Privacy Policy

Terms of Personal Data Protection

I. Basic Provisions
The controller of personal data under Article 4(7) of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as “GDPR”) is Good Hope Wines s.r.o., ID No. 08316473, with its registered office at Petrovice 163, 403 37 Petrovice (hereinafter referred to as the “Controller”).

Contact details:
Good Hope Wines s.r.o., ID No. 08316473
Registered office: Petrovice 163, 403 37 Petrovice
Phone: +420 725 516 759
Email: matous@goodhopewines.eu

Personal data means any information about an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

The Controller has not appointed a Data Protection Officer.

II. Sources and Categories of Processed Personal Data

  1. The Controller processes personal data that you have provided or personal data that the Controller has obtained based on your browsing and activities on the website goodhopewines.eu.
  2. The Controller processes your identification and contact details and the data necessary for communication.

III. Legal Reason and Purpose of Processing Personal Data

  1. The legal basis for processing personal data includes:
  • Performance of a contract between you and the Controller pursuant to Article 6(1)(b) of the GDPR,
  • The legitimate interest of the Controller in providing direct marketing (particularly for sending commercial communications and newsletters) pursuant to Article 6(1)(f) of the GDPR,
  • Your consent to processing for the purpose of providing direct marketing (particularly for sending commercial communications and newsletters) pursuant to Article 6(1)(a) of the GDPR in conjunction with Section 7(2) of Act No. 480/2004 Coll., on Certain Information Society Services, if no goods or services were ordered.
  1. The purposes of processing personal data include:
  • Processing your order and fulfilling the rights and obligations arising from the contractual relationship between you and the Controller. Personal data necessary for successful order processing (e.g., name, address, and contact details) are required to conclude and perform the contract; without providing personal data, it is not possible to conclude or perform the contract.
  • Sending commercial communications and conducting other marketing activities.

The Controller does not engage in automated individual decision-making as defined in Article 22 of the GDPR.

IV. Retention Period for Personal Data

  1. The Controller retains personal data:
  • For the period necessary to fulfill the rights and obligations arising from the contractual relationship between you and the Controller and to assert claims from such contractual relationships (15 years from the termination of the contractual relationship).
  • Until consent to process personal data for marketing purposes is withdrawn, but no longer than 10 years if the personal data is processed based on consent.
  1. After the retention period expires, the Controller deletes personal data.

V. Recipients of Personal Data

Recipients of personal data include:

  • Entities providing website operation and related services,
  • Entities providing marketing services,
  • Google Analytics – the website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics uses cookies to analyze the use of our website. The information generated by cookies about your use of our website is typically transferred to and stored on a Google server in the United States. Google uses this information on our behalf to evaluate your use of the website, compile reports on website activity, and provide other services related to website and internet usage. Your IP address transmitted by your browser within Google Analytics will not be associated with other data held by Google. You can prevent the storage of cookies by adjusting your browser settings. You can also prevent Google from collecting and processing data generated by cookies about your use of our website (including your IP address) by downloading and installing an appropriate browser plugin. For more information about Google Analytics, visit their website.
  1. The Controller intends to transfer personal data to a third country (outside the EU) or an international organization.

VI. Your Rights

Under the GDPR, you have the following rights:

  • The right to access your personal data under Article 15 of the GDPR,
  • The right to correct personal data under Article 16 of the GDPR or to restrict processing under Article 18 of the GDPR,
  • The right to delete personal data under Article 17 of the GDPR,
  • The right to object to processing under Article 21 of the GDPR,
  • The right to data portability under Article 20 of the GDPR, and
  • The right to withdraw consent to processing in writing or electronically to the address or email of the Controller specified in Article III of these terms.

You also have the right to lodge a complaint with the Office for Personal Data Protection if you believe your right to data protection has been violated.

VII. Data Security Measures

The Controller declares that they have implemented appropriate technical and organizational measures to secure personal data.

The Controller has adopted technical measures to secure data storage and personal data records in both digital and paper formats.

The Controller declares that only authorized persons have access to personal data.

VIII. Final Provisions

  1. By submitting a request via the website form (if available), you confirm that you have read the terms of personal data protection and fully accept them.
  2. By agreeing to these terms through the submission of a message via the website form (if available), you confirm that you have read the terms of personal data protection and fully accept them.
  3. The Controller is entitled to amend these terms. The new version of the terms will be published on their website and sent to your email address provided to the Controller.

This Privacy Policy is valid as of September 1, 2024.