Principles of processing, protection of personal data and use of cookies

(part of the General Terms and Conditions for the use of the Portal located at (URL) www.zipli.style) (hereinafter referred to as the "Privacy Policy")

1. Introductory provisions

1.1. This Privacy Policy is an integral and binding part of the General Terms and Conditions of Use of the Portal.

1.2. Terms and definitions used in this Privacy Policy, but not defined herein, have the meaning assigned to them in the General Terms and Conditions of Use of the Portal.

2. Processing of personal data and contact details of the administrator

2.1. Personal data is any information relating to an identified or identifiable data subject (natural person) (hereinafter referred to as “Personal Data”). All Personal Data of the User (natural person) are processed in accordance with the Terms and Conditions and generally binding legal regulations, in particular Act No. 101/2000 Coll., on the Protection of Personal Data and on Amendments to Certain Laws, as amended (hereinafter referred to as the “Act on the Protection of Personal Data”). This does not affect the obligation of the Personal Data Administrator to provide information about the User to third parties or public authorities in cases regulated by legal regulations.

2.2. The User's rights relating to the processing of his/her Personal Data are governed by the Personal Data Protection Act.

2.3. The administrator of the Portal User's Personal Data is Hyperia s.r.o., Company ID: 47136961, with its registered office at Na bráne 8665/4 010 01 Ĺ˝ilina (hereinafter referred to as the "Administrator"). You can contact the Administrator at the e-mail address [email protected] or at the registered office address Na bráne 8665/4 010 01 Ĺ˝ilina. The Personal Data Administrator determines the purpose and means of processing Personal Data, carries out the processing and is responsible for it.

3. Sources and purpose of processing Personal Data

3.1. When using the Portal, Personal Data is processed in the following cases:

3.1.1. when filling out the registration form (user account). The Administrator processes the following Personal Data:

  • email and password;
  • name, nickname, gender, date of birth, photos – if you provide them.

The Administrator needs this data to enable the User to log in to the customer account. Without this data, the Administrator is unable to enable login and use of the account. The password is stored in encrypted form and does not have access to it.

3.1.2. when filling out the registration form (e-shop account). The Administrator processes the following Personal Data:

  • email and password;
  • basic data – e-shop name, contact person, e-shop URL, phone number, feed URL;
  • e-shop description – if you provide one;
  • Billing data – company ID, company name, street, city, postal code, country, email for billing;
  • country, currency, VAT number – if you provide them;

The Administrator needs this data to enable the User to log in to the e-shop account. Without this data, the Administrator is unable to enable login and use of the account. The password is stored in encrypted form and does not have access to it. The Administrator needs basic data about the e-shop to be able to identify the e-shop. The Administrator needs billing data to issue an invoice.

3.1.3. In the event of contacting the Administrator, the Administrator processes the following Personal Data:

  • email and message content;
  • telephone number – if you provide one;

The Administrator needs this data to be able to respond to the User and to know what the User asked about and what they were interested in.

4. Legal basis for processing Personal Data

4.1. The User's personal data is processed for 3 legal reasons:

4.1.1. based on the so-called legitimate interest of the Administrator;

4.1.2. if the Administrator and the User have concluded a contract for the provision of services, the Administrator processes Personal Data for the purpose of fulfilling the contract;

4.1.3. if the Controller is obliged to process the data by the relevant legal regulation.

4.2. By checking the box "I agree to the processing of my personal data in accordance with the General Terms and Conditions of Use and the Privacy Policy and the Use of Cookies", which is located in the registration form as part of registration on the Portal, the User grants consent to the processing of his Personal Data in accordance with the Terms and Conditions and this Privacy Policy. The User is obliged to familiarize himself with the Terms and Conditions and the Privacy Policy before completing registration on the Portal. Granting consent to the processing of Personal Data in accordance with this article is one of the conditions for completing Registration on the Portal and using related services.

4.3. The User acknowledges that he/she may withdraw his/her consent to the processing of Personal Data at any time by written notification sent by registered letter to the address of the Administrator's registered office or to the Administrator's e-mail address. [email protected].

4.4. We intend to be in regular contact with Users. Therefore, if you have concluded a contract with us, we may send you a so-called commercial notice (newsletter) by e-mail, or if you have created an account, we may also send you informational e-mails regarding your activities on our website. These are e-mail messages in which we inform Users mainly about news and interesting promotions related to the services provided under the service contract concluded between the User and the Administrator. The Administrator sends these e-mail messages on the basis of the so-called legitimate interest. In each e-mail, the User may unsubscribe from these messages. The User may refuse to receive such messages in advance by e-mail sent to the address [email protected] or by adjusting your user account settings.

4.5. If the User agrees, the Administrator may store the User's e-mail for purposes other than those listed above. For example, to notify information about other promotions and products. The User may withdraw consent at any time.

4.6. The User, who is a business partner of the Administrator (typically an e-shop operator), acknowledges the processing of his/her Personal Data to the following extent: name, surname, place of residence and, if applicable, registered office, e-mail address, telephone number, or other Personal Data that the User provides within the Portal. To speed up payment transactions, we may process personal data to the extent of name, e-mail address, telephone number, billing address and delivery address. Personal data is shared with the payment card issuer for easier assessment of transaction risk and speed up the purchasing process. Only the payment card issuer has complete information about the transaction. Personal data is stored for the duration of the transaction assessment. Personal data is shared using a payment gateway operated by Global Payments s.r.o., which is the personal data processor in this case. Processing is based on a legitimate interest in processing payment transactions. This processing is based on the performance of the contract.

4.7. The User who is a business partner of the Administrator (typically an e-shop operator) acknowledges that he is obliged to provide his Personal Data correctly and truthfully, and that he is obliged to inform the Administrator of any change in his Personal Data without undue delay.

5. Personal Data Retention Period

5.1. All Personal Data of the User will be processed for the period necessary to implement the purposes of processing specified in the Terms and Conditions and in generally binding legal regulations. After the expiry of the period, the Administrator anonymizes the data. It stores them for a specified period in order to know what it has committed to and to be able to respond correctly.

5.1.1. The Administrator processes personal data from the account for as long as the account is active. After 2 years of inactivity, the Administrator deletes the account and stores the data for another 5 years.

5.1.2. If the Administrator processes Personal Data based on the User's consent, it stores it until the User withdraws consent, but no longer than 2 years from the date of its granting. If the User withdraws consent, the Administrator will delete the Personal Data or will not use it for the purposes for which the User had the express consent.;

5.1.3. Legal regulations impose an obligation on the Administrator to retain certain personal data for a longer period of time.

6. Recipients of Personal Data

6.1. Personal data processed by the Administrator will be made available to the Administrator's employees, auditors and advisors.

6.2. Personal data processed by the Administrator may be transferred to a third party and abroad, in particular to the Administrator's subsidiaries, under the conditions set out in the Personal Data Protection Act. These include the following processors: Google, Meta, Microsoft (Bing), Seznam, etc.

7. User Rights

7.1. If the User discovers or believes that the Administrator is processing his/her Personal Data in a manner that is contrary to the protection of his/her private and personal life or in violation of the Personal Data Protection Act, the User is entitled to:

7.1.1. request the Administrator to correct it – if the Personal Data is incorrect or out of date;

7.1.2. raise an objection - if the User believes that the Administrator is processing personal data beyond our legitimate interest, he or she may raise an objection to such processing, which we must deal with;

7.1.3. ask the Administrator for deletion (right to be forgotten) - at the User's request, the Administrator will delete all personal data that we record about him. However, it may happen that there will be another reason that authorizes or obliges the Administrator to store the data (e.g. an obligation arising from the Accounting Act, etc.) and in such a case, the Administrator cannot perform the deletion

7.1.4. request the Administrator to restrict processing - in some cases, the Administrator may store Personal Data, but may not handle it in any way; these are the following situations:

  • if the User disputes the accuracy of the data and the Administrator needs to verify the User's notification;
  • if Personal Data is processed unlawfully, but the User does not wish the Administrator to delete it and instead requests restriction of processing;
  • if the Administrator no longer needs the personal data, but the User requests their retention for the exercise of their legal claims;
  • if the User objects to the processing, until the Administrator verifies whether the Personal Data will continue to be processed in the Administrator's important interests or will not be processed;

7.1.5. request the Administrator to transfer data – If the User requests it, the Administrator will provide him with Personal Data that he processes on the basis of a contract or consent and at the same time processes it automatically. He will provide such data in a commonly used, machine-readable format. Alternatively, he may sell this data to the Administrator, whom the User determines, provided that he agrees to the transfer

7.1.6. If the User believes that the Administrator is violating the rules for processing personal data, he or she may contact the Office for Personal Data Protection and file a complaint.

8. Cookies

8.1. Cookies are used to operate the Portal. Cookies are small data files that are stored on the User's computer, smartphone or other end device through which the User accesses the Internet when visiting websites. Cookies are used by the Administrator to make the use of websites more pleasant and easier for Users. Learn more about cookie processing HERE

9. Final provisions

9.1. These Terms and Conditions shall enter into force on 17.10.2024.