Privacy Policy
This Privacy Policy explains how Beads2Watch (operated by Web Systems, s.r.o.) collects, uses, and protects your personal data when you use our website and submit a custom bracelet request.
1. Controller Information
Data Controller
Web Systems, s.r.o.
Company ID (IČO): 04261411
Registered address: Dobronická 986/35, 142 00 Prague 4, Czech Republic
If you have questions about privacy, contact us via the contact details provided on our website.
2. What Data We Collect
Data you provide
- Contact details (for example, email address)
- Request details (watch brand/model/reference, wrist size, preferences, notes)
- Optional photo link (if you provide one)
Technical data
- Basic device and browser information (for example, type, version)
- Approximate location derived from IP (country/region level)
- Security logs used to protect the site
We aim to collect only what is necessary for functionality, security, and communication.
3. Why We Use Your Data
Purposes
- To process and respond to your custom request
- To communicate with you about design preparation, invoices, and your request status
- To operate, secure, and improve our website
- To comply with legal obligations (for example, accounting and tax rules when applicable)
4. Legal Bases (GDPR)
Legal bases we rely on
- Performance of a contract or steps prior to entering a contract (handling your request)
- Legitimate interests (website security, preventing abuse, basic analytics)
- Legal obligation (where applicable, for invoices and records)
- Consent (only when required, for example certain cookies or optional marketing)
5. Sharing & Processors
Who may process data
We may share data only with trusted service providers needed to run the site and handle requests, such as:
- Email and form delivery providers (used to receive and respond to your request)
- Hosting and infrastructure providers
- Shipping partners (only when shipping is needed)
These providers act as processors and are required to protect your data and use it only for the agreed purpose.
6. International Transfers
Transfers outside the EU/EEA
Some providers may process data outside the EU/EEA. When this happens, we use appropriate safeguards required by GDPR (for example, standard contractual clauses) where applicable.
7. Data Retention
How long we keep data
- Request emails and communication: kept as long as necessary to handle your request and follow-ups
- Invoice and accounting records (if applicable): retained for the period required by law
- Security logs: retained for a limited period for protection and troubleshooting
8. Cookies
Cookies and similar technologies
We may use essential cookies for website functionality and security. If we use analytics or marketing cookies, we will do so only where legally required and, if needed, based on your consent.
9. Your Rights
Your GDPR rights
- Access to your personal data
- Correction of inaccurate data
- Deletion (where applicable)
- Restriction of processing
- Data portability (where applicable)
- Objection to processing based on legitimate interests
- Withdraw consent (where processing is based on consent)
You can exercise these rights by contacting us via the contact details on our website.
10. Security
How we protect data
We use reasonable technical and organizational measures to protect data against unauthorized access, alteration, disclosure, or destruction. However, no internet transmission is 100% secure.
11. Changes to this Policy
Updates
We may update this Privacy Policy from time to time. The latest version will be published on this page with an updated “Last updated” date.