PRIVACY POLICY

Last updated: 18. 2. 2026

This Privacy Policy explains how personal data is collected, used, and protected when you visit or make a purchase from karolinapetho.eu.

  1. DATA CONTROLLER

The data controller responsible for your personal data is:

Karolína Pethö
Jungmannova 1444/38
500 02 Hradec Králové
Czech Republic
Company ID (IČ): 08517339
Email: hello@karolinapetho.eu

  1. WHAT PERSONAL DATA WE COLLECT

We may collect the following personal data:

• First and last name
• Billing address
• Email address
• Order details and purchase history
• Payment information (processed securely via Stripe)
• IP address
• Technical data necessary for website functionality

We do not collect sensitive personal data.

  1. HOW WE COLLECT YOUR DATA

Your personal data is collected when:

• You place an order through the website
• You contact us via email
• You browse the website (essential technical data only)

  1. PURPOSE AND LEGAL BASIS FOR PROCESSING

Your data is processed for the following purposes:

a) Order processing and digital product delivery
Legal basis: Performance of a contract (Article 6(1)(b) GDPR)

b) Compliance with legal obligations (accounting and tax regulations)
Legal basis: Legal obligation (Article 6(1)(c) GDPR)

c) Website security and technical functionality
Legal basis: Legitimate interest (Article 6(1)(f) GDPR)

  1. PAYMENT PROCESSING (STRIPE)

Payments on this website are processed securely via Stripe.

We do not store full payment card details. Stripe may process payment-related data in accordance with its own Privacy Policy and security standards.

  1. DATA RETENTION

Personal data related to purchases is retained:

• For the duration necessary to fulfill the contract
• For the period required by Czech accounting and tax law

After this period, data is securely deleted.

  1. DATA SHARING

Your data may be shared only with trusted third parties strictly for operational purposes:

• Website hosting provider
• Payment processor (Stripe)
• WooCommerce / WordPress platform services
• Accounting or tax service providers (if applicable)

All third parties process data in accordance with GDPR requirements.

  1. INTERNATIONAL DATA TRANSFERS

Some service providers (such as Stripe) may process data outside the European Union.

In such cases, appropriate safeguards are applied, including Standard Contractual Clauses approved by the European Commission.

  1. YOUR RIGHTS UNDER GDPR

Under the General Data Protection Regulation, you have the right to:

• Access your personal data
• Rectify inaccurate data
• Request deletion of your data
• Restrict processing
• Object to processing
• Data portability

To exercise any of these rights, please contact:

hello@karolinapetho.eu

  1. RIGHT TO LODGE A COMPLAINT

If you believe your personal data is being processed unlawfully, you have the right to lodge a complaint with the supervisory authority.

In the Czech Republic, the supervisory authority is:

Office for Personal Data Protection
www.uoou.cz

  1. COOKIES

This website uses only essential cookies required for proper functionality, such as:

• Maintaining shopping cart sessions
• Secure checkout and payment processing
• Fraud prevention and security measures

No analytics, advertising, or tracking cookies are used.

Because these cookies are strictly necessary to provide the service, no cookie consent banner is required.

  1. DATA SECURITY

Appropriate technical and organizational measures are implemented to protect your personal data against unauthorized access, loss, or misuse.

  1. CHANGES TO THIS POLICY

We reserve the right to update this Privacy Policy at any time. The updated version will be published on this page with a revised “Last updated” date.

  1. CONTACT

If you have any questions regarding this Privacy Policy or the processing of your personal data, please contact:

hello@karolinapetho.eu