Menu
Your Cart

Privacy Policy

NUBIRO s.r.o. – Privacy Policy

Effective from: 1 February 2026

1. DATA CONTROLLER

The data controller is:

NUBIRO s.r.o.
Registered address: České mládeže 1096, 460 06 Liberec 6, Czech Republic
Company ID: 10881239, VAT ID: CZ10881239
E-mail: info@nubiro.cz
Tel.: +420 487 989 050 / +420 704 051 051
Web: https://nubiro.cz
Registered in the Commercial Register maintained by the Regional Court in Ústí nad Labem, Section C, Insert 47150

NUBIRO s.r.o. has not appointed a Data Protection Officer (DPO). For any matters relating to personal data protection, please contact us directly at the e-mail address above.

2. INTRODUCTION AND KEY PRINCIPLES

The protection of your personal data matters to us. We process personal data lawfully, transparently and only to the extent necessary for the given purpose, in accordance with Regulation (EU) 2016/679 (GDPR) and applicable Czech legislation.

We never sell your personal data to third parties or use it for purposes to which you have not consented.

3. PURPOSES AND LEGAL BASES FOR PROCESSING

3.1 Performance of Contract (Orders)

Processing is necessary for the conclusion and performance of a purchase contract, delivery of goods, issuance of tax documents, handling of complaints and enforcement of contractual rights.
Legal basis: performance of a contract (Art. 6(1)(b) GDPR).

3.2 Compliance with Legal Obligations

We process personal data to fulfil statutory obligations, in particular in the areas of accounting, taxation and AML (Act No. 253/2008 Coll.).
Legal basis: compliance with a legal obligation (Art. 6(1)(c) GDPR).

3.3 Legitimate Interest – Direct Marketing to Customers

We may send existing customers commercial communications regarding similar NUBIRO products and services, in accordance with applicable law. You may object to this processing at any time.
Legal basis: legitimate interests of the controller (Art. 6(1)(f) GDPR).

3.4 Consent – Newsletter and Marketing Communications

Based on your explicit consent, we send newsletters, catalogues, event invitations and personalised offers.
Legal basis: consent of the data subject (Art. 6(1)(a) GDPR).

3.5 Consent – User Account

Upon registration, we process your data to maintain your user account, provide an order history and related e-shop functionality.
Legal basis: consent of the data subject (Art. 6(1)(a) GDPR).

3.6 Consent – Contact Form and Telephone Communication

If you contact us via the web contact form or by telephone, we process your data to handle your enquiry and communicate with you.
Legal basis: consent of the data subject (Art. 6(1)(a) GDPR).

3.7 Consent – Abandoned Cart

If you leave an order incomplete, we may send you a reminder e-mail about completing your purchase.
Legal basis: consent expressed by entering your e-mail address.

3.8 Legitimate Interest – Protection of NUBIRO's Rights

Personal data may be processed for the purpose of protecting legal claims, resolving disputes and in the context of inspections by public authorities.
Legal basis: legitimate interests of the controller (Art. 6(1)(f) GDPR).

4. CATEGORIES OF PERSONAL DATA PROCESSED

Depending on the purpose of processing, we work with the following categories of data:

  • Identification data: first name, surname, date of birth, identity document number (for AML identification purposes),
  • Contact data: address, e-mail, telephone number,
  • Transaction data: information about orders, payments and purchase history,
  • Technical data: IP address, browser type, cookies and device identifiers,
  • Marketing data: website behaviour, responses to commercial communications, preferences.

5. DATA RETENTION PERIODS

  • Contractual relationship: for the duration of the contract and 4 years after its termination (for potential claims),
  • Accounting and tax documents: 10 years under Act No. 563/1991 Coll., on Accounting,
  • AML identification: 10 years under Act No. 253/2008 Coll.,
  • Marketing consent: until consent is withdrawn,
  • User account: until account deletion or withdrawal of consent,
  • Contact enquiries: for as long as necessary to handle the enquiry, no longer than 1 year.

6. RECIPIENTS AND PROCESSORS

We share personal data only with verified parties and only to the extent necessary for the given purpose:

  • Carriers: only data necessary for delivery (name, address, telephone),
  • Accounting and tax advisors: for fulfilment of statutory obligations,
  • IT and hosting service providers: for operation of the e-shop and communication infrastructure,
  • Marketing tools: Google Analytics, Facebook Pixel (see Article 8),
  • Heureka Shopping s.r.o.: under the Verified by Customers programme (see Article 9),
  • Legal and audit firms: in connection with disputes or regulatory inspections.

We do not sell or transfer personal data to third parties for their own marketing purposes.

7. WITHDRAWAL OF CONSENT

You may withdraw your consent to data processing at any time, without affecting the lawfulness of processing carried out prior to withdrawal. Withdrawal is possible:

  • by e-mail to info@nubiro.cz,
  • in writing to our registered address,
  • via the unsubscribe link in commercial communications.

8. THIRD-PARTY ANALYTICS AND MARKETING TOOLS

8.1 Google Analytics

We use Google Analytics (operated by Google LLC, USA) to analyse website traffic. This service may store cookies and transfer anonymised data to Google's servers. For more information, please visit policies.google.com/privacy.

8.2 Facebook Pixel

Our website uses Facebook Pixel (operated by Meta Platforms, Inc., USA) to measure advertising effectiveness and reach relevant audiences. Data is processed in accordance with Meta's data policy: facebook.com/privacy/policy.

8.3 Cookies

Our website uses cookies to ensure functionality, analytics and marketing. We categorise cookies as follows:

  • Essential cookies: necessary for the website to function, no consent required,
  • Analytical cookies: used to track visitor behaviour (Google Analytics),
  • Marketing cookies: used for targeted advertising (Facebook Pixel).

You can adjust your cookie settings at any time via the cookie banner on our website or in your browser settings.

9. SERVICE REVIEWS – HEUREKA

NUBIRO participates in the "Verified by Customers" programme operated by Heureka Shopping s.r.o. For this purpose, we share your e-mail address with Heureka after a completed purchase so they can invite you to leave a review. Participation is voluntary and can be declined:

  • by selecting the relevant option before submitting your order, or
  • by sending an e-mail to info@nubiro.cz after your purchase.

10. YOUR RIGHTS AS A DATA SUBJECT

Under the GDPR, you have the following rights:

  • Right of access – you may request confirmation of whether we process your personal data and obtain a copy,
  • Right to rectification – you may request correction of inaccurate or incomplete data,
  • Right to erasure – under certain conditions, you may request deletion of your data ("right to be forgotten"),
  • Right to restriction of processing – you may request that we limit how we process your data,
  • Right to data portability – you may obtain your data in a structured, machine-readable format,
  • Right to object – you may object to processing based on legitimate interests, in particular for direct marketing purposes,
  • Right to lodge a complaint – you have the right to lodge a complaint with the supervisory authority.

To exercise your rights, please contact us by e-mail at info@nubiro.cz. We will respond without undue delay and no later than 30 days.

11. SUPERVISORY AUTHORITY

The supervisory authority for personal data protection in the Czech Republic is:

Office for Personal Data Protection (ÚOOÚ)
Pplk. Sochora 727/27, 170 00 Prague 7, Czech Republic
Web: www.uoou.cz

12. VALIDITY

This document is effective from 1 February 2026. NUBIRO s.r.o. reserves the right to update this document as needed. The current version is always available at nubiro.cz.

The NUBIRO® Team