The company ISURI BHT s.r.o. with headquarters in Prague, Jaurisova 515/4, Michle (Prague 4), ZIP code 140 00, ID number: 17318556 (hereinafter referred to as “ISURI BHT” or “we”), the operator of the online store www.isuri.cz, declares that all personal data (hereinafter referred to as “data”) are considered strictly confidential and are handled in accordance with applicable legal provisions in the field of personal data protection.
The security of your personal data is a priority for us. We therefore pay due attention to personal data and their protection. In this Personal Data Processing Policy (hereinafter referred to as the “Policy”), you will find information about what personal data we collect about you, the legal basis for processing it, the purposes for which we use it, how long we keep it, and to whom we can pass it on. In the Policy, we also inform you about what rights you have in connection with the processing of your personal data.
1. What personal data do we process?
If you use the services of our e-shop or establishments (dispensing points), we process various types of data about you.
1.1. If you buy
The most common data you provide to us is data obtained through the form for ordering goods or other services on our website. These are mainly data that are necessary for the conclusion and performance of the purchase contract.
This data is required to process your order and can be divided into:
Identification data, which are first and last name, and, in the case of a purchase, company ID number and VAT number;
Contact details such as e-mail address, postal address, billing address, telephone number, bank details, payment details.
Data generated on the basis of the duration of the contract, specifically the products purchased, the volume of services provided and the customer segment.
In the case of the purchase of health-related products, no health data (as a special category of personal data) is processed. The mere purchase of such a product does not indicate a state of health, and we do not determine for whom the product is intended.
1.2. If you visit or create content on our website
If you visit our website, we collect various information about you during your visit, such as your IP address, browser settings and preferred language, visited websites including the time of the visit. We also monitor your movement on the website, or which links you click on, so that we can adjust the displayed content as much as possible and offer you such products and content that you will appreciate.
When you visit our website, we store and subsequently read cookies in the internet browser and device you use, which we deal with in a separate chapter of these Policies.
In addition to cookies, however, we also process data about your behavior on the website, your IP address, data provided by your browser, specifically the resolution, operating system of your device incl. its version and language settings.
We can also connect you to social networks, including automatically logging into your account on that social network. For this connection, we use so-called social plugins on our website, specifically in connection with blog posts, namely sharing buttons, thanks to which you can share the relevant content on your profile. Once linked, you may be shown personalized offers and targeted advertisements linking to our website on social networks and other websites.
To get you even more involved in the world of beauty, we allow you to be active on our website and create content such as reviews of purchased products and determining their benefits, or comments on our blog posts. You do not need a customer account to create this content. For these contributions of yours, the first and last name entered by you may be shown, if you enter it in the form. You are responsible for the content and activity you post on our website, so we urge you not to publicly share personal information through content that you do not wish to be publicly available.
Our website may contain links to other websites which we believe are useful and may contain useful information. We would therefore like to inform you that these pages may be owned and operated by other companies and organizations that process data in accordance with their Security and Privacy Policy. Our company has no control over this processing and assumes no responsibility for any information, material, products or services contained or accessible through these websites.
1.3. If you contact us on the customer line or social networks
If you decide to contact our customer support via telephone or e-mail contact, we mainly process records of phone calls that are monitored, as well as records of e-mail communication.
In the event that you provide information about your health during communication with our customer support, this information is kept exclusively as part of the record of the given e-mail or telephone communication. However, its systematic processing does not occur.
If you contact us regarding your request via our page or profile on selected social networks, the processing of your personal data is governed exclusively by the Personal Data Processing Policy of the company that operates the given social network.
1.4. If you set an alert to monitor availability
In the case of unavailable goods in which you show interest, we offer you the option of setting up availability monitoring. When the product in question is restocked, we will inform you with a message sent to the e-mail address you provided, which we will process for this reason.
1.5. If you rate us on rating portals
After the delivery of the goods, you can receive a request for their evaluation and for an evaluation of your satisfaction through the selected evaluation portal. Any feedback is greatly appreciated, but it is up to you whether you decide to give us a rating. In the case of this evaluation, we process and transfer the following data to the relevant partners:
Contact information, specifically the email address used to send the evaluation request;
Data created on the basis of the duration of the contract, specifically purchased products.
1.6. If you participate in a consumer competition
Through our pages or profiles on selected social networks, we organize attractive competitions for you, in which you can participate and the full rules of which can be found here. The announcement can be public, which means that we can publish selected details of the winner on our page or profile on the given social networks. Any activity or communication with us through social networks and the processing of your personal data is governed by the Personal Data Processing Principles of the company that is the operator of the given social network.
If you participate in the competition, we process the following personal data:
Identification data such as first and last name;
Contact information, specifically your social network profile or e-mail address, in the case of a prize for the purpose of sending it, also address, postal address, billing address, telephone number.
1.11. If you participate in user testing or other organized events
If you participate in a user testing program offered by us, we may process the following data:
Identification data such as first and last name;
Contact information, specifically your email address and telephone number;
Camera recording, i.e. capturing your likeness.
We also organize various actions and events for you, in the framework of which we can process the following data:
Identification data, which are first and last name, or ID number and VAT number;
Contact information, specifically your email address and telephone number.
For each event, we will inform you about the specific personal data processed.
2. For what purpose do we process personal data?
2.1. Purchase of goods and services
We most often process your personal data for the purpose of fulfilling the purchase contract, in order to successfully process your order sent via our website, mobile application or customer line and deliver the goods to you. The e-mail address and phone number are used for sending order confirmation, delivery of confirmation of payment receipt, sending electronic invoice, as well as for continuous information on the status of your order and any other individual communication regarding the given order.
2.2. Marketing offers
We send you commercial communications regarding similar products that you have purchased from us. You can always refuse to receive these communications via the unsubscribe link, which can be found in the footer of each email containing these communications. If you are a registered customer, we also send you commercial messages via SMS messages or push notifications in our mobile application. You can also receive push notifications containing business messages on Facebook or via Messenger. This processing is governed by the Personal Data Processing Policy of the given social network. If you unsubscribe from commercial communications, we will no longer use your electronic contacts for these purposes. Unsubscribing from business communications is free.
2.3. Customization and creation of content, ensuring better operation of the website
We want to customize content and recommend products that you will be interested in. For this reason, we use the collected personal data to personalize the content and offer on our website. The marketing offers shown to you may be selected based on other information we have collected about you over time, such as contact and demographic data, favorites, and other data related to your use of our website. However, we do not carry out fully automated processing that would have legal effects for you.
We process data about your behavior on our website, which enables us to obtain information on the basis of which we can constantly improve our website for you to make it as user-friendly as possible. We may also process your personal data for the creation of various statistics, such as monitoring traffic or measuring the effectiveness of advertising, as well as for testing new functionalities of our website or mobile application. Data about your behavior on the website is, among other things, important for any prevention of attacks on our website.
You may also create certain content on our website. If you decide to write a review for the products you have purchased, we process your personal data for the purpose of processing and displaying this review. If you join the discussion on our blog articles and write us a comment, we will process your personal data for the purpose of processing and displaying this comment.
2.4. Customer support and communication
We are constantly trying to improve the services that our customer service provides, and in order to respond to your requests as quickly as possible and to ensure this service, we need your personal data to successfully process your requests or eliminate potential problems in the fulfillment of the purchase contract. If you contact us by phone, we may record your call with us after prior notice so that we can continue to improve the quality of our services.
We also use the collected personal data for the purpose of communicating with you and for its individual adaptation. For example, we may contact you by phone, e-mail, in a mobile application or in another form to remind you that you have goods in your shopping cart or to help you complete your order. Furthermore, to inform you of the current status of your request, order or complaint, or to obtain additional information from you. We can also notify you that it is necessary to perform an action necessary to maintain the active status of your customer account.
2.5. Notification of product availability
If you set up the availability monitoring function for unavailable goods, we will inform you when the product in question is restocked with a message sent to the e-mail address you provided.
2.6. Finding satisfaction on evaluation portals
In connection with the purchase, you can also receive a request for its evaluation via the selected evaluation portal. In this case, the purpose of the processing is to determine satisfaction.
2.7. Consumer competitions
If you decide to participate in a competition organized by us, we will process your personal data for the purpose of implementing the competition, in the event of winning a public announcement, as well as contacting you.
2.8. User testing and organizing events
If you participate in the user testing program offered by us, we process your personal data for the purpose of testing new or existing functionality of our systems.
If you participate in an event organized by us, we process your personal data for the purpose of planning, securing and evaluating the organized events.
2.9. Improving Services
We use your personal data to constantly improve our services and systems, including adding new functionalities. We also process personal data in order to make informed decisions using aggregated analyzes and business intelligence, based on our legitimate interest, which derives from the freedom of business and consists in the necessity of improving the services provided due to success in economic competition. However, in order to ensure sufficient protection of your rights and interests, we use personal data for these purposes, which are anonymized as much as possible.
2.10. Protection, Security and Dispute Resolution
We may also process your personal data to ensure the protection and security of our customers and systems, to exercise our rights and legal claims, detect and prevent fraud, resolve disputes or enforce our agreements. We can also process personal data for the purposes of possible inspections carried out by public authorities.
3. On what legal basis do we process personal data?
We process personal data to a different extent and for different purposes, as detailed in Articles 1 and 2 above, either:
The types of processing that we can carry out without your consent depend on the stated purpose of the processing as well as the position in which you act towards us – whether you are a mere visitor to our website, whether you shop with us or register. However, your personal data may also be processed if you are the recipient of ordered goods or services, if you communicate with us or if you visit our store.
3.1. Fulfillment of the purchase contract
If you buy from us or send an order, a proposal for a purchase contract is created, which is concluded by accepting the proposal from us in the form of sending the ordered goods. However, in order for us to be able to successfully fulfill this purchase contract, or any other contract regarding goods or services, we need a large part of your personal data entered via the order form. The specific data that we process in this case are set out in Article 1, Paragraph 1 and 5.
3.2. Compliance with legal obligations
We also have to fulfill certain obligations imposed on us by applicable legal regulations. If we process your personal data based on the fulfillment of these obligations, we do not need to obtain your consent for such processing. On this legal basis, we specifically process your identification and contact data, as well as data about your orders. The specific data that we process in this case are listed in Article 1, paragraph 1.
3.3. Agreement
For the purpose of sending commercial communications via e-mail, we may process your personal data based on your consent. Based on your consent, we process them in the event that we do not process them based on a legitimate interest. You can revoke your consent at any time and unsubscribe from receiving commercial communications. The specific data that we process in this case are listed in Article 1, paragraph 3.
We ask for your consent even if you plan to publish a review of purchased goods, comment on a blog, set up availability monitoring, or participate in user testing or other events. Even in these cases, it is of course possible to revoke the consent at any time. The specific data that we process in this case are set out in Article 1, Paragraphs 4, 7 and 10.
3.4. Legitimate interest
We also process your personal data on the basis of a legitimate interest, in order to be able to improve and adapt the services provided, to find out whether the order was processed to your satisfaction, and to promote the products and services offered more effectively. This is particularly the data listed in Article 1, paragraphs 4 and 5.
On the basis of a legitimate interest, which consists in direct marketing, we may also send you commercial communications regarding similar products to the ones you have purchased from us. However, this is only on the condition that you do not object to such processing. The specific data that we process in this case are listed in Article 1, paragraph 3.
Our legitimate interest is also the protection of legal claims, internal records and control of the proper provision of our services. In this case, we process all categories of personal data listed in Article 1.
Our legitimate interest also consists in sending a request for evaluation of the purchase made through the selected evaluation portal, or evaluation of consumer competitions organized by us. The specific data that we process in this case are listed in Article 1, paragraphs 8 and 9.
The processing of your personal data based on legitimate interest also takes place in the event of a visit to our stores, which are monitored by a camera system for the purpose of property protection. You can object to this processing at any time. The specific data that we process in this case are listed in Article 1, paragraph 6.
4. To whom do we transfer personal data?
We process your personal data in most cases for our own purposes as their controller, which means that we determine the above-mentioned purposes for collecting your personal data, determining the means of processing and their proper execution.
We pass on your personal data to our partners only if it is necessary for the fulfillment of the purchase contract, e.g. to ensure payment or transport; on the basis of a legitimate interest or if you have given your consent to the transfer in advance.
We also transfer your personal data to our processors, who of course comply with the legal conditions for the protection of personal data. These processors process personal data according to our instructions and your rights are not affected by this processing. With your consent, we can also transfer your personal data to social networks or operators of marketing tools to display targeted advertising on other websites.
4.1. Beneficiary category
We may transfer your personal data to the following entities:
To the companies and processors of the ISURI BHT group based on the fulfillment of the purchase contract for the performance of internal processes and procedures;
Companies operating payment services for the purpose of processing payments based on your order, i.e. fulfilling the purchase contract;
To transport companies for the purpose of delivering products or services ordered by you and resolving complaints, including withdrawal from the purchase contract;
To suppliers of goods or service centers in connection with complaints about goods or services ordered by you;
To partners ensuring the sending of commercial messages, who are bound by confidentiality obligations and may not use your personal data for any other purpose;
To operators of marketing tools; who help us personalize offers and content;
Social networks, if you communicate with us through them or share content using social plugins;
To providers of customer service communication tools with you.
To partners conducting customer satisfaction surveys;
To technology suppliers and cloud service providers;
To legal or financial representatives, courts for the purpose of processing tax documents, debt collection or other reasons resulting from the fulfillment of our legal obligations;
To public authorities in the event of enforcement of our rights (e.g. the police).
If third parties use your personal data within the framework of their own legitimate interests, we are not responsible for this processing. Such possible processing is governed exclusively by the Personal Data Processing Principles of the respective companies and individuals.
4.2. Transfer of data outside the EU
When transferring your personal data to our processors, in some cases we may also transfer personal data to third countries that are not part of the European Union and that do not ensure an adequate level of personal data protection. However, such transfer will only be carried out by us if our processor undertakes to comply with the standard contractual clauses issued by the European Commission, which are available here.
5. For how long do we process personal data and how are they secured?
5.1. Processing time
We primarily process your personal data for the duration of our contractual relationship, i.e. the purchase contract. We are obliged to process the personal data that are necessary for the fulfillment of all our obligations, whether they are obligations arising only from the concluded contract between us or from generally binding legal regulations, for the period determined by the given legal regulations or in accordance with them. E.g. in the case of accounting documents issued by us, as the administrator, we are obliged to store information about you for at least 10 years from the date of issue.
We primarily process personal data for the duration of the contractual relationship, i.e. the purchase contract. In addition, we also process personal data for the time necessary to be able to properly fulfill all our obligations arising from the concluded contract and generally binding legal regulations. E.g. in the case of accounting documents issued by us, we are obliged to store information about you for at least 10 years.
As part of fulfilling your requests and providing quality customer service, we process your personal data until the conclusion of our contractual relationship, including 1 year from the end of the warranty period of the purchased goods for the purpose of resolving potential disputes.
If you communicate with us through our customer service, we keep personal data from the communication for 2 years, including recordings of calls that are monitored.
If you give us your consent to send commercial messages, this consent is valid for 4 years or until it is revoked. Also, if you give us your consent to notify you about the availability of the goods you are tracking, this consent is valid until the time of sending the information about availability, but no longer than for a period of 1 year or until it is revoked. The consent given by sending your review for the product is valid for 6 years or until it is revoked. If you create content within our blog posts, the consent given by submitting your comment on such post is valid for 2 years or until revoked. If you decide to participate in user testing or another event organized by us, and you give us your consent, we process your personal data for a period of 1 year or until it is revoked, including any camera or other audiovisual recordings.
If you participate in a competition organized by us, we process your personal data for 1 year. If you visit our store or other premises and their surroundings of our company, we process camera recordings for a period of 90 days from the date of acquisition of this recording.
In other cases, the processing time of your personal data results from the purpose of processing, or is determined by binding legal regulations in the field of personal data protection. Your personal data are automatically deleted after the specified processing periods have expired.
5.2. Security
The personal data that we have collected about you and which we process is transferred to us in an already encrypted form, and we use the SSL (secure socket layer) encryption system for this transfer. It is this system that ensures that your personal data is safe when your browser communicates with our server. We secure our website and other systems with which we work using appropriate technical and organizational measures against the loss and destruction of your personal data, as well as against unauthorized access to your personal data, their modification or expansion.
We continuously improve this security, while we also require our processors to demonstrate compliance of the systems they use with the GDPR.
If you register, access to your customer account is only possible after entering your chosen password. We do not have access to your password, as we store it in an encrypted form that cannot be decrypted, even for us.
Among other things, we would like to appeal to you that it is essential that you do not disclose your login information to third parties. We recommend that you log out when you are done with your customer account, especially if you share the device with other users. We do not take responsibility for any misuse of your password, unless we directly caused this situation.
6. How do we use cookies?
We also use cookies so that our website can function properly, so that our offer is relevant, interesting and user-friendly for you. In order to be able to use cookies, they need to be supported by your internet browser. Our website works even without cookies, but to a very limited extent, with the impossibility of using some basic functions.
Cookies are a standard tool for storing information regarding the use of websites.
Cookies are small text files that are created automatically when you visit each website and that are stored within the browser you use on your computer, smartphone or other device. Thanks to some cookies, we can connect your activities on our website until the moment you close your browser. When the browser window is closed, these cookies are automatically deleted.
However, other cookies remain in your browser or device for a set period of time and are reactivated each time you visit our website. In addition to cookies, we also use so-called tracking pixels, which are small, invisible images for ordinary users that work on a similar principle to cookies. The length of time cookies are left in your browser or device depends on the settings of the cookies themselves and also of your browser. We store data obtained from cookie files for a maximum of 1 year.
6.1. What cookies do we use?
The cookies we use on our website can be divided into 2 basic types:
Short-term, so-called “session cookies”, which are deleted immediately after the end of the visit to our website;
Long-term, so-called “persistent cookies”, which remain in your browser or device for a certain period of time or until you delete them manually.
Cookies can also be divided according to their functionality into:
Essential, which are technical and functional cookies that are important for the basic functionality of the website. Without these cookies, you would not be able to add goods to the basket, send an order, or log in to your customer account.
Analytics that help us improve the user experience of our website by understanding how users use it. They also allow us to analyze the performance of different sales channels.
Remarketers, which we use to personalize the content of ads and target them correctly.
In practice, we use the above-mentioned cookies, for example, for:
The correct functionality of the shopping cart so that you can complete your order as simply and quickly as possible.
To remember your login details so you don’t have to enter them repeatedly.
The best adaptation of our website to your requirements, thanks to the monitoring of traffic, your movement around the website and the functions you use.
Finding out what ads you view so that we don’t show you an ad for goods you’re not interested in in the future.
Some cookies, including their content, may collect information that can subsequently be used by third parties and which, for example, directly support our advertising activities (so-called “third-party cookies”). E.g. information about purchased products on our website may be displayed by an advertising agency as part of the display and customization of advertising banners on the website you are viewing. However, these cookies are anonymized for third parties and you cannot be identified based on this data.
6.2. How can you restrict cookies?
Setting the use of cookies is part of the Internet browser you use, and most browsers automatically accept cookies in their default settings. Cookies can be completely rejected through your browser or only limited to the types you select. However, this will also limit the functioning of our website and you will not be able to use the functions offered by us to the full extent, including logging into your customer account.
Alternatively, you can also use the browser’s anonymous mode, which does not completely prevent the use of cookies, but anonymizes them better and does not save the history of visited websites.
You can find information about the options for setting preferences for cookies at the links below or in other internet browser documentation:
Chrome
Firefox
Internet Explorer
Android
iPhone and iPad
You can also find an effective tool for managing cookies at https://www.youronlinechoices.com/cz/.
7. What rights do you have and how can you exercise them?
Just as we have our rights and obligations when processing your personal data, you also have certain rights that you can exercise. These rights include:
7.1. Right of access
You have the right to request free information about the processing of your personal data – what data we process about you, for what purpose and for how long, where we obtain your data and to whom we pass it on. As part of the right of access, you can also ask us to send you a structured machine-readable format of the processed data. We will be happy to generate a copy for you after proper identity verification, just send your request to the e-mail address of the Commissioner for the Protection of Personal Data (hereinafter referred to as the “Commissioner”) [email protected]
7.2. Right to rectification
If you discover that the processed personal data are incorrect or incomplete, you have the right to request their correction. We will be happy to correct or supplement your data without unnecessary delay. Just send your request to the Trustee’s email address [email protected]
7.3. Right to erasure
In some cases, you can exercise the right to delete the personal data we process about you. We will delete or anonymize your personal data without undue delay. However, this does not apply to the personal data that we need to fulfill our legal obligations and which are required to be kept by legal regulations (e.g. processing an order already placed), or to protect our legitimate interests. Personal data will also be disposed of if this data is no longer needed for the specified purpose or if the storage of your personal data is inadmissible for other reasons established by law. You can request the deletion of personal data from the Trustee via the e-mail address [email protected]
7.4. Right to restriction of processing
In some cases, you can also use the right to restrict the processing of personal data that we process about you. You can request that the personal data marked by you are not subject to further processing for a limited period of time. You can ask the Trustee to limit the processing of personal data via the e-mail address [email protected]
7.5. Right to portability
You have the right to receive from us all personal data provided by you, which we process on the basis of your consent. We will provide you with personal data in a structured and machine-readable format. We will be happy to generate the data for you in this format, just send your request to the Trustee’s e-mail address [email protected]
7.6. The right to object to processing
You have the right to object to the processing of personal data based on our legitimate interest. If processing is for marketing purposes, we will stop processing personal data without undue delay. However, in other cases we will do so based on a re-assessment of our legitimate interests and your rights and reasons. You can object to the processing by sending a request to the e-mail address of the Commissioner [email protected]
8. Contact us
In case of any questions, comments and requests regarding these Policies and the processing of your personal data, you can contact the Personal Data Protection Officer at any time, who can be contacted via the e-mail address [email protected]. Your request will be processed without undue delay, but within 30 days at most. In exceptional cases, especially considering the complexity of your request, we are entitled to extend this period by another two months. However, we will inform you about such a possible extension and its justification.
Alternatively, do not hesitate to contact us at the address or customer line listed at the foot of these Policies.
Contact: ISURI BHT s.r.o.
Jaurisova 515/4, Michle (Prague 4), 140 00 Prague
Hat Nazar
+420607564689
9. Efficiency
This Privacy Policy is valid and effective from 7/15/2022.
