Privacy policy
Last updated: Dec 30, 2025
This Privacy Policy explains how Papeora, Pavla Miksová (“we”, “us”, “our”) collects, uses, and protects your personal data when you visit www.papeora.com or purchase digital products.
We comply with the General Data Protection Regulation (GDPR), Czech data protection laws, and internationally recognized privacy standards.
1. Data Controller
Papeora
Pavla Miksová
IČO: 04065794
Address: Podebradova 2264, Úvaly, 250 82, Czech Republic
Email: hello@papeora.com
2. Personal Data We Collect
A. Data You Provide
-
Name
-
Email address
-
Billing address / country
-
Order details
-
Customer support communication
We do not store credit card information — payments are processed by Shopify Payments, or PayPal.
B. Automatically Collected Data
-
IP address
-
Browser type
-
Device information
-
Referring/exit pages
-
Cookies and tracking pixels
-
Website usage analytics
3. Purpose of Processing & Legal Basis
|
Purpose |
Legal Basis |
|
Processing your order |
Contract |
|
Delivering digital products |
Contract |
|
Customer support |
Legitimate interest |
|
Fraud prevention & platform security |
Legitimate interest |
|
Accounting & tax compliance |
Legal obligation |
|
Email marketing (if subscribed) |
Consent |
|
Analytics & performance |
Legitimate interest / Consent |
4. Cookies
We use cookies to:
-
ensure Website functionality
-
analyze traffic
-
improve user experience
-
remember preferences
You may manage cookie preferences via your browser or our Cookie Settings (if applicable).
See our Cookie Policy for more details.
5. Sharing of Data
We only share data with trusted third parties necessary to operate our business:
-
Shopify (store platform)
-
Shopify Payments / PayPal (payment providers)
-
Email providers
-
Analytics tools (Google Analytics, Meta Pixel, etc.)
These processors follow GDPR-compliant data protection safeguards.
6. International Data Transfers
Some of our service providers (such as Shopify, payment processors, and analytics tools) are located outside the European Union, including the United States.
When this happens, we ensure that your personal data is protected using appropriate legal safeguards required by GDPR, such as standard contractual clauses or other approved mechanisms.
7. Data Retention
-
Orders & accounting: 10 years (legal obligation)
-
Customer support messages: 1–3 years
-
Newsletter subscription: until consent is withdrawn
-
Cookies: per cookie expiration settings
8. Your Rights
You may request:
-
access to your data
-
correction of inaccurate data
-
deletion (“right to be forgotten”)
-
restriction of processing
-
data portability
-
withdrawal of consent (e.g., unsubscribe from marketing)
Contact: hello@papeora.com
If you believe your rights are violated, you may complain to:
Úřad pro ochranu osobních údajů (Czech Data Protection Authority)
9. Security
We use technical and organizational measures to secure your data and prevent unauthorized access.
10. Updates
This Privacy Policy may be updated periodically.
Changes become effective upon publication.