GDPR conditions

1. Introduction

1.1 POS Digital, s.r.o., CRN: 03612911 , based at Budějovická 778/3, 140 00 Prague 4, Czech Republic  (hereinafter ‘POS Digital’), which is part of POS Media Group, is responsible for the processing of your personal data. 

1.2 POS Digital declares that all processed personal data are strictly confidential and are processed in accordance with national and European Union regulations, particularly Act no. 110/2019 Coll. on the processing of personal data, Regulation (EU) of the European Parliament and of the Council no. 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR), and other regulations governing the protection of personal data, including regulations issued by relevant supervisory authorities. 

1.3 The term ‘processing‘ means all activities associated with your personal data, including their collection, handling, storage, sharing, use, transfer, disposal and access to them.

1.4 ‘Personal data‘ are defined as any information relating to an identified or identifiable natural person.

1.5 This Privacy Policy specifies the types of personal data collected by POS Digital on its website at (hereinafter referred to as the ‘website‘), through email or through the conclusion and fulfilment of a contract, and for what purposes this personal data is processed. 

2. Data collection

2.1 POS Digital collects two categories of data:

  1. Data provided directly, e.g. when you fill in a form when visiting the website, when you place an order, when you conclude a contract, when you sign up for a competition, or in another way
  2. Data obtained through your activity when you browse the website and products and services, e.g. through cookies and similar technologies. For more information about how POS Digital uses cookies, read our Cookies Policy.

3. Processed personal data

3.1. The data processed may vary depending on the purposes for which they are processed specified below.   

3.2. The controller processes the following personal data:

  1. Identification data, especially your first name, last name, username, password, company, CRN, TIN
  2. Contact information, particularly your email address, telephone number, delivery address, billing address, or contact details on social networks
  3. Your settings, especially profile details, subscription settings for newsletters, catalogues, press releases, membership in loyalty programs, tracked offers, evaluation of products and services, filled out questionnaires, etc.
  4. Information about your orders, particularly information about ordered products and services, the way these products and services are provided, payment data, information about complaints, etc.
  5. Information about your behaviour on the website, particularly information about the products and services displayed, links you click on, how you browse the website, frequency of visits, the original source (‘referral link’) leading to your visit to the website, information about the device used, such as IP address, device location, device identification, etc.
  6. Information about your complaints, comments, requests, feedback, subscription to information, newsletters, etc.

4. The purpose of personal data processing

  1. Personalisation of contacts, offer of suitable products and services, identification of potential customers
    When you visit the website, you can fill out a form (hereinafter referred to as the ‘form‘) on the basis of which POS Digital can process your personal data for the purpose of better understanding your customer needs and adapting commercial communications, product and service offers, etc., and for the purposes of identifying business opportunities and identifying potential customers.
  2. Fulfillment of contractual obligations
    POS Digital processes the data necessary to prepare, conclude and fulfil a contract, as well as for potential complaints, etc.
  3. Identifying trends and compiling statistics
    After you fill out the form, POS Digital can process your personal data for the purpose of identifying trends and compiling statistics. The controller finds out what regions the website’s users are from, the source that led them to visit the website (referral link) etc.
  4. Provision of information (e.g. newsletters, catalogues and press releases)
    If you subscribe to newsletters, catalogues or press releases from POS Digital, or request such materials or information once, POS Digital will process your personal data in order to provide them. You can unsubscribe at any time using the button or link provided in each email containing the above-mentioned materials or information.
  5. Dealing with proposals, requests, complaints, orders and feedback
    You can send all kinds of proposals, requests, complaints and orders to POS Digital, ask it questions, or provide feedback via websites or social media. POS Digital may process your personal data for the purpose of responding to these requests and processing orders and feedback, including deleting inappropriate comments on social networks and reporting them to social media network providers.
  6. Processing the personal data of job or cooperation applicants
    POS Digital processes personal data for the purposes of selecting applicants, concluding an employment contract, a contract for work, an agreement to perform work, or a cooperation agreement.
  7. Fulfilment of other legal obligations established by national or European legislation
    POS Digital is obliged to process data for the purposes required by applicable regulations, including the regulations of competent supervisory authorities (e.g. accounting and tax purposes).
  8. Legitimate interests
    POS Digital has the right to process personal data for its own subjective interests. In this case, it is obliged to inform you of your right to object to this processing and the right to erasure. The legitimate interest must be necessary to achieve the set goal, and the processing must not represent a disproportionate risk.

5. Personal data retention

5.1 POS Digitalwill retain your data for the period necessary to fulfil the purposes listed in this Privacy Policy, unless regulations that are binding for POS Digital require or allow a longer retention period. 

5.2 The data retention period will be determined according to the following criteria such as: 

  1. The duration of your relationship with POS Digital
  2. The time required by regulations that are binding for POS Digital (e.g. tax and accounting obligations) 
  3. The appropriate period according to the legal status of POS Digital (such as relevant statutes of limitations)

5.2 POS Digital is obliged to ensure that access to your personal data is properly secured with appropriate security measures, depending on the circumstances, with regard to the state of equipment, implementation costs, the nature, scope, context and purpose of the processing, as well as relevant risks. To support this commitment, POS Digital is obliged to implement appropriate technical, physical and organizational measures to protect the user’s personal data from unauthorised or accidental destruction, change, disclosure, misuse, damage, theft, accidental loss or unauthorised access.

6. Provision and transfer of personal data

6.1 POS Digital may transfer processed personal data to other companies within POS Media Group. In this case, POS Digital must ensure that the same guarantees that it provides itself are applied to your personal data.

6.2 POS Digital is entitled to transfer the user’s personal data to courts, law enforcement authorities, public authorities or external legal representatives for the purpose of exercising, determining or defending its legal claims. 

6.3 POS Digitalis entitled to transfer the user’s personal data to a new owner in the event of sale, a merger or reorganization, on the condition that this successor will process them for the same purpose and secure them in the same way as POS Digital.

6.4 POS Digital may make personal data available to data processors who process personal data according to its instructions. If this provision means the transfer of personal data outside the EU/EEA, POS Digital will ensure that a standard data protection agreement is concluded with the processor in accordance with the rules of the European Commission. Alternatively, other guarantees may be provided prior to such transfer.

7. Users’ rights

The right of access

You can request confirmation of whether your personal data are being processed. If they are, you can request access to your personal data and other information, such as the purpose of their processing. You are also entitled to a copy of your personal data that are being processed.  

The right to rectification and erasure

If you find that some of your personal data are insufficient, incomplete or incorrect, you have the right to have them rectified. You can have your personal data erased under certain circumstances (e.g. if they are no longer needed for the purposes for which they were collected).

The right to object to a certain method of processing

You can object to the processing of your personal data processed on the basis of legitimate interest. If your data are processed for the purposes of direct marketing activities, POS Digital will stop processing your personal data without delay. In other cases, POS Digital will do so when there are no serious reasons authorising it to continue processing. If you have signed up to receive information by email, each email will contain an easily accessible unsubscribe feature through which you can unsubscribe.

The right to restrict processing

You can request the restriction of the processing of your personal data if:

  1. The processed data are inaccurate 
  2. The processing is unlawful
  3. The processor no longer needs the personal data for the purpose of processing and the user requires them to exercise his legal rights
  4. You have objected to the processing 

The right to withdraw your consent

You have the right to withdraw your consent to the processing of your personal data at any time, to the extent that the processing is based on your consent.

The right to data portability

You can ask POS Digital for a machine-readable copy of personal data processed based on your consent or a contract, as well as personal data that POS Digital received automatically, and you may request their transfer to another personal data controller.

The right to lodge a complaint 

If you have any doubt about compliance with obligations for the processing of personal data, you have the right to lodge a complaint with the Office for Personal Data Protection. 

8. Contact details

You can send all questions, requests or complaints to exercise your rights under this Privacy Policy and applicable legislation:

  • by email:
  • in writing: Budějovická 778/3, 140 00 Prague 4, Czech Republic

Last update on 1st October 2023