PRIVACY AND COOKIE POLICY
This Privacy Policy for propik.pro informs you of the extent of processing your personal data and of its cookies policy as required by Regulation (EU) 2016/679 of the European Parliament and of the Council (General Data Protection Regulation) (hereinafter the “GDPR”). Please read carefully all the information about processing your personal data and about our cookies policy below.
1. Who is the controller of your personal data?
Magitos s.r.o., with its registered office at Bělehradská 858/23, 120 00 Praha 2, IČO: 068 09 995, DIČ: CZ06809995 (registered in the Commercial Register) (hereinafter the “Provider”) is the operator of the websites and platform for virtual trading available on the Website through the user account (hereinafter the “Platform”).
2. What is the purpose of data processing?
The Provider acts as the data controller for the following purposes of data processing:
- Analysis of the website traffic;
- Creating and maintaining a user account;
- Technical support for the operation of the information system, including security;
- Accounting and tax obligations;
- Ensuring that the services are safe and technically sound;
- Operational communication;
- Marketing communication;
- Legal protection.
2.1. Analysis of the website traffic
In relation to the website, the Provider uses the site traffic analysis. These services draw on aggregate statistical data about the use of the website; to be functional, each unique access to the website must be singled out. Mixpanel and Google Tag Manager tools are used to this end, which mainly rely on cookies and similar methods described in detail in Section 3. The data are used to enhance the user experience, identify website errors and enhance the quality of the services. The data are processed in reliance on your consent with cookies granted when visiting the website under Article 6(1)(a) of the GDPR.
2.2. Creating and maintaining user account
In order to use the platform via the website, it is necessary to create and maintain a user account within the Provider's information system. In order to create an account, it is necessary to provide identification and contact information such as first name, last name, date of birth, permanent home address, or correspondence address, e-mail and telephone. The processing of these data is necessary for the conclusion of the contract for the use of services (e.g., the Terms and Conditions) and the fulfilment of the obligations under this contract.
2.3. Technical support for the operation of the information system, including security
In order to operate the platform and ensure its full functionality for users, including ensuring the security of the system and user accounts and respecting user settings, it is necessary to process personal data associated with the user account and other data of a technical nature, including the IP address of the device used, authentication data, information about the browser or device, location and time of login, technical records, etc. This processing is carried out to ensure the fulfilment of the obligations under the contract for the use of services and to ensure the legitimate interests of the Provider and the users in the proper and secure functioning of the information system.
2.4. Accounting and tax obligations
The Provider shall keep due accounts of its property in compliance with respective law. To comply with such duty, the Provider shall keep records of user information. Personal data processed to comply with such duties are processed under Article 6(1)(c) of the GDPR, i.e. the processing is necessary to perform legal obligations.
2.5. Ensuring that the services are safe and technically sound
To make the website run safely and smoothly, it is necessary to collect and process some technical details including the IP address, web browser parameters, or to store cookies. Such data are processed under Article 6(1)(f) of the GDPR since such processing corresponds to the legitimate interests of the Provider and clients in safe and smooth service provision.
2.6. Operational communication
If you contact the Provider in relation to the website operation or services, all information included in the communication (e.g. identification details, content of the communication, other provided information) may be processed in order to deal with the request. Such data are processed under Article 6(1)(f) of the GDPR since such processing corresponds to the legitimate interests of the Provider and user in due disposal of the request.
2.7. Marketing communication
If you subscribe to receive newsletters from the Provider, the e-mail address you have provided may be used to provide information on updates or in relation to the offer of products and services. Your e-mail address is processed in reliance on your consent granted by subscription under Article 6(1)(a) of the GDPR. You may unsubscribe at any time by clicking the unsubscribe link included in every message.
2.8. Legal protection
All collected personal data may be processed by the Provider for the purpose of legal protection of the Provider, users or third parties to establish and settle legal claims. To this effect, the personal data processed are retained for a minimum of 3 years from the moment they are collected, unless longer periods are required by law or for ongoing legal proceedings. The personal data are processed under Article 6(1)(f) of the GDPR since such processing corresponds to the legitimate interests of the Provider and other parties.
3. Cookies
The website uses cookies. A cookie is a small text file that a website stores on your device when you visit the site. Cookies are widely used to make the website work or to enhance its functionality as well as to collect information for the providers. Cookies are not harmful to your device or its software.
3.1. Categories of the cookies used:
Category
Purpose and description
Tool(s) examples
Strictly necessary cookies
These cookies enable the website to function as well as the provision of services and their security.
(Internal/Platform specific)
Analytics cookies
Analysis of website traffic
Mixpanel, Google Tag Manager
3.2. Strictly necessary cookies
The website uses strictly necessary cookies to function properly. Such cookies are necessary to provide for the technical functions of the website in line with the needs of the users; these cookies are not subject to consent requirements. If the storage of such cookies is disabled in browser setting, the services offered may not be provided properly or at all.
3.3. Analytics cookies
Cookies are used to better understand the needs and preferences of the website users; Mixpanel provided by MIXPANEL, INC. and Google Tag Manager provided by Google LLC are used to this end. These services use the collected cookies to analyse how the website is used. Information generated by the cookies about the use of the site (including the IP address) may be transferred by these providers and stored at their servers. All data so collected will be processed anonymously or pseudonymously. The data are used solely to assess the usage patterns of the website. To guarantee anonymity or appropriate safeguards, these providers will not link the information about the IP address with any other available data without a proper basis. No other directly identifying personal data such as a name, e-mail or phone number will typically be provided to these analytics providers through these tools unless configured otherwise.
Analytics cookies are stored on the user’s device in reliance on a consent granted by virtue of setting the preferences when accessing the website (e.g., via a cookie banner). The storage of cookies may also be modified by adjusting the browser settings to store only some cookies, or disable any storage of cookies. If the storage of all cookies is disabled, including the strictly necessary cookies as specified above, the website may not work properly.
For more information on third-party cookies, see their respective policies:
The storage of cookies may be set (or disabled) in the browser. For more information, see the following websites (example resources):
- https://cs.wikipedia.org/wiki/HTTP_cookie
- www.aboutcookies.org
- www.allaboutcookies.org
4. Data transfer
Personal data are always kept in privacy and in strict security, and are not disclosed to third parties unnecessarily. In accordance with the GDPR, the data may be transferred to other persons involved in data processing (processors).
In order to ensure quality of the services, the Provider also engage other service providers who are responsible, without limitation, for organizational, marketing, technical and other services, such as:
- providers of on-line analytics tools (see the Cookies Section above);
- providers of technical IT services including the infrastructure: providers of hosting services and service support;
- accountants, lawyers and tax consultants;
- marketing consultants;
- providers of bulk mailing services.
Such service providers may access, in the extent necessary, some of the personal data in relation to the provision of their services. The security of the data on part of such service providers is guaranteed by contract, including non-disclosure covenants and data processing agreements where applicable.
In situations foreseen by law, the Provider may be under a duty to transfer some of the data to public authorities including law enforcement bodies, courts and anti-money laundering regulatory authorities.
Some service providers such as Mixpanel and Google are based in the United States of America. The protection of personal data in cross-border cases is secured by contracts based on standard contractual clauses issued by the European Commission or other appropriate safeguards under GDPR.
5. Automated decision-making and profiling
The processing of personal data as described above does not involve automated user profiling resulting in legal or similarly significant effects.
6. Information about the rights of the data subject
6.1. Right to access the personal data
You may request information about personal data processing and a copy of the data processed.
6.2. Right to rectification
If you believe that your personal data is not accurate, up-to-date or if the data is otherwise incorrect, you may contact us and we will arrange for rectification.
6.3. Right to restrict processing
In situations foreseen by Article 18 of the GDPR, for example when the data processed are not accurate or you have filed an objection, you may request that the processing be restricted. As long as the processing is restricted, the data will only be stored and no operations involving your data will be carried out without your consent. The processing is restricted as long as any of the above situations lasts (e.g. disposal of the objection or rectification). You will be informed once the restriction terminates.
6.4. Right to erasure
In situations foreseen by Article 17 of the GDPR, e.g. if you revoke your consent with data processing or if your personal data are no longer needed, you may request erasure of your personal data. Sometimes the right to erasure may be limited. For example, personal data processed to comply with a statutory duty cannot be erased before the expiry of the statutory retention periods.
6.5. Right to raise an objection
You may raise a reasoned objection against processing relying on a legitimate interest (Article 6(1)(f) GDPR), including profiling based on this ground. You also have an unconditional right to object to processing for direct marketing purposes. The objection will be disposed of and you will be notified thereof through the contact you have selected.
6.6. Right to withdraw the consent with data processing
You may withdraw your consent with data processing at any time if the data are processed under your consent (Article 6(1)(a) GDPR). Withdrawal does not affect the lawfulness of processing before consent withdrawal.
6.7. Right to data portability
In situations when the personal data you have provided are processed in reliance on a consent or in relation to contract execution by automated means and are stored in a structured and machine-readable format, you have the right to receive the data in such a format and transmit it to another controller where technically feasible.
6.8. Right to lodge a complaint with the regulatory authority
If you believe that your personal data are not handled lawfully, you may approach the competent regulatory authority. The Office for Personal Data Protection (Úřad pro ochranu osobních údajů - ÚOOÚ) is the regulatory authority in the Czech Republic. Website: www.uoou.cz.
6.9. Miscellaneous
If you file a request to exercise any of these rights, the Provider may request further identification details to verify the identity of the applicant.
7. Effect and Modifications
7.1. Modifications
The Provider may modify the data processing details as necessary. In such a case, you will be notified thereof, and the new Privacy Notice will be published on the website.
7.2. Effect
This Privacy Notice comes into effect on 21.04.2025.
8. Contact details
If you have any questions or wish to exercise any of the above rights, you may use any of the following contact details:
info@propik.pro
or by post to:
Magitos s.r.o.
Bělehradská 858/23
120 00 Praha 2
Czech Republic