Article 1
Basic provision


1. The administrator of personal data is the business company JayLabs sro, IČ 05591759, with its registered office at Lamačova 634/2, Hlubočepy, 152 00 Prague 5, entered in the Commercial Register kept by the Municipal Court in Prague, Section C, Insert 266604, contact email jay@jaylabs. com.

2. The administrator shall process personal data within the meaning of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) ("GDPR") and in accordance with national law.

Article 2
Processed personal data and their sources


1. The administrator processes the personal data that you have provided to him or the personal data that the administrator has obtained based on the fulfillment of your order.

2. The administrator processes your identification and contact data and all other data necessary for the performance of the contract.

Article 3
Reasons and purpose of personal data processing


1. The reasons for processing personal data are:

• fulfilment of contractual relations between you and the administrator,

• the legitimate interest of the administrator in the provision of direct marketing (especially for sending business messages and newsletters, offering products and services),

• fulfilment of legal obligations set by the administrator,

• your consent to processing for the purposes of providing direct marketing (especially for sending business messages and newsletters, offers of products and services) if no goods or services have been ordered.

2. The purpose of processing personal data is:

• processing your order and exercising the rights and obligations arising from the contractual relationship between you and the administrator; when ordering, personal data are required, which are necessary for successful processing of the order (e.g. name and address, contact), providing personal data is a necessary requirement for concluding and fulfilling the contract, without providing personal data it is not possible to conclude the contract or perform it by the administrator,

• sending business messages and doing other marketing activities,

• customer care - the administrator can process your data in case of solving your questions or requests,

• user account - the administrator processes your data entered in the user profile, which contains additional functions and the possibility to change selected personal data,

• exercising the rights and legal rights of the administrator and control of public authorities.

3. Personal data are processed manually and automatically by the administrator. Automated processing concerns, for example, the creation of statistical information on the website traffic of the administrator and the form. Automatic processing also applies to cookies, which are used on the administrator's website and you give your consent to their use.


Article 4
Data retention period


1. The administrator shall store personal data:

• for the time necessary to exercise the rights and obligations arising from the contractual relationship between you and the administrator and to assert claims arising from these contractual relationships,

• for the period that results from the reason and purpose for which the personal data are processed, in particular due to the obligations arising from legal regulations,

• until the consent to the processing of personal data is revoked, if the personal data are processed on the basis of your consent, for a maximum period of 15 years from the granting of the consent.

2. After the expiry of the retention period of personal data, the administrator shall delete the personal data.

Article 5
Other recipients of personal data


1. Other recipients of personal data are the entities:

• participating in the delivery of goods, services, and the execution of payments based on a contract,

• involved in ensuring the operation of services,

• providing marketing services,

• public administration bodies,

• insurance companies based on a contract and/or when reporting an insured event.

2. The administrator is entitled to transfer personal data to a third country (ie to a non-EU country) or to an international organization. Recipients of personal data in third countries are, for example, providers of mailing services or cloud services.

Article 6
Your rights


1. Under the conditions set out in the GDPR, you have:

• the right to access your personal data,

• the right to correct personal data, or restrictions on processing,

• the right to delete personal data,

• the right to object to the processing,

• the right to data portability,

• the right to withdraw the consent to processing in writing or electronically to the address or email of the administrator specified in Article 1 of this policy.

2. You also have the right to lodge a complaint with the Office for Personal Data Protection ( if you believe that your right to personal data protection has been violated.

Article 7
Terms of personal data security


1. The administrator declares that he has taken all appropriate technical and organizational measures to secure personal data. Therefore, it not only regularly checks their security, but continuously improves their protection.

2. The administrator declares that only persons authorized by him have access to personal data.

Article 8
Final Provisions


1. By checking the consent to the processing of personal data listed on the administrator's website, you give your consent to the processing of personal data and cookies in cases where consent is required by law and at the same time agree to the wording of these principles, which you fully accept.

2. The administrator is entitled to change these conditions. They will publish a new version of the terms of personal data protection on their website.

3. This privacy policy is valid and effective from March 1, 2021.