Privacy and Personal Data Protection Policy

  1. General Provisions

1.1. This Privacy and Personal Data Protection Policy (hereinafter referred to as the “Policy”) describes the procedures for collecting, using, and protecting personal data by Laledka Company s.r.o., Company ID (IČO): 24178969 (hereinafter referred to as the “Company”), in accordance with Regulation (EU) 2016/679 (GDPR) and Act No. 110/2019 Coll. of the Czech Republic on Personal Data Processing.

1.2. By using the website https://stordar.com/ (hereinafter referred to as the “Website”), you agree to this Policy. If you do not agree with its terms, please refrain from using the Website.

  1. Definitions

For the purposes of this Policy, the following terms are used:

Personal Data – any information relating to an identified or identifiable natural person.

Processing – any operation or set of operations performed on personal data (including collection, recording, structuring, storage, adaptation, retrieval, use, disclosure, transmission, erasure, or destruction).

Data Subject – a natural person to whom the personal data relates.

Controller – a person or entity which determines the purposes and means of the processing of personal data.

Processor – a person or entity which processes personal data on behalf of the controller.

  1. Data Controller

3.1. The controller of personal data collected through the Website is:

Company name: Laledka Company s.r.o.
Company ID (IČO): 24178969
Registered address: Praha – Řepy, Španielova 1275/38, PSČ 163 00
Contact e-mail: contact@stordar.com

3.2. For any questions regarding the processing of your personal data, please use the contact details above.

  1. Purposes and Legal Grounds for Data Processing

4.1. Purposes of Processing:
Personal data collected via the Website may be processed for the following purposes:

Ensuring proper functionality and technical support of the Website;

Responding to user inquiries (including feedback);

Providing information, updates, and news related to the Website’s activities;

Conducting statistical and analytical research (with anonymisation);

Concluding and performing contracts, including processing necessary for contractual obligations;

Marketing communications: informing users about products, services, and events with prior consent;

Compliance with legal obligations under EU and Czech law.

4.2. Legal Grounds for Processing:
Processing is based on:

Your explicit consent (Art. 6(1)(a) GDPR), in particular for direct marketing communications, under Art. 6(1)(a) GDPR in conjunction with § 7(2) of Act No. 480/2004 Coll., unless a product or service was ordered;

The necessity of processing for the performance of a contract or steps prior to entering into a contract (Art. 6(1)(b) GDPR);

Compliance with legal obligations (Art. 6(1)(c) GDPR);

The legitimate interests of the Controller (Art. 6(1)(f) GDPR), provided that such interests do not override the fundamental rights and freedoms of the data subjects.

  1. Categories and Methods of Data Collection

5.1. Types of Personal Data Collected:

Contact details: name, surname, e-mail address, telephone number;

Technical information: IP address, browser type, visit logs, cookies, and similar identifiers;

Demographic data: voluntarily submitted information (e.g., age, gender, location).

5.2. Methods of Collection:

Through web forms and registration fields on the Website;

Through cookies and similar technologies for site functionality and analytics;

Through direct communication with representatives of the Controller.

  1. Data Retention Period

6.1. Personal data is retained no longer than necessary for the purposes for which it was collected, unless otherwise required by law.

6.2. If processing is based on consent, data is retained until consent is withdrawn but no longer than 5 years.

6.3. Upon expiration of the retention period or withdrawal of consent, personal data is securely deleted or anonymised.

  1. Data Disclosure and Transfer

7.1. Your personal data may be shared with third parties (including partners and IT service providers) solely for the purposes outlined in this Policy and under appropriate contractual safeguards.

Recipients may include:

Entities involved in providing goods/services or processing contractual payments;

Service providers, including IT vendors, marketing agencies, accounting services, and e-commerce support providers;

Public authorities, where required by law.

The Company ensures adequate safeguards and confidentiality in all data transfers.

7.2. If personal data is transferred outside the European Economic Area (EEA), appropriate safeguards will be implemented, including the use of Standard Contractual Clauses approved by the European Commission.

  1. Data Security Measures

8.1. The Controller implements technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction, in line with industry standards.

8.2. Security systems are regularly reviewed and updated.

8.3. Access to personal data is restricted to authorised personnel only.

  1. Data Subject Rights

Under the GDPR and Czech law, you have the following rights:

Right of Access (Art. 15 GDPR): You may request information about your processed personal data.

Right to Rectification (Art. 16 GDPR): You may request corrections to inaccurate data.

Right to Erasure (“Right to be Forgotten”) (Art. 17 GDPR): You may request deletion of your data where no legal grounds require its retention.

Right to Restrict Processing (Art. 18 GDPR): You may request processing to be limited under certain conditions.

Right to Data Portability (Art. 20 GDPR): You may request your data in a structured, machine-readable format and transfer it to another controller.

Right to Object (Art. 21 GDPR): You may object to processing based on legitimate interests.

Right to Withdraw Consent: You may withdraw your consent at any time. Withdrawal does not affect the lawfulness of prior processing.

To exercise these rights, contact us at the email address provided in Section 3.

  1. Use of Cookies

10.1. The Website uses cookies and similar technologies to:

Ensure the proper functioning of the Website;

Analyse Website usage (anonymised statistics);

Personalise content and advertisements.

10.2. You may manage cookie preferences in your browser settings. Disabling cookies may affect the Website’s functionality.

  1. Policy Updates

11.1. The Controller reserves the right to amend this Policy at any time. The updated version will be published on the Website with an effective date.

11.2. We recommend that you review this page periodically to stay informed about changes.

11.3. By submitting an order via the online form, you confirm that you have read and accepted this Policy.

11.4. You agree to the terms of this Policy by checking the consent box or clicking the “Agree” button on the online form.

  1. Contact and Supervisory Authority

12.1. For any questions regarding this Policy or the processing of your personal data, please contact:

E-mail: contact@stordar.com
Postal address: Praha – Řepy, Španielova 1275/38, PSČ 163 00

12.2. If you are not satisfied with our response, you have the right to file a complaint with the supervisory authority for personal data protection in the Czech Republic.

Effective Date: 20 June 2025