PRIVACY POLICY

This privacy policy (also referred to as "Privacy Policy") of Aurosa sro is based in Pohořelec 140/15, Hradčany, 118 00 Prague 1, ID: 045 29 154, registered in the Commercial Register maintained by the Municipal Court in Prague, Section C, 249186 (also referred to as "Aurosa") as a personal data administrator, https://aurosafr.myshopify.com/ (also referred to as the "Website"), informs you of the processing of personal data and Privacy Policy described below.

If the user needs to explain the following, he will need to consult or discuss the processing of his personal data, he may contact AUROSA as a personal data administrator via the e-mail address info@aurosa.cz or via the address Pohořelec 140/15, Praha 11800 , Czech Republic.

1. SCOPE OF PERSONAL DATA PROCESSING

When ordering goods via the Website, users will be asked to fill in certain personal details about their person or company. These data may in particular include:

      i. the user's name and surname;

     ii. date of birth of the user;

   iii. business user's business;

    iv. the address or registered office of the user's company;

     v. identification number and tax identification number;

    vi. telephone number;

  vii. email address;

 viii. data related to making a payment through Gopay.

Our websites are not intended for children under 18 years of age. We do not process personal data of children under the age of 18.

2. PURPOSE OF PROCESSING AND LICENSE FOR PROCESSING

All personal data is processed in a legal and transparent manner and only relevant, relevant and necessary data are required in relation to the purpose of the processing.

Personal information provided by users of the Website is processed by Aurosa, so that users can send the ordered goods and thus fulfill the obligation to purchase the goods on the Website. A license for this processing of personal data is the performance of the contract. The provision of personal data for the purpose of realizing the purchase contract is a contractual requirement of Aurosa and their failure to provide may be the result of the failure to conclude the purchase contract.

Additionally, Aurosa's personal data is collected to allow users to contact them back to provide the information they have requested. The license to process in this case is also the performance of a contract or a legitimate interest. The provision of personal data for the purpose of answering inquiries or requested user information is a contractual and legitimate requirement of Aurosa, and failure to provide them may result from failure to respond to user questions.

Personal information we receive from you every time we visit the site or each order is necessary to use the services we offer you on the Website and / or for the handling of your Order and its service providers. This activity involves detecting online frauds related to payment means, preventing and handling payment deficiencies (including unpaid payments) and preserving Aurosa's rights in the course of its business.

We can also collect statistical information to learn how visitors use our Websites (Frequency of Visits on each Site, Sales Statistics from where visitors come from, etc.) in connection with the cookies in Article 7 Privacy Policy listed below .

Information regarding the User Accounts of the Pages visitors is retained by Aurosa and is intended solely for internal use, primarily for the purpose of conducting market surveys.

3. SENDING BUSINESS COMMUNICATIONS

Aurosa's user name, surname and email address is processed to send a commercial message to users who request it. Sending business messages means informing the user of events, events, publications, or services provided by Aurosa that might be of interest to the user via the user-specified email address. These Aurosa business messages will only be sent after consent has been given to the sending of such commercial communications.

Processing of personal data for the purpose of sending commercial communications may be denied by the user at any time and will not affect any other relationship between Aurosa and the user. You can opt-out of a business announcement by clicking on the link "Unsubscribe Sales Entries" in the footer of the e-mail containing the business message. You can also unsubscribe via e-mail with an appropriate request to info@aurosa.cz or another address from which you received a commercial message from us. This opt-out of business communications is considered an appeal for consent to the processing of personal data.

Your personal data will not be used for any automated decision making, including profiling.

4. ACCESS TO PERSONAL DATA

User's personal information is processed on the basis of the above processing licenses, for the purposes of the processing of personal data as defined above. All personal data obtained is processed by Aurosa, personal data may be passed to subcontractors to process the Aurosa.

Personal data provided to subcontractors, subcontractors for Aurosa are processed on the basis of Aurosa's instructions and in accordance with the Aurosa Privacy Policy and other relevant confidentiality and security measures. Your personal data will be processed by our processors in order to improve the quality of our services and ensure certain activities

• server, web, cloud or IT services;

• accounting services;

• legal services;

• marketing services.

With regard to the changing individuals of some service providers, it is not possible to list all these personal data processors, in particular.

Aurosa's personal data is shared with companies, organizations, or individuals outside of Aurosa if it is in the good faith belief that such sharing is necessary to comply with applicable laws or regulations and to review court proceedings or enforceable government applications, detect, prevent or otherwise tamper with fraud, technical problems or security issues.

Apart from the above, the personal data obtained is not shared with anyone. If it is necessary to share user personal data with other entities than the above, the user will always be informed about it. The user always has the possibility to exercise his / her legal rights as defined in Article 7 Privacy policy.

5. DATE OF PROCESSING OF PERSONAL DATA

User's personal data will be processed for as long as the Aurosa service is provided or the obligations arising under a mutually concluded agreement or the time required to perform archiving obligations under applicable legal regulations such as Act 563/1991 Coll. on Accounting as amended, Act No. 499/2004 Coll. archiving and file service, as amended, Act. 112/2016 Sb. on receipts, Act No. 89/2012 Coll. the Civil Code or Act No. 235/2004 Coll. on value added tax.

Personal data processed for the purpose of sending business communications following the above defined are processed for a period of 10 years from the date of collection or until the consent to the processing of personal data is revoked.

6. RIGHTS RELATING TO PROCESSING PERSONAL DATA

In relation to the processing of Aurosa's personal data, users have the following rights:

      i. The right of access and information means that a user may at any time ask for a statement as to whether or not personal data relating to the user are processed and, if so, for which purposes, to what extent, to whom they are disclosed, will be processed for a long time, whether the user has the right to repair, erase, limit the processing, or raise the objection from which the personal data were retrieved and whether the user's personal data processing takes place for automated decision making, including profiling.

     ii. The right to rectify means that a user may at any time ask Aurosa to correct or supplement user personal information if it is inaccurate or incomplete.

   iii. The right of cancellation ("the right to be forgotten") means that Aurosa must erase the personal data of users if:

- no longer necessary for the purposes for which they were collected or otherwise processed;

- processing is illegal;

- User revokes consent to the processing of personal data;

the user objects to processing and there are no overriding legitimate reasons for processing, or

- This Aurosa imposes a legal obligation.

    iv. The right to limit the processing implies that Aurosa has to restrict the processing of the user's personal data until any disputed questions regarding the processing of user's personal data have been resolved.

     v. The right to object that a user may object to the processing of his or her personal data. If an objection is raised against processing for the purpose of direct marketing or profiling, the user's personal data for that purpose will not be processed.

    vi. The right to lodge a complaint processing of personal data, which is available at the supervisory office, which is the Office for Personal Data Protection (www.uoou.cz).

All rights may be exercised by contacting Aurosa at info@aurosa.cz or at Pohořelec 140/15, Prague 11 800, Czech Republic. Aurosa is required to respond to the claimed right within one month from the date of application.

7. USE OF FILES COOKIES

A cookie is a small file that is sent to your browser from our web site while browsing our site and stored on your device's hard drive. A cookie can read data from your disk or read cookies created by other sites. Cookies do not damage your system or device. Cookies allow us to recognize you as a user when returning to our Aurosa web site using the same computer and web browser. Cookies contain a number that can uniquely identify your computer or device, even if you change your location or IP address. You can learn more about cookies, for example, at Wikipedia's Internet Encyclopedia at https://cs.wikipedia.org/wiki/HTTP_cookie

Cookies also provide information that includes, among other things, the location from which you access our website, the length of the page visit, the network name you signed in from, how you viewed our site, the type of device and the connection (mobile or fixed) the operating system and browser used, the most visited pages, the link from which you access our site, and the number of clicks and information about your online behavior.

Authorizing your use of cookies

In accordance with the cookie alerts in the footer of our website and Privacy, you explicitly agree to the use of cookies as described below, unless you have changed your browser settings to reject cookies.

The types of cookies used on our website:

We use cookies to make it easier to use our website and also to ensure content is loaded efficiently. We also use personalized cookies to collect statistics about your activity on a website to improve service and analyze habits when viewing content.

Examples of cookie usage on Aurosa:

- Analytic-statistical purposes within Google Analytics and other measurement tools.

- Measuring the effectiveness of Aurosa events, such as in the Google advertising program or affiliate programs.

- Prepare content ad on the Google Network or on Facebook and Instagram (remarketing).

Our Web sites use some of Google's analytics and advertising systems. Learn how Google uses cookies here: https://www.google.com/intl/en/policies/technologies/cookies/

How do I disable cookies?

Allowing or rejecting cookies is based on your browser settings. Your permission to store cookies can be canceled by selecting the appropriate options for configuring your internet browser. We recommend that you find a help page for your web browser to help you configure the required privacy settings:

Chrome: https: //support.google.com/accounts/answer/61416? Hl = en

Firefox: https: //support.mozilla.org/en/kb/povoleni-zakazani-cookies

Internet Explorer:

https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies

Android: https: //support.google.com/chrome/answer/95647? Co = GENIE.Platform% 3DAndroid & hl = en

Safari: https: //support.apple.com/en-us/guide/safari/manage-cookies-and-website-data-sfri11471

Microsoft Edge: https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy

8. REPORTING AND NOTIFICATION OF SECURITY INCIDENTS

If there is a security incident involving personal data leakage or damage or depreciation, Aurosa security incident will report to the supervisory authority of the Office for Personal Data Protection no later than within 72 hours. At the same time, every data subject whose personal data are affected by a security incident will be notified that a security incident has occurred. At the same time, Aurosa will post a security incident announcement on its website.

Privacy policy is effective from January 1, 2018.