Privacy Policy

effective from 01.05.2018

This is the Privacy Policy of ATEX – spol. s r.o. company based in Vážného 3, Brno, 621 00, IČO: 46963146, registered in the Register of companies at Regional Court in Brno section C, entry 6500.

For the purposes of the information which you provide to us, ATEX s.r.o. acts as the data controller. Therefore we would like to inform users of our website how we process your personal data. We will at all times comply with the General Data Protection Regulations so called ‘GDPR’ that came into force by regulation of the European Parliament and Council (EU) 2016/679.

1. Support

You can contact us with any queries you may have either through the web form found on our website or by emailing us at

2. Why do we collect your personal data and based on what legal regulation?

ATEX processes your personal data in order to:

  • Provide goods and services and to conclude a business contract with you
  • Give you feedback or answer requests relating to your personal data protection
  • Send you notifications
  • Protect your personal data

Above all, we collect your data to be able to legally offer you our services and conclude a business contract.

The legal justifications for collecting your data are:

  • The fulfilment of a business contract with you for providing services
  • Meeting a legal obligation to answer your requests relating to your personal data
  • With your agreement, to contact you electronically with notifications
  • For market research purposes
  • To enable ATEX s.r.o. to offer you our customer service
  • Where we have a legal right or duty to use or disclose your information (for example, in relation to an investigation by a public authority or in a legal dispute).

3. What personal data do we collect and how long for?

We collect all the information necessary to manage customer service with you, including your name, surname, address, telephone number, email address, gender, password, username, order details, and company name. This information helps us manage your orders, respond to your inquiries, loyalty program matters, and preferences. With your agreement, we can also contact you electronically with marketing notifications.

When you purchase goods from us on our website, we also collect information to manage your order. This includes your name, surname, address, telephone number, email address, information on the product, the time and date of your purchase, the goods you purchased, your satisfaction with the service, changes to your order, or complaints.

We do not directly collect your payment details; they are collected through our partners. Geolocation information is collected to provide you with better service and goods and for statistical purposes.

Regarding newsletters and advertising notifications, we may process your email address, name, and surname. This information is only collected with your agreement.

Much of the information is collected through cookies, which are used to secure the proper functioning and personalization of our websites. We may collect your username and password, order history, geolocation information, IP address, browser and device details, and other information for statistical purposes. All of these are important tools for improving our websites and providing us with statistical information about our customers.

In order to communicate effectively with our customers, especially when responding to inquiries, we may process your name, surname, telephone number, and email address.

Without this data, we cannot provide you with our services as they are essential for our business contract.

We will not retain your data for longer than necessary for the purposes set out in this Policy. However, the longest we will normally hold any personal data is 10 years from your order. If the order was not completed, all of your personal data will be deleted within 12 months in case our mutual relationship comes into force again.

In some cases, we may keep your personal data longer, but only if we are legally entitled to do so, especially in terms of taxes, accounting, and archives.

4. Marketing notifications

We use your data to fulfil any orders you place with us. If you DID NOT tick the box: 'I don’t want to receive marketing communication,’, we will send them to you. Your decision to receive or not receive marketing communication does not have any impact on our mutual business agreement. These notifications will include information on our services, products and offers that you may be interested in. 

We can also send you marketing communication if you pre-approved it regardless of whether you made a contract with us or not. 

Either way, you can cancel this service at any time on our email address, online form or through the cancellation link in every email.

5. Why do we use profiling and automatic decision making?

Our company is striving to provide you with individually tailored offers and services. Therefore, based on your agreement, we profile your personal data. In order to do that we use an automatic information system, web applications and calculators based on which we send you individualised notifications and offers, goods or services of ATEX s.r.o. This system allows us to meet your needs better, to estimate future trends and adjust our products and services accordingly. 

6. Who are our partners?

You agreed to allow us to share your personal data with our selected third-party partners when you agreed to receive marketing communications from us. Our partners follow the same regulations in protecting personal data, and we have signed contracts with them to process personal data. You can request a list of our business partners.

7. Who can access your personal data?

For marketing purposes, we share your data with third-party service providers who help us do this and generally operate our business effectively. For example, to improve the level of service we provide you, we may share your data with third-party mediators. ATEX s.r.o. has signed legal contracts with these parties on the use of personal data, based on which they must follow strict rules for dealing with personal data. We only share information that is necessary for their job. Third parties may include IT companies, hosting services, companies that ensure hardware runs smoothly, external marketing agencies, external graphic designers, and programmers, as well as external companies that provide payment portals.

8. Personal data of under 16

We do not collect data of people under 16 years of age.

9. Who receives your personal data

Our subcontractors or processors of personal data have access to your personal data. These can be people we closely cooperate with based on trade certificate or it can be our external IT administrator or companies that provide cloud or online marketing services or email services. 

10. Disclosing data to third countries

To process personal data, we may use online services such as Google LLC or Microsoft Corporation or email services of The Rocket Science Group, LLC (publicly known as MailChimp). These companies are based in the USA and are registered under the EU-US Privacy Shield. You can access it at The European Commission has published an agreement on privacy settings related to the shield, Art. 45 par 9 GDPR, and therefore no other permission is needed.

11. Your rights

If we process your private data, you have the following rights:

  • the right to ask for a copy of personal data that we hold about you (the right of access);
  • the right (in certain circumstances) to request that we delete personal data held on you;      where we no longer have any legal reason to retain it (the right of erasure or to be forgotten);
  • the right to ask us to update and correct any out-of-date or incorrect personal data that we hold about you (the right of rectification);
  • the right to opt out of any marketing communications that we may send you and to object to us using / holding your personal data if we have no legitimate reasons to do so (the right to object);
  • the right (in certain circumstances) to ask us to ‘restrict processing of data; which means that we would need to secure and retain the data for your benefit but not otherwise use it (the right to restrict processing); and
  • the right (in certain circumstances) to ask us to supply you with some of the personal data we hold about you in a structured machine-readable format and/or to provide a copy of the data in such a format to another organisation (the right to data portability).

You also have the right to object to the supervisory authority, which is the Office for Personal Data Protection. The website is

12. Your rights explained

Right of access to personal data means that you are entitled to receive confirmation whether your data is being processed or not, and you have the right to access this personal data, including information on how it is being processed, based on Art.15 GDPR. This includes the following information:

  • The reason for processing
  • Category of personal data
  • Receiver or category of receivers of personal data
  • Period during which the data will be processed or its criteria
  • Right to correct, erase, restrict processing, and object to processing
  • Right to file a complaint with the supervisory office
  • All accessible information on resources of personal data if not provided by you
  • Notification that automatic decision-making or profiling takes place
  • Information on suitable security as outlined in Art. 46 GDPR (related to data disclosure) and information on disclosing data to third countries and international organizations.

The right of rectification means that upon your request, we must correct inaccurate information or complete it in accordance with Art. 16 GDPR. The right of erasure means that upon your request, we must erase your personal data in accordance with Art. 17 GDPR. We can do so given that:

  • Personal data is no longer needed
  • Your consent was appealed and there is no other legal reason for processing your data
  • You have objections to the processing of your data
  • Data processing is illegal
  • Erasure is needed to meet legal obligations, or
  • Personal data was collected in relation to an offer from an information company to the effect of Art. 8 par.1 GDPR.

The right to restrict processing means that upon your request, we must restrict the processing of your data in accordance with Art. 18 GDPR.

Furthermore, you have the right to data portability, which means that upon your request, we must provide your information in machine-readable form in case the processing is based on an agreement or contract (fulfilment of the contract). At the same time, the processing is done in an automated way in accordance with Art. 20 GDPR.

13. Right to raise an objection

We would like to draw your attention to your right to raise an objection. This means that you have the right to object to any direct marketing. If you choose to do so, we will immediately stop direct marketing to you.

The right to raise an objection can also be generally applied to the processing of your personal data based on legal justifications such as "authorized interest" or "fulfilment of a task in the public interest" or "discharge of duties in the public interest," including profiling based on these legal reasons.

You can raise your objection by sending an email to our address: