GDPR

This privacy policy describes how Winegociant s.r.o. processes personal data of customers, people ordering gift vouchers, prepaid breakfasts, tickets for tastings or other events, and other persons who contact Šenkovna Pub or use its services.

1. Data controller

Controller: Winegociant s.r.o.
Company ID: 19700415
VAT ID: CZ19700415
Registered office and billing address: Školská 660/3, Nové Město, 110 00 Prague 1, Czech Republic
Venue: Šenkovna Pub, Sokolská 60, 120 00 Prague 2, Czech Republic
E-mail: info@senkovnapub.cz
Phone: +420 607 888 836

The controller has not appointed a data protection officer.

2. What personal data we process

We mainly process personal data that you provide when ordering a voucher, prepaid breakfast, tasting ticket or other event ticket, when making an enquiry, complaint or any other communication. This typically includes first name, last name, phone number, e-mail address, billing details, delivery details, information about the ordered service, information about the selected date and information contained in our mutual communication.

To the extent necessary, we may also process technical and operational data related to website use and the security of communication where this is required for website operation or the protection of the controller's legitimate interests.

3. Purposes and legal bases of processing

We process personal data mainly for the following purposes:

  • handling enquiries and orders, issuing and delivering vouchers, confirming prepaid breakfasts or event tickets and related communication, on the basis of contract performance or steps taken prior to entering into a contract under Article 6(1)(b) GDPR,
  • compliance with obligations arising from accounting, tax and other legal regulations under Article 6(1)(c) GDPR,
  • protection of the controller's rights, keeping records and handling complaints, preventing misuse and securing the website and communication, on the basis of legitimate interest under Article 6(1)(f) GDPR,
  • sending marketing communications where there is a legal basis or your consent, in accordance with GDPR and Act No. 480/2004 Coll., on certain information society services.

The controller does not carry out automated individual decision-making or profiling within the meaning of Article 22 GDPR.

4. Retention period

Personal data is stored only for as long as necessary to achieve the purposes listed above. Data related to a contractual relationship and the protection of the controller's rights is kept for the duration of that relationship and thereafter for the period necessary to assert or defend legal claims.

Accounting and tax documents are retained for the period required by law, usually 10 years from the end of the relevant accounting period. Data from ordinary enquiries that do not lead to a contract is retained for the time needed to handle the request, but no longer than 12 months unless the circumstances require a longer period.

Personal data processed for marketing purposes on the basis of consent is retained until the consent is withdrawn, but no longer than 3 years unless a shorter period is required by law or by the circumstances of the specific case. Organisational information relating to specific breakfast or event dates is retained only for the period necessary to arrange and document the service properly.

5. Recipients of personal data

Personal data may be disclosed only to persons who need it for operation and service fulfilment, in particular hosting and IT support providers, accountants and tax advisers, or payment and delivery service providers if used for a specific order. Personal data may also be provided to public authorities where required by law.

The controller does not transfer personal data outside the European Union or the European Economic Area unless this is necessary for the use of a specific service and all legal requirements for such transfer are met.

6. Your rights

Under the conditions set by GDPR, you have the right to:

  • request access to your personal data,
  • request rectification of inaccurate or incomplete data,
  • request erasure of personal data where it is no longer necessary or the legal basis for processing no longer applies,
  • request restriction of processing,
  • object to processing carried out on the basis of legitimate interest,
  • data portability in cases provided for by GDPR,
  • withdraw consent where processing is based on consent.

You can exercise your rights by contacting info@senkovnapub.cz. You also have the right to lodge a complaint with the Czech Data Protection Authority if you believe that your personal data is being processed in breach of legal regulations.

7. Security of personal data

The controller has adopted appropriate technical and organisational measures to protect personal data against unauthorised access, loss, damage, alteration or misuse. Personal data is accessible only to persons authorised by the controller or to contractual processors to the extent necessary for the performance of their tasks.

8. Final provisions

This privacy policy may be reasonably updated, in particular if legal regulations, processing methods or the controller's contact details change. The current version is always published on the Šenkovna Pub website.

This privacy policy takes effect on 1 January 2026.

Booking