Processing and protection of personal data

E-shop operator HillVital s.r.o., based in Poprad, Company number: 50739972 declares that we process your personal data according to Regulation (EU) 2016/679 of the European Parliament and of the Council on data protection and privacy for all individuals with regard to the processing of personal data and the free the movement of such data, the General Data Protection Regulation (hereinafter referred to as "GDPR"). Read also our Cookie Policy.

  1. Personal Data Protection

Your trust is important to us. We respect your control over your personal data and digital content. Our priority is to prevent any unauthorized access to your personal data.

What personal information do we collect?

When you register or place an order with us, it is necessary for us to collect certain information from you to enable us to complete our service. This allows us to process and fulfill your order and to notify you about order status. The information you provide us with includes obligatory data, such as contact information, payment information and optional information. You voluntarily provide us with personal information, where we ask you for consent, e.g. when registering, agreeing to receiving marketing information, or submitting reviews and more to the specified extent.

How do we use your personal information?

We use your information for the following purposes:

  • Create and manage your personal account (signup);
  • Processing your orders, shipping, returns and claims;
  • Inform you about your order status via SMS or email;
  • Contact you urgently if there is a problem with your order via phone call, email or SMS;
  • Answer your questions by email or by phone;
  • If you consent, to send you marketing information (newsletter).
  • Check your age due to purchasing laws, especially for the purposes of:
    • purchase with registration or without registration for three years, with the new three-year period running from the day you make your last order,
    • evaluating a purchase or goods for a period of three years,
    • to notify you about business information without purchase, discussions, contact forms, consultations, product inquiries, etc. for one year,
    • or for a statutory period of time (10 years, the particulars on the tax document, fulfilment of the statutory obligation).

After this period, your personal information will be deleted, provided you didn't agree in prolonging of the processing time.

  1. Information you share with us

In order to provide you with the best possible service and relevant content, we collect information how our website is used. This means that we analyze the use of our website and administer this website. In case you do not want us to collect this information, you can use your browser's anonymous mode or opt-out cookies. Read more in Cookie Policy.

You may revoke your consent to send marketing emails at any time by clicking on the "Sign out Newsletter" link in the email, or you can contact us using any method listed at our website in Contacts section.

  1. Service Providers

The information we gather from you is used by us to ensure that we provide you with the best possible services. To be able to do that, we can not exist without external providers. The data we obtain, can be available to delivery companies or other providers of processing software and services. We never provide, sell or assign your data to third parties for trading.

  1. Your rights

The right to withdraw your consent at any time (Article 7 (3) GDPR)

As a person concerned, you have the right to withdraw your consent of the processing of your personal data at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

The right to access your personal data (Article 15 GDPR)

You have the right to request a copy of your personal data we have, as well as information about how we use your personal information. In most cases, your personal information will be provided to you in electronic form, unless you require another way to provide it. If you have requested this information in written form, it will be provided in writing if technically possible. You have the right to request information about what personal data we hold about you (free of charge once a year).

The right to rectify inaccurate personal data (Article 16 GDPR)

We take reasonable steps to ensure the accuracy, completeness and timeliness of the information we hold. If you believe that the data we have is inaccurate, incomplete or out of date, please do not hesitate to ask us to modify, update or complete this information.

The right to erasure (Article 17 GDPR)

You have the right to ask us to delete your personal information, for example, if the personal information we have received is no longer necessary to fulfil the original purpose of the processing. However, your right must be assessed in the light of all relevant circumstances. For example, we may have some legal and regulatory obligations, which means we will not be able to meet your request.

The right to a restriction of processing (Article 18 GDPR)

Under certain circumstances, you are entitled to ask us not to use your personal data. These are, for example, cases where you believe that personal information we have about you may be inaccurate or if you believe that we no longer need your personal data to be used.

Right to data portability (Article 20 GDPR)

Under certain circumstances, you have the right to ask us to transfer your personal data to another third party of your choice. However, the right to portability concerns only personal data that we have obtained from you on the basis of consent or under a contract of which you are one of the parties.

Right to object (Article 21 GDPR)

You have a right to object to the processing of data that is based on our legitimate interests. If we do not have a valid legitimate reason for processing and you object, we will not process your personal data further.

Right to lodge a complaint (Article 77 GDPR)

You may contact us to complain about the way your personal data is processed, including the above rights. We will properly review all your complaints.

If you are not satisfied with our response or you believe that your personal data are processed without a valid reason or illegally, you may file a complaint with your local Supervisory Authority.

  1. Security

Security services help keep personal data safe from cyber attacks and unauthorized persons. Without security there is no guarantee of privacy. Thanks to our commitment to address cybersecurity, we can offer truly secure digital services.