Customer support:help@fruvi.no
    Language
    English
    Home / Privacy Policy

    Privacy Policy

    Data Controller: Rybízák s.r.o.
    Registered office: Sládkova 372/8, 702 00 Ostrava, Czech Republic
    ID: 05887461
    Contact: help@fruvi.no

    Basic statement

    The Personal Data Controller referred to in Article 4(7) of Regulation (EU) 2016/679 ("GDPR") is Rybízák s.r.o., as stated above. The Data Controller has not appointed a Data Protection Officer.

    "Personal data" means any information relating to an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, ID number, location data, or an online identifier.

    Sources and categories of processed personal data

    The Data Controller handles the personal data you provide directly or that is received based on your order. This includes identification data, contact information, and data necessary for the performance of the contract — including the cookie file.

    If you have subscribed to our newsletter, the Controller also handles your email address and the date of subscription to send commercial emails related to goods offered at www.fruvi.no.

    Legal grounds and purpose of processing

    The legal grounds for processing personal data are:

    • performance of the contract between you and the Controller (Art. 6(1)(b) GDPR);
    • the legitimate interest of the Controller in direct marketing — commercial messages and newsletters (Art. 6(1)(f) GDPR);
    • the legitimate interest of the Controller in communicating with potential customers after they complete the contact form.

    The purposes of processing personal data are:

    • arranging your order and exercising the rights and obligations arising from the contractual relationship;
    • sending business newsletters under Art. 4(1) and Art. 7 GDPR;
    • statistical and analytical processing of site attendance.

    No automated decision-making within the meaning of Art. 22 GDPR is made by the Data Controller.

    Data retention period

    The Data Controller retains personal data:

    • for the period necessary to exercise the rights and obligations arising from the contractual relationship and the enforcement of claims under these relationships (10 years from the termination of the contractual relationship);
    • until consent to processing for marketing purposes is revoked, for a maximum of 10 years if data is processed under consent.

    At the end of the retention period, the Controller will erase the personal data.

    Recipients of personal data

    The recipients of personal data are persons:

    • contributing to the delivery of goods, services, or payments under a contract;
    • providing online store services and other services related to the operation of the online store;
    • providing marketing services.

    The Data Controller may transfer personal data to non-EU countries or international organizations. The recipients of personal data in third countries are providers of mailing and cloud services.

    The buyer's agreement also applies to data generated when browsing the web pages by the Google Analytics tool with the remarketing data extension. Remarketing data is retained for 365 days. With these online tools, we do not collect personal data such as name, address, email, or phone. You can delete the remarketing ad target by clearing cookies in your browser.

    Your rights

    Under the GDPR, you have:

    • the right to access your personal data (Art. 15);
    • the right to correct your personal data (Art. 16) or restrict processing (Art. 18);
    • the right to delete personal data (Art. 17);
    • the right to object to processing (Art. 21);
    • the right to data portability (Art. 20);
    • the right to withdraw consent to processing in writing or electronically to the Data Controller's address or email.

    You also have the right to file a complaint with the Office for Personal Data Protection if you believe your right to privacy has been violated.

    Security of personal data

    The Data Controller has taken all appropriate technical and organizational measures to safeguard personal data. These include secure storage of paper documents, technical data warehousing, encryption, anti-virus software, backups, and access restricted to authorized persons only.

    Final statement

    By sending an order from the online order form, you acknowledge that you are familiar with these privacy terms and accept them in their entirety. The Data Controller is entitled to change these terms; a new version will be published on the website.

    These terms take effect on 20 September 2020.