- Promotions
- New in stock
- Box deals
- Rarities and Collectibles
- Coffee
- Coffee Accessories
- Tea and Hot Chocolate
- Coffee Machines
-
Wine
- White Wine
- Sparkling White Wine
- Rosé Wine
- Sparkling Rosé Wine
- Red Wine
- Robert Parker Wine Advocate 95+ rating
- Sweet & Semi Sweet Wine
- BIO & Non-Filtered Wine
- Wine Accessories
- Aperitifs & Liquors
- Spirits
- Non-alcoholic beverages
- Olive Oil
- Foie Gras and related products
- Chocolate
- Fruit Preserves
Principles of Personal data protection
Principles of personal data protection
The purpose of these policies is to demonstrate that the processing of personal data by the operator is carried out in accordance with the current legal regulations, especially Act No. 18/2018 Coll. on Personal Data Protection (hereinafter referred to as the "new ZOOÚ Act") and the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as the "GDPR Regulation). The new legal regulation imposes an obligation on the operator, with regard to the nature, scope and purpose of the processing of personal data, and the risks with varying likelihood and severity to the rights of natural persons, to take appropriate technical and organizational measures to ensure and demonstrate that the processing of personal data is carried out in accordance with the new legal regulation. The operator is obliged to update the measures taken, when necessary.
This document is the result of the assessment of personal data processing by the operator for the purposes of legal regulations governing the protection of personal data. By implementing standardized personal data protection based on the principles outlined here, the risk of violating personal data protection is minimized.
Operator:
Company name: Barbara Minčíková - VINOPOLITAN
Address: Mraziarenská 16464/6, 821 08 Bratislava – mestská časť Ružinov
Address of the operation: Námestie SNP 6, 811 06 Bratislava – Old Town
Registration: District court Bratislava,
Trade Register Number: 110-231907
Company registration number: 47 657 235
Establishment contact info:
Telephone number: +421 949 213 441 , +421 905 384 151
Address of the operation: Námestie SNP 6, 811 06 Bratislava – Old Town
E-mail: info@vinopolitan.sk
GENERAL INFORMATION ON THE PROCESSING OF PERSONAL DATA:
The following information relates to the processing of personal data of visitors and/or customers of these websites (hereinafter referred to as "data subject"), which is carried out by the operator or seller (hereinafter referred to as "Operator"). The processing and protection of these personal data is governed by the provisions of Act No. 18/2018 Coll. on the protection of personal data, as amended, (hereinafter referred to as the "Act"), in conjunction with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter referred to as "GDPR").
The operator of the website responsible for processing personal data under the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
LEGAL BASIS FOR PROCESSING PERSONAL DATA:
The legal basis for the processing of personal data by the operator concerning all categories of data subjects are the following provisions of GDPR, or the new Act on Personal Data Protection (ZOOÚ):
- The legal basis for processing is Article 6(1)(a) of the General Data Protection Regulation, which is the voluntary consent to the processing of personal data.
- The processing of personal data is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract - pursuant to Section 13(1)(b) of the Personal Data Protection Act (ZOOÚ), respectively Article 6(b) of the GDPR. (orders, contracts for work, employment contracts, resumes, etc.)
The processing of personal data is necessary for compliance with a legal obligation to which the controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller, in accordance with § 13 (1) letter c) of the Personal Data Protection Act and Article 6 (1) letter c) of the GDPR. (e.g. cadastre law, commercial code, labor code, health insurance act, social insurance act, income tax act, etc.)
In this case, it may concern the following special regulations (Slovak collection of laws, not translated):
- Zákon č. 513/1991 Zb. Obchodný zákonník.
- Zákon č. 40/1964 Zb. Občiansky zákonník
- Zákon č. 395/2002 Z.z. Zákon o archívoch a registratúrach
- Zákon č. 222/2004 Z.z. Zákon o dani z pridanej hodnoty
- Zákon č. 18/2018 Z.z. Zákon o ochrane osobných údajov
- Zákon č. 595/2003 Z.z. Zákon o dani z príjmov
- Zákon č. 289/200á Z. z. Zákon o používaní elektronickej registračnej pokladnice a o zmene a doplnení zákona Slovenskej národnej rady č. 511/1992 Zb. o správa daní a poplatkov a o zmenách s sústave územných finančných orgánov v znení neskorších predpisov.
- Zákon č.431/2002 Z.z. Zákon o účtovníctve
- Zákon č. 22/2004 Z.z. Zákon o elektrickom obchode
- Zákon č.452/2021 Z. z. o elektronických komunikáciách
- Zákon č. 102/2014 Z. z. Zákon o ochrane spotrebiteľa pri predaji tovaru alebo poskytovaní služieb na základe zmluvy uzavretej na diaľku alebo zmluvy uzavretej mimo prevádzkových priestorov predávajúceho a o zmene a doplnení niektorých zákonov
- Zákon č. 147/2001 Z. z. Zákon o reklame a o zmene a doplnení niektorých zákonov
- Zákon č. 445/1991 Zb. Zákon o živnostenskom podnikaní ( Živnostesnký zákon )
Detailed information about these laws can be found here: https://www.justice.gov.sk/Stranky/Zakony/Zbierka-zakonov.aspx
Further processing of personal data for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, in accordance with a specific legal provision and subject to appropriate safeguards for the rights of the data subject.
The processing of personal data is necessary for the legitimate interests pursued by the controller or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject, particularly if the data subject is a child, provided that appropriate safeguards are in place - according to § 13 par. 1 letter f) of the Personal Data Protection Act and article 6 letter f) of the GDPR.
STATEMENT:
We declare that as the controller of your personal data, we comply with all legal obligations required by applicable legislation, especially the Act on Personal Data Protection and GDPR, and therefore:
- We will process your personal data only on the basis of a valid legal reason described above.
- This fulfills our obligation to provide information to data subjects under Article 13 of GDPR.
- We will enable and support you in exercising and fulfilling your rights under the new ZOOÚ Act and GDPR Regulation.
PROCESSING OF PERSONAL DATA OF PERSONS MONITORED BY THE CAMERA SYSTEM:
In case the data subject is a natural person located in the Monitored Areas of the operator's camera system, the personal data processed for the purpose of:
- protection of public order and safety
- familiarization with the created recording (for the purpose of investigation and provision of the recording to relevant authorities and cooperation with authorities acting according to special legislation) means: an image recording made by a camera system - a snapshot capable of identifying a physical person (especially the face) who entered the Monitored area.
PROCESSING OF PERSONAL DATA IN CONNECTION WITH THE PURCHASE AND REMOTE DELIVERY OF GOODS VIA ELECTRONIC COMMERCE:
Data subjects:
- Physical person without a prior relationship with the operator
- Operator's customer
Processing purposes of personal data:
- identification of the contracting party
- conclusion of a distance sales contract through the operator's electronic commerce and performance of obligations arising from this purchase contract or in connection with it, as well as in pre-contractual relations with data subjects.
- personal data is processed in the course of activities, which is necessary for concluding, preparing, and fulfilling the contract, of which the data subject is a contracting party, or for taking measures prior to the conclusion of the contract upon the request of the data subject
- processing of orders, delivery of ordered products, goods, and all related matters
- processing of requests for delivery of products, goods, and services, their acceptance, and all related matters
- acceptance of payment for goods
- provision/delivery of goods
- order management
- customer management
- processing of accounting agenda, issuing tax invoice
- handling of requests, receivables, complaints, claims
Categories of personal data:
- Contact details of legal entities or natural persons - entrepreneurs: Company ID, Tax ID, VAT ID, Business name, Company name, First name, Last name, Title, Billing address, Delivery address, Phone number, Email address, Fax, IP address, Signature, Bank account number and also the name, surname, title of the person who represents the company, name of the ordered goods.
- Personal data of individuals who are not entrepreneurs and customers/clients: name, surname, title, permanent address, delivery address, phone number, email address, IP address, bank account number, name of the ordered product.
- Data from communication between the e-shop and the customer.
The legal basis for processing these voluntarily provided data is the fulfillment of rights and obligations arising from the contract concluded at a distance, processing of orders and fulfilling the obligations arising from this contract, which would otherwise not be possible to conclude in full extent:
- The processing of personal data (name, surname, title, street and number, postal code, city) is necessary according to a special regulation or international treaty binding the Slovak Republic. Especially according to the Act No. 222/2004 Z.z. (Collection of laws) on value added tax.
- The processing of personal data (email, phone contact) is necessary for the performance of the contract.
The possibility to purchase goods or services offered on these websites is not primarily intended for visitors under the age of 18. In case the person concerned is under 18, he/she is obliged to send the operator a consent of his/her legal representative before providing his/her personal data for the processing of his/her personal data to the extent and for the purpose of this article.
When processing the personal data of the data subject, there will be no automated decision-making or profiling, and the Controller does not intend to provide personal data to a third country.
The retention period of personal data: Personal data will be processed for the duration of the operator's legal obligations arising from generally binding legal regulations, in particular the Civil Code, the Consumer Protection Act for the Sale of Goods or the Provision of Services on the Basis of a Distance Contract or a Contract Concluded Outside the Business Premises of the Seller, the Archives and Registries Act, the Accounting Act and the Value Added Tax Act, i.e. in the case of certain data on tax documents for a minimum of 10 years.
PROCESSING OF PERSONAL DATA FOR COMMUNICATION AND CUSTOMER SUPPORT PURPOSES:
Data subjects:
- Physical person without a prior relationship with the operator
- Operator's customer
Processing purposes of personal data:
- communication and customer support
- assistance with completing an order
- providing information on the current status of a request, payment, order, debt, or complaint
- obtaining further necessary information
Categories of personal data:
- title, first name, last name, email address, IP address, phone number
The legal basis for processing these voluntarily provided data is:
- § 13 para. 1 letter b) of the Personal Data Protection Act, or Article 6 letter b) of the GDPR, according to which the processing of personal data is necessary for the performance of a contract to which the data subject is a party or for the implementation of pre-contractual measures taken at the request of the data subject.
- Article 6 para. 1 letter f) of the General Data Protection Regulation - legitimate interest.
The retention period of personal data: Personal data will be processed for the duration of the operator's legal obligations arising from generally binding legal regulations, in particular the Civil Code, the Consumer Protection Act for the Sale of Goods or the Provision of Services on the Basis of a Distance Contract or a Contract Concluded Outside the Business Premises of the Seller, the Archives and Registries Act, the Accounting Act and the Value Added Tax Act, i.e. in the case of certain data on tax documents for a minimum of 10 years.
PROCESSING OF PERSONAL DATA DURING WEBSITE REGISTRATION, E-SHOP:
Data subjects:
- Physical person without a prior relationship with the operator
- Operator's customer
Processing purposes of personal data:
- Registration of the data subject on the e-shop website, creation of a user account.
Categories of personal data:
- first name, last name, address, phone number, e-mail
The legal basis for processing these voluntarily provided data is to fulfill the rights and obligations related to providing services associated with the user account, which would otherwise not be possible to provide in full.
§ 13 para. 1 letter b) of the Personal Data Protection Act, or Article 6 letter b) of the GDPR, according to which the processing of personal data is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to entering into a contract, and also according to § 13 para. 1 letter f) of the Personal Data Protection Act, or Article 6 letter f) of the GDPR, where the processing of personal data is necessary for the purposes of the legitimate interests pursued by the controller.
During the processing of personal data of the data subject, there will be no automated decision-making or profiling, and the Controller does not intend to transfer personal data to a third country or an international organization.Registration forms are not primarily intended for visitors under the age of 18. If the data subject is under 18 years of age, he/she is obliged to send to the operator the consent of his/her legal representative with the processing of his/her personal data to the extent and for the purpose of this article before providing his/her personal data.Retention period of personal data: Personal data will be processed for the duration of the data subject's interest in using the services associated with the user account, i.e., for the duration of the purpose of their processing.
The data subject has the right to request from the relevant controller access to their personal data, their rectification or erasure, or restriction of processing, the right to object to processing, as well as the right to lodge a complaint with the Office for Personal Data Protection if the controller processes personal data in violation of the Regulation and/or the Law by sending a notification of revocation of consent either in writing to the address of the operator's premises at Nám. SNP 6, 811 06 Bratislava - Staré mesto or by email to the email address info@vinopolitan.sk.
PRINCIPLES OF USING COOKIES:
Cookies are small text files used to store information in web browsers. Cookies are used to store and receive identifiers and other information on computers, phones, and other devices. Other technologies, including data stored in your web browser or device, device identifiers, and other software, are also used for similar purposes. In these policies, we use the common term "cookies" for all of these technologies. Further information about the conditions of use of cookies on our website and options for refusing them can be found HERE.
HOW LONG WILL WE COLLECT YOUR PERSONAL DATA:
The operator guarantees that personal data provided by the data subject in the relevant contract or otherwise will be processed in information systems in accordance with the principle of minimal storage, and in the event that the purpose of processing is no longer valid, the operator guarantees to delete the personal data. If the personal data is processed for a purpose other than that specified in this article, the data subject will be informed of the purpose and legal basis of such processing before such processing occurs.
SECURITY AND PROTECTION OF PERSONAL DATA:
We protect personal data to the fullest extent possible. We protect them as if they were our own. We have implemented all possible technical and organizational measures to prevent the misuse, damage or destruction of your personal data.
DISCLOSURE OF PERSONAL DATA TO THIRD PARTIES, INTERMEDIARIES, RECIPIENTS:
We handle most of the processing operations ourselves and do not need third parties for them. To ensure certain specific processing operations that we cannot provide on our own, we use the services of intermediaries who specialize in such processing and are bound by an intermediary agreement in accordance with GDPR.
These are providers of the following platforms and services:
Identification of the recipient or category of recipients and the processor:
- provider of postal/courier services
- shopping advisor / Heureka Group a.s /
- provider of accounting software
- provider of payment gateway
- web hosting/operator of the website on the server
- provider of banking services
- provider of accounting services
- financial administration
- tax office
- law enforcement authorities
TRANSFER OF DATA OUTSIDE THE EUROPEAN UNION:
We process data exclusively within the European Union or in countries that ensure a level of protection based on a decision of the European Commission.
In case we are forced to transfer your personal data to countries outside the European Union in order to fulfill our contractual obligations, we will ensure that appropriate safeguards are in place to protect your personal data in accordance with GDPR requirements.
YOUR RIGHTS IN RELATION TO THE PROTECTION OF PERSONAL DATA:
Your rights in relation to the protection of personal data are governed by Chapter 3 of the GDPR. These include, for example, the right to lodge a complaint with the supervisory authority, the right to object to processing, the right to access personal data concerning the data subject, the right to rectify or erase or restrict the processing of personal data, as well as the right to data portability.
In connection with the protection of personal data, you have several rights. If you wish to exercise any of these rights, please contact us via the email address provided above.
- You have the right to be informed about the processing of your personal data in accordance with these principles of personal data processing. - information obligation.
- Thanks to the right of access, you can request us at any time and we will provide you with information within 30 days about what personal data we process about you and why.
- If something changes with you or if you notice any of your personal data to be inaccurate or incomplete, you have the right to supplement and change your personal data.
- The right to restrict processing can be exercised if you believe that we process your inaccurate data, if you believe that we are processing unlawfully, but you do not want all data to be erased, or if you object to processing.
- You can limit the scope of personal data or the purposes of processing.
- The right to erasure (right to be forgotten): Another right you have is the right to erasure if there is no legal basis that allows us or legal obligation that requires us to process your personal data. In such a case, we will erase all your personal data from our system, as well as from the system of all subprocessors and backups within the legally prescribed deadline.
You have the right to file a complaint with the Office for Personal Data Protection if you feel that we are not handling your data in accordance with the law. We would be happy if you first inform us of any suspicions so that we can do something about it and correct any mistakes.
CONFIDENTIALITY
We would like to assure you that as the data controller, as well as our partners and intermediaries who will process your personal data, are obliged to maintain confidentiality about personal data whose disclosure would jeopardize the security of your personal data. This confidentiality also applies after the end of our relationship. Your personal data will not be provided to a third party without your consent.
FINAL PROVISIONS
- The operator and the user have agreed that correspondence delivered by post or email shall be deemed delivered on the day of receipt of the postal shipment or the day of confirmation of receipt of the email, but no later than 10 days after sending.
- The legal relationship between the operator and the user, as well as relationships not regulated by these conditions, shall be governed by the legal order of the Slovak Republic.
- In the event that any provision of these terms of use is or becomes invalid, ineffective, and/or unenforceable, the validity, effectiveness, and/or enforceability of the other provisions shall not be affected. In such a case, the operator undertakes to replace the affected provision with a new valid provision as soon as possible, the content of which will as closely as possible fulfill the purpose of the original provision.
These personal data processing principles are effective from May 25, 2018 and replace the previous Personal Data Protection policy.
Updated on August 01, 2022.
