GDPR

Privacy Policy

Consent

At Beauty Med Group s.r.o., we have a long-standing commitment to respecting the privacy of every customer we have a relationship with, making it essential to be transparent about how we manage your personal information. Beauty Med Group s.r.o. also processes personal data beyond our website, classy.cz, which requires a separate privacy notice.

In accordance with the implementation of Regulation (EU) 2016/679 of the European Parliament and Council, effective April 27, 2016, Beauty Med Group has updated its data protection policy. This policy applies to the personal data you provide as a user of our subscription-based websites, including through Chatbot and the Manychat platform.

Mandatory Information on Privacy Rights

Company Processing Your Data:

  • Company: Beauty Med Group s.r.o.
  • Business ID: 06976956
  • Headquarters & Management Address: Evropská 516/10, Dejvice, 160 00 Prague, Czech Republic
  • Phone: +420 608 803 004
  • Email: info@beautymed.cz
  • Website: classy.cz

Supervisory Authority on Data Protection

  • Name: Commission for Personal Data Protection
  • Address: 1592 Sofia, Blvd. “Prof. Tsvetan Lazarov 2”
  • Correspondence Address: Sofia 1592, “Prof. Tsvetan Lazarov 2”
  • Phone: 02 915 3 518
  • Website: www.cpdp.cz

Beauty Med Group s.r.o. (hereinafter referred to as the Controller) operates in compliance with the Personal Data Protection Act and Regulation (EU) 2016/679 (GDPR), which governs the processing and free movement of personal data. This document aims to inform you about how we process your personal data and the rights you have in relation to this processing.

Reasons for Collecting, Processing, and Storing Personal Data

The Controller collects and processes your personal data in connection with the use of Facebook chat based on Article 6, Paragraph 1 of Regulation (EU) 2016/679 (GDPR), specifically for the following reasons:

  • Your explicit consent;
  • Compliance with a legal obligation applicable to the Controller;
  • Legitimate interests of the Controller or a third party.

Purposes and Principles of Data Collection

We collect and process personal data that you provide when using the multichat platform (https://m.me/beautymedgroup), including for:

  • Improving the performance of publications on the platform
  • Statistical purposes to enhance newsletters
  • Ensuring information security

Principles We Follow During Data Processing:

  • Lawfulness, fairness, and transparency
  • Purpose limitation (data used only for specified purposes)
  • Data minimization (only necessary data is collected)
  • Accuracy and timeliness
  • Storage limitation (data kept only as long as necessary)
  • Integrity and confidentiality (ensuring data security)

Personal Data We Collect, Process, and Store

User Registration & Chat Platform Participation

To use the chat platform, you may log in via your Facebook profile for user identification.

Impact Assessment Conclusion:

Following an impact assessment, the Data Protection Officer considers that the registration process is lawful and provides sufficient safeguards for protecting users’ rights.

Event Registration & Participation

To participate in events organized by Beauty Med Group, we collect personal data for:

  • Identifying and registering participants
  • Notifying users about future events
  • Managing attendance lists

Impact Assessment Conclusion:

Given the limited scope of collected data, an impact assessment is not required.

Prize Distribution from Contests, Lotteries & Giveaways

For winners, we collect data required for prize delivery, either by ourselves, a partner, or a courier service.

Impact Assessment Conclusion:

Due to the small volume of data involved, an impact assessment is not required.

Categories of Personal Data Processed

Personal Data Processed & Reasons:

Data TypePurposeLegal Basis
Email, social media profile, nicknameCommunication & user identificationExplicit consent (Article 6, Paragraph 1, Letter (a) GDPR)

What We Do Not Collect:

We do not process personal data related to:

  • Racial or ethnic origin
  • Political, religious, or philosophical beliefs
  • Trade union membership
  • Genetic/biometric data, health data, or sexual orientation

Beauty Med Group does not perform automated decision-making with user data.

Social Media Monitoring

When you interact with our social media pages (e.g., “Like,” “Share,” commenting, posting reviews), your publicly available information (e.g., name, gender, age, interests) may be processed.

This data is used for:

  • Understanding public perception of our brand
  • Improving online messaging
  • Resolving issues & enhancing our services

Legal Basis: Legitimate interest under Article 6(f) GDPR.

Data Security Measures

We implement organizational, technical, and administrative measures to protect personal data. However, no data transmission or storage system is 100% secure. If you suspect a security issue, please notify us immediately.

Data Retention Period

Your data is stored only as long as necessary for the purposes collected or as permitted by law.

Data Transfers & Third-Party Processing

The Controller may transfer personal data to third-party processors for specific purposes, but only with your consent and in compliance with GDPR requirements.

We will inform you before transferring data outside the EU.

Your Rights Regarding Personal Data

1. Right to Withdraw Consent

You can revoke your consent at any time by sending a request via Facebook Messenger with the keyword “STOP”.

2. Right to Access

You can view the stored data in your profile at any time.

3. Right to Erasure (“Right to be Forgotten”)

You can request deletion of your personal data if:

  • It is no longer needed for its original purpose
  • You withdraw consent
  • You object to processing for direct marketing
  • Data was illegally processed

Exceptions:
We may retain data if necessary for:

  • Freedom of expression & information rights
  • Legal compliance
  • Public health
  • Scientific, historical, or statistical research

4. Right to Restriction of Processing

You can request limited processing if you dispute:

  • The accuracy of your data
  • The lawfulness of processing but do not want deletion
  • The necessity of processing but need data for legal claims

5. Right to Data Portability

You can request a copy of your data or transfer it to another controller if technically possible.

6. Right to Object

You can object to data processing for marketing or profiling purposes at any time.

7. Right to Notification in Case of Data Breach

If a data breach poses a high risk, we will notify you immediately unless:

  • Security measures already protect your data
  • Immediate action eliminates the risk
  • Notification would require disproportionate effort

Cookie Policy

What Are Cookies?

Cookies are small files stored on your device when visiting a website.

Why We Use Cookies?

Cookies help:

  • Improve site navigation
  • Remember user preferences
  • Enhance personalized content

We use Google Analytics and Hotjar to analyze traffic on our website.

More information about cookies: www.allaboutcookies.org