LJ protection s.r.o., registered office Tupolevova 741, 199 00 Praha 9, Reg. No. 28496248, VAT ID CZ28496248 ("controller"), processes personal data in line with Regulation (EU) 2016/679 (GDPR) and Act No. 110/2019 Coll. This document informs you of how we process your data, what rights you have, and how to exercise them.
1. Controller and contact
The controller of personal data is the company stated above. You can reach us by email at info@patronum.eu, by phone at +420 737 175 720, or in writing at the registered office address.
2. Categories of processed personal data
- Identification and contact data — name, surname, email, phone, address (delivery and billing), Reg. No., VAT ID for businesses;
- Order and transaction data — items ordered, prices, payments, complaints;
- Account data — username, hashed password, login history;
- Communication data — emails, chat messages, support requests;
- Browsing data — IP address, browser type, pages visited (only with cookie consent for analytics).
3. Legal basis and purposes of processing
- Performance of a contract (Art. 6(1)(b) GDPR) — order processing, delivery, complaints handling. Without this data we cannot fulfill the order.
- Legal obligation (Art. 6(1)(c) GDPR) — accounting, tax obligations, archiving (10 years for invoices per Czech law).
- Legitimate interest (Art. 6(1)(f) GDPR) — fraud prevention, IT security, direct marketing to existing customers, defense of legal claims.
- Consent (Art. 6(1)(a) GDPR) — newsletter sign-up, marketing cookies, profiling. Consent can be withdrawn at any time.
4. Recipients of personal data
We share data only with processors who help us provide our services, under a written processor agreement:
- Carriers (Zásilkovna, DPD, PPL, Czech Post, GLS) — for delivery;
- Payment gateways (ComGate, Stripe) — for payment processing;
- Hosting and IT (Hetzner, Cloudflare) — for service operation;
- Email tools (Mailgun, Brevo) — for transactional and marketing emails;
- Accountant — for tax and accounting compliance;
- Public authorities — only if required by law (Tax Office, courts, police).
We do not transfer data outside the EU/EEA except to providers using EU Standard Contractual Clauses (SCC).
5. Retention period
- Order and invoice data — 10 years (legal accounting obligation);
- Customer account — for the duration of registration + 3 years from last login;
- Marketing consent — until withdrawn;
- Cookies — per the cookie banner (technical 12 months max, marketing 2 years);
- Communications — 3 years from the last contact.
6. Your rights
Under GDPR you have the following rights:
- Right of access (Art. 15) — to find out what data we hold about you;
- Right to rectification (Art. 16) — to correct inaccurate data;
- Right to erasure (Art. 17) — "right to be forgotten" if the legal basis ceased;
- Right to restriction (Art. 18) — limit processing while we verify;
- Right to data portability (Art. 20) — to receive your data in a structured machine-readable format;
- Right to object (Art. 21) — to direct marketing or processing based on legitimate interest;
- Right to withdraw consent — at any time, without affecting prior processing;
- Right to lodge a complaint — with the Office for Personal Data Protection (uoou.cz).
You can exercise these rights by emailing info@patronum.eu. We respond within 30 days.
7. Cookies and tracking
The website uses essential cookies (technical, required for the cart and checkout) and, with your consent, analytical and marketing cookies. Detailed information is in the Cookies Policy. You can change your choice at any time using the "Cookie settings" link in the footer.
8. Security
We protect personal data with industry-standard technical and organizational measures: TLS encryption of data in transit, encryption at rest for sensitive fields, access control with multi-factor authentication, regular security audits, employee training, and incident response procedures.
Effective date: 28 April 2026. The Privacy Policy may be updated; the current version is always available on this page.