Albania
Argentina
Australia
Austria
Belgium
Bosnia and Herzegovina
Brazil
Bulgaria
Canada
Chile
Colombia
Croatia
Czech Republic
Denmark
Estonia
Finland
France
Germany
Greece
Hungary
Ireland
Italy
Latvia
Lithuania
Luxembourg
Mexico
Moldova
Montenegro
Netherlands
New Zealand
North Macedonia
Norway
Philippines
Poland
Portugal
Romania
Serbia
Slovakia
Slovenia
South Africa
Spain
Sweden
Switzerland
Turkey
Ukraine
United Kingdom
United States of America
Privacy Policy of the MUZIKER Smile Loyalty Programme
Welcome to the MUZIKER Smile loyalty programme, full of benefits you might not expect!
If you would like to become a member of our loyalty programme, please read how we process and protect your personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (“GDPR”).
This Privacy Notice for the MUZIKER Smile loyalty programme (the “Privacy Notice”) is intended for all applicants for membership of, and members of, the MUZIKER Smile loyalty programme (the “loyalty programme”).
The loyalty programme is a joint programme for allocating, monitoring, and evaluating points for purchases made by members of the loyalty programme in the e-shop operated by MUZIKER, a.s., or in a showroom, i.e. a brick-and-mortar store of one of the operators, and other benefits that enable members of the loyalty programme to draw benefits offered to them. The loyalty programme is operated by the joint controllers MUZIKER, a.s. and MUZIKER s.r.o., as identified below.
1. Who processes your personal data?
The joint controllers of the loyalty programme and the persons responsible for processing your personal data in connection with your membership of the loyalty programme are:
MUZIKER, a.s., having its registered office at Drieňová 1H, 821 01 Bratislava – mestská časť Ružinov, Slovak Republic, company registration number 35 840 773, incorporated by entry in the Commercial Register maintained by the Bratislava III Municipal Court, Section Sa, File 3337/B (“MUZIKER, a.s.”); and
MUZIKER s.r.o., having its registered office at Radlická 3201/14, 150 00 Praha 5 – Smíchov, Czech Republic, company registration number 27 193 624, incorporated by entry in the Commercial Register maintained by the Municipal Court in Prague, register entry C103417 (“MUZIKER s.r.o.”)
(MUZIKER, a.s. and MUZIKER s.r.o. hereinafter also referred to severally as the “controller” or jointly as the “controllers”)
Do you have any questions about personal data? You can contact us at any time by email at gdpr@muziker.com or in writing at the registered office of MUZIKER, a.s.
Joining the loyalty programme and drawing on its benefits is voluntary.
By providing your personal data for the purposes of registration and use of the benefits of the loyalty programme, you declare and assure the controllers that the data is correct, up to date, and complete at all times.
2. What personal data do we process and why?
2.1 Membership of the loyalty programme
Your membership of the loyalty programme is created by your consent to the general terms and conditions of the loyalty programme in the manner set out therein, on the basis of which a membership contract in the loyalty programme is concluded between us as the joint controllers of the loyalty programme and you as a member of the loyalty programme (“membership contract”).
For the purposes of the loyalty programme and performance of the membership contract, we process the ordinary personal data of an applicant for membership, and of a member of the loyalty programme, to the following extent:
data that you provide when registering for the loyalty programme by completing the form or obtained when you register using your account on selected social networks, or obtained from your order, in particular:
- first name and surname, or login name in a social network account;
- email address;
- member-chosen password;
- member’s country of residence, etc.;
- data assigned to you, in particular your loyalty card number; and
- data resulting from your use of the loyalty card and drawing of benefits arising from membership of the loyalty programme, in particular the type of goods purchased, the number of loyalty points, and the manner in which they are redeemed, etc.
Your personal data will be processed for the purposes of registering you for the loyalty programme, creating your loyalty programme account (the “account”), issuing and, where applicable, delivering your loyalty card, enabling your participation in the loyalty programme, including, in particular, recording purchases made using the loyalty card, crediting points, and providing discounts and benefits to you as a member of the loyalty programme, etc. For the purpose of providing the most useful benefits possible within the meaning of the membership contract, certain benefits may be intended only for you or tailored only to you on the basis of your previous purchases or other activity as a member of the loyalty programme, including on the basis of statistical processing of purchase behaviour data within the loyalty programme.
We may also use your registration data, in particular your email address, to send important information relating to your membership of the loyalty programme (e.g. information about successful registration for the loyalty programme, information about the use of points and other benefits, information about changes to our general terms and conditions or Privacy Notice, changes to or the addition of new benefits, any temporary inability to use the loyalty programme benefits, information about changes in the price or availability of products in which you have shown interest, etc.).
As part of your loyalty programme account, we also provide you with an overview of the history of purchases you have made after logging into your account, which you can then easily repeat and use to keep track of your purchases, including, for example, for accounting purposes.
Legal basis: (i) performance of the membership contract and pre-contractual steps taken before entering into the membership contract (in particular email or other communication initiated by the applicant for membership) directly with the applicant for membership or member of the loyalty programme as the data subject pursuant to Article 6(1)(b) of the GDPR; (ii) the legitimate interest of the controllers pursuant to Article 6(1)(f) of the GDPR in entering into and performing contracts where personal data is processed for persons acting on behalf of applicants for membership and members of the loyalty programme that are legal persons (employees, members of governing and other bodies, etc.).
Under Article 21 of the GDPR, you have the right, as a natural person, to object, on grounds relating to your particular situation, to the processing of your personal data on the basis of the controllers’ legitimate interests.
More information can be found in Section 7 of this Privacy Notice (your rights).
Processing period: we retain the personal data necessary for entering into and performing the membership contract for the duration of that contract, i.e. until your registered account is cancelled (or the account of the member – a legal person on whose behalf you act – is cancelled).
If you cancel your account, all your data contained in your registered account will be deleted when the account is cancelled. In that case, you will need to register a new loyalty programme account in order to use the benefits intended for members of the loyalty programme.
The loyalty programme account will also be completely deleted 5 years after your registration for the loyalty programme if you do not log into your account during that period, or 5 years after your last login to your account.
The provision and processing of personal data for this purpose is a contractual requirement and a requirement necessary for entering into a contract with the data subject. If the contract is not entered into directly with you as the data subject, but with the legal person you represent, the processing of personal data is based on our legitimate interest referred to above.
2.2 Marketing communications
As controllers, we may send you, as a member of the loyalty programme, information about the range of our goods and services, including recommendations for complementary products to a product you have purchased, current promotions, discounts, various interesting information from the world of music and musical instruments, and may also contact you with offers of various activities, competitions, and surveys, or remind you of an unfinished purchase (“marketing communications”), to your email address or telephone number, or via push notifications in your account, etc. In order to provide members with advantageous offers and information in a targeted manner, these offers may also be tailored and sent on the basis of an evaluation of data obtained in connection with your purchases and other activity as a member of the loyalty programme.
Legal basis: the legitimate interest of the controllers in marketing communications with members of the loyalty programme as parties to the membership contract, including customising the content of such communication on the basis of a prior evaluation of the loyalty programme member’s activity, in particular your purchases, pursuant to Section 116(15) of Act No 452/2021 on electronic communications, in conjunction with Article 6(1)(f) of the GDPR (in the latter case only in relation to the processing of personal data of natural persons who are members of the loyalty programme).
Processing period: for the duration of the membership contract and subsequently for one year after the termination of the contractual relationship between the controllers and the loyalty programme member established by the membership contract, or after unsubscribing from marketing communications, whichever occurs first.
Unsubscribing from marketing communications does not terminate your membership of the loyalty programme.
Pursuant to Section 116(15) of Act No 452/2021 on electronic communications, you have the right, simply and free of charge, to refuse at any time the use of your contact details for the purposes of marketing communications, both at the time they are obtained and in each message delivered, by clicking on the unsubscribe link provided in that message, or (if your data is processed as the data of a natural person) to object pursuant to Article 21 of the GDPR to the processing of your personal data by evaluating your activity as a member of the loyalty programme (in particular purchases) on grounds relating to your particular situation.
To exercise these rights, you may also contact us directly using one of the methods specified in this Privacy Notice.
More information can be found in Section 7 of this Privacy Notice (your rights).
The provision and subsequent processing of your personal data for this purpose is neither a contractual nor a statutory requirement, nor a requirement necessary for entering into a contract, but is based on the controllers’ statutory authorisation to carry out electronic marketing communications with members of the loyalty programme as contractual partners, or on the controllers’ legitimate interest in carrying out personalised marketing communications.
2.3 Compliance with legal obligations
The controllers, or any of them, are subject to various legal obligations that they are required to comply with. For the purposes of properly complying with those obligations, it is also necessary to process certain personal data of members of the loyalty programme who are natural persons, or of persons representing members of the loyalty programme that are legal persons, to the extent and for the period laid down by the relevant legislation or determined on the basis of such legislation by us or by a public authority.
Our obligations include, for example, keeping accounts and archiving accounting documents, complying with tax obligations, handling data subject requests, and complying with other obligations under the GDPR, including demonstrating compliance with those obligations, etc.
Legal basis: compliance with the controllers’ obligations arising for us from legislation pursuant to Article 6(1)(c) of the GDPR.
Processing period: for the period laid down by legislation or on the basis of such legislation.
The processing of personal data for this purpose is a requirement arising for us from the relevant legislation, and without processing such data we would be unable to comply with our legal obligations.
2.4 Exercising and defending rights and claims
For the purpose of exercising or defending our rights and claims (for example, exercising our right to institute proceedings or defending rights and claims in out-of-court or potential court proceedings), including the preparation and use of evidence to demonstrate the compliance of our activities with legislation and to demonstrate compliance with our obligations, primarily to public authorities, we may process personal data of members of the loyalty programme or persons representing members of the loyalty programme to the necessary extent.
The scope of the personal data processed will depend on the type of proceedings or the right or claim being exercised or defended.
Legal basis: the controllers’ legitimate interest in exercising and defending rights and claims pursuant to Article 6(1)(f) of the GDPR.
Under Article 21 of the GDPR, you have the right, as a natural person, to object, on grounds relating to your particular situation, to the processing of your personal data on the basis of the controllers’ legitimate interests.
More information can be found in Section 7 of this Privacy Notice (your rights).
Processing period: for the period laid down in accordance with legislation during which we are entitled to exercise or defend our rights and claims (limitation period or prescription period), or during which we may bear legal consequences for failing to comply with obligations imposed by law, for example in the form of a sanction imposed by public authorities.
The provision and processing of personal data for this purpose is not a statutory or contractual requirement or a requirement necessary for entering into a contract, but is based on the controllers’ legitimate interest.
2.5 Security of our information systems
To ensure the protection of our information systems, including protection against cyberattacks and other events that may compromise the security of our IT systems and thereby also the availability of our services within the loyalty programme, the functionalities of our website, or the protection of personal data, we adopt and regularly update all relevant security measures.
However, for this purpose too, it is necessary to process certain personal data to the necessary extent, in particular data generated by your device and by our system when you visit our website, create a loyalty programme account and log into it, etc.
Using this data, we are able to protect our IT systems and the data contained in them against misuse, for example by bots being launched on our website, spam being sent, DOS and DDOS attacks, etc., which could cause our website to stop functioning or make some of its functionalities, or the functionalities of the loyalty programme, unavailable, or could result in unauthorised access to personal or other data contained in our IT systems.
We process this data to the necessary extent and always subject to the relevant security measures.
Legal basis: the controllers’ legitimate interest in ensuring the cybersecurity protection of our information systems, their proper functioning, and the protection of personal and other sensitive data contained in them pursuant to Article 6(1)(f) of the GDPR.
Under Article 21 of the GDPR, you have the right, as a natural person, to object, on grounds relating to your particular situation, to the processing of your personal data on the basis of the controllers’ legitimate interests. More information can be found in Section 7 of this Privacy Notice (your rights).
Processing period: for the duration of our legitimate interest, which we regularly and carefully monitor.
The provision and processing of personal data for this purpose is not a statutory or contractual requirement or a requirement necessary for entering into a contract, but is based on the controllers’ legitimate interest.
2.6 Statistics and business decision-making
As a business, we have an interest in providing you, our customers, with the best possible services and products that are high-quality and reliable. We also need to keep pace with the actual preferences and interests of our customers. We therefore need to make informed strategic business decisions that, in turn, influence our choice of products and the availability of our services, and thereby also affect our customers.
For these purposes, we may statistically evaluate and analyse purchase behaviour data also in respect of members of our loyalty programme, as well as information about members’ interaction with our website, its content, marketing communications, etc., and, on the basis of the results of these analyses, make our business decisions, including decisions to provide you with various benefits and tailor them according to the preferences of loyalty programme members, their purchase behaviour and location, decisions on pricing, optimisation of the product range, business and marketing strategy, investment management, and marketing campaigns, etc.
Legal basis: the controllers’ legitimate interest in making informed and effective business decisions and taking measures of strategic business significance pursuant to Article 6(1)(f) of the GDPR.
Under Article 21 of the GDPR, you have the right, as a natural person, to object, on grounds relating to your particular situation, to the processing of your personal data on the basis of the controllers’ legitimate interests. More information can be found in Section 7 of this Privacy Notice (your rights).
Processing period: for the duration of membership of the loyalty programme.
2.7 Online identifiers, cookies
On our website, through which you can create and log into your loyalty programme account, we may use online identifiers, in particular cookies, in order to ensure the proper functioning of our website and test its functionalities, obtain information about its use, ensure its security, implement remarketing and thus show you only relevant advertising for our products on external platforms within the remarketing network and advertising systems, display recommendations for our products in the e-shop according to your preferences, etc.
We use cookies that are not necessary for the functioning of our website only if a website visitor gives us consent to do so. The visitor may withdraw that consent at any time via “Cookie settings” or “Cookies”, or by clicking the cookie icon.
Allowing the use of non-technical cookies is not strictly necessary for our website to function properly, but it will improve your user experience when using the site.
Cookies are not used for any purposes other than those set out in this text and in the cookie banner displayed on our website.
You can control and/or delete cookies as you wish – more details about cookies are available at aboutcookies.org. You can delete all cookies stored on your computer and set most browsers to prevent them from being stored. In that case, however, you will probably have to adjust some settings manually each time you visit the website, and some services and functions will not work.
All information about the use of cookies on our website is available in the separate cookie notice in the cookie banner available on our website.
Legal basis: the customer’s consent given via the cookie banner pursuant to Section 109(8) of Act No 452/2021 on electronic communications.
Processing period: some cookies are deleted automatically when you close your browser, while others are stored for several hours, days, or months, depending on the type of cookies stored.
3. Where do we obtain your personal data from?
The controllers obtain your personal data primarily from you as the data subject or from the member of the loyalty programme that is a legal person and that you represent as an employee or other contact person when entering into and performing the membership contract.
Some data is generated by our system when you interact with our website (e.g. cookies), use the loyalty card, or claim other benefits, while some data is sent to our systems directly from your device.
4. Who helps us with our activities?
We share personal data processed for the purposes set out above, to the necessary extent, with our processors, i.e. contractual partners that process it on our behalf and solely on the basis of our instructions, such as various providers of IT solutions, including cloud storage and website administration, providers of marketing and promotional services, bulk email services, accountants, etc.
Personal data may also be provided to our external partners as third parties, who provide us with various types of services and, in order to provide them properly, also process your personal data to the necessary extent in their own name and on their own responsibility (e.g. couriers and other delivery providers, lawyers, auditors, tax advisers, as well as social network operators if you use your accounts on those networks to register for the loyalty programme, operators of online remarketing networks, etc., in accordance with their personal data processing terms).
Personal data may also be provided, in particular, to public authorities and other institutions if this follows from legislation or is necessary for defending or exercising rights and claims.
When selecting all these entities, especially our processors, we always make sure that they provide appropriate safeguards for the security and lawfulness of personal data processing.
5. How long do we process your personal data for?
We always process personal data for the period necessary to fulfil the specified purpose of processing.
This period varies depending on the purpose for which the personal data is processed. We regularly review the duration of each processing purpose and, if we find that the processing of personal data is no longer necessary and is not required by legislation, we will delete the data before the expiry of the originally specified processing period.
Specific processing periods can be found in Section 2, under each legal basis.
6. What else do you need to know?
The personal data we process is stored on our servers and other technical equipment located within the European Union, where it is protected by advanced security measures against unauthorised access or other security risks.
The controllers do not carry out automated decision-making using the personal data processed for the purposes set out above and do not transfer it to third countries outside the European Union/European Economic Area or to international organisations. If any of our service providers transfers personal data to third countries (e.g. the USA in the case of services provided by Google or Meta), we always duly verify that the provider meets the requirements for a proper transfer (e.g. under a European Commission adequacy decision (in the case of transfers to the USA, the EC adequacy decision of 10 July 2023 applies) or has entered into standard contractual clauses).
To protect your personal data as fully as possible, we, as controllers, have adopted appropriate personnel, organisational, and technical measures. Our aim is to prevent, or reduce as far as possible, the risk of your personal data being leaked, misused, disclosed, or otherwise used.
7. What rights do you have under the GDPR?
As a data subject, i.e. a person whose personal data is processed, you have the following rights under the GDPR:
Right to withdraw consent given at any time
You have the right to withdraw the consent you have given to the processing of personal data at any time, without this affecting the lawfulness of processing based on consent given before its withdrawal.
Right to request access to the personal data being processed
This right includes the right to obtain confirmation from us, as controllers, as to whether your personal data as the data subject is being processed, as well as the right to obtain access to that data and further information under Article 15 of the GDPR.
Right to rectification
As the data subject, you have the right to have the controllers rectify or complete inaccurate or incomplete personal data concerning you without undue delay.
Right to portability
As the data subject, you have the right to obtain the personal data concerning you that you have provided to us in a structured, commonly used, and machine-readable format, including the right to transmit that data to another controller where technically feasible, if: (a) the processing is based on consent or a contract, and, at the same time, (b) the processing is carried out by automated means. This right must not adversely affect the rights and freedoms of others.
Right to erasure
As the data subject, you also have the right to ask the controllers to erase personal data concerning you without undue delay if any of the grounds provided for by the GDPR apply, in particular if (a) the personal data is no longer necessary for the purposes for which it was collected or otherwise processed; (c) the data subject objects to the processing of personal data on the basis of the controllers’ legitimate interest and there are no overriding legitimate grounds for the processing; (d) the personal data has been unlawfully processed; (e) the ground for erasure is compliance with an obligation under law, a special regulation, or an international treaty by which the Slovak Republic is bound, etc., unless one of the exceptions laid down by the GDPR applies.
The controllers will erase the personal data of data subjects on the basis of a request, without undue delay after assessing that the data subject’s request is justified.
Right to restriction of processing
As the data subject, you have the right to have the controllers restrict the processing of your personal data in one or more of the cases provided for by the GDPR.
If the processing of your personal data has been restricted, we will inform you, as the data subject, before the restriction of processing is lifted.
Right to object to processing based on legitimate interest
As the data subject, you have the right to object at any time to the processing of your personal data on the basis of the legitimate interest of the controllers or any of them, on grounds relating to your particular situation, and the controllers may no longer process your personal data on the basis of legitimate interest unless they demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms or grounds for the establishment, exercise, or defence of legal claims.
If you object to the processing of personal data for direct marketing purposes, we will stop processing your personal data without delay.
Right to lodge a complaint/request the institution of proceedings
If you believe that your rights have been infringed in connection with the processing of personal data concerning you, you have the right to lodge a complaint with:
Office for Personal Data Protection of the Slovak Republic, Galvaniho Business Centrum II, Galvaniho 7/B, Bratislava, Slovak Republic. More information can be found on the Office’s website at: https://www.dataprotection.gov.sk/uoou/.
You may also lodge a complaint with the data protection authority in the EU Member State in which you have your habitual residence or place of work, or where the alleged infringement of your rights or of the GDPR took place.
8. How can you exercise your rights?
If you have any questions about the processing of your personal data or wish to exercise your rights under the GDPR, you can contact us at any time using one of the following methods:
Email: gdpr@muziker.com
By post to the address of the registered office of the controller, MUZIKER, a.s., as stated above
The controllers reserve the right to update this Privacy Notice as needed.
The current version will always be published on the e-shop website and in the showroom.
Effective date: 16.9.2019
Updated as of: 24.6.2026