This Privacy Policy explains how D i g i l y Ltd. ("we", "us", "our") collects and processes your personal data when you use our website and order our products. We are the data controller. We process personal data in accordance with Regulation (EU) 2016/679 (GDPR) and Act No. 18/2018 Z. z. on the protection of personal data.
Controller: D i g i l y Ltd., , 91701 Trnava, Slovakia · IČO: 44 99 19 83 · IČ DPH: SK202 289 93 29
Contact for data-protection matters: info@wristbandseu.com — +421 951 646 335
1. WHAT DATA WE COLLECT
Depending on how you use the website, we may process:
Identification and contact data — name, billing/delivery address, e-mail, telephone; for businesses also company name, company ID and VAT ID.
Order data — products ordered, the artwork/text you supply for printing, order history, communication about the order.
Payment data — the amount, payment method and transaction status. Full card details are processed directly by our payment providers; we do not store your full card number.
Account data — login and password (stored in hashed form), preferences.
Verification data — where needed to verify an order (Articles 1.7–1.9 of our Terms), for example confirmation from an official/company e-mail or phone, or business documents such as a VAT ID or commercial-register extract. We do not require a personal identity document.
Technical data — IP address, device/browser information, and cookie data (see Section 5).
We do not knowingly collect special categories of data, and our website is not directed at children.
2. WHY WE USE YOUR DATA AND ON WHAT LEGAL BASIS
Purpose
Legal basis (GDPR Art 6)
Processing and delivering your order; managing your account; customer support and complaints
Performance of a contract — Art 6(1)(b)
Issuing invoices and keeping accounting/tax records
Legal obligation — Art 6(1)(c)
Verifying orders and preventing fraud and unauthorised/counterfeit use (Articles 1.7–1.9 of the Terms)
Legitimate interest — Art 6(1)(f)
Showing photographs of products we have made, as references on our website (you may object — Article 12 of the Terms)
Legitimate interest — Art 6(1)(f)
Establishing, exercising or defending legal claims
Legitimate interest — Art 6(1)(f)
Website analytics and advertising measurement (cookies — see Section 5)
Your consent — Art 6(1)(a)
Marketing communications, where applicable (see Section 4)
Consent — Art 6(1)(a), or legitimate interest for our own similar products to existing customers
3. HOW LONG WE KEEP YOUR DATA
Order, invoice and accounting data — for the retention period required by accounting and tax law (in the Slovak Republic, generally up to 10 years).
Account data — for as long as your account is active, and then deleted or anonymised after a reasonable period of inactivity.
Verification / anti-fraud data — only for as long as needed to verify the order or to defend a related claim, then deleted (consistent with Article 13.2 of the Terms).
Communication / support records — for a reasonable period after the matter is resolved.
Consent-based data (marketing, non-essential cookies) — until you withdraw consent or the cookie expires.
After the applicable period, data is deleted or anonymised unless the law requires longer retention.
4. MARKETING COMMUNICATIONS
At present we send only transactional e-mails relating to your order (confirmations, status updates, delivery, invoices) — these are necessary to perform the contract and are not marketing.
If in future we send newsletters or promotional offers, we will do so only with your consent, or — to existing customers, about our own similar products — on the basis of legitimate interest (soft opt-in). Every marketing message will contain an easy way to unsubscribe, and you can withdraw consent at any time at info@wristbandseu.com with no effect on the lawfulness of prior processing.
5. COOKIES AND ANALYTICS
Cookies are small files stored on your device. We use:
Strictly necessary cookies — required for the website to function (shopping cart, session, login, language and currency). These do not require consent.
Analytics cookies — Google Analytics — to understand how the website is used and improve it.
Advertising / conversion cookies — Google Ads — to measure the performance of our advertising and, where applicable, for remarketing.
Analytics and advertising cookies are non-essential and are used only with your consent, which you give through our cookie banner when you first visit the site. You can change or withdraw your choice at any time via the cookie settings, and you can also block or delete cookies in your browser — this may limit some functions. These tools are provided by Google and may involve a transfer of data outside the EEA (see Section 7).
6. WHO WE SHARE YOUR DATA WITH
We do not sell your personal data. We share it only with recipients who help us provide our services, acting as our processors or independent controllers as applicable:
Payment providers — Stripe, PayPal, MyPOS (to process payments).
IT, hosting and e-mail providers — to operate the website and send transactional e-mail. Our server is located in the EU (Germany).
Analytics and advertising — Google (only with your consent — Section 5).
Accounting / tax advisors — to meet our legal obligations.
Public authorities and courts — where required by law or to defend legal claims.
Our processors are bound by contracts requiring them to protect your data and to process it only on our instructions.
7. INTERNATIONAL TRANSFERS
Our hosting and most of our processors are within the EU/EEA. Some providers (in particular Google, and some payment providers) may process data in the United States or other third countries. Where this happens, the transfer is protected by an appropriate safeguard under the GDPR — an EU adequacy decision (incl. the EU–US Data Privacy Framework) and/or Standard Contractual Clauses. You may request more information about these safeguards at info@wristbandseu.com.
8. YOUR RIGHTS
Under the GDPR you have the right to:
access your personal data and obtain a copy;
rectification of inaccurate or incomplete data;
erasure ("right to be forgotten"), where applicable;
restriction of processing;
data portability — receive your data in a structured, machine-readable format;
object to processing based on legitimate interest, and to object to direct marketing at any time;
withdraw consent at any time, without affecting prior processing.
To exercise any of these rights, contact us at info@wristbandseu.com. We respond within the legal time limit (generally one month).
You also have the right to lodge a complaint with the supervisory authority: Úrad na ochranu osobných údajov Slovenskej republiky, Hraničná 12, 820 07 Bratislava 27, www.dataprotection.gov.sk.
9. SECURITY
We use appropriate technical and organisational measures to protect your data against unauthorised access, loss or misuse — including encrypted connections (HTTPS), hashed passwords, access controls and processing data only to the extent necessary. No method of transmission over the internet is completely secure, but we work to protect your data and review our measures regularly.
10. CHILDREN
Our website and products are intended for customers able to enter into a contract. We do not knowingly collect personal data of children in a way that requires parental consent; if you believe a child has provided us data inappropriately, contact us and we will delete it.
11. CHANGES TO THIS POLICY
We may update this Privacy Policy from time to time, for example to reflect changes in law or our services. Each version is dated; the current version is always published on this page.
12. CONTACT
For any question about this Privacy Policy or your personal data:
D i g i l y Ltd. — , 91701 Trnava, Slovakia · IČO: 44 99 19 83 · IČ DPH: SK202 289 93 29
