Privacy Policy of DECALOR s.r.o.

Effective Date: 19 December 2025

Introduction

DECALOR s.r.o. is committed to protecting the privacy of our users and customers. This privacy policy explains how we collect, use, share, and protect personal information in accordance with the General Data Protection Regulation (GDPR).

Data Controller, DPO, and Contact

  • Data Controller: DECALOR s.r.o.
  • Company ID No.: 23400200
  • Data Protection Officer (DPO): Erik Poduška
  • Address: U Trojice 1042/2, 150 00 Prague
  • Email: info@decalor.cz
  • Phone Number: +420 608 607 960


Data Collection

We collect personal data when you visit our website, use our services, or interact with us. This may include:

  1. Preferences and user feedback
    We collect feedback from surveys or product reviews that you provide to help us improve our products and services.
  2. Usage data and cookies
    We use cookies to track how you navigate our site, which helps us improve your browsing experience. We collect information about your IP address, browser type, and pages visited.

Purpose of Processing

Your data is processed for the following purposes:

  1. To comply with legal obligations
    We store your personal information for tax and accounting purposes, and comply with laws such as the EU VAT regulations.
  2. For marketing purposes, with your consent
    We may send you promotional emails about new products or discounts if you have opted in to receive marketing communications. You can withdraw your consent at any time.

Legal Basis for Processing

We process your personal data based on the following legal grounds:

  1. Your consent
    If you subscribe to our newsletter, we process your email address based on your consent. You can withdraw consent at any time by unsubscribing.
  2. The need to fulfill a contract with you
    When you place an order on our website, we process your name, phone number, company name and message to fulfill the contract of sale.
  3. Our legitimate business interests
    We may process your data to analyze customer behavior and improve our product offerings or website performance. This helps us provide you with better services and tailor our marketing efforts.
  4. Legal requirements
    We may process your data to comply with obligations such as tax reporting, audits, or responding to legal requests for information.

Data Transfer Outside the EU

In some cases, we may need to transfer your personal data to countries outside the European Union (EU) or the European Economic Area (EEA). These transfers may occur when our service providers or partners are located in countries outside of the EU/EEA or when we need to store or process data in global data centers. We ensure that any such transfer of your personal data is carried out in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR). To safeguard your data during these transfers, we rely on standard contractual clauses or other appropriate safeguards, ensuring that your data is protected in accordance with GDPR standards. 

Data Subject Rights

Under GDPR, you have the right to:

  1. Access your personal data
    You can request a copy of all the personal information we hold about you, such as your account details, order history, and preferences.
  2. Rectify incorrect data
    If you notice an error in your personal details (like a misspelled name or incorrect address), you can request that we correct it.
  3. Erase your data in certain circumstances
    You can request the deletion of your account data if you no longer wish to use our services or if your data is no longer necessary for the purposes it was collected.
  4. Restrict or object to processing
    If you believe your data is being processed unlawfully or if you no longer wish to receive marketing emails, you can request that we restrict or stop processing your personal data.
  5. Data portability
    You can request a copy of your data in a machine-readable format, which can be transferred to another service provider.

Data Security

We take appropriate measures to ensure data security, protect against unauthorized access, and comply with GDPR.

  1. Organizational Measures
    Our employees and contractors are trained on GDPR requirements, and access to your personal data is restricted to those who need it to perform their roles.

Data Retention

Personal data is retained as long as necessary for the purposes stated, unless a longer retention period is required or permitted by law.

We store your order history for a period of 15 years for tax and auditing purposes, after which it will be anonymized or deleted.

Changes to this Policy

We may update this policy. We will notify you of significant changes and update the “last updated” date at the top of the policy.

If we introduce new features on our website that require additional data collection or processing, we will update this policy and inform you about the changes.

Contact Us

For questions or to exercise your data protection rights, please contact us at:

  • Data Controller: DECALOR s.r.o.
  • Address: U Trojice 1042/2, 150 00 Prague
  • Email: info@decalor.cz
  • Phone Number: +420 608 607 960