Privacy Policy

Article I. General Provisions

1. Data Controller: The company Recorder s.r.o., IČO: 56280556, registered address: Lermontovova 911/3, 81105 Bratislava I, e-mail: info@recorder.sk, phone: +421 948 361 080 (hereinafter referred to as the "Controller").
2. The Controller processes personal data in compliance with Act No. 18/2018 Z.z. on Personal Data Protection and the General Data Protection Regulation (EU) No. 2016/679 (GDPR).

Article II. Scope and Purpose of Data Processing

1. Processed Data:
   • Full name.
   • Address (for invoicing and delivery).
   • Contact details: e-mail, phone number.
   • Payment details (only for processing payments via payment gateways).
   • IP address (for website security).
2. Purposes of Data Processing:
   • Order processing and product delivery.
   • Handling complaints and returns.
   • Marketing purposes (e.g., newsletters with the user's consent).
   • Legal obligations (e.g., accounting and invoice archiving).

Article III. Legal Basis for Processing

1. The legal basis for data processing includes:
   • Performance of a contract under Art. 6(1)(b) GDPR.
   • Legal obligations under Art. 6(1)(c) GDPR (e.g., tax laws).
   • Consent of the data subject under Art. 6(1)(a) GDPR (e.g., for marketing materials).

Article IV. Data Retention Period

1. Personal data is retained for the following periods:
   • For contract performance: 10 years (as per accounting requirements).
   • For marketing purposes: until consent is withdrawn, but no longer than 3 years.
   • For returns and complaints: 2 years from the conclusion of the process.

Article V. Data Transfer to Third Parties

1. Courier companies (GLS, Packeta):
   • Name, address, e-mail, phone number.
2. Payment gateways (Stripe):
   • Name, payment details (encrypted), e-mail.
3. Data will not be transferred to third countries or organizations outside the EU.

Article VI. Data Subject Rights

1. Data subjects have the following rights:
   • Access to data (Art. 15 GDPR).
   • Correction of data (Art. 16 GDPR).
   • Erasure of data (Art. 17 GDPR), except in cases required by law.
   • Restriction of data processing (Art. 18 GDPR).
   • Data portability (Art. 20 GDPR).
   • Object to data processing (Art. 21 GDPR), particularly for marketing purposes.
2. Requests to exercise these rights can be sent to info@recorder.sk.

Article VII. Security Measures

1. The Controller ensures data protection through:
   • Data encryption.
   • Password protection.
   • Access restricted to authorized personnel only.
2. In the event of a data breach, the incident will be reported to the Slovak Data Protection Authority within 72 hours.

Article VIII. Cookies

1. Types of cookies:
   • Essential cookies: Ensure basic website functionality.
   • Analytical cookies: Help analyze website traffic.
   • Advertising cookies: Allow personalized advertising.
2. Users can modify cookie settings in their browser.

Article IX. Changes to Data Protection Policy

1. The Controller reserves the right to amend these terms in the event of legislative changes.

• Any updates will be published on www.recorder.sk.