This Privacy Policy explains how egenta s.r.o. processes personal data through the website https://easymarketplace.eu and in connection with enquiries, B2B commercial communications and marketplace service discussions.
1. Data controller
The data controller is:
egenta s.r.o.
Registered office: Varšavská 715/36, 120 00 Praha 2 - Vinohrady, Czech Republic
Company ID (IČO): 05594481
VAT ID (DIČ): CZ05594481
Commercial Register: Municipal Court in Prague (Městský soud v Praze), Section C, File No. 266696
Email: sales@easymarketplace.eu
No Data Protection Officer has been appointed because, based on the current assumptions for this B2B website, appointment is not mandatory. If this changes, this Privacy Policy will be updated.
2. Personal data we may collect
Depending on how you interact with us, we may process the following categories of personal data:
- identity data: first name, last name, job title and business role;
- contact data: business email address, phone number, company address and communication preferences;
- company data: company name, website, country, marketplace activity, product categories, number of SKUs, target countries and operational requirements;
- enquiry data: messages submitted through forms, email content, meeting requests and any attachments or information you choose to provide;
- technical data: IP address, browser type, device information, log data, security logs and approximate location derived from technical data;
- cookie and consent data: cookie preferences, consent choices, consent timestamp and consent identifier;
- analytics data: pages viewed, interactions with the website and traffic source, only where analytics tools are enabled and where required consent has been obtained;
- marketing data: newsletter opt-in status, campaign interactions and unsubscribe records, only where applicable;
- client and service data: information required to evaluate, onboard or deliver B2B marketplace services, including marketplace account information, operational contact details, catalog details, support requests and business process data.
We do not intentionally collect special categories of personal data through this website.
3. Purposes and legal bases
We process personal data for the following purposes:
Responding to enquiries
We process contact and enquiry data to respond to messages, demo requests, meeting requests and commercial questions. The legal basis is taking steps prior to entering into a contract and our legitimate interest in responding to B2B enquiries.
Evaluating cooperation and onboarding
We may process business information about your company, marketplaces, SKUs, countries, operational needs and service scope to assess whether and how we can cooperate. The legal basis is pre-contractual measures and legitimate interest.
B2B commercial follow-up
Where you contact us in a business context, we may follow up with relevant information about EasyMarketplace.eu services. The legal basis is our legitimate interest in B2B commercial communication related to your request. You may object at any time by contacting us using the details in section 1.
Newsletter and general marketing
If we offer a newsletter or general marketing emails, we will send them only where you have given consent or where another lawful basis applies under applicable law. You may withdraw consent or unsubscribe at any time.
Service delivery and client management
If you become a client, we process personal data to provide services, manage the client relationship, coordinate operations, provide support, issue invoices and administer contracts. The legal bases are contract performance, legitimate interest and legal obligations.
Website analytics
If analytics tools are enabled, we use them to understand how visitors use the website and to improve content and performance. Where required, analytics cookies and similar technologies are used only after your consent.
Security, fraud prevention and technical administration
We process technical logs, security events and access data to protect the website, prevent abuse, detect technical issues and maintain secure operations. The legal basis is our legitimate interest in securing our website and services.
Legal, accounting and compliance obligations
We process data where necessary to comply with legal obligations, accounting duties, tax requirements, regulatory requests or to establish, exercise or defend legal claims.
4. Data recipients and processors
Personal data may be accessed by authorized personnel of egenta s.r.o. and by selected service providers acting as processors or independent controllers, depending on the service.
Recipients may include:
- website hosting provider: Vercel Inc.;
- email and business communication providers;
- CRM and lead management providers;
- analytics providers, if enabled;
- advertising and retargeting providers, if enabled and consented to;
- booking or meeting tools, if enabled;
- IT maintenance, cybersecurity and cloud service providers;
- accounting, legal and professional advisers;
- public authorities, courts or regulators where legally required.
Your data may be stored on servers provided by our hosting provider, Vercel Inc., 340 S Lemon Ave #4133, Walnut, CA 91789, United States. Vercel acts as a data processor under a GDPR Data Processing Agreement. Because Vercel is established in the United States, any transfer of personal data is subject to appropriate safeguards under GDPR, such as the EU-U.S. Data Privacy Framework and/or EU Standard Contractual Clauses.
Our current processors are listed in Annex 3 of our Data Processing Agreement and are available on request.
5. International transfers
Some providers may process data outside the European Economic Area. Where this occurs, egenta s.r.o. will rely on appropriate safeguards, such as an adequacy decision, EU Standard Contractual Clauses, supplementary measures where required, or another transfer mechanism permitted by GDPR.
6. Retention periods
We keep personal data only for as long as necessary for the purposes described in this Privacy Policy.
Indicative retention periods:
- website enquiry and lead data: up to 3 years after the last meaningful contact, unless a longer period is justified;
- unsuccessful commercial discussions: up to 3 years after the last interaction;
- client contract and service data: for the duration of the contract and then for the period required to comply with legal, accounting, tax or limitation obligations;
- accounting and invoice data: for the period required by applicable accounting and tax laws;
- marketing consent records: until consent is withdrawn and then as necessary to demonstrate compliance;
- cookie consent records: for the period necessary to demonstrate consent and manage preferences;
- security logs: for a limited period appropriate to the security purpose, unless needed for investigation or legal claims.
7. Cookies and similar technologies
This website may use cookies and similar technologies. Strictly necessary cookies may be used without consent where they are required for basic website operation, security or consent management. Analytics, advertising, retargeting and other non-essential cookies are used only where legally permitted and, where required, only after consent.
More information is available in our Cookie Policy.
8. Your GDPR rights
Subject to the conditions and limits set by GDPR, you may have the right to:
- access your personal data;
- request correction of inaccurate data;
- request deletion of your data;
- request restriction of processing;
- object to processing based on legitimate interest;
- object to direct marketing;
- receive your data in a portable format where applicable;
- withdraw consent at any time where processing is based on consent;
- lodge a complaint with a supervisory authority.
To exercise your rights, contact us using the details in section 1.
We may need to verify your identity before responding to a request. We will respond within the period required by GDPR.
9. Supervisory authority
If you consider that your data protection rights have been violated, you may lodge a complaint with the Czech supervisory authority:
Office for Personal Data Protection
Úřad pro ochranu osobních údajů (ÚOOÚ)
Website: https://www.uoou.cz/
10. Automated decision-making
We do not use automated decision-making that produces legal effects concerning you or similarly significantly affects you through this website.
11. Security
We use appropriate technical and organizational measures designed to protect personal data against unauthorized access, loss, misuse, alteration or disclosure. These measures may include access controls, encryption in transit, hosting security controls, restricted permissions, secure credential handling, backups and internal confidentiality obligations.
12. Changes to this Privacy Policy
We may update this Privacy Policy from time to time. The latest version will be published on this website with the date of the last update.
