Privacy Policy and Personal Data Protection (GDPR Compliance Statement) 

At Regesport, protecting your personal data and maintaining secure digital infrastructure are fundamental organizational values. This Privacy Policy outlines the comprehensive legal frameworks, specific technical processes, and security practices governing how we collect, process, transfer, and store your personal information in strict compliance with the General Data Protection Regulation (GDPR - Regulation EU 2016/679).

1. Identity of the Data Controller

The legally designated Data Controller responsible for processing your personal telemetry and order records is:

• Trade Name: Peter Haratík

• Registered Seat: J.Š.Šikuru 76, 036 01 Martin, Slovak Republic

• Company ID (IČO): 46348832

• Data Protection Email: regesport@regesport.eu

• Responsible Officer: Peter Haratík

2. Server Logfiles, Telemetry Data, and Cloud Hosting

You can visit and browse our digital e-commerce platform completely anonymously without explicitly revealing your identity or inputting personal identifiers. However, during every interaction with our server infrastructure, the hosting system automatically generates and logs a standardized Server Logfile.

• Scope of Data Processed: Your dynamic IP address, the exact date and timestamp of access, the precise names of the requested files or URLs, the volume of data transferred, and technical browser telemetry.

• Primary Objective: To maintain uninterrupted server operation, ensure stable website performance, detect malicious traffic, and preserve comprehensive network security.

• Legal Basis: Processing is executed to protect our legitimate business interests in maintaining an optimized, secure system architecture, pursuant to Art. 6 (1) (f) GDPR.

• Cloud Infrastructure Hosting: Our platform operates within the verified server architecture of Webnode. All contractual frameworks between the Data Controller and Webnode are strictly structured to guarantee technical data protection in compliance with GDPR parameters.

3. Data Processing for Contractual Fulfillment and User Registration

We collect and process personal data that you voluntarily submit when executing a purchase order, creating a permanent user account, or reaching out through our direct contact channels.

• Scope of Data Processed: Full legal name, billing and shipping address configurations, email address, contact telephone numbers, and specific transaction/payment parameters.

• Legal Basis: Processing is fundamentally necessary for the performance of a purchase contract to which you are a party, or to execute pre-contractual negotiations at your request, pursuant to Art. 6 (1) (b) GDPR.

• Retention Period: Your records are retained for the entire duration of the active contractual relationship. Following contract fulfillment, data is securely archived for the mandatory periods dictated by national accounting, financial, and tax legislation (e.g., a strict 10-year statutory retention window for invoices and accounting ledgers).

4. Secure Third-Party Data Transfers

To successfully fulfill our contractual obligations, clear logistics packages, and complete electronic payment routing, your data must be transferred to authorized third-party processors within these categories:

A. Logistics Carriers and Fulfillment Services

To enable package tracking and shipping updates, we transmit your contact records (including email and phone numbers) pursuant to contract execution or your explicit consent to:

• Slovenská pošta, a. s., Partizánska cesta 9, Banská Bystrica, Slovakia.

• Direct Parcel Distribution SK, s.r.o. (DPD), Technická 7, Bratislava, Slovakia.

B. Payment Processing Gateways and Banking Institutions

• Všeobecná úverová banka, a.s. (VÚB Banka) – For processing manual SEPA bank wire transfers.

• Global Payments Europe, s.r.o. (GP Webpay) – For processing secure, encrypted credit and debit card transactions.

• PayPal (Europe) S.à r.l. et Cie, S.C.A. – For managing transactions executed via the PayPal network.

Crucial Data Security Notice: All sensitive credit card numbers, CVV codes, and tokenized financial details are handled directly by the secure, PCI-DSS compliant interfaces of these financial institutions. The Data Controller does not have access to, nor stores, your private credit card information.

5. Marketing Communications, Newsletters, and Advertising

A. Email Newsletters

If you explicitly opt-in to our subscription service, we will occasionally transmit educational materials, system updates, and promotional content. The legal basis for this processing is your explicit consent, pursuant to Art. 6 (1) (a) GDPR. You retain the absolute right to revoke this consent at any moment by clicking the "Unsubscribe" link appended to the footer of every marketing email.

B. Direct Postal Marketing

Pursuant to our legitimate commercial interests, we reserve the right to transmit physical mailings containing tailored performance offers via standard postal channels. You possess an absolute right to object to this specific processing path at any time.

6. Browser Cookies and Advanced Web Analytics

Our platform utilizes browser cookies to ensure functional stability and evaluate traffic metrics.

• Essential Technical Cookies: Automatically deployed to preserve layout states and basic e-shop operations (Legitimate Interest).

• Analytical and Marketing Cookies: Deployed exclusively if you grant explicit, granular consent via our interactive Cookie Banner.

Google Analytics 4 (GA4) and Google Ads

We deploy advanced web analysis systems provided by Google LLC. Any data transfers to servers located within the United States are executed in compliance with the EU-U.S. Data Privacy Framework, ensuring an adequate level of data protection equivalent to EU standards. To completely block data tracking by Google Analytics across all websites, you can install the official Google Analytics Opt-out Browser Add-on.

Meta (Facebook) Lead Ads and Digital Marketing

When executing specialized lead campaigns on the Meta network, we process user information gathered directly through interactive opt-in forms. This data is exclusively deployed to provide personalized consultations and is managed in strict alignment with Meta's established corporate data protection rules.

7. Your Statutory Rights as a Data Subject

Under the guidelines of the GDPR, you possess extensive legal rights regarding how your personal information is stored and handled:

• Right of Access: The right to obtain a comprehensive breakdown of all personal data we process regarding your identity.

• Right to Rectification: The right to immediately correct inaccurate, outdated, or incomplete records.

• Right to Erasure ("Right to be Forgotten"): The right to demand the permanent deletion of your records if they are no longer required for legal compliance or if you withdraw your processing consent.

• Right to Restriction of Processing: The right to limit data processing under specific legal conditions.

• Right to Data Portability: The right to receive your personal data in a structured, machine-readable format.

• Right to Object: The right to halt data processing executed under legitimate interests, particularly against direct marketing tracks.

• Right to File a Complaint: If you believe your data protection rights have been compromised, you have the statutory right to lodge an official complaint with the supervisory authority:

  • Office for Personal Data Protection of the Slovak Republic (Úrad na ochranu osobných údajov SR), Hraničná 12, 820 07 Bratislava, Slovakia.

8. Data Privacy Contact Infrastructure

To formally execute any of your statutory rights, revoke a previous marketing consent, or file a technical inquiry regarding our data handling procedures, direct your request to our data compliance officer:

• Postal Address: Peter Haratík, J.Š.Šikuru 76, 036 01 Martin, Slovakia

• Digital Intake Email: regesport@regesport.eu

Document Last Updated: January 24, 2026