Basket

MaderoKit © Copyright 2021 - All rights reserved.

ANG - SLO - HR

Privacy Statement (GDPR)

We (hereinafter referred to as the "Provider") want you to feel safe and comfortable when you visit the MaderoKit.com online shop (hereinafter referred to as the "Website"). We consider it extremely important to provide you with the opportunity and the right to make your own decisions about the use of your data. The purpose of this privacy policy is to inform the customers or visitors of the website about the purposes and basis of the processing of personal data by the provider.

Please find below information on the nature and extent of the processing of your personal data. We may change or amend this Privacy Policy at any time without prior notice or warning. By using the website after modification or amendment, you consent to the changes and amendments.

All our activities and data processing are in compliance with European legislation (EU General Data Protection Regulation or GDPR) and national legislation of the Republic of Slovenia (ZVOP-1, ZEPT and ZEKom-1). The privacy policy deals with the handling of information and data that the provider receives from you when you visit the website.

 

  1. General on data processing

The data controller is KULER d.o.o..

When you open and use a website, various information and data is exchanged between your device and the server, which may include personal data under the EU General Regulation. Below, we present the data exchange and define in detail the use, interest and reasons. The data processing software and marketing tools we use are fully compliant with the EU General Data Protection Regulation so that your data is private.

The website is accessible on an HTTPS secure protocol, which ensures an encrypted connection and data exchange, and our servers are up-to-date with the latest versions, which increases the level of security.

 

  1. Personal data and processing

Personal data is information that identifies you as a specific or identifiable individual. The Provider collects the following personal information in accordance with the terms set out below in this Privacy Policy:

  • Basic user data collected only in the case of placing an order in the online shop (first name, last name, residential address)
  • Information on the user's purchases and invoices issued
  • Data from voluntary forms filled in by users
  • IP address of the device
  • Date and time of access
  • Website URL and referrer URL (channel and campaign - how the visitor was acquired or the source through which the visitor came to the website)
  • Time spent on the website, number and URLs of pages visited and total time of visit
  • Type of browser you use and operating system used

The Provider does not collect or process your personal data except where you provide the Provider with the opportunity or consent to do so or where there is a lawful basis for doing so and the Provider has a legitimate interest in the processing.

 

  1. Processing of data based on law or contractual relationship

3.1. Buying from an online shop

In the case of the conclusion and performance of a contract with a provider (in the case of an online purchase), you must provide personal data for the purposes of concluding the contract. This is because the processing of an order in an online shop is not possible without the provision of personal data. Therefore, there is a legitimate interest of the provider to fulfil the contract in accordance with Article 6 of the GDPR.

3.2. Sending promotional messages

Pursuant to Article 158(2) of the ECom-1 Act, the provider may send you e-mails about sales promotions and offers to the e-mail address you provided at the time of your order or by signing up with it in the pop-up window on the website, thereby indicating your consent to receive promotional messages. Your email address will not be passed on to any third party under any circumstances, and you will have the opportunity to opt-out of receiving promotional messages by clicking on the link in the message itself. Your decision is always respected by the provider and the unsubscription is automated and takes effect immediately.

 

  1. Processing of personal data on the basis of legitimate interest

Under the GDPR, the provider may also process data on the basis of legitimate interest. The provider shall always endeavour to ensure that the rights and freedoms of the individual or website visitor prevail over these interests. If you do not wish to have your data processed, or if you wish to have it deleted or terminated, you may notify us by e-mail at info@maderokit.com.

4.1. General statistical processing

We use the Google Analytics analytics tool for the purposes of website optimisation, monitoring the correct functioning of the website, analysing sales, repeat purchases and customer behaviour, as well as for the purposes of business optimisation and measuring business performance. We monitor sales by sales channel, how many customers repeat purchases are made and in what quantity and value, responses to advertising campaigns and general statistics on visits. We use IP anonymisation so that your IP address is never shared. Once your IP address is anonymised, it is no longer possible to identify you, so Google Analytics cannot link your device to other Google data.

4.2 Access to order history and other data

When you call or email us, if you give us your personal data or account or order number, the provider's employees can access your order history and personal data. This will enable them to provide you with a better service and offer and to resolve any complaints efficiently.

4.3. Tailored communication with existing and potential customers

We use personalised communications (via email, browser notifications or social media) to present relevant offers, send discounts and other content that may be of interest to you based on your past interactions with our website. We use your demographic information (gender, age and location), purchase history (products purchased, number of purchases), product responses and visits (opening messages, clicking on links), and behavioural and click behaviour on the website to manage these communications, which may trigger the sending of personalised messages.

When using personalised communication, we do not create user profiles, nor do we profile you or focus on your personal data, but only process you on a large-group basis, which makes you as an individual untraceable.

4.4. Using the Facebook advertising tool "Custom Audience"

We also use FacebookCustom Audience as part of the personalised communication mentioned in the previous point. We provide this service on the basis of a legitimate interest or in the context of your consent. Facebook Custom Audience works by uploading your email address, which you entered during the purchase process or voluntarily, to Facebook and linking it to your Facebook profile, if any, in our database. Facebook then adds you to the Custom Audience list and allows us to show you personalised advertisements.

 

  1. Processing of personal data on the basis of consent

The Provider may process and collect your personal data, if you have given your consent, for the purposes of verifying and ensuring that you access and use your online account created by registering on the Website, and for sending promotional messages and other content via email, where there is no other legal basis for doing so and you have given your explicit consent. The provider may also process and collect your personal data for other purposes, but only if you have been informed of these purposes in advance and have also given your explicit consent.

If you do not wish to have your data processed, or if you wish to have it deleted or interrupted, you can contact us by email at info@maderokit.com.

5.1. Profiling of potential and existing customers on the basis of explicit consent

Based on the consent given, the provider may implement advanced personalised communication through different marketing channels to present you with the best offers tailored to you based on your demographic data, purchase history, website behaviour and your responses and clicks on the website. Based on your consent and personal data, we may create a user profile and serve you the best and most personalised offers.

 

  1. Using the contact form

By using the contact form on the website, your data (text content and your email address) is sent to our mail server, which is owned by Google. This data is stored exclusively for correspondence purposes and is not passed on to third parties and is not used for marketing purposes.

 

  1. Placing an order in the online shop

When you place an order in the online shop, the following information is recorded in the server:

  • IP address of the device and the date and time of the order
  • Your email address and telephone number, if you have entered one
  • Your name, surname and the address of the payer, and any delivery address if different from the payer's address
  • Company tax number and company name, if you have entered this information
  • The products you have ordered and how to pay and delivery

If you have chosen to pay by credit card or PayPal, our website never stores or in any way holds payment card details or sufficient access data to payment processors that are not owned by us.

When our server processes your order, it transfers your data to an accounting program owned by a Slovenian company that complies with the standards required by the EU General Regulation. We also transfer your data to the program of the Post Office of Slovenia d.o.o., as this is necessary for the processing and dispatch of the products to your address.

 

  1. Cookies

To ensure a great user experience and to keep statistics and monitor the performance of the website, we use cookies. Our analytics cookies contain IP address anonymisation so that your personal data is not passed on to third parties.

 

  1. Retention of personal data

The Provider shall keep your data for as long as necessary to fulfil the purpose for which the personal data were collected and processed. If a specific law prescribes the retention of data for a certain period of time, then the Provider shall process this data in accordance with this law.

If you have placed, completed and collected the order, we will keep the order data on our server for 2 years after the order has been collected from you. We keep the data solely to ensure that any claims are dealt with quickly under the guarantee we offer. If you make a request to delete your data from our databases, we may delete the data beforehand, with the exception of invoice data, which cannot be deleted under the law and must be kept by the provider for 5 years.

Data in analytics tools (Google Analytics) is deleted after 26 months.

 

  1. Processing of personal data on the basis of a contract

By using the website, you acknowledge that the provider may also entrust your personal data to other contractual processors, who may process the data exclusively on behalf of the provider and within the limits of the provider's authorisation. We cooperate with the following contractual processors:

  • Provider of accounting and customer relationship management software,
  • Accounting service,
  • Email provider (e.g. Google Mail, Mailerlite)
  • Payment system provider (e.g. PayPal, Braintree)
  • Online advertising solution providers (e.g. Facebook, Google)

Your privacy means a lot to us because the provider will never pass on your personal data to unauthorised third parties, and the provider only chooses verified contract processors whose software is GDPR-compliant. Users do not send personal data to third countries outside the EU, with the exception of the USA. All contract processors located in the USA are part of the Privacy Shield Association.

 

  1. Your rights regarding data processing and contact person

In accordance with Articles 15, 16, 17, 18, 20 and 21 of the EU General Data Protection Regulation, you have the right to obtain information about your personal data stored with us, the right to rectification and completion of your data, the right to erasure of your data, the right to restriction of data processing, the right to opt-out and the right to data portability.

You can request a printout of the data we hold by emailing info@maderokit.com or by writing to the company. You may also make a request for deletion or amendment of the data to the email address provided.

For more information on data processing and further questions, please contact our company representative.