Privacy policy
the current version, starting from 01.05.2024
Welcome!
WHO WE ARE
Under the name NÚKOТ acts the Company NUKOT FG s.r.o. acts as the Seller;
Location: Budečská 1010/18, Vinohrady, 120 00 Praha, Czech Republic.
Registration number of a taxpayer accounting card: CZ21836108
Tel.: +420720108982
Site:https:// nukot.com
Email: customercare@nukot.com;
TERMINOLOGY WE USE
- Consent. Any freely given, specific, conscious and unambiguous representation of a subject´s will means his consent to the processing of personal data concerning him.
- Controller. An individual or legal entity, etc., who defines the goals and determines the personal data processing procedures. NÚKOТ is the Controller.
- Co-controller. An individual or legal entity who defines the goals and determines, the personal data processing procedures together with another Controller.
- Registration number. Any alpha-numeric code that a legal entity received during registration.
- Personal data protection body. A government body that protects subjects´ data from illegal processing.
- Subject of personal data. An individual entity whose personal data is processed.
- Legal address. A registration address of a business entity.
- Legal basis for processing. One of the statutory recognized grounds due to which the processing of personal data is permitted.
- Personal data. Any relevant information that relates to an identifiable individual or a person that can be identified.
- Violation of the security of personal data. Any violation of security that leads to accidental or illegal destruction, loss, change, unauthorized disclosure or access to personal data which is transferred, stored or otherwise processed.
- Processing. Any action or a set of actions with personal data.
- Processor. An individual or legal entity who processes personal data on behalf of the Controller.
- Profiling. Any form of automated processing of personal data consisting in the use of personal data to evaluate certain personal aspects related to an individual in order to analyze or predict aspects related to the performance of this individual at work, economic situation, health, personal preferences, interests, reliability, behavior, place of person´s residence or person´s movement.
- Third party. Any person other than the Controller or Processor and Personal Data Protection Body to whom the Controller or Processor transfers personal data.
- Site. This is a group of web pages created due to HTML, CSS, JavaScript and other programming languages and accessible via the Internet. In our case, it is https:// nukot.com
WHAT PERSONAL DATA WE COLLECT
In most cases, NÚKOТ processes the personal data provided by You on the basis of a Public offer Agreement within the entire period of existence your data account on the site and within one year after its delition. NÚKOТ processes personal data in order to provide You with services, to promote own business, improve the Site, meet your needs etc.
We process the following personal data:
- Name and surname, date of birth, age;
- Contact information – phone number, e-mail, address, IP-address;
THE PURPOSES AND MEANS OF THE PROCESSING OF PERSONAL DATA
We collect the personal data for:
- for the purpose of registration and identification of the Buyer at the NÚKOТ online store;
- for the purpose of renewing the Buyer's registration password at the NÚKOТ online store;
- for marketing purposes, namely: notification of the Buyer via SMS, e-mail, social networks, etc. about news of the NÚKOТ online store, promotional offers and sales of Products held by the Seller at the NÚKOТ online store, conducting an analysis of the market for the consumption of the Products, determining the scope of potential Buyers, determining the needs of potential Buyers in the Products offered for sale;
- for the purpose of conscientious fulfillment by the Seller of its contractual obligations to the Buyer, including obligations regarding the delivery of the Products.
DATA PROCESSING.
The Processors of the personal data received from You are:
- Shopify Inc. on the basis of Shopify Data Processing Addendum (https://www.shopify.com/legal/dpa) and Privacy Policy (https://www.shopify.com/legal/privacy)
- KeyCRM (natural person entrepreneur D.Hadai) on the basis of License agreement (https://ua.keycrm.app/terms-of-use) and Privacy Policy (https://ua.keycrm.app/privacy-policy).
Other data processing.
NÚKOТ does not use profiling for all of You and does not collects personal data of persons under 13 years of age. In the event that You are under the age of 13, You have to let us know.
HOW PERSONAL DATA IS USED IN CERTAIN SITUATIONS
We mean:
- Direct marketing. NÚKOТ may call, send e-mails, SMS, push-notifications and other e-mails of informational and advertising nature to promote business, services, NÚKOТ brand, and any of Our partners and clients.
- Personal data for direct marketing. We may use all personal data for direct marketing in accordance with the provisions of this Notification.
- Grounds for direct marketing. NÚKOТ may use personal data for direct marketing on the basis of:
- Consent;
- Request to receive any information and/or advertising;
- Legitimate interest in promoting business, services, NÚKOТ brand and any of our partners and clients;
- Creating an account, subscription and/or using software and Internet-platforms of NÚKOТ Co-controllers.
- Targeted advertising. NÚKOТ can customize targeted advertising to You using software and Internet-platforms of NÚKOТ Co-controllers to promote business, services, NÚKOТ brand and any of our partners and clients.
- Personal data for targeted advertising. We may use the following personal data for targeted advertising:
- Full name;
- Gender;
- Address, provided by You;
- Phone number, links to social networks and messengers;
- Physical and e-mail addresses;
- Search queries and preferences;
- Responses
- Information from accounts;
- Grounds for targeted advertising. The Grounds for targeted advertising are the creation of an account by you, subscription and/or for use of software and Internet-platforms of the NÚKOТ Co-controllers. For example: Google, Instagram, Telegram, etc. NÚKOТ processes this personal data on the basis of agreements, in particular public contracts, with Co-controllers. All conditions regarding the processing of personal data by Co-controllers should be found in their privacy documents.
- Sale of personal data. As a rule, We do not sell personal data but We can do so, if necessary, in advance having received Your consent.
- Advertising on the Website. NÚKOТ can display advertising on Our Site on the basis of a Legitimate interest, to promote Our services and provide a profit from it to Our business. With Your consent, We may also transfer Your personal data to other individuals or legal entities, for example, using Google AdSense or Instagram audience.
-
Exercising the rights of personal data subjects. To exercise your rights as a subject of personal data, you need to check the settings of the platforms of the respective Co-controllers or contact their support services.
HOW AND WHOM WE CAN TRANSFER PERSONAL DATA
NÚKOТ can transfer personal data to Processors, Co-controllers and the Third parties within country of location NÚKOТ and/or abroad, if it is necessary for Our business. When it is about the transferring of personal data abroad, We can do it on the following basis:
- Agreement on the processing of personal data, when it is necessary to transfer personal data of privet persons;
- A high level of personal data protection in the country of destination, defined by the European Commission, and/or via legal instruments.
In any case, We may be required to disclose personal data in line with decision of a court or a government body.
The conditions for the personal data transferring by Co-controllers are specified in their privacy documents.
- General conditions for the transfer of personal data. NÚKOТ may transfer personal data to Processors, Co-controllers and the Third parties within country of location NÚKOТ and/or abroad, if it is necessary for Our business.
- Transfer of personal data of the non European Union member-states´ citizens. For the personal data transferring within country of location NÚKOТ and abroad, We use personal data processing agreements.
- Transfer of personal data of the European Union member-states´ citizens. To transfer the personal data within country of location NÚKOТ, We use agreements on the processing of personal data along with the Standard Contractual Clauses. Data is transferred abroad on the basis of a high level of personal data protection in the country of destination, defined by the European Commission, and/or through various legal instruments, such as: Standard Contractual Clauses, certification, international agreements, etc.
- Other cases of personal data transferring. We can be obliged to disclose personal data to the government bodies of country of location NÚKOТ and the EU in line with a decision of a court or a government body.
- Transfer of personal data by Co-controllers. The terms of the personal data transferring by Co-controllers are specified in their privacy documents.
COOKIE FILES
Details about cookie files we use, are provided for You in the Notification about use of cookie files.
WHAT RIGHTS YOU HAVE WITH RESPECT TO YOUR PERSONAL DATA
You have the following rights:
- Right to access your personal data. You can gain access to information about which personal data is processed or a list of this data in a format that is readable by a person or a machine.
- Right to rectification of data. You can correct inaccurate or out-of-date personal data.
- Right to delete data. You can request the deletion of personal data.
- Right to restriction of data processing. You can prohibit a Controller to use personal data, but a Controller may continue to store it.
- Right to data transfer. You can get personal data from a Controller in the machine-readable format and transfer it to another Controller.
- Right to object. You can object to the processing of personal data that is collected on the basis of legitimate interest or for marketing purposes.
- Profiling. You have the right to be protected from making decisions based solely on automated data processing, including profiling.
- Right to protection of personal data. You can file a lawsuit against the Controller or file a complaint with the data protection bodies.
- Right to protection of personal data. You can withdraw your consent to the processing of personal data at any time.
- Right to receive information. You have the right to receive information about the conditions for providing access to personal data, in particular information about Third parties to whom personal data is transferred.
- Right to information about sources. You have the right to receive information about the sources of collection, the location of your personal data, the purpose of its processing, the location of the Controller or Processor.
HOW WE PROTECT PERSONAL DATA
NÚKOТ protects personal data in a few organizational and technical ways, among which are the following:
- We do not have direct access to most of the personal data collected through cookie files (when they are used);
- We do not combine personal data that We have access to with personal data from other sources, which may affect the ease of your identification;
- We teach employees the basics of cybersecurity and privacy
- We conclude NDA with all our employees;
- We use enhanced password requirements.
Table: Means of personal data protection
|
Name of a tool |
Effect |
|
Cyber security and data privacy training of employees |
We teach employees the basic approaches to information and cyber security, as well as the way they can use the Internet, their work and personal devices, etc. We also tell employees about the basics of legislation on the personal data processing, so that they understand all the necessary requirements that must be met. Each employee has a signed non-disclosure agreement, including information about visitors to our site.and personal data protection` guarantee. |
|
Secure Data center |
Processors stores personal data in secure data centers, which are confirmed by many certificates |
|
HTTPS-connections |
You connect to Our Site via the protocol HTTP that is protected by certificates SSL or TLS. |
|
Password encryption |
We encrypt Your passwords using hash-functions (MD5, SHA1, SHA256, SHA512, etc). |
|
Distribution of access to personal data |
Our employees have different levels of access to personal data depending on the functions they perform. |
|
Enhanced password requirements |
We require Our employees to use secure passwords that they will use to access Our information resources. Such passwords must have a certain length, consist of alpha-numeric and special characters, as well as periodically change. |
WHAT WE WILL DO IN THE EVENT OF DATA BREACH
In the event of a breach of the personal data security, We will notify personal data protection Authorities (if it goes about personal data of citizens of the EU member states), accompanying the notification with materials about such a problem.
However, in cases when a data breach seriously threatens Your rights and interests, We will inform You immediately. In addition, We record information about each fact of personal data breach in Our internal register.
Notification of the personal data protection Authority. We will notify the personal data protection Authorities if We become aware of a breach of personal data security of citizens of EU member states within 10 working days after We become aware of the breach of personal data security and provide the following information:
- Describe the nature of the breach of personal data security;
- Provide the contact details of the responsible person who can give additional information about the breach of the personal data security;
- Describe the possible consequences;
- Describe the measures that were taken or propose appropriate actions to eliminate a further breach of the security of personal data.
Notification of personal data subjects from the EU. If a breach of the security of personal data can lead to a violation of Your rights and freedoms, or there is a high risk of this, We will immediately notify You of the fact of the personal data breach and will do the following actions:
- Describe in clear and simple language the nature of the breach of personal data security;
- Provide the name and contact information of the responsible person, from whom further information can be obtained;
- Inform about the possible consequences of a violation of the security of personal data;
- Inform about the measures that were taken or propose appropriate actions to eliminate the subsequent violation of the security of personal data;
- Provide useful pieces of advice that can help reduce possible risks.
Notification of personal data subjects non from EU. We will notify You within 10 working days from the moment the personal data breach is detected and take actions from the third point of this section.
HOW TO MAKE A REQUEST OR COMPLAIN
Contacts of NÚKOТ. You can ask us any questions about Your personal data or make a complaint by e-mail: customercare@nukot.com.
Response from NÚKOТ. We will give You an answer in response as soon as possible, but not later than in 30 calendar days.
Appeal to the Authorities for the protection of personal data.
- If You are a citizen of a member state of the European Union, You should contact the relevant state authority of Your country, which You can find at the link: https://www.edpb.europa.eu/about-edpb/about-edpb/members_en
Response from the personal data protection Authorities. The time and procedure for providing a response depends on the internal policy of the personal data protection Authorities.
HOW TO DELETE PERSONAL DATA
Deletion of an Account. You can delete your personal data having deleted your account on Our Site in accordance with functionality of the site.
Contact of NÚKOТ. You can also contact our client support service by e-mail: customercare@nukot.com.
Response. We give an answer in response as soon as possible, but not later than in 30 calendar days.
Other provisions
Date of entry into force. This version of the Privacy Policy is valid as of the effective Date.
Making changes to the Privacy Policy. NÚKOТ can make changes to the Privacy Policy from time to time without warning and Your consent. The new version is valid from the moment the effective date is changed.
Regulatory legislation. This Privacy Policy is regulated and interpreted in accordance with the legislation country of location NÚKOТ with special regard to the General Data Protection Regulation (EU GDPR).
Dispute resolution. All disputes arising in connection with this Privacy Policy are resolved by the competent court country of location NÚKOТ.
Language. This Privacy Policy is written in English.
Payments
For Your convenience NÚKOТ can use the services of many payment services and banks to accept payments, and these services can process customers´ data.
Currently, NÚKOТ accepts payments via Shopify Payments. If the list is changed or updated, We will make changes to this section.
During payment processing, some of Your data will be transferred to payment systems or the bank, including information necessary to process or maintain payment information such as total purchase cost and payment information.