Privacy Policy

Privacy & Cookie Policy

Last updated: 20.5.2026 · Version: 2.0

Beneo s.r.o. ("Beneo", "we", "us", "our") operates the online stores at beneoshop.com, beneoshop.de, beneoshop.fr, beneoshop.it, beneoshop.es, beneoshop.at, beneoshop.be and beneoshop.nl. We take the protection of your personal data seriously and process it only in accordance with the EU General Data Protection Regulation (Regulation (EU) 2016/679, "GDPR"), the Slovak Act No. 18/2018 Coll. on the Protection of Personal Data, and the ePrivacy rules applicable to cookies and electronic communications.

This policy explains what personal data we collect, why, on what legal basis, who we share it with, how long we keep it, and what rights you have.

1. Who is responsible for your data (Controller)

The controller responsible for processing your personal data is:

Beneo s.r.o. Hlavná 292, 925 92 Topoľníca, Slovakia Company registration No. (IČO): 45 414 742 Registered in the Commercial Register of the District Court Trnava, Section Sro, Insert No. 25111/T

Phone: +421 233 329 795 Email: [email protected] General contact: [email protected]

Data Protection Officer (DPO): We have not appointed a Data Protection Officer, as we are not legally required to do so. For any data protection enquiry, please use the privacy email above.

2. The personal data we process, and why

We only process data that is necessary for the purposes set out below. The table summarises the main processing activities, the legal basis under Article 6 GDPR, and how long we keep the data. Cookies and tracking technologies are covered separately in Section 4.

We do not intentionally collect special categories of data (e.g. health, biometric or genetic data). Please do not send us such data.

Where a child appears in customer photos, videos or marketing content, we require consent from the parent or legal guardian.

3. Where your data comes from

We collect data directly from you (when you register, order, subscribe, contact us or leave a review) and automatically when you use our website (server logs and — with your consent — cookies). In some cases we receive confirmation data from our payment, shipping or review partners in order to complete a transaction.

4. Cookies and similar technologies

A cookie is a small text file stored on your device that allows a website to recognise your browser. We also use comparable technologies such as pixels, tags and local storage. We manage these through a consent management tool (cookie banner).

4.1 Your consent

When you first visit our site, our cookie banner lets you accept, reject, or individually select categories of cookies. Strictly necessary cookies are always active because the site cannot function without them. All other cookies (functional, analytics and marketing) are only set after you give your consent, in line with Article 6(1)(a) GDPR and the ePrivacy rules. You can change or withdraw your consent at any time via the "Cookie settings" link in the website footer, with effect for the future.

4.2 Cookie categories

• Strictly necessary — required for core functions such as the shopping cart, login, language/country selection and security. Always on.
• Functional / preferences — remember choices to improve usability.
• Analytics — help us understand how the site is used so we can improve it (set only with consent).
• Marketing / advertising — used to show relevant ads and measure campaigns across platforms (set only with consent).

4.3 Cookies we use

The list below describes the main cookies and similar technologies used on our website. The exact cookies may vary depending on your consent choices, browser settings and the services active on the website.

You can also manage cookies in your browser settings (block, delete or be notified). Note that disabling strictly necessary cookies may break parts of the site.

Detailed information about individual cookies, providers, purposes and storage periods is available in our cookie settings panel, where you can also change or withdraw your consent at any time.

For certain advertising and social media features, such as pixels, conversion measurement, remarketing and audience targeting, we and the relevant platform may act as independent controllers or joint controllers for specific processing operations. Further information is available in the privacy notices and controller terms of the respective platforms.

5. Who we share your data with

We do not sell your personal data. We share it only with the following categories of recipients, and only as far as necessary:

• Payment providers — to process your payment: PayPal (Europe) S.à r.l. et Cie, S.C.A. (Luxembourg); Adyen N.V. (Netherlands); Klarna Bank AB (Sweden). Some payment providers process your data as independent controllers for their own payment, fraud-prevention, regulatory and compliance purposes. Their processing is governed by their own privacy notices.
• Shipping & logistics partners — to deliver your order. FedEx, DPD, GLS, Gebruder Weiss, Dachser
• IT, hosting and software providers — who process data on our behalf as processors under Article 28 GDPR.
• Marketing & analytics providers — Google (Analytics, Google Ads, Tag Manager), Meta Platforms, TikTok, where you have consented.
• Review provider — Skeepers / Verified Reviews ("Net Reviews") to collect and display customer reviews.
• Public authorities — only where we are legally obliged to disclose, or to establish, exercise or defend legal claims.

All processors are bound by data processing agreements that require them to protect your data and process it only on our instructions.

6. International data transfers

Some of our providers (e.g. Google, Meta, TikTok) are based in or transfer data to the United States or other countries outside the European Economic Area (EEA). Where this happens, we ensure an adequate level of protection through one of the following safeguards under Chapter V GDPR:

• the EU–US Data Privacy Framework adequacy decision, where the recipient is certified under it; and/or
• the European Commission's Standard Contractual Clauses (SCCs), supplemented by additional safeguards where necessary.

You can request a copy of the relevant safeguards by contacting us at the privacy email in Section 1.

7. How long we keep your data

We keep personal data only for as long as necessary for the purpose for which it was collected, or as required by law. The specific periods are set out in the table in Section 2. When data is no longer needed and no statutory retention obligation applies, it is securely deleted or anonymised. Where deletion is not immediately possible (e.g. for data in backups), we restrict processing until deletion is possible.

8. Your rights

Under the GDPR you have the following rights, free of charge, in respect of your personal data:

• Access — to obtain confirmation of whether we process your data and a copy of it (Art. 15).
• Rectification — to have inaccurate or incomplete data corrected (Art. 16).
• Erasure ("right to be forgotten") — to have your data deleted in the circumstances set out in Art. 17.
• Restriction — to limit how we use your data in the circumstances set out in Art. 18.
• Data portability — to receive data you provided in a structured, commonly used, machine-readable format, and to have it transmitted to another controller where technically feasible (Art. 20).
• Objection — to object to processing based on legitimate interests, and at any time to processing for direct marketing (Art. 21). If you object to direct marketing, we will stop immediately.
• Withdraw consent — at any time, where processing is based on consent, without affecting the lawfulness of processing before withdrawal (Art. 7(3)).
• Not to be subject to solely automated decisions producing legal or similarly significant effects (Art. 22) — see Section 10.

How to exercise your rights: contact us at the privacy email in Section 1. We will respond within one month, as required by Article 12 GDPR. We may need to verify your identity before acting on a request.

Right to lodge a complaint: if you believe your data protection rights have been breached, you may complain to your local supervisory authority. The Slovak supervisory authority is:

Úrad na ochranu osobných údajov Slovenskej republiky (Office for Personal Data Protection of the Slovak Republic) Budova Park One, Námestie 1. mája 18, 811 06 Bratislava, Slovakia, Phone: +421 2 3231 3214 · Email: [email protected] · Web: www.dataprotection.gov.sk

You may also complain to the supervisory authority in your own EU/EEA country of residence.

9. Children's privacy

Our online store and its content are directed at adults. While many of our products are designed for children, purchases and accounts are intended to be made by adults. We do not knowingly collect personal data directly from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

10. Automated decision-making and profiling

We do not make decisions that produce legal or similarly significant effects about you based solely on automated processing. Where you consent to marketing cookies, we (and our advertising partners) may use profiling to show you more relevant advertising; you can withdraw this consent at any time (see Section 4.1) and object to direct-marketing processing (see Section 8).

11. How we protect your data

We use appropriate technical and organisational measures to protect your data against unauthorised access, loss or misuse, including encrypted (TLS/SSL) transmission of order and payment data, access controls, and contractual safeguards with our processors. No internet transmission is ever completely secure; if you prefer, you can also contact us by phone.

12. Changes to this policy

We may update this policy to reflect changes in our processing or in the law. The current version is always available on our website, with the "last updated" date shown at the top. Material changes will be communicated where required by law.

13. Contact

For any question about this policy or your personal data, contact us at:

Beneo s.r.o. — [email protected] — +421 233 329 795 — Hlavná 292, 925 92 Topoľnica, Slovakia