Privacy Policy
Effective from: 1 May 2026
The legally binding version of this document is in Slovak. This English version is provided for the convenience of foreign customers; in case of any discrepancy, the Slovak version prevails.
This document describes how we process the personal data of visitors and customers of the ruzickagifts.com e-shop, in accordance with Regulation (EU) 2016/679 (GDPR) and Act No. 18/2018 Coll. of the Slovak Republic.
I. Controller
- Ružena Štiglicová – Ružička
- Jazdecká 10, 931 01 Šamorín, Slovak Republic
- ID No. (IČO): 57593485
- Email: ruzickagifts@gmail.com
- Phone: +421 905 586 532
The controller has not appointed a data protection officer (DPO) — the scope and nature of the processing does not legally require one.
II. What personal data we process
When fulfilling an order and communicating with the customer, we process the following data:
- Identification: first name and surname
- Contact: email address, phone number
- Delivery address: street, city, postal code, country (or Packeta pickup point details)
- Order data: cart contents, product variants, personalised text (if part of the order), price, order date, order number
- Payment data: payment method and payment status (the card data itself is processed exclusively by the GoPay payment gateway; the seller has no access to it)
- Communication: contents of emails and messages you send us
The e-shop does not use analytics tools (Google Analytics etc.) or advertising pixels, so we do not process any behavioural data, tracking cookies or visitor profiles.
III. Purpose of processing and legal basis
| Purpose | Legal basis | Retention |
|---|---|---|
| Order fulfilment and delivery | Contract performance (Art. 6(1)(b) GDPR) | Duration of the contractual relationship |
| Issuing and archiving tax documents | Legal obligation (Art. 6(1)(c) GDPR — Slovak accounting and VAT laws) | 10 years |
| Handling complaints and returns | Legal obligation | 4 years after end of warranty period |
| Communication with the customer (email, phone) | Legitimate interest (Art. 6(1)(f) GDPR) | Up to 2 years from last communication |
IV. Recipients of personal data (processors)
Your personal data may be shared with the following processors who provide services necessary for running the e-shop:
- Packeta (Zásielkovňa s. r. o., Bratislava) — shipping: name, delivery address, phone, email
- GoPay s. r. o. (Czech Republic) — payment processing: name, email, amount, order number (card data is processed by GoPay separately as a controller)
- Cloudflare, Inc. (USA) — web hosting and CDN; processes technical data (IP address, request time)
- Google Workspace / Gmail (Google Ireland Ltd.) — email communication
Some processors (Cloudflare, Google) may transfer data to third countries outside the EU. Such transfers are protected by the Standard Contractual Clauses (SCC) approved by the European Commission in line with the GDPR.
The seller does not share personal data with third parties for marketing purposes and does not sell it.
V. Your rights
Under the GDPR, you have the following rights:
- Right of access — to obtain confirmation that we process your data and a copy of it
- Right to rectification — to correct inaccurate or incomplete data
- Right to erasure („right to be forgotten") — to request deletion when there is no longer a legal reason to keep it
- Right to restriction of processing — in certain cases to limit how we process the data
- Right to data portability — to receive your data in a structured, machine-readable format
- Right to object — to object to processing based on legitimate interest
- Right to lodge a complaint with the supervisory authority — Office for Personal Data Protection of the Slovak Republic (Hraničná 12, 820 07 Bratislava 27, dataprotection.gov.sk)
You can exercise these rights by emailing ruzickagifts@gmail.com or in writing to the controller's registered address. Your request will be processed within 30 days at the latest.
VI. Cookies
The Ružička website uses only strictly necessary cookies and the browser's local storage (localStorage) — specifically to keep the contents of the shopping cart between visits. This data does not leave your browser and is not sent to the server.
The e-shop does not use analytics, advertising or tracking cookies. No cookie banner or cookie consent is required.
VII. Data security
The controller has implemented appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, destruction or loss. Communication between browser and server is encrypted with HTTPS (TLS).
VIII. Changes to this document
The controller reserves the right to update this document. The current version is always published on this page. Customers will be informed of significant changes by email.
This document becomes effective on 1 May 2026.