WomenMenKids
logo-deichmann-px
gb
uk
Free Delivery over £39.99
Free Returns up to 366 Days
Pay Later with Klarna
Free Click & Collect

Data Priavcy Policy

1. General information

Within the framework of this Personal Data Protection Policy, we (DEICHMANN-SHOES UK Ltd, 16 Compass Point, Market Harborough, LE16 9HW) would like to inform you about the manner, scope and purpose of processing your personal data (further just "personal data") in connection with the use of our website and related functions, as well as our presence on social networks.

Deichmann processes your personal data only to the extent that it is permitted under the legal regulations on the protection of personal data, e.g. if you have given your consent to a specific use when registering for a newsletter subscription, to participate in surveys or prize competitions, or if we the use of data is enabled by a different legal basis (e.g. when processing your orders or when you contact us otherwise). As part of this personal data protection policy, we have written for you more detailed information on the relevant data processing.

2. Joint Administrators

Given that DEICHMANN-SHOES UK Ltd is a member of the international Deichmann group, in the course of processing personal data, especially (but not only) in the area of the E-shop, DEICHMANN-SHOES UK Ltd. determines the purposes and means of processing together with the joint controller Deichmann SE;

Deichmann SE

Deichmannweg 9

45359 Essen

Federal Republic of Germany

Email: [email protected]

For this reason, the content and form of the text of this personal data protection policy is also based on the Deichmann SE template.

Through a transparent agreement, the joint administrators have defined their shares of responsibility for the fulfillment of obligations according to the relevant legal regulations (General Regulation on the Protection of Personal Data, GDPR).

3. Contacts

Deichmann SE has a designated personal data protection officer, who can be contacted at the email address: [email protected]

Contact email of the joint administrator DEICHMANN-SHOES UK Ltd: [email protected]

4. Subject of data protection

The subject of data protection is personal data. Pursuant to Article 4(1) of the General Data Protection Regulation ("GDPR"), this is all information relating to an identified or identifiable natural person; an identifiable natural person is a natural person who can be directly or indirectly identified, in particular by reference to a certain identifier, for example a name, identification number, location data, network identifier or to one or more special elements of physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person (Article 4 paragraph 1 GDPR). Personal data includes, for example, your name, your telephone number, your address, as well as some other data that you give us during registration and when creating your customer account. Statistical data or anonymized data.

5. Automated data collection

When visiting this website, the connecting end device of the user automatically transmits the following data for technical reasons:

  • browser type and version,

  • the operating system used,

  • the URL of the referring entity,

  • the host name of the connecting computer,

  • server query time,

  • IP address,

  • if JavaScript is enabled, the browser also transmits the resolution and color depth of the browser window.

Data is stored for the following purposes:

  • ensuring the security of IT systems,

  • defense against attacks on our online offer and IT systems,

  • ensuring the proper functioning of this online offer.

The IP address is only stored for 7 days.

The processing of personal data in accordance with this article takes place mainly on the basis of our overriding legitimate interests according to Article 6 paragraph 1 letter f) GDPR.

6. Contacting

If you send/communicate a question to us via our contact form or in another way (by phone, e-mail), we will process your personal data related to the question, including your contact data (in particular your name, e-mail address and, if applicable, telephone number) , for the purpose of processing the inquiry and any follow-up questions.

The processing takes place on the basis of Article 6 paragraph 1 letter f) GDPR. We have a legitimate interest in the efficient processing of your request/your inquiry, and also in the case of a request in connection with a contract, to enable the establishment and implementation of the relevant contractual relationship. If you yourself are a (potential) contractual partner, in the case of requests relating to contracts, processing takes place for the purpose of establishing and fulfilling the relevant contractual relationship (Article 6, paragraph 1, letter b) GDPR).

We will keep the personal data you provide when contacting us until the purpose of their storage/processing no longer exists (e.g. after the processing of your request has been completed). Binding legal provisions, and above all retention periods, remain unaffected by this. Requests relating to contracts or requests with potential legal relevance are thus kept for the entire duration of the general (subjective) statute of limitations, i.e. for a period of three years (from the end of the year in which we received your request).

Personal data is stored on the basis of our legitimate interest in proper documentation of our business activities and ensuring our legal status (Article 6(1)(f) GDPR). In the case of requests relating to contracts, they are stored for the purpose of establishing and fulfilling the relevant contractual relationship (Article 6, paragraph 1, letter b) GDPR) or on the basis of our corresponding legitimate interest (Article 6, paragraph 1, letter f) GDPR) .

7. Advertising purposes and market research

Among other things, we offer you the following services:

  • sending a newsletter with current product offers/advertisements,

  • White mail (mail),

  • participation in winning competitions.

We will use your data, possibly in connection with our services, to create and manage a user profile so that we can send you individualized advertising that we assume will be of particular interest to you if the following conditions are met (see 7.1, 7.2).

We also use service providers/processors to implement the named services (see point 25.3).

  1. Newsletter

Before subscribing to our newsletter, you agree that we may use the information you provide in order to send you information about the content and products of our range by e-mail.

For sending the newsletter, we use the so-called double opt-in method, which means that we will send you the newsletter only after you have explicitly confirmed by clicking in the information e-mail to activate the newsletter sending service. For statistical purposes, we anonymously evaluate which links the newsletter readers clicked on. At the same time, it is not possible to determine which specific person clicked on the given link. In order to optimize our offer, based on your consent, we also evaluate in a personalized way which links you click on in the newsletter.

We will then send you a confirmation e-mail and ask you to confirm that you want to subscribe to our newsletter by clicking on the link contained in this e-mail.

If other companies are entrusted with the processing and sending of the newsletter, they will also be obliged to protect your data in accordance with the regulations on the protection of personal data and use them exclusively for this precisely defined purpose.

Your data is processed on the basis of your consent (Article 6, paragraph 1, letter a) GDPR).

If you no longer wish to receive newsletters from us, you can withdraw your consent at any time, via our customer line at telephone number 01858 468546, electronically at the e-mail address [email protected], or by regular mail at the address : DEICHMANN-SHOES UK Ltd, 16 Compass Point, Market Harborough, LE16 9HW. You can also unsubscribe from the newsletter (ie withdraw your consent) at the same place on our website www.deichmann.com where you registered for the newsletter under the heading Unsubscribe from the newsletter. You can of course also find the unsubscribe link in every newsletter.

We also store information in order to prove your consent. This information includes the time of consent. This processing takes place on the basis of Article 6 paragraph 1 letter c) in connection with Article 7 paragraph 1 of the GDPR.

If you withdraw your consent, we will delete your personal data immediately. We will delete the information we saved as proof of your consent after one month.

Further storage for the purpose of proving consent is based on our legitimate interest in the need for proper documentation of our business activities and for the determination, securing or defense of claims (Article 6(1)(f) GDPR).

2. Prize competitions

If you want to participate in one of our competitions, we will provide you with relevant information in advance in separate policies/notices on the protection of personal data.

8. Cookies

To increase the attractiveness of visiting our website and to make certain functions available, we use so-called cookies on various pages. These serve to make our presentation on the Internet more user-friendly, efficient and secure in general, and to speed up navigation on our platform. Cookies are small text files that are stored on your end device. Some of the cookies we use will be deleted when the browser session ends, i.e. when the browser is closed (so-called session cookies). Other cookies remain on your end device and enable us or our partner companies to recognize your browser again on your next visit (persistent cookies).

Here is a specific example: if you want to use our shopping cart, the use of session and persistent cookies must be enabled. You can set your browser so that you are informed about the use of cookies and can individually decide to accept them, or to accept cookies for certain cases or to exclude them in general. If you do not accept cookies, the functionality of our website will be limited.

We use the following categories of cookies on our website:

  • Cookies necessary for the operation of our website

These cookies are necessary for the operation and functionality of the website. They help make the website technically accessible and usable and provide basic and necessary functions such as website navigation, the correct display of the website in the internet browser or the management of consents. Without these cookies, the website cannot function properly.

  • Functional/analytical cookies

These cookies are used to measure online traffic and analyze behavior. This allows us to better understand how our website is used and to improve our services.

  • Marketing cookies

These cookies are used to optimize the advertising message. This allows us to better display relevant content/advertising to customers on our website and on third party websites.

The legal basis for the use of technically necessary cookies is any applicable legal regulation, or the provisions of Article 6 paragraph 1 letter f) GDPR, for the purposes of our legitimate interests. Our legitimate interest lies in particular in providing you with technically optimized websites that are user-friendly and tailored to your needs, and to ensure the security of our systems. In other cases, we use cookies based on your consent in accordance with Article 6 paragraph 1 letter a) GDPR.

If we use cookies based on your consent, you can revoke your consent with future validity at any time by adjusting the cookie settings in the COOKIE MANAGEMENT section here at www.deichmann.com . Your withdrawal of consent will not affect the legality of processing based on consent before its withdrawal.

We partner with Microsoft Clarity and Microsoft Advertising to capture how you use and interact with our website through behavioral metrics, heatmaps, and session replay to improve and market our products/services. Website usage data is captured using first and third-party cookies and other tracking technologies to determine the popularity of products/services and online activity. Additionally, we use this information for site optimization, fraud/security purposes, and advertising. For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement.

9. Google Analytics

We use Google Analytics provided by Google Ireland Limited ("Google"). We comply with the currently valid terms of use of the Google Analytics service ( https://www.google.com/analytics/terms/ ) as well as the terms of the Google processing agreement ( https://privacy.google.com/businesses/processorterms/ ) and if they are Your personal data is processed in a third country, we have entered into a standard contractual clause with Google LLC approved by the European Commission in accordance with Article 46 paragraph 2 letter c) GDPR ( https://privacy.google.com/businesses/processorterms/mccs/ ). According to clause 10.3 of the Google processing agreement ( https://privacy.google.com/businesses/processorterms/) the transferred data is stored in the following locations (so-called "data center locations"): https://www.google.com/about/datacenters/locations/ . For this reason, we will only use Google Analytics if you also agree to the transfer of data to the aforementioned data centers. In the case of some third countries in which the data centers are located or from which the processing is carried out, based on the decision of the European Commission, an adequate level of data protection is not ensured (a list of so-called safe third countries can be found at: https://ec.europa.eu /info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_de). In this context, for example, the USA is not currently considered a safe third country. Transfer to - in this context - uncertain third countries is associated with risks for your personal data, especially because in the case of transfer to the USA access by American authorities cannot be ruled out. Although these risks cannot be excluded simply by concluding standard contractual clauses between Deichmann and a processor or controller in a third country, the provisions of the Google processor agreement (see https://privacy.google.com/businesses/processorterms/ in the section "Appendix 2") contain large a number of technical and organizational measures to ensure the security of your personal data. When giving your consent, please consider the above facts.

Basic information about the processing of your personal data by Google can be found here: https://policies.google.com/privacy?hl=fr

If you have consented to its use, we use the web analytics service Google Analytics. Google Analytics collects pseudonymized data from you about your use of our website, including your abbreviated IP address, and uses cookies. The information generated by the cookies about your use of the website (including your abbreviated IP address) will be transferred to and stored on a Google server in the aforementioned data centers. Google will use this information to evaluate your use of the website, to compile reports on website activity for us, and to compile further analyzes and evaluations related to the use of our website and the Internet. Google may also link this data with other data about you, such as search history, your personal account, usage data from other devices and other data, which Google has saved for you. Google may transfer this information to third parties if required by law (e.g. state authorities) or if these third parties process the data on Google's behalf.

Data stored by Google Analytics is stored for 14 months. After this period, Google Analytics only keeps aggregated statistics. The use of the Google Analytics service is based on your consent (Article 6, paragraph 1, letter a) GDPR).

In addition, you have the option to withdraw your consent at any time by adjusting your cookie settings here: www.deichmann.com . Your revocation will not affect the lawfulness of the processing prior to the revocation of consent.

You can also prevent the information collected via cookies (including your IP address) from being sent to Google and used by Google with the browser plugin. The following link will take you to the relevant plugin: https://tools.google.com/dlpage/gaoptout?hl=cz .

You can find more information about the use of data by Google here: https://support.google.com/analytics/answer/6004245?hl=ro .

10. Google Tag Manager

This website uses the Google Tag Manager service. Through this service, website tags can be managed through an interface. Google Tool Manager only implements tags. This means that no personal data is collected. The Google Tool Manager triggers other tags that, in turn, may collect data. However, the Google Brand Manager does not have access to this data. If deactivation has been done at the domain or cookie level, it remains in effect for all tracking tags if they are implemented using Google Tag Manager.

11. Facebook Custom Audiences

If you give us your consent, this website uses the "Facebook Custom Audiences" function. By means of the Facebook pixel (or comparable functions for the transmission of event data or contact information via the interface in the applications), Facebook is enabled to designate the visitors of our online offer as a target group for the display of advertisements (so-called "Facebook ads" (Facebook-Ads)). In this way, Facebook ads entered by us should only be displayed to you on Facebook and within the services of partners cooperating with Facebook (the so-called "Audience Network", more information can be found at https://www.facebook.com/audiencenetwork/ ), if at the same time you have shown an interest in our online offer or if you show certain characteristics (e.g. interest in certain topics or goods that are evident from the websites you visit), which we pass on to Facebook (this step leads to the classification of your profile into certain groups, which are referred to as "Custom Audiences". With the Facebook pixel, we also want to ensure that our Facebook ads match your interest in targeted advertising and prevent the annoying effect. Through the Facebook pixel, we can further monitor the effectiveness of Facebook ads for statistical and market research purposes by seeing whether you have been redirected to our website after clicking on a Facebook ad (so-called "conversion measurement").

In this context, Meta Platforms Ireland Limited processes the following types of data:

  • usage data (e.g. websites visited, interest in content, access time);

  • metadata / communication data (eg device information, IP addresses);

  • event data (Facebook) (“Event Data” is data that we can transmit to Facebook, e.g. via Facebook pixels (via applications or other means), and which relate to people or their activities.

This data includes, for example, information about visited websites, interactions with contents, functions, installation of applications, purchases of goods, etc.; event data is processed in order to create target groups for content and advertising information (Custom Audiences - own circle of users); event data contains no proprietary content (such as written comments), no login information, and no contact information (ie, no names, email addresses, and phone numbers). Facebook deletes event data after a maximum of two years, target groups created from them after deleting our Facebook account).

The following purposes are monitored: marketing, profiles with information about users (creation of user profiles), remarketing (targeted targeting of visitors or customers of one's own website on other websites), conversion measurement (measurement of the effectiveness of marketing measures), creation of target groups (determination of target groups relevant for marketing purposes or other content creation).

With Meta Platforms Ireland Limited, we are jointly responsible for the collection or reception in the transmission (but not for further processing) of "Event-data" "event data" that Facebook collects through the Facebook pixel and comparable functions (e.g. interfaces) performed in our online offer or that it receives as part of the transmission for the following purposes:

  • display of content/advertising information that corresponds to the assumed interests of users;

  • delivering business and transactional messages (e.g. contacting users via Facebook Messenger);

  • improving ad delivery and personalizing features and content (e.g. improving the ability to recognize what content or advertising information is likely to be of interest to users).

To this end, we have entered into a joint data processing liability agreement with Meta Platforms Ireland Limited, which can be viewed here: https://www.facebook.com/legal/terms/page_controller_addendum . If Facebook provides us with measured data, analyzes and reports (which are aggregated, i.e. do not contain data about individual users and are anonymous to us), this processing does not take place on the basis of joint responsibility, but on the basis of a processing contract ("Terms of data processing" https ://www.facebook.com/legal/terms/dataprocessing ), "Data Security Term" ( https://www.facebook.com/legal/terms/data_security_terms ) and in the case of processing in the USA on the basis of standard contractual clauses ("Meta Platforms Ireland Limited EU Data Transfer Addendum", https://www.facebook.com/legal/EU_data_transfer_addendum ).

Under the terms of Meta Platforms Ireland Limited's EU Data Transfer Addendum https://www.facebook.com/legal/EU_data_transfer_addendum , your personal data may also be processed in third EU countries, such as the USA. For this reason, we only use Facebook Custom Audiences if you agree to the possible transfer. In the case of some third countries in which the data centers are located or from which the processing is carried out, based on the decision of the European Commission, an adequate level of data protection is not ensured (a list of so-called safe third countries can be found at: https://ec.europa . eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_de). In this context, for example, the USA is not currently considered a safe third country. Transfer to - in this context - uncertain third countries is associated with risks for your personal data, especially because in the case of transfer to the USA access by American authorities cannot be ruled out. These risks cannot be excluded only by concluding standard contractual clauses between Deichmann and the processor or controller in a third country, however, Meta Platforms Ireland Limited adopts IP masking (pseudonymization of the IP address) and other measures listed here: https://www . facebook.com/legal/terms/data_security_terms . When giving your consent, please consider the above facts.

The use of Facebook Custom Audiences (your own circle of users) follows on the basis of your consent (Article 6 paragraph 1 letter a) GDPR).

In addition, you have the option to withdraw your consent at any time by adjusting the cookie settings here at www.deichmann.com . Your revocation will not affect the lawfulness of the processing prior to the revocation of consent.

Here you can find more information about the terms of data processing in connection with the Facebook Custom Audiences service: https://www.facebook.com/legal/terms/customaudience .

12. Emarsys

Provided you give us your consent, we use the technology of Emarsys eMarketing Systems AG, Märzstraße 1, 1150 Vienna, Austria to personalize the content of our website and newsletters by creating user profiles using the Emarsys Marketing Cloud service. For this purpose, all data collected using the Emarsys Web Extend database is stored, both through JavaScript commands and cookies.

For visitors who have signed up for the newsletter, our website uses JavaScript commands to collect browsing and purchase data. These data are used to expand your customer profile so that we can provide you with a personalized offer at all our contact points. In addition, we store your personal data and use it to send you advertisements that are tailored to your personal preferences:

  • Email address

  • Addressing

  • Name and surname

  • Birthdate

  • IP address

  • Order details

When using the Emarsys Marketing Cloud service, Google and Facebook can compare your data. As a result, your data may also be processed outside of Europe. With regard to the already mentioned risks (see the paragraphs about Google and Facebook in this privacy policy), we only use Emarsys if you agree to the possible transfer of your data to dangerous third countries. In the case of some third countries in which the data centers are located or in which the processing is carried out, based on the decision of the European Commission, an adequate level of data protection is not ensured (the list of so-called safe third countries can be found at: https://ec.europa.eu/ info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_de). The USA, for example, is currently not considered a safe third country. Transfer to dangerous third countries is associated with risks for your personal data, especially because in the case of transfer to the USA access by American authorities cannot be ruled out. Although these risks cannot be eliminated simply by concluding standard contractual clauses between Deichmann and a processor or controller in a third country, Google and Facebook take security measures to ensure the protection of your personal data (see the paragraphs about Google and Facebook in this privacy policy). . Please take the above facts into account when giving your consent. In this context, we process your data automatically only for the purpose of evaluating certain personal aspects (profiling).

After unsubscribing from the newsletter, we will stop sending you the newsletter and delete your data. If you also have a customer account on our website, we will store your data for as long as the customer account exists. However, this only applies if we are not legally entitled to store your data for specific purposes, including defense against legal claims. The legal basis for data processing is Article 6 paragraph 1 letter a) GDPR. You can withdraw your consent by following the instructions at https://www.deichmann.com/de-de/newsletter/unsubscribe .

13. Google Ads Service (including dynamic remarketing)

On the website we also use what is known as Google Conversion Tracking, an analytics service provided by Google Inc. (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; "Google"). Google Ads places a cookie ("conversion cookie") on your end device if you reached our website via a Google ad. These cookies expire after 30 days and do not serve to personally identify users. If you visit one of our pages and the cookie has not yet expired, we and Google can recognize that someone clicked on an advertisement and was redirected to our page. Each Google Ads customer receives a different set of cookies. As a result, cookies cannot be tracked across the websites of different Google Ads advertisers. The information obtained by the conversion cookie is used to create conversion statistics for us. As a Google Ads customer, we track the total number of users who clicked on our ad and were redirected to the page with the tag to measure conversions. However, we do not receive any information that could be used to personally identify users. If you do not want information about your behavior on the website to be processed in the tracking process, you can also refuse the setting of the cookie file that is necessary for this - for example, through the browser settings, which generally deactivate the automatic setting of cookies, or refuse the consent to cookies section . You can also disable conversion tracking cookies by setting your browser to block cookies from the "googleadservices.com" domain. In addition, Google offers you the option to disable Google's use of cookies for advertising purposes in the advertising specifications. You can find them here:https://www.google.com/settings/ads . We use Google remarketing technology. Remarketing is used to retarget previous users of our website through targeted advertising on third-party websites, including Google. Google determines which users are specifically addressed by temporarily linking the Google Analytics data described above and the individual user IDs registered with Google, thereby enabling cross-device addressing. Advertising on the websites of third-party providers, including Google, is also carried out using cookies. You can prevent Google from using cookies in the future by making the appropriate settings on the website https://www.google.com/settings/ads . More information can be found athttps://www.google.com . Google's privacy policy can be found at https://www.google.com/intl/de/privacypolicy.html#information .

14. Youtube Pixel

YouTube is a video portal of YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA (hereinafter "YouTube"). We have integrated at least one plugin from YouTube into our online service. When you call up an online service that contains a YouTube plugin, your browser establishes a direct connection with YouTube's servers. This transmits the information to YouTube that your browser has accessed the corresponding page of our online offer, even if you do not have a YouTube account or are not currently logged into your account. This information is transmitted by your browser directly to a YouTube server in the USA and stored there.

If you are logged into your YouTube account at the same time, it is also possible to assign the page view to your YouTube account and you enable YouTube to assign your surfing behavior directly to your personal profile.

If you want to prevent this transmission and storage of your data and your behavior in our online offer by YouTube, you must log out of YouTube before visiting our site and delete the cookies set by YouTube.

For more information about the collection and use of your data by YouTube, please see the privacy policy at https://www.YouTube.com/static?template=privacy_guidelines and the privacy policy of Google at https://www.google.com/policies/privacy/ .

When collecting data, we rely on your consent in accordance with Art. 6 (1) a EU-DSGVO for the corresponding data processing, which you can of course also revoke at any time by changing the data protection settings. Please note that with your consent, data may also be transferred to a third country outside the EU / EEA, where a lower level of data protection than in the EU may prevail (Art. 49 para. 1 sentence 1 lit. a EU-DSGVO).

15. Presence on social networks

We do not use social media plugins on our website. If our website contains icons of the following social media providers, we only use them to passively link to the pages of the respective providers.

1. Fanpage on the social network Facebook

The corporate profile of Deichmann Germany on the Facebook social network can be found at https://www.facebook.com/Deichmann/ .

The Deichmann Czech company profile on the Facebook social network can be found at https://www.facebook.com/deichmann.obuv .

For users outside the US and Canada, Facebook is operated by Meta Platforms Ireland Limited. For users in the USA and Canada, Facebook is operated by Facebook Inc., 1601 South California Avenue, Palo Alto, CA 94304, USA.

Even if you are not registered on the Facebook social network and you visit our Facebook fan page, Facebook may collect pseudonymous usage data from you. Further information can be found in the Facebook privacy policy at https://www.facebook.com/privacy/policy/ and also at https://www.facebook.com/legal/terms/information_about_page_insights_data . In this privacy policy you will also find information about your Facebook account settings.

Meta Platforms Ireland Limited may share your data within the Facebook group and with other third parties. This may include the transfer of personal data to the US and other third countries for which there is no European Commission decision on adequate personal data protection. In this case, Meta Platforms Ireland Limited uses standard contractual clauses approved by the European Commission pursuant to Article 46(2)(a). c) GDPR. Further information can also be found in the privacy policy of the social network Facebook.

In addition, we and Meta Platforms Ireland Limited are jointly responsible for the processing of Insight data when visiting our Facebook fan page. Using this Insight data, Meta Platforms Ireland Limited analyzes the behavior on our Facebook fan page and provides this data to us in an anonymized form. To this end, we have entered into a joint data processing liability agreement with Meta Platforms Ireland Limited, which can be viewed here: https://de-de.facebook.com/legal/terms/page_controller_addendum . In this agreement, Meta Platforms Ireland Limited undertakes, among other things, to assume primary responsibility under the GDPR for the processing of Insight data and to comply with all obligations under the GDPR in relation to the processing of Insight data. The processing takes place on the basis of our legitimate economic interest in optimizing and designing our fan page on Facebook according to needs, Article 6 paragraph 1 letter f) GDPR.

We would also like to draw your attention to the following facts: if you visit or like our Facebook fan page as a registered Facebook user, Meta Platforms Ireland Limited collects personal data. If you are not registered with Facebook and visit a Facebook Fan Page, Meta Platforms Ireland Limited may collect pseudonymous usage data.

In particular, Meta Platforms Ireland Limited collects the following information:

  • launch a page, post or video from the page,

  • subscribing or unsubscribing from the site,

  • "Like" or "Dislike" a page or post;

  • page recommendation in a post or comment,

  • comment, share or respond to a post on the page (including the type of response),

  • hide a post on the page or report it as spam,

  • clicking from another page on Facebook or from a website outside of Facebook on a link that leads to that page,

  • hovering the mouse over the page's name or profile picture to view a preview of the page's content,

  • clicking on a website button, phone number, "plan route" button or any other button on the page;

  • information about whether you are logged in via computer or mobile device when you visit or interact with the site or its content.

For more information, see Meta Platforms Ireland Limited's privacy policy at https://www.facebook.com/legal/terms/information_about_page_insights_data .

2. Social network Instagram

You can find the company profile of Deichmann Germany on the Instagram social network at https://www.instagram.com/deichmann_schuhe/ .

The corporate profile of Deichmann Czech Republic on the Instagram social network can be found at https://www.instagram.com/deichmann.cz/ .

For users outside the US and Canada, the Instagram social network is operated by Meta Platforms Ireland Limited. For users in the US and Canada, Instagram is operated by Facebook Inc., 1601 South California Avenue, Palo Alto, CA 94304, USA.

For more information, see Instagram's privacy policy at https://help.instagram.com/155833707900388 .

3. YouTube channel

The Deichmann Czech company profile on the YouTube channel can be found at https://www.youtube.com/channel/UC2RZvfhlg1YBxPUDnmfIN6w .

For users in the European Economic Area (EEA) and Switzerland, the Google Service is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Republic of Ireland, and outside of this area by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043 USA.

For more information, see Google's privacy policy at https://policies.google.com/privacy?hl=cz .

4. LinkedIn social network

You can find the company profile of Deichmann Germany on the LinkedIn social network at https://de.linkedin.com/company/deichmann .

For users residing in the European Economic Area and Switzerland, the LinkedIn social network is operated by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland (hereinafter referred to as "LinkedIn Ireland"). For all other users, the operator is LinkedIn Corporation, 1000 W Maude Ave, Sunnyvale, CA 94085, USA. LinkedIn Ireland's privacy policy can be found here: https://cz.linkedin.com/legal/privacy-policy?trk=organization-guest_footer-privacy-policy . In these policies, you will also find information about the options for setting up your LinkedIn profile.

LinkedIn Ireland also transfers personal data to the USA and other third countries outside the European Economic Area for which there is no European Commission decision on adequate personal data protection. Relevant information can be found here: https://www.linkedin.com/help/linkedin/answer/62533?trk=microsites-frontend_legal_privacy-policy . Accordingly, LinkedIn regularly uses standard contractual clauses approved by the European Commission pursuant to Article 46 paragraph 2 letter c) GDPR.

In addition, we are jointly responsible with LinkedIn Ireland for the processing of so-called Page Insights data when visiting our LinkedIn company page. To this end, we have entered into a joint data processing liability agreement with LinkedIn Ireland, which you can view here: https://legal.linkedin.com/pages-joint-controller-addendum . LinkedIn Ireland hereby undertakes, among other things, to assume primary responsibility under the GDPR for the processing of Page Insights data and to comply with all obligations under the GDPR in connection with the processing of Page Insights data. The processing takes place on the basis of our legitimate economic interest in the optimization and design of our company profile on the social network LinkedIn according to needs, Article 6 paragraph 1 letter f) GDPR.

In addition, please note the following: From LinkedIn Ireland, we receive non-personally identifiable information and analysis about the use of our account or interactions with our posts in so-called Page Insights. This information allows us to analyze and optimize the effectiveness of our activities on the LinkedIn social network. For this purpose, LinkedIn Ireland processes in particular the data that you have provided to LinkedIn Ireland through the information in your profile. This includes, for example, the following data:

  • function data,

  • Earth,

  • industry,

  • seniority (number of years of service),

  • company size a

  • employment status.

In addition, LinkedIn Ireland will process information about how you interact with our company page on LinkedIn, for example whether you are a Follower of our company profile on LinkedIn.

5. "Community" function

If you visit our presence on social media (e.g. Facebook fan page), we will process some of your data, e.g. when you interact with our pages or our account, when you like or comment on our post, when you reply or provide other content. Personal data is processed in relevant cases, as a rule, on the basis of our legitimate interest in providing you with relevant functions on our presence on social networks (Article 6, paragraph 1, letter f) of the GDPR), as well as on the basis of your consent to the relevant platform operators (e.g. . Facebook Ireland, LinkedIn Ireland), Article 6 paragraph 1 letter a) of the GDPR, or on the basis of your contractual relationship with the operators of the relevant platforms (Article 6, paragraph 1, letter b) of the GDPR).

Please note that these areas are publicly accessible and any personal information you post here or provide when logging in may be viewed by other users. We cannot control how other users use this information. In particular, we cannot prevent third parties from sending you unsolicited messages.

Content posted within communities may be retained indefinitely. If you wish us to remove the content you have set, send us an e-mail to the address indicated in point 2 above.

16. Product Recommendations

1) This website uses the services of the provider trbo GmbH, Leopoldstr. 41, 80802 Munich, Germany, to optimise our online offering and measure the effectiveness of our online advertising and to display personalised offers. We use the page content you have accessed to recommend equivalent or thematically related products or other content relevant to you.

The legal basis for data processing is Art. 6 para. 1 lit. a GDPR.

If you have given us your consent to do so, we will use cookies that enable us to recognise your internet browser. The data collected and used in this context is stored by us in pseudonymised form using a random identification number. A direct personal reference is therefore not possible.

You have the option to withdraw your consent at any time by adjusting your cookie settings here: [please insert link]

Your cancellation does not affect the legality of the processing carried out until your cancellation.

In addition, you can find further information on the tracking technology used under the following link: https://www.trbo.com/privacy-policy/

2) Tracking Pixels

Tracking-Pixel files work similarly to cookies, but are not visible to the user. If you give your consent, Tracking Pixels are deployed within the functionality of the store to measure user behavior, within the newsletter, to manage offers in remarketing. This data is anonymous and is not linked to personal data on the user's computer or to any database. If you want to block web bugs on our site, you can use e.g. webwasher, bugnosys or AdBlock (for the Firefox browser). To block web bugs in our newsletter, set your messaging program to not display HTML in your messages. Web bugs are also blocked if you read your mails in offline mode.

Individual product recommendations on the website https://www.deichmann.com/CZ/cs/shop/welcome.html are based on your purchase history, which includes in particular the range and categories of products you have ever viewed, searched for or purchased. All information obtained in this way is stored in anonymized form and it is not possible to link it to your person.

The legal basis for the processing of personal data is Article 6 paragraph 1 letter a) GDPR.

17. Scayle

Scayle is a headless eCommerce system provided by About You SE & Co. KG (Domstraße 10, 20095 Hamburg). Deichmann uses the Scayle system to provide online store services.

Information on the privacy policy can be found under this link: https://www.scayle.com/de/datenschutz .

Scayle Subprocessors

1. Akamai Technologies, Inc.

Deichmann uses the "Akamai" service to optimize website delivery and to secure our web servers with a web application firewall. The entity responsible for processing your personal data is: Akamai Technologies GmbH, Parkring 20-22, 85748 Garching, Germany.

The following list contains all (personal) data that is collected through or when using this service:

  • Browser information

  • Pages visited

  • Date and time of visit

  • Operating system

  • IP address

The legal basis for the processing of your personal data is Article 6 paragraph 1 letter f) GDPR, balancing of interests, based on our legitimate interest to ensure the continuous availability of our website.

The place of processing is the European Union and the United States of America (Currently, there is no opinion of the European Commission according to which the USA generally provides a sufficient level of protection. If the level of personal data protection is not ensured at a level equivalent to the European standard, the transfer of personal data is carried out through appropriate safeguards and on the basis of EU standard contractual clauses on the protection of personal data.As an additional guarantee, the fact that personal data processed in connection with Akamai is pseudonymized and therefore particularly protected).

The lifetime of the cookies used lasts until the end of the relevant session. Personal data collected with their help are deleted when they are no longer needed for processing purposes.

To read the data processor's privacy policy, click here: https://www.akamai.com/uk/en/privacy-policies/ .

2. Amazon Web Services Inc.

Amazon Web Services (AWS) is a cloud computing service offered by http://Amazon.com . This service enables companies and organizations to run IT infrastructure and applications in the cloud.

The provider is Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, 1855 Luxembourg (hereinafter referred to as "AWS").

More detailed information can be found here: https://aws.amazon.com/de/blogs/security/aws-gdpr-data-processing-addendum/ .

For more information on the processing of personal data, please refer to the AWS Privacy Policy: ( https://aws.amazon.com/de/privacy/?nc1=f_pr ).

The use of the AWS service is subject to your consent (Article 6(1)(a) GDPR). The basis for using the AWS service is Article 6, paragraph 1 letter f) GDPR. We have a legitimate interest in the reliable display of our website. If we have obtained your consent to the processing of personal data, the processing is carried out exclusively on the basis of Article 6 paragraph 1 letter a) GDPR and § 25 para. 1 TTDSG (German Act on the Protection of Personal Data in the Field of Telecommunications and Telemedia), if the consent includes the storage of cookies or access to information in the user's terminal device (e.g. scanning of fingerprints on the device) in accordance with the TTDSG. This consent can be revoked at any time.

3. Datadog Inc.

Datadog is a service focused on monitoring real users and performance. Data processing is used to analyze these websites and their visitors. At the request of the operator of this website, Datadog uses the information obtained to evaluate the use of the website, monitor the performance of this website, application screens, user actions, network requirements and the performance of our front-end code, monitor ongoing errors and problems, and compile reports on website activities.

The data processing entity is Datadog, Inc (620 8th Avenue, Floor 45, New York, NY 10018, USA).

Among other things, the following information may be collected:

  • IP address

  • Date and time the page was viewed

  • User navigation (click path)

  • Information about the browser and device you use

  • Pages visited

  • Link URL (web page from which you accessed our website)

  • Location data

  • Shopping activities.

Datadog uses technologies such as cookies, browser web storage and tracking pixels to analyze your use of the website. The processing of personal data, especially the setting of cookies, takes place only with your consent. More detailed information about the terms of use and the protection of personal data can be found here: https://www.datadoghq.com/legal/privacy/ .

4. New Relic Inc.

NewRelic (New Relic, Inc., 188 Spear St. Suite 1200, 94105 San Francisco, USA) is a web service used to analyze website usage. The cookie transfers information, including your IP address, to a New Relic server in the USA. Personal data are processed in accordance with Article 6 paragraph 1 letter f) GDPR for the purpose of optimal presentation of our online offer. NewRelic uses the stored information to analyze how you use the website, to create reports for website operators and to offer other services related to website and internet usage.

More information on privacy can be found here: https://newrelic.com/termsandconditions/privacy .

5. Functional Software, Inc.

Functional Software, Inc. (132 Hawthorne Street, San Francisco, California 94107) provides a platform for reporting software errors and outages so that we can retrospectively analyze and improve our website. Please note that this is a transfer of personal data to the US, which is considered a transfer of personal data to a third country. Personal data are processed in accordance with the provisions of Article 6 paragraph 1 letter f) GDPR.

You can find information about personal data protection under the following link: https://sentry.io/privacy/ .

6. Cloudflare, Inc.

This website uses a so-called Content Delivery Network (‘CDN’) of the technology service provider Cloudflare Inc, 101 Townsend St. San Francisco, CA 94107, USA (‘Cloudflare’). A content delivery network is an online service that is used in particular to deliver large media files (such as graphics, page content or scripts) through a network of regionally distributed servers connected via the Internet. The use of Cloudflare's content delivery network helps to optimise the loading speed of this website and contributes to improving performance and stability. For this purpose, personal data may be processed in Cloudflare's server log files. Cloudflare also collects statistical data about visits to this website. The data collected includes Name of the retrieved website, retrieved file and URL, date and time of retrieval, amount of data transferred, HTTP status code (e.g. 200, 404), browser type, version and language settings, operating system and its version, referrer URL, IP address of the requesting device, requesting provider, geographical location data, information on security risks (e.g. suspicious activity or bot detection) and TLS/SSL information for secure connection. The data agreement is based on standard contractual clauses, which you can find here: https://www.cloudflare.com/cloudflare-customer-scc/ Further information on Cloudflare's privacy policy can be found here: Cloudflare Privacy Policy | Cloudflare.+ The company is certified according to the ‘EU-US Data Privacy Framework’ (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards when processing data in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnZKAA0&status=Active When using Cloudflare Turnstile, the following also applies: Cloudflare Turnstile is used to check whether the data input on this website is made by a human or by an automated programme. To do this, Turnstile analyses the behaviour of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters a website with Turnstile activated. Turnstile analyses various pieces of information (e.g. IP address, time spent on the website by the website visitor or mouse movements made by the user). The data collected during the analysis is forwarded to Cloudflare. The data transfer between your browser and our servers is analysed on Cloudflare's servers in order to ward off attacks. Cloudflare uses cookies to enable you to access our website. The use of Cloudflare Turnstile is in the interest of secure use of our website and defence against harmful external attacks. The data is stored and analysed on the basis of Art. 6 para. 1 lit. f GDPR and § 25 para. 2 no. 2 TDDDG.

18. Payment Methods

We process your payment data for the purpose of making payments, e.g. when purchasing a product in our online store. Depending on the payment method, we transfer your payment data to third parties (e.g. in the case of payment by payment card to your payment card provider).

The legal basis for this processing of personal data is Article 6 paragraph 1 letter b) GDPR, if the processing is necessary for making the payment, as well as Article 6 paragraph 1 letter f) GDPR, whereby our overriding legitimate interest lies in the proper execution of the payment.

Basically, we offer the following payment methods in our online store:

1. Payment/credit cards

We accept the following payment cards: Visa, and MasterCard.

If you choose this payment method, you will be redirected to the external website (Saferpay) of Six Payment Services AG. The card details are recorded there. If two-factor authentication is required, Saferpay will provide this.

More information about Saferpay can be found here: https://www.six-payment-services.com/en/site/e-commerce/solutions/paymentsolution.html .

Important safety information:

If your credit card is misused by an unauthorized person, you have the option to file an objection with the company that issued your credit card.

The highest possible security: thanks to state-of-the-art SSL encryption, we provide optimal protection of your personal data in the checkout area of our online store.

In addition, we ensure your entire transaction - when paying by credit card - by making it mandatory to indicate the card's verification code (CVC2 or CVV2). Useful information: these numbers are not stored on the magnetic strip of your payment card and therefore do not appear on payment documents.

The card verification code – a three-digit numeric code – is located in the upper right corner of the signature strip for Visa and MasterCard cards.

With the American Express card, you will find the card verification code - a four-digit numerical code - on the front right above the payment card number.

2. PayPal

If you pay via PayPal, your payment details will be transferred to PayPal (Europe) S.à rl et Cie, SCA, 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as "PayPal") as part of the payment process. You will be identified by your PayPal account credentials.

For more information on data protection, see PayPal's data protection policy: https://www.paypal.com/cz/webapps/mpp/ua/privacy-full .

19. Ordering Process

During the ordering process, the following personal data will be collected about you:

name, surname, date of birth, address, e-mail address, telephone number, as well as personal data collected by the above-described applications and order processors/service providers.

In doing so, associated processing takes place for the purpose of making your purchase.

The legal basis for processing is Article 6 paragraph 1 letter b) GDPR. In the case of your purchase of goods in our online store (conclusion of a contract), the provision of your personal data is necessary. If you do not provide the above information, no purchase in our online store is possible.

If necessary, the data may be forwarded to the sales department, employees in charge of logistics and service providers/processors who have been authorized in this regard.

Your data will be kept in a locked form until the relevant purchase contract is processed and then until the statutory periods for data retention in connection with the completed transactions expire.

20. Customer Account

On our website, we offer you the possibility to register ("My Account") if you provide your personal data. Registration is required in order to create your customer account.

Deichmann uses your personal data to manage your Deichmann account (hereinafter referred to as "My Account"), including obtaining consents, ascertaining and confirming the identity of the account user, preventing unauthorized access and use, restricting use by minors, sending notifications and alerts, taking measures against abuse account, tracking violations of terms of use and processing consent revocations. We also use your personal data to provide you with a personalized online experience and to immediately provide you with information about your purchase.

The processing of your personal data for your account takes place based on your consent when creating a customer account. The legal basis for processing is Article 6 paragraph 1 letter a) GDPR.

We keep your personal data for the time necessary to provide the account.

Personal data collected and used solely for the purpose of providing your customer account will be deleted after account cancellation.

21. Internet Security

Deichmann uses standard security measures through your browser - so-called SSL encryption. User data is encrypted using SSL - so-called SSL encryption. User data is encrypted using SSL certificates (class 2) with 256-bit encryption with a maximum key length of 2048 bits. You can recognize areas protected by SSL by the lock symbol in the browser. Secure connections are usually identified by an address starting with "https://". If you double-click the lock symbol, you will see more detailed information about the security certificate. We transmit your personal data securely using this encryption. This applies to your order and your login as a customer. However, no one can guarantee absolute protection. However, we protect our website and other systems with technical and organizational measures against loss, destruction, access,

22. Data Security

We have adopted technical and organizational security measures to protect your personal data from loss, destruction, manipulation and unauthorized access. All our employees are bound by the duty of confidentiality regarding personal data, i.e. confidential handling of personal data. Our security measures are continuously updated in line with technological developments.

23. Automated individual decisions or profiling measures

We do not use automated processing or profiling when making decisions.

24. Provision of personal data

Without your express prior consent, your personal data will generally only be transferred in the following cases:

1. If it is necessary to clarify the illegal use of our services or for legal settlement, personal data will be transferred to law enforcement authorities and possibly injured third parties. However, this will only happen where there are reasonable suspicions of illegal or abusive behaviour. The transfer may also take place when it is used to enforce contracts or other agreements. We are also obliged by law to provide information to certain public authorities upon their request. These are law enforcement authorities, authorities that prosecute administrative offenses for which fines are imposed, and tax authorities.

The transfer of this data takes place on the basis of our legitimate interest in combating abuse, prosecuting criminal offenses and securing, exercising and enforcing claims, Article 6 paragraph 1 letter f) GDPR, or on the basis of a legal obligation pursuant to Article 6 paragraph 1 letter c) GDPR.

2. Your data is passed on to the delivery service entrusted with the delivery of the shipment, if this is necessary for the delivery of the goods. The delivery service will use your personal data exclusively to carry out the delivery. Your data will neither be passed on to other third parties nor used for advertising purposes. The legal basis for data processing is Article 6 paragraph 1 letter b) GDPR. After full fulfillment of the contract and full payment of the purchase price, your data will be blocked for further use and deleted after the expiry of the statutory periods for keeping accounting records and tax documents.

3. When providing services, we rely on contractually bound third parties and external service providers (also "processors"). In such cases, the personal data will be transferred to these processors to enable them to process them further. We carefully select these processors and regularly check them to ensure the protection of your rights and freedoms. Processors may use the data exclusively for the purposes determined by us, and at the same time they are contractually obligated by us to handle your data exclusively in accordance with this privacy policy and applicable laws on personal data protection.

The transfer of this data to the processors takes place on the basis of Article 28, paragraph 1 of the GDPR. In addition to the processors already listed in this personal data protection policy, we also use the following categories of processors:

  • IT service providers,

  • cloud service providers,

  • software service providers.

4. As part of administrative processes, as well as the organization of our operations, financial accounting and compliance with legal obligations, such as archiving, we provide or pass on the same data that we have received in connection with the provision of our contractual services, where applicable to financial authorities, consultants, such as tax advisors or auditors, as well as other entities entrusted with the collection of fees and payment service providers.

The transfer of this data takes place on the basis of our legitimate interest in ensuring our business activities, the performance of our tasks and the provision of our services, Article 6 paragraph 1 letter f) GDPR, or on the basis of a legal obligation pursuant to Article 6 paragraph 1 letter c) GDPR.

5. As part of the further development of our business, there may be changes in the structure of the Deichmann Group, namely changes in legal form, establishment, purchase or sale of subsidiaries, parts of companies or parts of the company. In such transactions, data relating in particular to our customers and contact persons is transferred together with the part of the company that is the subject of the transfer. In any transfer of personal data to third parties to the extent described above, we will ensure that this is done in accordance with this privacy policy and applicable data protection laws.

The possible transfer of personal data is justified by the fact that we have a legitimate interest in adapting the organizational structure of our group to economic and legal conditions, Article 6 paragraph 1 letter f) GDPR.

25. Provision of your personal data

You have no legal or contractual obligation to provide your personal data.

However, the provision of your personal data is necessary to a certain extent so that we can provide you with the relevant functions and our services on our website. The provision of your data is necessary in particular so that we can receive and process your inquiries, so that we can conclude or fulfill a contract, and to enable you to use the community functions in connection with our presence on social networks. In addition, the provision of your personal data is necessary for the acceptance and processing of your job application.

If it is necessary to enter your personal data, we will notify you by marking it as mandatory data when entering it. Providing additional data is optional. In the case of mandatory data, failure to provide this data will result in us not being able to provide the relevant functions and services, in particular we will not be able to receive and process your inquiries and/or enable the conclusion or performance of a contract. Additionally, you will not be able to use the community features on our social media presences. If you do not provide us with the necessary data in connection with your job application, we will not be able to take your job application into account. If the data is voluntary, failure to provide it will result in us not being able to provide the relevant functions and services, or not being able to provide them to the usual extent.

26. Transfer of personal data to third countries

We also process personal data in countries outside the European Economic Area (hereinafter referred to as "EEA"), in so-called third countries, or we pass them on to recipients in these third countries. This also applies to the USA. Please note that there is currently no European Commission Adequate Data Protection Decision that these third countries generally have an adequate level of data protection. Therefore, when establishing contractual relations with beneficiaries in third countries, we use standard contractual clauses approved by the European Commission pursuant to Article 46, paragraph 2, letter c) GDPR or we rely on your consent in accordance with Article 49 paragraph 1 letter a) GDPR. With our service providers who process your personal data on our behalf ("processors"), we conclude standard contractual clauses for the transfer of personal data to processors in third countries. In the case of transfers to third parties in third countries, we use standard contractual clauses for transfers to third parties as administrators accordingly. You can request a copy of these standard contractual clauses at the contact address listed in point 2.

27. Change of purpose

Your data will be processed for purposes other than those described only if this is permitted by law or if you have agreed to a change in the purpose of personal data processing. In case of further processing for purposes other than those for which the data were originally collected, we will inform you of these other purposes before further processing and provide you with all other relevant information.

28. Deletion of your personal data

Unless otherwise stated in this privacy policy, we will delete or anonymize your data as soon as it is no longer necessary for the purposes for which we collected it or used it in accordance with the paragraphs above.

Further storage occurs only if it is necessary for legal reasons, in particular for the determination, securing or defense of claims.

The storage takes place on the basis of our legitimate interest in proper documentation of our business activities and the protection of our legal status (Article 6(1)(f) GDPR). If your personal data is relevant for the conclusion or fulfillment of contracts, the data is stored for the purpose of establishing or fulfilling the relevant contractual relationship (Article 6, paragraph 1, letter b) GDPR).

If we are obliged to store data by law, we store your data for the period specified by law (Article 6, paragraph 1, letter c) GDPR). Statutory retention requirements may be based on retention periods (archiving periods) according to the relevant legal regulations. According to these regulations, the retention period is usually several years, often from the time in which the relevant process was completed, e.g. when we finally processed your inquiry or the contract was terminated.

29. Your rights as a data subject

In connection with the processing of your personal data, you have the rights described below. To exercise your rights, you can send your request by post or email to the addresses listed above at the beginning of this privacy policy.

  1. Your right as a data subject to access personal data

    1. You have the right to obtain access to information about the personal data we process about you at any time upon request, within the scope of Article 15 of the GDPR.

  2. The right to correct inaccurate personal data

    1. In accordance with Article 16 of the GDPR, you have the right to have your personal data corrected without undue delay if it is inaccurate.

  3. Right to erasure

    1. You have the right to have us delete personal data concerning you under the conditions described in Article 17 of the GDPR. These conditions establish in particular the right to erasure if personal data are no longer needed for the purposes for which they were collected or otherwise processed, as well as in cases where personal data were processed unlawfully, in the event of an objection to processing or the existence of an obligation to erasure, established by law Union or Member State that applies to us.

  4. Right to restriction of processing

    1. You have the right to have us restrict processing in accordance with Article 18 GDPR. This right exists in particular if you deny the accuracy of the personal data, for the time required for us to verify the accuracy of the personal data, and also if, in the case of an existing right to erasure, you request the restriction of processing instead of erasure; further, in the event that the personal data are no longer needed for the purposes pursued by us, but you require them for the determination, exercise or defense of legal claims, and also in the event that it is still questionable whether the objection raised by you against us will be found to be justified.

  5. Right to data portability

    1. You have the right to receive from us the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format in accordance with Article 20 of the GDPR.

  6. Right to object

    1. For reasons related to your specific situation, you have the right to object at any time to the processing of personal data concerning you, among other things, on the basis of Article 6 paragraph 1 letter e) or f) GDPR, in accordance with Article 21 GDPR. We will stop processing your personal data if we do not prove serious legitimate reasons for the processing that outweigh your interests, rights and freedoms, or the processing serves the determination, exercise or defense of legal claims.

    2. If we process your personal data for direct marketing purposes, including profiling, you have the right to object to this processing. After raising an objection, we will stop the processing.

  7. Right to file a complaint

    1. In case of complaints, you have the right to contact the supervisory authority in the Czech Republic; Office for the Protection of Personal Data, Lt. Col. Sochora 27, 170 00 Prague 7, email: [email protected] , or to the supervisory authority in the Federal Republic of Germany, the Federal Republic of Nordrhein-Westfalen; Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen, Kavalleriestr 2-4, 40213 Düsseldorf, email: [email protected] .

30. Processing of personal data in the exercise of your rights

In conclusion, we would like to inform you that if you exercise your rights according to Articles 15 to 22 of the GDPR, we will process the personal data that you provide us in this context for the purpose of realizing these rights and to be able to provide evidence of this fact. This processing is based on the legal basis of Article 6 paragraph 1 letter c) GDPR in conjunction with Articles 15 to 22 GDPR.

31. Updates and Changes

We reserve the right to change and update the personal data protection policy in accordance with the currently applicable legal regulations or when modifying the way personal data is processed. Before using our services, please read our privacy policy to be informed of any changes or updates.