3 - Privacy and data protection
DATA PROTECTION DIRECTIVE TRANSPARENCY
-- Exerpts --
from the Recommendation of the European Commission on the guidelines for the implementation of data protection rules in the Consumer Protection Cooperation System, dated 1 March 2011 (2011/136/EU)
Regulation (EC) No 2006/2004 of the European Parliament and of the Council of 27 October 2004 on cooperation between national authorities responsible for the enforcement of consumer protection laws (the Regulation on consumer protection cooperation)  (hereinafter referred to as "the CPC Regulation") aims at enhancing the enforcement cooperation of consumer protection laws within the single market, establishes an EU-wide Network of national public enforcement authorities (hereinafter referred to as the "CPC Network") and lays down the framework and general conditions under which Member States enforcement authorities are to cooperate to protect the collective economic interest of consumers.
According to the Data Protection Directive the Customer has the right to be informed when his personal data is being processed.
Data may be processed only under the following circumstances:
- when the customer has given his consent,
- when the processing is necessary for the performance of or the entering into a contract,
- processing is necessary for the purposes of the legitimate interests pursued by the controller or by the third party or parties to whom the data are disclosed.
The information needs to be proportionate, adequate, relevant and not excessive in relation to the purposes for which they are collected and/or further processed.
Personal data needs to be collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes and brought to the attention of the data subject.
Personal data definition
Personal data is defined in the Data Protection Directive as any information relating to an identified or identifiable natural person; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his or her physical, physiological, mental, economic, cultural or social identity.
Rights of access
Data subjects have the right according to the Data Protection Directive to be informed that their personal data are being processed; the purposes for the processing; the recipients of the data and that they have specific rights i.e. the right to information and rectification. The data subject has the right to access all data processed on him. The data subject also has the right to request the rectification, deletion or blocking of data that is incomplete, inaccurate or is not being processed in compliance with the data protection rules.
---------- End of excerpts ---------
DATA PRIVACY STATEMENT
Personal identifiable data are those entries concerning personal or factual circumstances about the customer, i.e. name, address, date of birth, telephone number, email address and other details, which have been made available by the customer during ordering process. No data will be collected that is not specifically needed to communicate when placing an order, and processing a purchase.
When signing in at the shopping basket these personal identifiable data are necessary in order to unambiguous atrribute an order to Customer's account.
So-called Cookies enable the technical procedure to keep products in the shopping basket while the Customer keeps roaming the catalogue for more product choises or carries out the final steps in the ordering process. Cookies are small text files which the web browser places on the Customer's computer to provide clear attribution to a customer. They include an encrypted identification number. These cookies are automatically deleted after leaving the Seller's online shop.
By registering in Seller's online shop the Customer gives consent to store their personal data required for process in fullfillment of a contract or to implement pre-contractual measures, if necessary, some informaton (name, address and short description of goods) is passed on to the delivery service.
Seller is required to protect Customer's personal information, not to distribute, sell, rent or otherwise make available to unauthorized third parties.
The Customer is able to view, modify and partly delete his stored data under his personal account in the online shop. Customer can access his account by clicking the buttom "Sign in" or link "Your account". He will be asked to provide his email address as user name and his choosen password.
Whilst in the administration of his account the Customer has the opportunity to make changes to his personal data, to add, change or delete consignees in his addressbook. He may add up to 5 delivery addresses. He can also change his password. He can view and print his order history, as well as subscribe and unsubscribe to the free newsletters.
The account can only be deleted by the Seller after all technical, financial and legal issues have been resolved and the customer specifically requests it. In case of cancellation, the service for which his personal data has been requested will be terminated.
Further processing of personal data by the Seller is prohibited unless the Seller is required by law.