The private policy is in compliance with GDPR.
If you have additional questions not answered here, contact the Koongo support to request more information.
Updated: Nov 12, 2019
1. Basic information
1.1 Contact person
The data administrator for the personal data protection according to Article 4 (7) of GDPR is Koongo.
For all matters concerning the protection of personal data please contact:
Jiri Zahradka, Koongo CEO
NoStress Commerce s.r.o.
Nové Město, 128 00
Praha 2, Czech Republic
1.2 Principle of processing personal data
The Koongo processes personal data in the compliance with the following principles arising from the Regulation:
- legality, correctness, and transparency of processing;
- purpose limitation - collection only for certain, expressly expressed, and legitimate purposes;
- minimization of data - adequacy, relevance, and limitation of processing to the extent necessary in relation to the purpose;
- accuracy and timeliness - the Koongo shall take all reasonable steps to ensure that personal data which are inaccurate, taking into account the purposes for which they are processed, are erased or corrected without delay;
- limited storage - personal data shall be stored in a form which permits the identification of data subjects for no longer than is necessary for the purposes for which they are processed provided that the appropriate technical and organizational measures required by the existing legislation are in place to guarantee the rights and freedoms of the data subject ;
- integrity and confidentiality - personal data are processed in a manner that ensures their proper security, including their protection through appropriate technical or organizational measures against unauthorized or unlawful processing and against accidental loss, destruction or damage
2. Sources and categories of processed personal data
2.1 Personally Identifiable Information
2.2 Aggregate User and Tracking Information
While using our Service, some information about your visit may be automatically collected using cookies, log analysis software and other aggregate tracking technologies. This information provides insights on how customers and visitors use the Koongo website, Service and other Koongo products. This data is anonymous in nature and does not contain any personally identifiable information.
2.2.2 Log File Analysis
Koongo also collects information from your computer each time you visit the Service using log file analysis software. Information measured, analyzed and collected in this manner may include but is not limited to: your IP address, operating system, platform information, date and time of your click stream behavior, cookie information, session information (includes: page interaction information, browser interaction information, page response times, length of visits to individual pages, and download errors) and web browser software.
Information collected on how you use the Service does not include personally identifiable information. Though some personally identifiable information may be collected in this process, the information collected is not used to track an individual’s use through the Service.
2.2.3 Third party services
In addition, we use third party services such as Google Analytics that collect, monitor and analyze this type of information in order to increase our Service's functionality.
To improve the way we do things, we need some data about you, our customers. For this reason, we use third-party service called Smartlook that allow us to record and analyse your behavior. Thanks to this, we can see trends and patterns which help us improve many areas of our business activities. This data is anonymous in nature and does not contain any personally identifiable information. If you don’t want to be tracked by Smartlook on our website, you can opt out her.
These third party service providers have their own privacy policies addressing how they use such information.
2.2.4 Data processing
Finally, we collect Personal Data where we act as a data processor. We process Personal Data on behalf of our customers in the context of supporting the Service. Where a customer subscribes to our Service for their online store, system or platform, they are able to retrieve Personal Data from consumers and/or businesses from their account(s) at online Marketplaces or Platforms as, but not limited to, Amazon, Beslist.nl, and Bol.com. When an order has been placed at such a Marketplace or Platform, we collect and store the order data (including Personal Data) to collectively send it to the system or platform of our customers.
3. Legal reason and purpose of personal data processing
3.1 Legal reason for your personal data
The legal reason for your personal data processing is:
- the fulfillment of the contract according to Article 6 (1) b) GDPR, fulfillment of the statutory obligation of the administrator pursuant to Article 6 (1) c) the GDPR and the legitimate interest of the Provider pursuant to Article 6 (1) f) GDPR. Koongo will send you Service setup instruction, support period expiration notification or any major update/upgrade information related to Service or other Koongo products.
- negotiation of the contract or its preparation pursuant to Article 6 (1) b) GDPR (e.g. filling in the inquiry or contact form, creating a user account in the eshop or failing to complete an purchase)
- the legitimate interest of the Koongo in providing direct marketing (in particular for sending business messages and newsletters) under Article 6 (1) f) GDPR.
The personal information is required when placing the order or activating the Service (connecting the customer store to Service).
3.2 Purpose of personal data processing
The purpose of personal data processing is:
- fulfilling your order or activate the Service and performing the rights and obligations arising from the contractual relationship between you and the Koongo; personal data (name, address, contact) is a necessary requirement for the conclusion and performance of the contract, without the personal data it is not possible to conclude the contract or to fulfill it by the Koongo,
- sending business messages and performing other marketing activities.
The personal data we collect from you may be used in one of the following ways:
- To deal with your inquiries and requests
- To create and administer records about any online account that you register with us
- To provide you with information and access to resources that you have requested from us.
- To provide you with technical support (your information helps us to better respond to your individual needs)
- To improve our website (we continually strive to improve our website offerings based on the information and feedback we receive from you), including to improve the navigation and content of our sites
- For website and system administration and security
- For general business purposes, including to improve customer service (your information helps us to more effectively respond to your customer service requests and support needs), to help us improve the content and functionality of our Service, to better understand our users, to protect against wrongdoing, to enforce our Terms and Conditions, and to generally manage our business
- To process transactions and to provide Services to our customers and end-users
- For recruitment purposes, where you apply for a job with us
- To administer a contest, promotion, survey, or other site features
- To improve advertising campaigns, primarily in an effort to prevent targeting of impressions via third-party channels when they are not relevant
- To send e-mails, both either periodic or one off. The e-mail addresses you provide for invoicing or support questions will be used to send you information regarding payments, invoicing or answers to your questions as well as proactively for important updates of our Service. When it is in accordance with your marketing preferences, we will send occasional marketing e-mails about our Service, which you can unsubscribe from at any time using the link provided in the message.
3.3 Automated decision-making process
The Koongo does not use automated individual decision-making process within the meaning of Article 22 GDPR.
3.4 Other Websites
Koongo does not share personally identifiable information with business partners who display or offer Koongo products or services on their Websites.
3.5 External Links
3.6 What you get from Koongo
Koongo believes that honest and clear communications with customers and users is a key part of a great experience. All of Koongo's email communications contain information on how to unsubscribe, and Koongo honors all requests as quickly as possible. Below are examples (without limitation) of communications you may receive from Koongo:
3.6.1 Registration Email Messages
When you join for an account, you will receive an email confirming your registration (as applicable). The email message will contain your name, the email address you provided and your Koongo sign-in information.
3.6.2 Marketing or Promotional Emails
In case the Koongo processes the customer's personal data for other purposes that can not be subordinated to the legitimate interest or performance of the contract, he can only do so on the basis of a valid consent to the processing of personal data by the customer, which is an expression of free will of the customer a specific title for such personal data handling.
The customer needs to explicitly agree with the personal data processing. The email address will be processed for inclusion in the business messaging database.
You can accept consent at any time, for example, by sending a letter, email or a click to a link in your business message. Withdrawal of consent will result in the suspension of commercial communications.
4. Personal data handling
4.1 Personal data handling period
The Koongo keeps Personal Data:
- for as long as necessary for pre-contractual negotiations, exercise of rights and fulfillment of contractual obligations, and fulfillment of statutory obligations of Koongo, particularly as regards the management of prescribed accounting, tax and similar records.
- for the period of maximum 1 years for the customers who registered for Koongo account but not activate the Service or placed any order. We expect that during this period you might be still interested in products purchase or Service activation. After the time period above, the Koongo account will be deleted.
4.2 Personal data handling termination
The Koongo terminates the handling of customer data after the termination of the contractual relationship, after the expiry of the period specified in the consent to the processing of personal data or after forfeiture of the legitimate reasons for the archiving of personal data.
5. Personal data processors
Personal data are processed automatically and manually and can be available to the Koongo's employees. Personal data can be available also to the processors with whom the Koongo has entered into a contract for the processing of personal data if this is necessary for the fulfillment of their duties. Personal data can be available to another person under the conditions which are compliant with the Regulation.
The processing of personal data is carried out by the Koongo, the personal data can be processed also by these processors:
accounting service provider
persons involved in the supply of goods/services/realization of payments on the basis of a contract
server hosting provider - SuperNetwork s.r.o., located in the Czech Republic
other services related to the operation of the web application
- email client provider;
- MailChimp software - servers are located in the USA; MailChimp complies with the EU-US Privacy Shield Framework, ensuring adequate protection of personal data within the meaning of the GDPR Regulation.
- external contractors
- Payment providers
- the relevant bank institution, Fio banka, a.s.
- PayPal, 2211 North First Street San Jose, California 95131
Ingenico Group S.A., 28/32 boulevard de Grenelle, 75015, Paris, France
- Alternatively, other providers of processing software, services, and applications that are currently not used by the Koongo.
For detailed list of Personal Data processors, please contact us at firstname.lastname@example.org.
6. Personal data - customer rights
6.1 Customer rights
Under the terms of the GDPR you have
(a) the right to access your personal data under Article 15 of the GDPR,
(b) the right to correct personal data under Article 16 of the GDPR, or the restriction of personal data processing under Article 18 GDPR,
(c) the right to delete personal data under Article 17 of the GDPR. The Koongo is obliged to delete the personal data without undue delay in compliance with the reasons stated in the Regulation:
- personal data are not necessary for the purposes for which they were collected or otherwise processed and there is no other purpose of processing;
- customer withdraws the consent to the personal data processing and there is no further legal title for processing;
- the customer objects to processing and there are no overriding grounds for further processing;
- personal data have been processed unlawfully;
- personal data must be erased in order to comply with a legal obligation laid down by the EU or national legislation applicable to the Koongo;
- personal data were gathered in connection with the provision of information society services. Details and exceptions to this right are governed by the Regulation;
(d) the right to object to personal data processing under Article 21 GDPR and
(e) the right to personal data portability under Article 20 GDPR
(f) the right to withdraw consent to product data processing, referred in the section 3.2, in writing or electronically to the address or email address of the Koongo.
(g) the right to file a complaint with the Personal Data Protection Office if you believe that your privacy has been violated.
The Koongo limits the processing of the personal data in any of the following cases:
- the data subject denies the accuracy of the personal data for the time necessary to verify the accuracy of the personal data;
- the processing is unlawful and the data subject refuses the deletion of personal data and instead requests restrictions on its use;
- the Koongo no longer needs personal data for processing but the data subject is required to identify, exercise or defend legal claims;
- the data subject has objected to processing until it has been ascertained whether the legitimate reasons for the controller outweigh the legitimate reasons for the data subject;
6.2 Accessing and Updating your Information
The minimal personally identifiable information for Service activation or purchasing a Koongo product is customer email address, password, billing address and payment method information.
Customers may view and change their personally identifiable information by logging into their password-protected account. Once logged in, click the ‘Edit Account’ link. From here a customer may update their personal information, password, billing, and subscription information, including the ability to close their account.
It may take a reasonable period of time to respond to any request to cancel or modify an account. If you request the deletion or modification of your personal information maintained by Koongo, such information may be retained for a period of time in Koongo's backup systems as a precaution against system failures. Some information may be retained for longer periods as required by law, contract or auditing requirements.
7. Personal data protection
Koongo understands that the safety of your personal information is extremely important to you. That is why Koongo uses both electronic and other measures to keep your information protected from unauthorized access. We use industry-standard Secure Socket Layer (SSL) software to protect the transmission of information that you submit to the Website. This software encrypts the information that you input.
While we use current industry standard procedures to protect your privacy, unfortunately, no data transmission or storage security can be guaranteed 100% of the time. In addition, third parties may unlawfully intercept or obtain information from the Website. We do not promise that your personally identifiable information will remain private in such cases.
The processing of personal data may be processed by the processors solely on the basis of a contract for the processing of personal data, with the guarantees of organizational and technical security of these data and with the definition of the purpose of the processing, and the processors may not use the data for other purposes.
7.2 Security breach
In the event of a breach of security of data handling or data leakage, the Koongo shall promptly inform the Customer and the Office for Personal Data Protection within 72 hours.
3. Please visit also Koongo Terms and Conditions section establishing the use, disclaimers, and limitations of liability governing the use of the Website.
Please feel free to contact us through our website or write to us at:
NoStress Commerce s.r.o
Vyšehradská 1349/2, Nové Město
128 00 Praha 2