PRIVACY POLICY for the DETAIL-store.cz e-shop

Last updated: March 17, 2026

This privacy policy describes how the company / entrepreneur Radek Lövenhöfer, ID No.: 07480903, with registered office / place of business: Antonína Petrofa 2116/16, 500 09 Hradec Králové, e-mail: info@detail-store.cz, phone: +420 731 225 333, (hereinafter referred to as the "controller" or "we") processes the personal data of website visitors, customers, and other individuals who communicate with us through the e-shop www.detail-store.cz.

These policies are prepared in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR), related legal regulations of the Czech Republic, and rules for the use of cookies and similar technologies.

1. Who processes personal data

The data controller is:

Radek Lövenhöfer | DETAIL-store.cz
ID No.: 07480903
VAT ID: CZ9907072483
Registered office / place of business: Antonína Petrofa 2116/16, 500 09 Hradec Králové
E-mail: info@detail-store.cz
Phone: +420 731 225 333

Regarding personal data protection, you can contact us at info@detail-store.cz.

2. What personal data we process

We may process the following personal data:

• identification data: name, surname, ID number, VAT ID,

• contact details: e-mail, phone, delivery and billing address,

• order and transaction data: ordered goods, order date, shipping and payment method, payment information, order history,

• communication data: content of messages, inquiries, complaints, reviews, and other communications with us,

• user account data: login details, account settings,

• technical and online data: IP address, cookies, device information, browser, website behavior, and website traffic,

• other data that you voluntarily provide to us.

The scope of data processed depends on the services you use, the website functions you utilize, and the permissions or consents you grant us.

3. Where we obtain personal data from

We obtain personal data primarily:

• directly from you when placing an order, registering, filling out a form, sending an inquiry, review, or complaint,

• automatically when you use our website through cookies and similar technologies,

• from payment providers, shipping providers, or technical service providers, if necessary for order processing or e-shop operation,

• from the Shopify platform and related services that we use for e-shop operation.

4. For what purposes and on what legal basis we process data

4.1 Order processing and contract performance

We process personal data for the purpose of receiving and processing orders, delivering goods, communicating about orders, processing payments, returning goods, and asserting rights from defective performance.

Legal basis: contract performance according to Article 6(1)(b) of the GDPR.

4.2 Accounting and fulfillment of legal obligations

We process personal data for the purpose of fulfilling obligations under tax, accounting, and other legal regulations.

Legal basis: fulfillment of a legal obligation according to Article 6(1)(c) of the GDPR.

4.3 Handling inquiries, complaints, and customer support

If you contact us, we process your data to respond to inquiries, resolve complaints, grievances, or other communications.

Legal basis: contract performance or our legitimate interest in handling communications and protecting our rights according to Article 6(1)(b) or (f) of the GDPR.

4.4 User account

If you create a customer account, we process the data necessary for its maintenance, administration, and security.

Legal basis: contract performance according to Article 6(1)(b) of the GDPR.

4.5 Sending commercial communications to existing customers

If you have purchased from us, we may send you information about our similar products and services.

Legal basis: our legitimate interest in direct marketing and simultaneous compliance with information society service rules; in each communication, you have the option to easily unsubscribe.

4.6 Newsletter based on consent

If you subscribe to our newsletter without a prior purchase or where required, we will process your e-mail based on your consent.

Legal basis: consent according to Article 6(1)(a) of the GDPR. You can withdraw your consent at any time.

4.7 Reviews and ratings

If we allow reviews, we may process data related to verifying that the review comes from a real customer and its publication.

Legal basis: contract performance, legitimate interest in transparency and credibility of reviews, or consent if required in a specific case.

4.8 Website security, fraud prevention, and rights protection

We may use data to secure the website, protect against misuse, evaluate risky orders, resolve disputes, and protect our rights.

Legal basis: our legitimate interest according to Article 6(1)(f) of the GDPR.

4.9 Analytics and marketing cookies

If you give us your consent via the cookie banner, we may use analytical and marketing cookies and similar technologies to measure traffic, evaluate website behavior, and display more relevant advertising.

Legal basis: consent according to Article 6(1)(a) of the GDPR and simultaneously consent according to the rules for storing non-technical cookies. In the Czech Republic, prior verifiable consent is required for non-technical cookies; only technical cookies are an exception.

5. How long we store data

We store personal data only for the period strictly necessary for the given purpose and, depending on the nature of the processing, especially as follows:

• data related to orders and contractual relationships for the duration of the contractual relationship and subsequently for the period necessary to protect rights and resolve any claims, usually no longer than 4 years from contract fulfillment, unless a specific legal regulation requires a longer period,

• accounting and tax documents for the period stipulated by legal regulations, typically 5 to 10 years,

• complaint data for the duration of warranty and related claims,

• customer account for its existence; after account cancellation only for the period necessary to protect rights and fulfill obligations,

• marketing communications to existing customers until unsubscribed or until our legitimate interest is no longer justifiable,

• newsletter based on consent until consent is withdrawn,

• cookies according to their type and settings, no longer than the period specified in the cookie banner or website settings.

The specific retention period may vary depending on the services you use, whether there is a dispute, complaint, or whether another legal regulation requires longer archiving. GDPR requires limiting storage only for the period necessary for the purpose of processing.

6. To whom we transfer personal data

We may transfer personal data to the following categories of recipients:

• e-shop platform provider Shopify,

• payment service providers and payment gateways,

• carriers and pick-up points,

• providers of accounting, tax, and legal services,

• e-mailing tool providers,

• providers of hosting, IT support, security, and technical administration,

• providers of analytical and marketing tools, if you give your consent,

• public authorities, if required by law.

We transfer personal data only to the extent necessary for the given purpose. If a partner processes personal data for us as a processor, we ensure that the processing is governed by an appropriate contract. GDPR expressly provides for informing about recipients or categories of recipients.

7. Shopify and the role of this platform

Our e-shop is operated on the Shopify platform. This means that Shopify provides the technical background for our e-shop and may process some customer personal data in connection with this. Shopify states in its documentation that its Data Processing Addendum is relevant for customer data, and at the same time points out that for some "Enhanced Services," it may also act as an independent controller.

More detailed information on how Shopify processes personal data can be found in Shopify's documentation and policies.

8. Transfer of data to third countries

Within some of the services used, personal data may be transferred outside the European Economic Area, especially if the relevant providers or their infrastructure are located outside the EEA. If such a transfer occurs, it takes place on the basis of appropriate legal mechanisms, typically standard contractual clauses of the European Commission or another legal mechanism. Shopify explicitly states the possibility of international transfers and reliance on recognized transfer mechanisms.

• Shopify
• Google
• Meta
• Maileon
• chat widget
• analytical tools
• shipping companies (DPD, Zásilkovna)
  

9. Automated decision-making and profiling

We do not make decisions based solely on automated processing that would have legal effects on you or similarly significantly affect you.

If we use analytical or marketing tools and you give your consent, segments may be created or basic profiling may occur for the purposes of measuring campaign performance, personalizing content, or advertising. However, this does not constitute automated decision-making within the meaning of Article 22 of the GDPR with legal or similarly significant effects. GDPR includes informing about automated decision-making and profiling among the rights of data subjects.

10. What rights you have

Under the conditions set by the GDPR, you have the following rights:

• the right to access personal data,

• the right to rectification of inaccurate data,

• the right to erasure,

• the right to restriction of processing,

• the right to data portability,

• the right to object to processing based on legitimate interest,

• the right to withdraw consent at any time, if processing is based on consent,

• the right to lodge a complaint with a supervisory authority.

In the Czech Republic, the supervisory authority is the Office for Personal Data Protection. These rights derive from Articles 15 to 21 of the GDPR.

11. How you can exercise your rights

You can exercise your rights by e-mail at info@detail-store.cz or in writing to the controller's address listed above.

To protect your data, we may reasonably verify your identity before processing a request.

12. Cookies

We use cookies and similar technologies on the website.

12.1 Technical cookies

These cookies are essential for the website's functioning, security, proper display of pages, shopping cart, login, or privacy settings. Consent is not required for these cookies if they are truly necessary. The Office for Personal Data Protection explicitly states that technical cookies are an exception.

12.2 Analytical cookies

We use them only with your consent if they help us measure traffic, website performance, and user behavior.

12.3 Marketing cookies

We use them only with your consent for ad personalization, remarketing, and campaign evaluation.

12.4 Cookie settings

You can change your preferences at any time via the cookie banner.

13. Security of personal data

We have taken appropriate technical and organizational measures to secure personal data against unauthorized access, loss, misuse, or unauthorized disclosure. GDPR imposes an obligation on controllers to implement appropriate security measures.

14. Links to third-party websites

Our website may contain links to third-party websites and services. We are not responsible for their content and personal data processing. We recommend always reviewing their own privacy policies.

15. Changes to these policies

We may update these policies periodically, especially if our processes, services used, or legal requirements change. We will always publish the current version on this page and update the last updated date.