Privacy Policy Terms

I. Basic Provisions

1.    The controller of personal data pursuant to Article 4(7) of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter: „GDPR“) is MOTOPLACE s.r.o. IČ 11751185 with registered office at Opletalova 1626/36, Nové Město, 110 00 Praha 1, registered in the Commercial Register under C 384743 – Městský soud v Praze (hereinafter: „controller“).

2.    The controller's contact details are:

MOTOPLACE s.r.o.
business address: Zimmlerova 2907/36, 700 30 Ostrava
e-mail: info@txrmoto.cz
telefon: +420 736 298 458

3.    Personal data means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

4.    The controller has not appointed a Data Protection Officer.

 
II. Sources and Categories of Personal Data Processed

5.    The controller processes personal data that you have provided or personal data that the controller obtained in connection with the fulfilment of your order:

•       first and last name,

•       e-mail address,

•       postal address,

•       phone number,

•       IP address,

•       web behaviour data (cookies, analytics).

6.    The controller processes your identification and contact data and data necessary for the performance of the contract.

 
III. Legal Basis and Purpose of Personal Data Processing

7.    The legal basis for processing personal data is:

•       performance of a contract between you and the controller pursuant to Article 6(1)(b) GDPR,

•       compliance with a legal obligation of the controller pursuant to Article 6(1)(c) GDPR,

•       the legitimate interests of the controller in providing direct marketing (in particular for sending commercial communications and newsletters) pursuant to Article 6(1)(f) GDPR,

•       your consent to processing for the purposes of providing direct marketing (in particular for sending commercial communications and newsletters) pursuant to Article 6(1)(a) GDPR in conjunction with Section 7(2) of Act No. 480/2004 Coll., on certain information society services, in cases where no order for goods or services has been placed.

The legal basis and purpose of personal data processing are described in detail in the following table:

Legal basis	Purpose	Data	Data source	Processors
Performance of contract	Order processing	Clients' personal data (contact details, address) and information about ordered goods	Order form	Subcontractors, mailing services, cloud storage, shipping companies (e.g. Zásilkovna, PPL, DPD, Česká pošta), payment gateways
Performance of contract	Response to a message sent via contact form or e-mail	Clients' contact details	Contact form, e-mail communication	Subcontractors, mailing services
Legal obligation	Accounting	Clients' billing details and information about ordered goods	Invoices	Accounting firm
Legitimate interest	Providing e-mail to a third-party service to obtain a review (Ověřeno zákazníky programme)	E-mail address and information about ordered goods	Order form	Heureka.cz
Legitimate interest	Providing direct marketing (in particular sending commercial communications and newsletters)	Clients' contact details	Information from orders	Mailing services, subcontractors
Legitimate interest	Regular traffic analysis, detection of server errors and prevention of fraud and server attacks	Pseudonymised identifiers of registered users such as UserID, IP addresses	User navigation on the web, registration and creation of an anonymised user ID, display of error page	Google Analytics, web hosting services
Consent	Publication of a customer review or product enquiry	Customer's name and e-mail address	E-mail communication and web form	Cloud storage, mailing services
Consent	Profiling for the display of targeted content on the web and in direct marketing (newsletters)	Display of pages of specific products browsed by the user	Clicking on links to product details	Web hosting company, marketing tools

 

8.    The purpose of personal data processing is:

•       processing your order and exercising rights and obligations arising from the contractual relationship between you and the controller; when placing an order, personal data necessary for the successful processing of the order (name and address, contact) are required; providing personal data is a necessary requirement for concluding and performing the contract; without providing personal data, the contract cannot be concluded or performed by the controller,

•       compliance with legal obligations towards the state,

•       sending commercial communications and carrying out other marketing activities.

9.    The controller does not carry out automated individual decision-making within the meaning of Article 22 GDPR.

 
IV. Cookies and Tracking Technologies

10.  The controller's websites use cookies and similar tracking technologies. Cookies are small data files stored in your browser when you visit websites.

11.  The controller uses the following categories of cookies:

•       Necessary cookies – are necessary for the basic functioning of the website (shopping cart, login). No consent is required for their use.

•       Analytical cookies – are used to analyse traffic and user behaviour on the website (Google Analytics). They are used on the basis of your consent.

•       Marketing cookies – are used to display targeted advertising and personalise content. They are used on the basis of your consent.

12.  Upon your first visit to the website, you are asked to consent to the use of optional cookies via the cookie consent banner. Consent can be withdrawn at any time through the cookie settings available on the controller's website.

13.  You can change or withdraw your consent to cookies at any time in your browser settings or through the consent management tool on the controller's website. Withdrawal of consent does not affect the lawfulness of processing carried out before withdrawal.

 
V. Data Retention Period

14.  The controller retains personal data:

•       for the period necessary for the exercise of rights and obligations arising from the contractual relationship between you and the controller and for asserting claims arising from such contractual relationships – invoicing and accounting documents for 10 years from the end of the accounting period, other contractual documentation for the duration of the limitation period (generally 5 years from the end of the contractual relationship);

•       until consent to the processing of personal data for marketing purposes is withdrawn, for a maximum of 3 years, where personal data are processed on the basis of consent.

15.  Upon expiry of the personal data retention period, the controller will delete the personal data.

 
VI. Recipients of Personal Data (Controller's Subcontractors)

16.  Recipients of personal data are persons:

•       involved in the delivery of goods and processing of payments under the contract (shipping companies such as Zásilkovna, PPL, DPD, Česká pošta; payment gateway providers such as Shoptet Pay);

•       providing e-shop operation services (Shoptet a.s.) and other technical services in connection with the operation of the online store;

•       providing marketing and analytical services (e.g. Google Ireland Ltd. – Google Analytics, mailing platforms);

•       providing accounting and legal services.

17.  The controller does not intend to transfer personal data to third countries (outside the EU/EEA). Where services of providers who may process data outside the EU are used (e.g. Google), such transfers are secured by appropriate safeguards within the meaning of Article 46 GDPR (standard contractual clauses).

 
VII. Your Rights

18.  Under the conditions set out in the GDPR, you have:

•       the right to access your personal data pursuant to Article 15 GDPR,

•       the right to rectification of personal data pursuant to Article 16 GDPR, or restriction of processing pursuant to Article 18 GDPR,

•       the right to erasure of personal data pursuant to Article 17 GDPR,

•       the right to object to processing pursuant to Article 21 GDPR,

•       the right to data portability pursuant to Article 20 GDPR,

•       the right to withdraw consent to processing in writing or electronically to the address or e-mail of the controller stated in Article I of these conditions.

19.  You may exercise your rights by sending a request to the e-mail address: info@txrmoto.cz or in writing to the controller's business address. The controller will respond to your request without undue delay, no later than 30 days from receipt. In justified cases, this period may be extended by a further two months, of which you will be informed.

20.  You have the right to lodge a complaint with a supervisory authority if you believe that your right to personal data protection has been violated. The supervisory authority for the Czech Republic is the Office for Personal Data Protection (ÚOOÚ), Pplk. Sochora 27, 170 00 Praha 7, web: www.uoou.cz, tel.: +420 234 665 111.

 
VIII. Personal Data Security Conditions

21.  The controller declares that it has taken all appropriate technical and organisational measures to secure personal data.

22.  The controller has taken in particular the following technical measures to secure personal data:

•       encryption of data transmission using SSL/TLS protocol,

•       securing access to data storage using access rights and passwords,

•       regular data backups,

•       securing personal data storage in paper form.

23.  The controller declares that only authorised persons have access to personal data.

 
IX. Final Provisions

24.  By submitting an order from the online order form, you confirm that you are familiar with the personal data protection conditions and that you have acknowledged their content.

25.  The controller is entitled to change these conditions. The new version of the personal data protection conditions will be published on its website and/or sent to you at the e-mail address you have provided to the controller.

 
These conditions take effect on 13 May 2026.