top of page
This site was designed with the
.com
website builder. Create your website today.Start Now

PRIVACY POLICY

Basic Information

Personal Data Administrator

Cafetta.sk a.s. is registered at the office at Severna 38, Chorvatsky Grob, as a data administrator shall process your personal data.


Type of Data Processed

Personal Data Provided By You

We process personal data provided by you.


More Information

If you order goods or services from us, we need the information which is referred to as mandatory in the ordering process (in particular your first name and surname, and delivery address). If we did not have this information we would not be able to deliver the goods. For the purposes of sale of goods or services, we also need your e-mail address, to which we shall send the order confirmation which serves as a confirmation of entering into the purchase agreement, as well as a copy of Terms and Conditions and Complaints Policy.

You can also fill in optional information when ordering goods or services. Such information helps us fulfill the concluded purchase agreement more efficiently. For instance, if you fill in your telephone number, we can send you a notice of the goods delivery, etc. Providing optional information is voluntary.

After the goods are delivered, you may get an e-mail message with the request to evaluate the goods purchased.

If you contact us via the customer line or you send us a message, we shall also process your personal data stated in such communication.

For some services, you may be required to provide additional personal information (e.g. a copy of your national ID card), which is used to verify your identity remotely as well as your ability to pay for the order.

In case you purchase an electronic book (or other electronic content such as journals) from our online shop, your first name and surname are displayed in the electronic book or journal. This is for the protection against illegal distribution and disclosure of the book you purchased.

By filling in the optional information in your user profile, you may also provide us with other personal data, such as frequently used delivery addresses.


Personal Data Obtained Other Than Directly from You

As part of joint marketing campaigns organised together with our business partners, we are entitled to process your personal data and we may combine them for the purposes of campaigns or of due performance of the agreement, as the case may be.

In the event that your personal data is disclosed to a third party, we shall inform you in advance including informing you of the identity of such third party. If anyone discloses your personal data to us, you will have to be informed as well.


Personal Data of Third Persons Provided by You

In the event you provide us personal data of third persons, you are obliged to inform the person concerned and procure his/her consent to this Personal Data Protection Policy.

It may happen that you purchase goods from us, but you do not wish to collect them or make a complaint regarding such goods. You can define authorised persons in your user profile, who shall be entitled to collect or claim your goods. Thereby, you provide us their personal data.


Personal Data Processed Automatically

When you visit our website, we may collect certain information such the IP address, date and time of the visit to our website, information about your Internet browser, operation system or language settings. We may also process information about your conduct on our website, such as links opened or goods displayed. The details of your conduct on the web are anonymised for the maximum protection of your privacy and therefore we cannot match them with a particular person.

If you access our website from your mobile phone or a similar device or through one of our mobile applications, we can process information about your mobile device as well (mobile phone details, records of any application crash etc.).


Cookies

We process cookies automatically.

What is a cookie file?

A cookie is a small text file created upon a visit to a website. It serves as a standard tool for the storage of information about visits to our website and how our website is used.

Thus we can distinguish (but not identify) individual users and customise the content to individual preferences. Cookies are important and web browsing would be far more difficult without them.

What are cookies used for?

Cookies serve several purposes. We use the following cookies on our e-shop website and in our mobile applications:

Technical cookies: We use technical cookies to ensure our e-shop works properly (e.g. for you to create a user profile, log in, and buy goods and services). The e-shop would not work without these cookies.

Functional cookies: These help so that you do not have to log in and set your preferences repeatedly (e.g. setting the language in which our e-shop will be displayed). In these cases, your password is always encrypted. The use of these cookies is not absolutely necessary, but they make your visit to our online store more comfortable and user-friendly.

Analytical cookies: Analytical cookies help us improve our online store, which ultimately benefits you. Analytical cookies on our website are collected by the Google Inc. script, which subsequently anonymises the data. The data ceases to be personal data after anonymisation: anonymised cookies cannot be matched with a particular user or person. We only work with anonymised cookies. Even if we wanted to, we would be unable to find out the way in which any particular user behaved on our website (sites visited, goods displayed etc.).

We also use the findings obtained from these cookies for advertising purposes; we may also display an ad that we consider relevant to you on other websites. If you want to have control over what analytical cookies we process, you can use this add-on program from Google (can only be run on a computer).

How You Can Control Which Cookies We Will Process

You can use one of the common browsers (e.g. Internet Explorer, Safari, Firefox, Chrome) with anonymous browsing switched on. This shall prevent storage of data concerning the sites visited. You can also block the storage of cookies in the browser. However, if you block the processing of technical and functional cookies, you will disable certain useful website functions.

You can easily control the processing of analytical cookies by us if you use this add-on program from Google (can only be run on a computer). However, switching off analytical cookies makes it difficult for us to improve our online store experience.


Camera Systems In Our Stores

We automatically process camera recordings at our premises.

Our stores are monitored by camera systems with online transmission and recording. The stores are equipped with cameras for the sake of prevention and also investigation of potential illegal activities. The camera systems are operated by us, Cafetta.sk a.s., company identification No. 27082440.


Mobile Version

If you access our website from a phone, tablet or similar device, you access the version optimised for such devices. Your personal data is processed similarly to the computer access.

You can also download the Cafetta application (e.g. Cafetta.sk, Cafetta.sk etc.), which will make your shopping easier, or Cafetta Media, which is designed for your electronic content purchased in our online store.

If you grant the app location permission, we can use the location of your device to provide you better user comfort and relevant offers of goods and services (e.g. we can show you the closest Cafetta store). We may also use the data collected to send you customised newsletters. If you are not comfortable with this, you can easily unsubscribe. The personalised content may be similarly displayed on our website. In this case as well, you have the option to deny this personalisation for more information.


Why We Collect and Process Your Personal Data

Your personal data is processed for the following reasons:

  • Purchase of goods and services: the primary purpose of processing your data is due dispatch and delivery of your order. If a problem occurs, we know who to contact from the data you provided.

  • Customer care: if you address us with a question/issue, we have to process your personal data in order to answer/resolve it. The data may be transferred to third parties in certain cases (e.g. delivery company).

  • User account: thanks to the personal data entered in your user profile, you will be able to use a number of functions (e.g. if you enter your telephone number, we can easily inform you about the time of the order delivery). You can change the entered details at any time, except for the e-mail address that serves for signing into your user account.

  • Marketing:

    • Electronic marketing: e-mail commercial communication is sent to you upon your consent. You can easily unsubscribe from our newsletters by adjusting your user profile settings, using our contact form. In case you create more user profiles in which you enter the same contact details, (e.g. you have several accounts for different e-mail addresses, but the telephone number is the same in all the accounts), an automatic sign-off from commercial communication cannot be effected for all the user accounts due to technical reasons. You have to contact us by phone or through the contact form so that all your user accounts may be unsubscribed.

    • Telemarketing: marketing calls are made in order to offer you goods and services and related marketing communication. The legal grounds for the processing of your telephone number is either with your consent or at least our legitimate interest in the conventional direct marketing. You are entitled to raise an objection to such processing on our website.

    • Marketing competitions: in some cases, the winner may be photographed or recorded mainly for the reason of transparency of our marketing competitions. Such processing of personal data is made on the grounds of our legitimate interest, which consists in the enhancement of credibility of the competitions for other competitors and increasing attractiveness of the competitions. You are entitled to raise an objection to such processing (see Contact us > Other > Personal data > Raising objection) on our website.

    • Retargeting: In some cases we use retargeting techniques, and you have the right to refuse retargeting by clicking this link and selecting the appropriate option.

  • Improvement of services: we are able to offer relevant goods thanks to the history of your orders and conduct on the website (e.g. accessories to the product purchased). Therefore we display such products that are intended just for you and correspond to your needs and interests. In order to optimise web features, we can also use tools testing different variants (A/B testing), such as Google Analytics, Facebook Analytics etc.

  • Customer reviews of goods and services: after you purchase products or services from us, your may be asked to evaluate them. You may also post a review on your own initiative.

  • Call center: if you contact us via our call center (hotline), your call shall be recorded upon prior notice. Such records serve for the inspection of quality of services provided by our staff.

  • Assertion of rights and legal claims and inspection by public authorities: we can also process your personal data in order to assert our rights and legal claims (e.g. in the event that we have an overdue invoice in your name). We may also process your data for inspections by public authorities and other serious reasons.


Legal Grounds for Processing of Personal Data


Conclusion and Performance of Agreement

A large part of your personal data are needed by us in order to conclude the purchase agreement or another contract for goods and services you intend to purchase. After the agreement is concluded, we process your personal data in order to duly deliver the purchased goods, or to render the purchased services. We have to process billing and delivery details in particular due to the above-mentioned legal grounds.


Legitimate Interest

We also use your personal data to provide you the relevant content, which may be of interest to you. On the grounds of legitimate interest, we process particular personal data, which is processed automatically, and cookies.

We may also send you e-mails and text messages on the same legal grounds. Processing of personal data related to monitoring via camera systems in our stores is based on the above legal grounds as well.

Due to the protection against illegal distribution and disclosure of the electronic book you purchased (or other electronic content), your first name, surname and address are displayed in the electronic book.

In order to prove who was the receiver of the goods purchased we may take a photo of the person in question when handing them over.

If you are listed as a so-called authorised person of our entrepreneur customer, your orders and other actions will be attributed to this entrepreneur customer. If you do not consent, please fill in an e-mail address other than the one listed with the authorised person of this company customer when making your order. Alternatively, you can request to be deleted as an authorised person of this entrepreneur customer.

In case we process your personal data on these legal grounds, you are entitled to raise an objection to such processing (see Contact us > Other > Personal data > Raising objection) on our website.


Consent

For the purposes of e-mail marketing and telemarketing, we process your personal data upon your consent. If you do not grant your consent and you are our customer, we can send you commercial newsletter (or give you telemarketing calls) even without your consent. In any case, you are entitled to reject such marketing communication simply by (a) adjusting you user profile settings, (b) using our contact form.

We also ask for your consent if we need to verify your ability to pay for the goods delivered to you without your paying the full purchase price in advance.

If you grant your consent to the personal data processing, you are entitled to withdraw it at any time through our contact form.


Transfer of Personal Data to Third Parties

Your personal data is transferred to third parties in the following cases:

  • Delivery of goods: the carrier chosen by you would not be able to deliver the goods ordered unless we transfer the information on where and to whom the goods should be delivered. This data is transferred to the carrier as entered in the order. Such data includes in particular your first name and surname, delivery address, telephone number where the carrier may contact you, and the amount to be paid on delivery, as the case may be. The carrier is only entitled to process the personal data we transfer for the purposes of delivery; the carrier must delete the personal data promptly afterwards.

  • Electronic content subscription: if you purchase a subscription to electronic content (magazines and other), we transfer your personal information to the relevant publisher, which is listed in the product description. Your personal data is subsequently processed by the publisher in accordance with the publisher's legal and privacy policy.

  • Delivery of goods stored for us by a contractual partner: if you order goods which are stored by our contractual partner, we have to transfer your personal data to this contractual partner who shall complete the order. Such data include sin particular your first name and surname, delivery address, telephone number where the carrier may contact you, and the amount to be paid on delivery, as the case may be. The contractual partner has to transfer the data to the carrier that shall deliver the goods; otherwise the carrier would not be able to make the delivery. The contractual partner that stores the goods for us and the carrier are only entitled to process the personal data we transfer to them for the purposes of the goods storage/delivery; they must delete the personal data promptly afterwards.

  • Payment Cards: Our company does not possess the details of payment cards used by you. The details of your payment cards are only available to the secure payment gateway and the relevant bank.

  • If you have your payment card stored to speed up further purchases in our online shop, we only have basic information such as the first and last digits of the card. If you wish to delete this data, go to the user profile settings and delete the payment card information (Account Settings > Payment Cards > Remove).

When you pay by payment card from a mobile phone, you will be redirected to the secure payment gateway server. When you pay by payment card from a computer, iframe is used for interaction with the payment gateway server (the payment gateway site is displayed on our website and redirecting is not necessary). Thus, your card details are not sent to our company but directly to the payment gateway provider via secure transmission. The payment gateway transfers the data to the relevant bank for the payment to be effected, again via secure transmission.

Our gateway provider is CSOB, a. s., company identification No.

If you have your payment card stored to speed up and simplify further purchases in our on-line store, the payment card information is stored in the payment gateway, and the data is transmitted between you and the payment gateway. We only have basic information on the payment cards available, which serves us for potential communication with the bank (e.g. the first and last digits of the card). In case you wish to delete such data, you can easily do so from your user profile.

  • Commercial Communication: in case we send you commercial communication (e.g. via e-mail or text message) or if we use telemarketing, we may use a third party to distribute the messages or make phone calls. Such third party is bound by the obligation of confidentiality and is not allowed to use your personal data for any other purpose.

  • Public Authorities: in the event that we enforce our rights, your personal data may be transferred to a third party (e.g. an Attorney-at-Law). If we are obliged to transfer your personal data by virtue of law or upon a request by a public authority (e.g. Slovak Police), we have to comply.

  • whereas you are entitled to raise an objection thereto through our contact form.


What Is the Period for Processing Your Personal Data?

We shall process your personal data for the entire duration of the contractual relationship between you and us.

In case your personal data processing is based on consent, your personal data shall be, in general, processed for 7 years or until such consent is withdrawn.

In case you subscribe to commercial communication, your personal data shall be processed for 7 years or until you express your disapproval of such communication. You can easily express your disapproval by adjusting your user profile settings, using our contact form.

Please note that the personal data necessary for the due rendering of services or for the fulfillment of all our duties, ensuing either from the contract between us or from generally binding legal regulations have to be processed regardless of whether you granted your consent for the period set out in the relevant legal regulations and in compliance therewith (e.g. tax documents must be processed for at least 10 years).

The data obtained through the user account or in a similar way are processed for the period of using our services and then usually for 5 years after cancellation. Basic identification data and the information why the user account was cancelled or information which is a part of operational advance deposits are usually stored for the relevant period.

The recordings of phone calls from and to the call center are archived for a short period, not exceeding 1 year, unless it is necessary for us to store them for a longer period due to a legitimate interest (e.g. suspicion of data misuse, fraud etc.).

The camera records are usually stored for 90 days. If illegal conduct occurs in the monitored area, we can call the police and give the records to the relevant authority (police, court etc.). In such case, the records are not deleted after 90 days; we keep them for the sake of evidence until the issue is finally decided.


Personal Data Security

Your personal data is safe with us. We have adopted adequate technical and organisational measures in order to prevent unauthorised access and misuse of your personal data.

At Cafetta we are concerned about the protection of your personal data. Therefore, we regularly check and improve our security. All communication between your device and our web servers is encrypted. Logins are hashed and your data is only stored on servers in secure data centers with limited, carefully controlled and audited access.

We try to use such safety measures that provide sufficient security based on state-of-the-art technology. The safety measures adopted are regularly updated.

This is why we use 2-step verification when you sign in to your user account.


Password Security

We do not have your passwords saved to our system or any database. We work with special calculated hash keys generated by the BCRYPT hash function with work factor/cost 12. This hash function is currently the most powerful and safest to use.


Personal Data of Children Younger Than 16 Years of Age

Our on-line store is not intended for children under 16. A person under 16 is allowed to use our on-line store only upon consent of his or her parent or guardian.


What Are Your Rights Related to Personal Data Protection?

In relation to your personal data, you have in particular the right to withdraw your consent to the processing of your personal data at any time, the right to correct or supplement your personal data, the right to request restriction of processing, the right to raise an objection to or a complaint of the processing of your personal data, the right to access your personal data, the right to request the transfer of your personal data, the right to be informed of a breach of security of your personal data and, under certain conditions, the right to the deletion of certain personal data we process about you ("the right to be forgotten").


Changes and Amendments

You control your personal data mainly through your user account. Here you can delete or change the basic information about yourself and change the settings concerning commercial communication (or unsubscribe), etc.

You can also contact us through our contact form (section Personal Data, subsection Other).


Correction

In case you believe that your personal data has been processed incorrectly, you can contact us through the contact form. However, it will be faster and more efficient for you to correct the personal data by yourself in your user profile.

Pursuant to the amendment to Act No. 235/2004 Coll., On Value Added Tax, it is not possible to change data in an already issued invoice as of 1 January 2013. The invoice details can only be changed if you have not yet received and paid for the goods.


Access (Portability)

You can ask us to send you an overview of your personal data via your account upon login, or contact form.

You also have the right to access the following information concerning your personal data:

  • What are the purposes of processing your personal information

  • What are the categories of the affected personal data

  • Who is the recipient of your personal data, besides you

  • What is the planned period of storage of your personal data

  • Whether you have the right to claim the correction or deletion, restriction of personal data processing or to raise an objection to such processing

  • Information on the source of the personal data in case we did not obtain them from you.


Deletion

You may also claim the deletion of your personal data (this shall not apply to data in documents that are subject to the obligation of archiving under the law (e.g. invoices or credit notes). In case we need your personal data to determine, execute or defend our legal claims, your request may be rejected (e.g. if we have an overdue invoice in your name or if the complaint procedure is in progress).

Please note that the essential details of your payment card are not stored by our company; they are stored at the payment gateway. Therefore, we are not able to delete such data; you have to address the payment gateway which mediated the payment.

You are entitled to the deletion of data in the following cases:

  1. The personal data is not needed for the purposes for which it was being processed

  2. You have withdrawn your consent under which the data was processed and there is no further legal grounds for being processed

  3. You have objected to the processing of personal data and you believe that after assessing your objection, it will become clear that your interest in the particular situation prevails over ours

  4. The personal data has been processed unlawfully

  5. The deletion obligation is stipulated by a special legal regulation

  6. The personal data concerns a person under 16


Raising an Objection

Certain personal data is processed on the grounds of our legitimate interest (see section “Legal grounds for processing of personal data”). In case you have concrete reasons, you are entitled to raise an objection to the processing of this personal data. The objection can be raised through the contact form.


Restriction of Processing

In case (a) you deny the accuracy of your personal data, (b) your personal data is processed unlawfully, (c) we do not need your personal data for processing purposes, but it is needed to determine, execute or defend your legal claims, or (d) you raised an objection under the preceding paragraph, you shall be entitled to us restricting the processing of your personal data.

In such cases, we may process your personal data only upon your consent (except for the storage or backup of the personal data concerned).


Lodging a Complaint

If you believe that your personal data has been processed unlawfully, you are entitled to lodge a complaint at the Office for Personal Data Protection. However, we will appreciate if you address us first and we can try to resolve your concerns. You can always easily contact us through our contact form.

This Privacy Policy including its parts is valid and effective from March 1, 2020 and it is available in electronic form at www.cafetta.sk. If you use the mobile application, you can find it in the "Contact Us" section.

bottom of page