights we may require the necessary steps to identify you. One option is to show proof of identity in person at one of our offices. You have the right not to prove yourself to us in this way. However, if there is no other adequate means of identification, we cannot comply with your request.

If you have any doubts about the compliance of the processing of your personal data with the law, you have the possibility to file a complaint with the supervisory authority, which in the Czech Republic is the Office for Personal Data Protection (see www.uoou.cz).

Concluding provisions
This document may be revised and updated as necessary. We therefore recommend that you check our data processing policy regularly.

Safe shopping Your data is safe

Delivery in eshop stock within 24 hours

20,000 products in stock

Free shipping from 999 CZK