Processing of personal data and instructing the entity within the meaning of GDPR

I. Basic provisions

Personal data controllers pursuant to Art. Pursuant to point 4 (7) of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as "GDPR"), Mibax Trade, sro, is established by MRŠtefánika 1050/74, 03601 Martin, IČO: 47 36 4874, DIČ: 2023828455, registered in the Commercial Register OS Žilina, section: Ltd. Insert number: 59754 / L. (Hereinafter referred to as the "administrator").

Administrator's contact details are: Mibax Trade, s.r.o. , M.R.Štefánika 1050/74, 03601 Martin, Slovak Republic


Phone: +421 911 366 664

Personal data are all information about an identified or identifiable natural person; an identifiable natural person is a natural person who can be identified, directly or indirectly, in particular by reference to an identifier, such as name, identification number, location data, network identifier or one or more factors specific to physical, physiological, genetic, mental, economic, cultural or social the identity of that individual.

The administrator has not appointed a privacy officer.

II. Sources and categories of processed personal data

The Administrator processes the personal data you provided to him / her by registering on the website, or the personal data that the Administrator obtained based on the fulfillment of your order.

The administrator processes your identification and contact data and the data necessary to perform the contract.

Cookies and web beacons (hereinafter referred to as “website navigation information”) are used to collect information while navigating Web navigation information contains standard information from a web browser, such as the browser type; the IP address ("IP") and actions you take on the page, such as webpages displayed and clicks on links.

This information is used to operate more efficiently as well as collect statistical information and collect personal information as a type of browser and operating system, referring site, site paths, ISP domains, and the like. Cookies and similar technologies help to customize to your preferences, procedures and needs, as well as to detect and prevent security threats and misuse.

III. Legal reason and purpose of processing personal data

The legal reason for processing personal data is:

  • performance of the contract between you and the administrator pursuant to Art. 6 par. 1, par. (b) GDPR;
  • the legitimate interest of the administrator in providing direct marketing (in particular for sending business notices and newsletters) pursuant to Art. 6 par. 1, par. (f) GDPR;

Your consent to processing for the purpose of providing direct marketing (especially for sending business notices and newsletters) pursuant to Art. 6 par. 1, par. a) GDPR in conjunction with § 7 para. 2 of Act no. 480/2004 Coll., On some information society services in the case that the goods or services were not ordered.

The purpose of the processing of personal data is:

  • handling your order and exercising your rights and obligations under the contractual relationship between you and the administrator; the order requires personal data necessary for successful order processing (name and address, contact), the provision of personal data is a necessary requirement for the conclusion and performance of the contract, without the provision of personal data it is not possible to conclude the contract or
  • sending business notifications.

On the part of the administrator there is an automatic individual decision-making within the meaning of Art. 22 GDPR. You have given your explicit consent to such processing by checking the box when registering at

IV. Data retention period

Administrator keeps personal data:

  • for the period necessary to exercise the rights and obligations arising from the contractual relationship between you and the Administrator and to assert claims arising from these contractual relationships (for a period of 10 years from the termination of the contractual relationship).
  • for a period of 3 years if consent to the processing of personal data for marketing purposes is withdrawn, if the personal data are processed by consent.

After the personal data retention period expires, the controller deletes the personal data.

V. Recipients of personal data (subcontractors of the administrator)

The recipients of personal data are:

  • involved in the delivery of goods / services / payments under contract,
  • providing e-shop operation services and other services related to e-shop operation,
  • providing marketing services.

The Administrator declares that it does not and will not provide personal data to a third country (outside the EU) or to an international organization.

The Seller declares that it processes the personal data of the Buyer of the natural person or the Consumer for the purpose of fulfilling the obligations under the Purchase Agreement through the following intermediaries:

a) DPD (Data Protection Officer DPD, ďalej len DPO DPD), na adrese alebo na telefónnom čísle +421 907 916 018.