Terms and Conditions

Josef Rousek
Prague - Prosek, Kytlická 862, ZIP 190 00
ID: 02568535 (hereinafter referred to as the "provider")

These Terms and Conditions (hereinafter referred to as "T&C"), effective from May 1, 2018, govern the relationships in the provision of services Heureka.cz Měření konverzí and related services provided by the provider to users and their use and are binding for all business dealings with the provider.

By installing the application from the Shopify app catalog, the person who did so confirms that they are familiar with these T&C, expresses their agreement with their wording, and fully accepts them.

The service provision contract is created by installing the application from the Shopify app catalog and terminates by removing it from the specific store.

The price for the service is set in the Shopify app catalog on the APP_LISTING_URL page.

The currently valid version of the terms and conditions is always published on the provider's official website at https://verinize.com/static/tos.html.

The provider is entitled to temporarily interrupt the server operation, for the necessary time, especially for maintenance and modifications of equipment that directly affect the operation of services ordered by the user. The provider, if possible, informs the user of the outage in advance via email.

The provider is not responsible for defects or damages caused by defects in the delivery or its incorrect outputs, if they were caused by the user, third parties, or circumstances excluding liability. The provider is not responsible for defects or damages caused especially by:

inserting incorrect data into the delivery by the user, incorrect procedure by the user when entering information or files into the delivery, or incorrect interpretation of data presented by the delivery,
virus infection of the user's local network or computers by computer viruses (spyware, malware, etc.) or hacker attacks or other similar external attacks,
due to damage caused by unauthorized intervention in the delivery to the system software and environment,
damage caused by malfunctioning hardware, operating system, or network, due to damage caused by malfunctioning programs from other manufacturers running simultaneously with the delivered software.

The provider is not responsible for service interruptions, defects, damages, and data loss or damage caused by force majeure, in case of equipment failure, power supply failure, internet connection outage caused by the connection provider, or network attack by a third party, the provider is not responsible for defects, damages, and data loss or damage caused by incorrect handling by the user's system administrator or due to server attack by a third party due to non-compliance with security standards common in internet hosting operations.

The provider is not responsible for violations of copyright, trademark rights, trade name rights, and other rights protected by Czech laws.

The participants in this contractual relationship stipulate that the amount of foreseeable damage that may arise from a breach of the provider's obligations represents an amount of up to 30% of the delivery price, up to a maximum of 5,000 CZK, regarding which the damage event occurred, unless otherwise agreed. The provider is not responsible for the loss or damage of user data, any reconstruction of lost or damaged data is at the user's expense.

The participants in this contractual relationship are not liable, in addition to cases stipulated by the relevant law, for breaches caused by force majeure, i.e., circumstances arising independently of the participants' will, which could not be averted even with all possible effort, or are objectively unavoidable accidents.

Force majeure: The mentioned circumstances that the participants cannot influence and that exclude liability include:

state of war,
legal restrictions on export, import, production, strikes, sabotage,
natural disaster
other circumstances that the provider could not reasonably foresee or influence with reasonable effort and that prevent the fulfillment of the concluded contract.

The affected party is obliged to inform the other party of the occurrence of circumstances excluding liability without undue delay, otherwise, it loses the right to assert the consequences of these circumstances. After the end of these circumstances, the affected party is obliged to immediately inform the other party of the alternative fulfillment date. The provider fulfills the obligation under this paragraph by publishing information about the occurrence/end of these circumstances on its official product page.

Unless expressly stated otherwise, the parties will not compensate each other for:

lost profit arising in connection with the fulfillment of the contract; this does not apply if the damage arises as a result of conduct based on fraudulent conduct, intent, or gross negligence of the responsible party;
and damage arising in connection with an order placed orally.

Privacy Policy

I. Data Protection

1.1. By installing the application from the Shopify app catalog, the user confirms that they are familiar with the data protection terms, expresses their agreement with their wording, and fully accepts them.

1.2 The provider is the data controller of users' personal data according to Article 4 point 7) of the European Parliament and Council Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter referred to as "GDPR"). The provider undertakes to process personal data in accordance with legal regulations, especially GDPR.

1.3. Personal data are all information about an identified or identifiable natural person; an identifiable natural person is a natural person who can be identified directly or indirectly, especially by reference to a specific identifier, such as a name, identification number, location data, online identifier, or one or more specific elements of the physical, physiological, genetic, mental, economic, cultural, or social identity of this natural person.

1.4 When ordering, personal data necessary for the successful processing of the order (name and address, contact) are required. The purpose of processing personal data is to process the user's order and exercise rights and obligations arising from the contractual relationship between the provider and the user. The purpose of processing personal data is also to send commercial communications and conduct other marketing activities. The legal reason for processing personal data is the performance of the contract according to Article 6 paragraph 1 letter b) GDPR, the fulfillment of the legal obligation of the controller according to Article 6 paragraph 1 letter c) GDPR, and the legitimate interest of the provider according to Article 6 paragraph 1 letter f) GDPR. The legitimate interest of the provider is the processing of personal data for direct marketing purposes.

1.5 The provider uses subcontractors' services to fulfill the service, especially the web hosting provider (personal data are stored in third countries). Subcontractors are vetted for secure personal data processing.

1.6 The provider stores the user's personal data for the period necessary to exercise rights and obligations arising from the contractual relationship between the provider and the user and to assert claims from these contractual relationships (for 1 year from the termination of the contractual relationship). After this period, the data will be deleted.

1.7 The user has the right to request access to their personal data from the provider according to Article 15 GDPR, correction of personal data according to Article 16 GDPR, or restriction of processing according to Article 18 GDPR. The user has the right to delete personal data according to Article 17 paragraph 1 letter a), and c) to f) GDPR. Furthermore, the user has the right to object to processing according to Article 21 GDPR and the right to data portability according to Article 20 GDPR.

1.8 The user has the right to file a complaint with the Office for Personal Data Protection if they believe that their right to personal data protection has been violated.

1.9 The user is not obliged to provide personal data. However, providing personal data is a necessary requirement for concluding and fulfilling the contract, and without providing personal data, it is not possible to conclude or fulfill the contract by the provider.

1.10 The provider does not engage in automated individual decision-making within the meaning of Article 22 GDPR.

1.11 An applicant for the provider's services by filling out the contact form:

agrees to the use of their personal data for the purposes of electronic sending of commercial communications, advertising materials, direct sales, market research, and direct product offers from the provider, but not more often than once a month, and
declares that the sending of information according to point 1.11.1 is not considered unsolicited advertising within the meaning of Act No. 40/1995 Coll., as amended, as the user expressly agrees to the sending of information according to point 1.11.1 in connection with § 7 of Act No. 480/2004 Coll.
The user can revoke the consent under this paragraph at any time in writing to josef@rousek.name.

II. Rights and Obligations between the Controller and the Processor (Processing Agreement)

2.1 The provider is the processor of personal data of the user's clients according to Article 28 GDPR. The user is the controller of these data.

2.2 These terms govern the mutual rights and obligations in the processing of personal data, to which the provider has gained access in the course of fulfilling the contract concluded by agreeing to the general terms and conditions in the same document concluded with the user on the date of account creation.

2.3. The provider undertakes to process personal data for the user to the extent and for the purpose specified in Articles 2.4 - 2.7 of these terms. The processing means will be automated. The provider will collect, store on information carriers, retain, block, and dispose of personal data in the course of processing. The provider is not authorized to process personal data in contradiction or beyond the scope specified by these terms.

2.4 The provider undertakes to process personal data for the user to the following extent:

ordinary personal data which the user has obtained in connection with their own business activities.

2.5. The provider undertakes to process personal data for the user for the purpose of providing application services.

2.6. Personal data can only be processed at the provider's or its subcontractors' workplaces according to Article 2.8 of these terms, and within the territory of the European Union.

2.7. The provider undertakes to process the personal data of the user's clients for the user, all for the period necessary to exercise rights and obligations arising from the contractual relationship between the provider and the user and to assert claims from these contractual relationships (for 2 months).

2.8 The user grants permission to involve a subcontractor as another processor according to Article 28 paragraph 2 GDPR, which is the application hosting provider. The user further grants the provider general permission to involve another processor of personal data, but the provider must inform the user in writing of all intended changes regarding the acceptance of other processors or their replacement and provide the user with the opportunity to object to these changes. The provider must impose the same personal data protection obligations on its subcontractors in the position of personal data processors as are set out in these terms.

2.9. The provider undertakes to ensure that personal data processing is secured, especially in the following way:

Personal data are processed in accordance with legal regulations and based on the user's instructions, i.e., for the performance of all activities necessary for providing application services.
The provider undertakes to technically and organizationally secure the protection of processed personal data so that unauthorized or accidental access to data, their alteration, destruction, or loss, unauthorized transfers, their other unauthorized processing, as well as other misuse, are prevented, and to ensure that all obligations of the personal data processor arising from legal regulations are continuously secured during the processing of data.
The technical and organizational measures taken correspond to the level of risk. The provider ensures continuous confidentiality, integrity, availability, and resilience of processing systems and services, and timely restoration of the availability of personal data and access to them in the event of physical or technical incidents.
The provider hereby declares that personal data protection is subject to the provider's internal security regulations.
Only authorized persons of the provider and subcontractors according to Article 2.8 of these terms, who will have the conditions and scope of data processing set by the provider, and each such person will access personal data under their unique identifier, will have access to personal data.
Authorized persons of the provider who process personal data according to these terms are obliged to maintain confidentiality about personal data and security measures, the disclosure of which would jeopardize their security. The provider will ensure their demonstrable commitment to this obligation. The provider will ensure that this obligation for the provider and authorized persons will last even after the termination of the employment or other relationship with the provider.
The provider will assist the user through appropriate technical and organizational measures, if possible, to fulfill the user's obligation to respond to requests for the exercise of data subject rights set out in the GDPR; as well as in ensuring compliance with obligations under Articles 32 to 36 GDPR, taking into account the nature of the processing and the information available to the provider.
After the termination of the provision of performance associated with processing, according to Article 2.7 of these terms, the provider is obliged to delete all personal data or return them to the user unless the provider has an obligation to store personal data based on a special law.
The provider will provide the user with all information necessary to demonstrate that the obligations under this agreement and GDPR have been fulfilled, allow audits, including inspections, conducted by the user or another auditor authorized by the user.

2.10 The user undertakes to promptly report all known facts that could adversely affect the proper and timely fulfillment of obligations arising from these terms and to provide the provider with the necessary cooperation for fulfilling these terms.

III. Final Provisions

3.1 These terms cease to be valid upon the expiration of the period specified in Article 1.6 and Article 2.7 of these terms.

3.2 The user agrees to these terms by checking the consent box through the online form. By checking the consent box, the user declares that they have read these terms, agree with them, and fully accept them.

3.3 The provider is entitled to change these terms. The provider is obliged to publish the new version of the terms on its website without undue delay, or send the new version to the user at their email address.

3.4. The provider's contact details regarding these terms: +420 608 583 036, josef@rousek.name.

3.5 Relationships not expressly governed by these terms are governed by GDPR and the legal order of the Czech Republic, especially Act No. 89/2012 Coll., the Civil Code, as amended.