Прескочи на садржај

Privacy Policy

How we collect, use, and protect your personal data.

Last updated: April 14, 2026

Data Controller

The data controller is UMARUTTI s.r.o., Company ID: 41690885, registered office at Kozí 916/5, Prague 1, registered in the Commercial Register maintained by the Municipal Court in Prague.

Contact email: [email protected]

What Data We Collect

We collect personal data you provide directly — name, email, phone, delivery address — and data generated automatically when using our website (IP address, browser type, pages visited).

  • Registration data: name, email, password (hashed)
  • Order data: delivery address, billing details, ordered products
  • Payment data: processed exclusively by Stripe, we do not store card numbers
  • Analytics data: anonymized traffic data (only with consent)
  • Communication: email correspondence, inquiries, bookings

Why We Process Data

Contract performance — order processing, delivery, invoicing

Legal obligations — accounting and tax regulations, document archiving

Consent — marketing communications, analytics cookies

Legitimate interest — fraud protection, service improvement

Data Retention

We retain personal data only for as long as necessary to fulfill the purpose of processing:

  • Account data: duration of account + 3 years after deletion
  • Order data: 10 years (legal requirement)
  • Analytics data: maximum 26 months
  • Marketing consent: until withdrawn

Third-Party Sharing

We share your data only with trusted service providers who are contractually bound to protect data:

  • Stripe — payment processing
  • Resend — transactional email delivery
  • Umami — anonymized web analytics (self-hosted)
  • Fakturoid — invoice generation
  • Directus — content and user account management

Your Rights

Under GDPR, you have the right to access, rectification, erasure, restriction of processing, data portability, and the right to object. You can exercise your rights at [email protected].

In your account settings, you can download a copy of your data or request account deletion.

You also have the right to file a complaint with the Office for Personal Data Protection (www.uoou.cz).

Data Security

We use encryption (HTTPS/TLS), password hashing, access restrictions, and regular security audits to protect your data.