Privacy Policy

1. Controller

The controller of your personal data is Helgi Library s.r.o., Prague, Czech Republic. Contact: info@helgilibrary.com.

2. What We Collect

Account data: e-mail, name and password (stored hashed). Billing data: company, address, country, phone and VAT ID you enter at checkout. Order data: what you purchased, payment status and issued documents. Technical data: server logs needed to operate and secure the Service.

Card numbers never touch our servers - card payments are processed by Stripe, who acts as a separate controller for payment data.

3. Why We Process It

To provide the Service and your account (performance of contract), to issue invoices and handle taxes (legal obligation), to answer your messages (legitimate interest), and to send service e-mails such as registration confirmation or order documents (performance of contract). We do not sell personal data and we do not send marketing without consent.

4. Processors

We use a small number of processors to run the Service: Stripe (card payments), Postmark (transactional e-mail) and our hosting providers. Each processes data only on our instructions.

5. Retention

Account data is kept while the account exists. Invoices and order records are kept for the period required by Czech tax law (currently 10 years). Server logs are kept for a short operational period.

6. Your Rights

Under the GDPR you can request access to your data, its correction or deletion, restriction of processing, portability, and you can object to processing based on legitimate interest. Write to info@helgilibrary.com; you can also complain to the Czech Office for Personal Data Protection (UOOU).

7. Cookies

The Service uses cookies that are necessary for signing in and keeping your cart. We do not use advertising cookies. If analytics cookies are introduced, they will be subject to consent.