Help menu

Terms and Conditions for the Seznam Nákupy Conversion Tracking Service and Order Data Service

I. Definitions

  1. Business company Seznam.cz, a.s., ID: 26168685, with its registered office at: Radlická 3294/10, Prague 5 – Smíchov, postcode: 150 00, registered in the Commercial Register maintained by the Municipal Court in Prague, File No.: B 6493 (hereinafter referred to as the “Operator”), operates the Sklik service.
  2. These terms and conditions (hereinafter referred to as the “Terms and Conditions”) govern the rules for the use of supplementary services of the Sklik service, namely Seznam Nákupy Conversion Tracking and Order Data Service, by the Operator’s partners who simultaneously operate an online shop enabling the online sale of goods (hereinafter referred to as the “E-shop”). These supplementary services also include the process of transferring the E-shop User’s email address and details of purchased goods to the Operator’s database.
  3. For the purposes of these Terms and Conditions, E-shop Users means persons who have entered into a purchase agreement or other similar contract with the E-shop, regardless of whether they are also users of the Sklik service or the Zboží.cz website (hereinafter referred to as “User/Users” or “E-shop User/E-shop Users”).
  4. These Terms and Conditions are part of the Sklik Terms and Conditions available in the Sklik Help section (hereinafter referred to as the “Sklik Terms and Conditions”), which govern the comprehensive legal relationship between the E-shop and the Operator. In the event of any conflict, these Terms and Conditions shall take precedence over the Sklik Terms and Conditions.

II. Registration for use

  1. An E-shop that has registered to use the Sklik service is entitled to register to use the Seznam Nákupy Conversion Tracking service and/or Order Data Service within its user interface, which has been accessed by the Operator at https://www.sklik.cz/ and/or the Merchant Centre at https://prodejce.seznam.cz/ (formerly “Product Administration”).
  2. An integral part of these Terms and Conditions is also The Personal Data Processing Agreement ((hereinafter referred to as the “Personal Data Processing Agreement ”).
  3. The E-shop is familiarized with the Terms and Conditions and the Personal Data Processing Agreement via the Seznam Nákupy Conversion Tracking service interface and/or the Order Data Service interface.
  4. The Authorized E-Shop Representative agrees to the Terms and Conditions by replying “I Agree”. Agreeing to the Terms and Conditions, the E-shop is bound by these Terms and Conditions, and a Personal Data Processing Agreement is also concluded between the Operator and the E-shop.
  5. The Terms and Conditions and the Personal Data Processing Agreement are concluded for a fixed term, namely for the duration of the cooperation, which is conditional upon the E-shop’s continued participation in the Sklik service.

III. Rules of Use

  1. The E-shop shall implement on its website the Seznam Nákupy conversion code, or SEM (i.e. Seznam Event Measurement), and its Purchase event type ((hereinafter referred to as the “Conversion Code”).
  2. The E-shop shall provide the Operator, via the Conversion Code, with data on goods purchased by the User on the E-shop, the parameters of such an order, such as the method of delivery and payment, the price, the order number and the email address of the E-shop User, provided that the User has given the E-shop informed consent to such provision. If the E-shop does not have the User’s informed consent, it shall provide the Operator with the aforementioned data in an anonymised form.  
  3. For the purposes of sending User satisfaction surveys regarding purchases on the E-shop, the E-shop shall provide the Operator, via the Conversion Code in the “review email” parameter, with the email address of only those E-shop Users who have not objected to the sending of commercial communications in accordance with Act No. 480/2004 Coll. on certain information society services (the so-called opt-out); should an E-shop User object to the processing of personal data and the sending of commercial communications, the E-shop is obliged to inform the Operator immediately; The E-shop shall be fully liable for any loss incurred by the Operator in connection with a breach of the obligations under this paragraph of the Terms and Conditions; satisfaction surveys will be sent by the Operator to the User via email or displayed via a notification on the Operator’s websites. Reviews may be available on the Operator’s services and on the websites of companies in which the Operator holds an equity interest.
  4. The E-shop undertakes to send details of the purchased goods and the order specifications each time an E-shop User completes an order. Furthermore, the E-shop undertakes not to distort the data sent in any way.
  5. The E-shop also undertakes not to influence E-shop Users in their evaluation, e.g. by inviting Customers to positive evaluation or penalizing them for negative evaluation or filling in the evaluation by E-shop employees or persons authorized by the E-shop.
  6. In case of violation of the Rules of Use, the Operator is entitled to limit the benefits that the E-shop receives by participating in the Seznam Nákupy Conversion Tracking Service and Order Data Service.

IV. Personal data protection

  1. If the processing of personal data occurs within the framework of the cooperation between the Operator and the E-shop according to these Terms and Conditions, then Regulation (EU) No. 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation), Act No. 110/2019 Coll., applies to this processing of personal data, on the processing of personal data, Act No. 111/2019 Coll. amending certain acts with the adoption of the Act on the processing of personal data, and other legislation governing the protection of personal data ((hereinafter referred to as the “Data Protection Legislation”).
  2. The E-shop shall provide the Operator, via the Conversion Code, with data on goods purchased by the User on the E-shop, the parameters of such an order, such as the method of delivery and payment, the price, the order number and the email address of the E-shop User, provided that the User has given the E-shop informed consent to such provision. If the E-shop does not have the User’s informed consent, it shall provide the Operator with the aforementioned data in an anonymised form.  
  3. The E-shop as the controller of the E-shop Users’ personal data provides the Operator as the processor with the E-shop Users’ e-mail addresses in order to enable the Operator to use them to contact the E-shop Users of the e-shop with order satisfaction questionnaires and requests for evaluation of goods purchased in the e-shop operated by the controller. The E-shop acknowledges that the Operator is entitled to process the data transmitted via the Conversion Code by the E-shop only for these purposes.
  4. The E-shop undertakes to comply with all obligations imposed on personal data controllers.
  5. As a processor of personal data, the Operator undertakes not to disclose personal data to third parties and to comply with the terms of the Data Protection Legislation.
  6. The Operator has adopted such technical and organizational measures to prevent unauthorized or accidental access to personal data, their alteration, destruction or loss, unauthorized transfers, other unauthorized processing, as well as other misuse of personal data.
  7. More detailed information on the handling of personal data is provided on the Operator’s website in the relevant section.

V. Personal Data Processing Agreement

By accepting these Terms and Conditions, the E-shop, as the Controller, and the Operator, as the Processor, enter into the following Personal Data Processing Agreement in accordance with the General Data Protection Regulation (EU) 2016/679 (hereinafter referred to as the “Regulation”):

Preamble 

The Controller and the process are engaged in business cooperation in the framework of which the Processor, among other tasks, processes the personal data specified below (hereinafter referred to as “Cooperation“).

  1. The Parties are interested in laying down rights and duties relating to personal data processing that takes place, or will take place, in the framework of the Cooperation, including, without limitation, specifying the scope of personal data to be processed, the purpose of and time during which personal data will be processed, the conditions of personal data processing, and safeguards provided by the Processor in regard to ensuring protection for personal data.

Personal Data, Purpose and Time of Personal Data Processing

  1. The Processor processes the following personal data on behalf of the Controller:
    • a) the E-shop User’s (Controller’s) email address from the ‘review email’ parameter and information regarding the purchase of specific goods; purpose of processing: contacting the E-shop User (Controller) via email with a request to complete a satisfaction survey regarding their order in the E-shop; processing period: 365 days; processing operations: collection, storage and use;
    • b) the E-shop User’s (Controller’s) email address from the “review email” parameter and information regarding the purchase of specific goods; purpose of processing: contacting the E-shop User (Controller) via email with a request to review goods purchased in the E-shop; processing period: 365 days; processing operations: collection, storage and use;
    • c) details of goods purchased by the User on the E-shop and the parameters of such an order, such as the method of delivery and payment, price, order number and the E-shop User’s email address; purpose of processing: personalisation of advertising and content displayed to the user, evaluation of the performance of advertising messages, as well as for the storage and processing of the User’s precise geolocation; processing period: for as long as there is a lawful basis for processing; processing operations: collection, storage, use;
  2. The Processor shall process personal data in accordance with this Agreement to the extent of the Cooperation and in accordance with the Controller’s instructions, of which the Processor shall maintain written records.
  3. The Processor shall process personal data only for the purposes set forth in this Agreement and only while a lawful reason for processing lasts, but no longer than the time which the Cooperation remains in effect and in force.
  4. The contact person of the Controller regarding all issues concerning this Agreement is the owner of the Sklik service account.
  5. The Data Protection Officer of the Processor is Chronos Consulting, s.r.o., ID No.: 07238495, with its registered office at Na Perštýně 342/1, Prague 1, Postcode: 110 00. The form available here is used for communication: https://o-seznam.cz/pravni-informace/ochrana-udaju/kontakt/.

Duties of the Processor

  1. The Processor shall process personal data in accordance with the Regulation and laws and regulations, and shall bear full responsibility for the lawfulness of personal data processing.
  2. The Processor represents that its organizational structure and internal regulations guarantee the lawfulness of personal data processing. If the Processor has appointed or appoints a data protection officer, the Processor shall provide the Controller with the officer’s contact information without delay.
  3. In case that a data subject exercises his/her rights relating to personal data and the protection thereof, the Processor shall forward the relevant request to the Controller without delay.
  4. The Processor shall maintain records of tasks performed in accordance with Article 30(2) of the Regulation.
  5. The Processor shall maintain confidentiality regarding personal data.
  6. The Processor shall ensure that its employees (or other persons taking part in personal data processing for the Processor) process personal data solely under the conditions and to the extent specified by the Processor, where such conditions shall be compliant with this Agreement, the Regulation, and laws and regulations. The Processor shall bind such persons with the duty to maintain confidentiality regarding personal data and security measures the disclosure whereof is liable to jeopardize personal data security, where the said duty shall remain in effect after the expiration of employment or Cooperation with the Processor.
  7. The Processor shall provide the Controller with assistance needed by the Controller for discharging the duties laid down in Section III of the Regulation (rights of data subjects to rectification, erasure, restriction of processing, portability of personal data, right to object, etc.) and Articles 32 to 36 of the Regulation (including, without limitation, duties relating to the security of personal data processing, notification of personal data breaches to the supervisory authority or a data subject, assessment of impact on personal data protection, etc.).  

Others Personal Data Processors

  1. The process shall have the right to use other Processors.
  2. Personal data may be processed by another Processor only on condition that that such other Processor is bound to comply with the terms and conditions laid down under this Agreement, implements appropriate technical and organizational measures, personal data processing is compliant with requirements laid down in the Regulation and laws and regulations, and appropriate protection is ensured for the protection of the rights of data subjects. The Processor shall regularly inspect compliance with the aforesaid duties by such other Processor.

Security of Personal Data

  1. The Processor shall implement the following technical and organizational measures at a minimum:
    • a) the Processor shall ensure that its organizational structure and internal operating regulations conform to the specific requirements for personal data protection; the Processor shall implement and maintain technical and organizational measures and appropriate protection for the Controller’s personal data in accordance with the Regulation and laws and regulations;
    • b) the Processor shall ensure that Processor’s access rights to personal data, systems, and the Controller’s data are protected using appropriate means, so as to prevent unauthorized persons from gaining access to and using the same;
    • c) the Processor shall ensure regular backups of data pertaining to personal data processed for or on behalf of the Controller; the Processor shall ensure, without limitation, the adoption of appropriate measures to protect data from loss, unavailability, and malware attack; over and above the foregoing framework, the Processor shall not create any copies or duplicates of personal data without the Controller’s prior written consent;
    • d) the Processor shall make sure that processed data is sufficiently separated from data and access rights of the Processor’s other contracting partners;
    • e) the Processor shall secure the following tasks:
      • pseudonymization and encryption of personal data;
      • measures ensuring the continuous confidentiality, integrity, availability, and resilience of data processing systems and services;
      • measures for restoring timely availability and access to personal data in the event of a physical or technical incident;
      • processes for the regular testing, assessing and evaluating of the effectiveness of technical and organizational measures implemented to ensure the security of processing;
    • f) data carriers containing personal data shall be kept in a locked environment that is appropriately protected against physical access by unauthorized persons; the same measures shall be adopted to protect access to servers and databases where personal data will be kept;
    • g) access to personal data kept on electronic data carriers shall be restricted exclusively to authorized personnel; access must be provided exclusively by means of individual sign-in data demonstrably issued to authorized personnel;
    • h) remote access to personal data shall be allowed solely from secured end-used devices via encrypted VPN communication, subject to a secure multifactor sign-in procedure;
    • i) data shall be anonymized and minimized in accordance with defined purposes;
  2. the Processor shall maintain personal data access logs and archive the same for a period of six months after the expiration of the effect and force of this Agreement; the Processor shall present such logs to the Controller upon request.

Duties of the Processor in the event of Breach of the Regulation

  1. The Processor shall without delay notify the Controller:
    • a) of all facts of material importance for the proper performance of this Agreement;
    • b) of every personal data breach.
  2. The Processor’s notice shall conform to Section 3, Article 33 of the Regulation.
  3. The Processor shall provide the Controller with assistance in case that inquiries are made or inspections conducted by supervisory authorities.

Procedure for the Expiration of the Cooperation

  1. Upon the expiration of the processing period, the Processor shall immediately erase all personal data or return the same to the Controller, unless the Regulation or laws and regulations require relevant personal data to be kept (archived).
  2. The Processor does not have the right to correct, erase, or block personal data provided by the Controller, unless doing so constitutes the discharge of contractual duties or unless the Controller issues a written instruction to that effect.
  3. Insofar as personal data provided by the Controller is present in the Processor’s IT systems, the return of data to the Controller shall be carried out using a format permitting migration (i.e. open data in a machine-readable format), following the completion of agreed or required tasks or at the Controller’s request. The erasure of data by the Processor must be carried out using a method preventing thus erased data from being restored in the future. A record of erasure shall be presented to the Controller upon request. The Controller shall confirm to the Processor by way of a written notice the return of data in a format permitting migration.
  4. After the expiration of the Cooperation, this Agreement, or at the Controller’s request, the Processor shall return to the Controller any and all documents at its disposal, including any and all products of personal data processing created in connection with this Agreement, or, as the case may be, the Processor shall secure the discarding thereof in accordance with laws and regulations after receiving the Controller’s prior instruction to that effect.

Final Provisions of the Personal Data Processing Agreement 

  1. This Agreement shall enter into effect and into force upon its signature by the authorized representatives of both of the Parties.
  2. Issues not expressly covered by this Agreement shall be subject to Act No. 110/2019 Coll. on Personal Data Processing, Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and other laws of general application of the Czech Republic.
  3. This Personal Data Processing Agreement is entered into for a fixed term, specifically for the term during which the cooperation remains in effect and in force. The expiration of this Agreement shall not prejudice the duty of the Processor to take all necessary steps to ensure the protection of personal data, until personal data is erased or returned to the Controller.

VI. Final Provisions

  1. Matters not covered by these Terms and Conditions and the Sklik Terms and Conditions shall be governed in the alternative by the relevant legislation, in particular Act No. 89/2012 Coll., the Civil Code, as amended.
  2. The Operator shall not be liable for any damage incurred by the E-shop User if the E-shop User is not informed in time of any changes to any of the above services simply because he/she does not use one of them.
  3. The Operator has the right to unilaterally change these Program Terms and Conditions to a reasonable extent. The Operator shall notify the E-shop of the change to the Terms and Conditions by means of a message sent to the e-mail used to log in to the E-shop account or to the contact e-mail of the E-shop if the E-shop has filled it in within its user account. If the E-shop does not agree with the change of the Terms and Conditions, it is entitled to reject such changes, terminate these Terms and Conditions and discontinue the use of Seznam Nákupy Conversion Tracking Service and Order Data Service, within 15 calendar days of the change of the Terms and Conditions, in writing to the Operator’s registered office.
  4. The current version of the Terms and Conditions will always be available on the Sklik help pages.
  5. These Terms and Conditions shall take effect on 5.5.2026.

Potřebujete další pomoc?

Pokud si stále nevíte rady, obraťte se na naše specialisty. 95 % vašich dotazů umíme vyřešit do 2 hodin.

Napište nám