Personal Data Protection
I. General Provisions
1. The controller of personal data pursuant to Article 4(7) of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation – GDPR) is VANS BROS & CO. s. r. o., Company ID: 54 958 261, with its registered office at Sky Park – Čulenova 7936/5A, Bratislava – Staré Mesto 811 09, registered in the Commercial Register of the District Court Nitra (hereinafter referred to as the “Controller”).
2. Controller contact details:
Registered office: Sky Park – Čulenova 7936/5A Bratislava – Staré Mesto 811 09
Correspondence address: Sky Park – Čulenova 7936/5A Bratislava – Staré Mesto 811 09
Email: vansbros.info@gmail.com Phone: +421 907 920 950
3. Personal data means any information relating to an identified or identifiable natural person; an identifiable natural person is a person who can be identified directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
II. Sources and Categories of Processed Personal Data
1. The Controller processes personal data that you have provided or personal data obtained by the Controller based on order fulfillment:
• First and last name • Email address • Postal address • Phone number • Company registered office • Billing information
2. The Controller processes identification and contact data and data necessary for contract performance.
III. Legal Basis and Purpose of Personal Data Processing
1. The legal basis for processing personal data is:
• Performance of a contract between you and the Controller pursuant to Article 6(1)(b) GDPR • Fulfillment of legal obligations of the Controller pursuant to Article 6(1)(c) GDPR • Legitimate interest of the Controller for direct marketing purposes (especially sending commercial offers and newsletters) pursuant to Article 6(1)(f) GDPR • Your consent for direct marketing purposes (especially sending commercial offers and newsletters) pursuant to Article 6(1)(a) GDPR if an order for goods or services has been made
2. The purpose of personal data processing is:
• Processing your order and exercising rights and obligations arising from the contractual relationship between you and the Controller; personal data required for successful order processing (name, address, contact details, billing information) are necessary for concluding and fulfilling the contract. Without providing personal data, it is not possible to conclude or perform the contract.
• Fulfillment of legal obligations towards the state
• Sending commercial communications and carrying out other marketing activities
3. The Controller does not perform automated individual decision-making within the meaning of Article 22 GDPR.
IV. Data Retention Period
1. The Controller retains personal data:
• For the period necessary to exercise rights and obligations arising from the contractual relationship between you and the Controller and to assert claims arising from these contractual relationships (for a period of 15 years after termination of the contractual relationship).
2. After the retention period expires, the Controller will delete the personal data.
V. Recipients of Personal Data (Controller’s Subcontractors)
1. Personal data recipients are persons:
• Participating in the delivery of services and payment processing based on a contract • Providing website operation services and other services related to campaign management • Providing marketing services
VI. Personal Data Processors
1. Personal data is processed by the Controller, however, the following processors may also process personal data on its behalf:
• Google Ads and Google Analytics service providers • Other providers of processing software or applications which are currently not used by the Controller
VII. Your Rights
1. Under the conditions set out in the GDPR, you have:
• The right of access to your personal data pursuant to Article 15 GDPR • The right to rectification pursuant to Article 16 GDPR or restriction of processing pursuant to Article 18 GDPR • The right to erasure pursuant to Article 17 GDPR • The right to object pursuant to Article 21 GDPR • The right to data portability pursuant to Article 20 GDPR • The right to withdraw consent to processing in writing or electronically at the Controller’s address or email specified in Article III
2. You also have the right to file a complaint with the Data Protection Authority if you believe your personal data protection rights have been violated, or to seek judicial remedy.
VIII. Personal Data Security Conditions
1. The Controller declares that it has taken all appropriate technical measures to secure personal data.
2. The Controller has implemented technical measures to secure data storage and databases.
3. The Controller declares that only authorized persons have access to personal data.
IX. Use of Cookies
1. Cookies are text files containing a small amount of information that are downloaded to your device when you visit our website. Cookies are subsequently sent back to the website or another website that recognizes them during each visit.
2. Cookies perform various tasks, such as enabling efficient navigation between pages, remembering your preferences, and generally improving user experience. They can also ensure that online advertisements are better tailored to you and your interests.
3. We use the following cookies on our website:
Necessary cookies: Necessary cookies are essential for the basic functions of the website and the website will not function properly without them. These cookies do not store any personally identifiable information.
4. Please note that third parties (including external service providers) may also use cookies and/or access data collected by cookies on the website.
5. Further information about cookies and their current list can be found through individual internet browsers, usually in the Developer Tools section.
6. Consent may be expressed through a checkbox contained in the cookie bar. You can also refuse cookies in your browser settings or set the use of only certain cookies.
7. More information about cookie management in individual browsers can be found at the following links:
X. Final Provisions
1. By submitting an order via the online order form, you confirm that you have familiarized yourself with the personal data protection conditions and that you accept them in full.
2. You agree to these conditions by checking the consent box via the online form. By checking the consent box, you confirm that you have read and fully accept the personal data protection conditions.
3. The Controller is entitled to change these conditions. The new version of the privacy policy will be published on the website and also sent to your email address provided to the Controller.
These terms become effective as of 19 February 2026.