Privacy Policy

LUNZO s.r.o. Privacy Policy

Last updated: 7 February 2026

LUNZO s.r.o., including its subsidiaries, is committed to protecting the personal data of all individuals who interact with us. We also respect your choices and preferences regarding the protection of your privacy.

When we use the terms “we” or “us” in this document, we are referring to LUNZO s.r.o.

This Privacy Policy (together with our Terms and Conditions and other rules referred to therein) explains how we collect, use and store your data when you use Lunzo’s websites and online services. “Personal data” means any information relating to you that allows you to be identified, whether directly or indirectly.

This document explains the legal bases on which we process your personal data, where we obtain it from and how we handle it. We recommend that you read this policy carefully to gain a clear understanding of how we protect your privacy.

By using our website www.lunzo.ie (“our website”), you acknowledge and agree to the principles set out in this Privacy Policy.

Updates to the Privacy Policy

Our rules governing the processing of personal data may be amended from time to time. This is to ensure that they remain accurate and compliant with applicable legislation. Previous versions of this document can be provided upon request.

Any changes or updates to this Privacy Policy will be published directly on this page. Where required, we will also notify you by email. We therefore recommend that you check this page regularly to stay informed of any updates.

By continuing to use our website or online services after the effective date stated in this Privacy Policy, you confirm your acceptance of the updated version of this document.

Data Controller

For the purposes of the Data Protection Act 2018, the UK GDPR, the EU GDPR and other applicable data protection and electronic communications legislation (together, the “Data Protection Legislation”), the controller of your personal data is LUNZO s.r.o.

• Registered office: Politických vězňů 912/10, Nové Město (Prague 1), 110 00 Prague, Czech Republic
• Company Registration Number: 06667678

Data Protection Officer

We have appointed a Data Protection Officer who is responsible for overseeing matters relating to this Privacy Policy. If you have any questions about this policy or wish to exercise your rights, you may contact our Data Protection Officer using the details below.

Our full contact details are as follows:

• Company name: LUNZO s.r.o.

• Email address: safety@lunzo.ie

• Postal address: Politických vězňů 912/10, Nové Město, 110 00 Prague 1, Czech Republic

Your right to lodge a complaint

You have the right to lodge a complaint at any time with the supervisory authority for data protection, which in Ireland is the Data Protection Commission (www.dataprotection.ie). However, we would appreciate it if you would first give us the opportunity to address your concerns directly with us before contacting the supervisory authority – therefore, please contact us first.

How We Collect and Process Your Personal Data

We may collect and further process the following categories of information about you:

Information you provide directly to us: When you communicate with us—whether by completing forms on our website, by telephone, by email or by other means—you may provide us with personal data. This typically occurs when you register to use the website, place an order, subscribe to services, participate in discussions or social media features, take part in a competition, survey or promotional activity, or report a problem. Such information may include, for example, your name, postal and email address, telephone number and financial details, including payment card information.

Information collected automatically: Each time you visit our website, we may automatically collect certain information, including:

• technical information, such as the IP address used to connect your device to the internet, login information, browser type and version, time zone settings, browser plug-in types and versions, operating system and platform;
• information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our website (including date and time);
• records of products you viewed or searched for;
• information about page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks and mouse movements), and methods used to leave the page;
• telephone numbers used to contact our customer support line.

Personal Data Obtained from Third Parties

In addition to the information you provide directly to us, we may obtain information about you from other websites operated by us or from the use of our other services. We also work with third-party partners—such as business partners, providers of technical, payment and delivery solutions, advertising and analytics providers, search information providers or credit reference agencies—from whom we may receive personal data relating to you.

Examples of Data We Collect

You may provide us with personal data in various situations, including when you:

• place an order through Lunzo;
• view or use content on a device, service or application;
• set your preferences on Lunzo, provide consents for data access or otherwise manage your data;
• update information in your Lunzo account (if you have used multiple email addresses or telephone numbers when making purchases, you may have more than one account);
• complete information in your seller account or another account that enables you to offer products to customers on the Lunzo platform;
• communicate with us by telephone, email or other means;
• offer goods or services through Lunzo;
• submit a completed questionnaire, a customer support request or another type of enquiry.

As a result of these activities, you may provide us with information such as your first and last name, address and contact telephone number, payment details, age, location data, IP address, additional addresses and numbers, the content of your communications with us, documents and information for verifying identity and reliability, business and financial data, credit history information, VAT number, or device log files.

Information We Collect Automatically

When you use our website or services, certain information is stored and analysed without your active input. This typically includes:

• the IP address through which your device connects to the internet;
• login information such as email address and password;
• information about the location of your device or computer;
• information about how you interact with content and how you connect to the network, including details of your internet service provider;
• technical information about the device, such as when and how it is used, which applications are running, connection quality, and whether errors or outages occur;
• system version and time zone settings;
• your order history and use of content, which we may sometimes combine with anonymised data from other users in order to generate summaries, such as lists of best-selling products;
• a complete overview of visited links (so-called clickstream data), including how and when you arrived at our website, how you navigated it and when you left;
• cookie identifiers;
• lists of items or content you viewed or searched for, page loading speeds, error messages, duration of visits to individual sections and interactions with content (such as scrolling, clicking or mouse movements).

In addition, we may use various technologies, such as device identifiers and cookies, to collect information about user behaviour when using applications or browsing the website. This information helps us to detect and prevent fraud in a timely manner.

Processing of Personal Data and Legal Bases

We use personal data solely for clearly defined purposes. The table below sets out how we use your data, the legal basis on which we process it and—where relevant—the legitimate interests pursued.

Cookies

We use cookies on our website to distinguish individual visitors. This enables us to provide you with a more convenient browsing experience and to ensure the smooth operation and continuous improvement of our website. Details of the specific types of cookies we use and their purposes are set out in our separate Cookie Policy.

Interest-Based Advertising

LUNZO s.r.o. may display advertising that is more closely tailored to your interests—both on our own websites and on partner or independent third-party websites. Such advertising is created on the basis of data relating to your behaviour, for example which products you have viewed or purchased from us, how you respond to our marketing emails, or data obtained from other websites and applications. As a result, you may see offers for products that relate to your previous interests.

What information may be used for this purpose?

We use only data relevant to this purpose, such as age, gender, a unique identifier of your device, browser settings, your history of using our services, or information about how you interact with messages and advertisements we send (for example display time, duration, number of opens or responses).

Third-party tools and technologies

We cooperate with external partners to display and evaluate advertising. These partners may deploy their own technologies, such as cookies, server logs, tracking pixels or web beacons. These tools enable them to combine data obtained from our services with other sources, such as demographic or marketing data, and to better understand user behaviour across devices or applications. Where possible, we provide links to a list of such partners, their privacy policies and options to opt out of targeted advertising with individual providers. Opting out does not mean that you will no longer see advertising—it simply means that it will be less relevant to your interests.

Linking to your personal data

In most cases, information used for personalised advertising is not considered personal data. However, if such information were to be linked with data that directly identifies you, we will always give you the option to decide whether you consent to such linking.

Individually tailored content

Based on your preferences, we may combine your personal data with information you have provided to third parties in order to offer you advertising that is more relevant to your needs—both within our services and on partner websites.

Do Not Track (DNT)

Some browsers offer a “Do Not Track” (DNT) feature. This setting is still under development and no uniform standard currently exists. If a generally accepted solution is established in the future, we will respect it. Until then, we follow the principles described in this document.

How We Use Your Data

The personal information we collect about you is used for several purposes.

Information you provide to us – Where you provide us with personal data, for example during registration or when making a purchase, we process it in order to:

• fulfil all obligations arising from the contractual relationship and deliver the ordered goods or services to you;
• inform you about similar products and services in which you have previously shown an interest;
• send you—or, with your consent, our business partners—offers which we believe may be of interest to you. If you are already our customer, we will usually contact you by email or SMS only with similar offers. For new customers, electronic marketing communications are subject to prior consent;
• notify you of changes to our services;
• ensure that our website is displayed correctly and efficiently on your device.

Information we collect automatically – When you use our website, we also record certain technical and usage data. We use this data in particular to:

• administer the website and for internal processes such as testing, analysis and research;
• improve the operation and content of the website to better meet user needs;
• enable interactive features where you choose to use them;
• enhance security and protect against misuse;
• measure the effectiveness of advertising and improve targeting;
• generate recommendations and suggestions for products and services that may be of interest to you.

Aggregated and statistical data – We also frequently process collected information in aggregated form, for example for statistical purposes. Data processed in this way does not allow identification of a specific individual. However, if such data were combined with personal data so that you could be identified directly or indirectly, we would treat it as personal data in accordance with this Privacy Policy.

Data we do not collect – We do not process special categories of data, such as information relating to health, sexual orientation, political opinions, trade union membership or criminal records.

Mandatory data – Where the law or a contractual relationship requires us to collect certain personal data and you refuse to provide it, this may affect our ability to supply the service or goods. In such cases, we may have to cancel the order or service, but we will always inform you in advance.

Sharing Personal Data with Third Parties

We may share personal data within the LUNZO s.r.o. group, meaning not only with our company but also with its subsidiaries, in accordance with Regulation (EU) 2016/679 (GDPR).

In addition, in certain cases it is necessary to disclose your data to selected partners outside our group:

• business partners, suppliers and subcontractors where necessary to fulfil contractual obligations;
• advertising networks and advertisers in order to display advertising tailored to your interests. We do not provide them with directly identifiable personal data; instead, we use aggregated user data. This enables advertisers to better target their campaigns. Where such data is shared, we require partners to store it securely and prohibit its use for their own marketing purposes;
• providers of analytics and search tools that assist us in operating and optimising the website;
• credit reference agencies where it is necessary to assess your creditworthiness before entering into a contract.

Your data may also be disclosed in the following situations:

• where a company or part of it is sold or acquired, personal data may be shared with a prospective buyer or seller;
• where LUNZO s.r.o. or a substantial part of its assets is transferred to another entity, customer personal data would form part of the transferred assets;
• where disclosure is required by law or is necessary to protect the rights, safety and property of LUNZO s.r.o., our customers or others. This may include cooperation with other organisations for the prevention of fraud or the reduction of credit risk.

International Transfers of Personal Data

Some of our business partners and sellers are located outside the European Economic Area (EEA). When processing your order, personal data may therefore be transferred outside the EEA or to countries which the European Commission recognises as providing an adequate level of data protection. Transfers outside the EEA, the United Kingdom or Switzerland are carried out only where permitted by law and where appropriate safeguards are in place. In other cases, Lunzo relies on specific contractual mechanisms and safeguards to ensure the protection of your data.

Data Retention

We do not retain personal data for longer than necessary. Retention periods are governed by internal policies based on legal and regulatory requirements as well as recognised best practices. The specific duration varies depending on the nature of the data and the purpose of processing and may change over time. Once data is no longer required, we ensure its secure deletion.

Data Security

We take the security of personal data very seriously. To prevent loss, misuse, unauthorised access or disclosure, we implement appropriate organisational, technical and physical measures. Every employee or external contractor who processes data is required to maintain its confidentiality.

The data we collect may be processed within the EEA by our staff or suppliers. All information you provide is stored on secure servers, and payment transactions are protected using SSL encryption. We do not store payment or card details and do not share them with third parties except as set out in this Privacy Policy.

Where you have chosen a password that enables access to certain areas of our website, you are responsible for keeping this password confidential. Please do not share it with anyone else.

However, it must be noted that the transmission of information over the internet is never completely secure. Although we take all reasonable steps to protect your data, we cannot guarantee absolute security during transmission. Once we receive your data, however, we apply strict procedures and security measures to protect it against unauthorised access.

Your Data Protection Rights

Right of access

You have the right to know what personal data we hold about you and how it is processed. If you wish to exercise this right, you may contact us at safety@lunzo.ie.

Your rights under data protection law

• Access to your data – you may request a copy of the personal data we process about you and verify that it is being handled lawfully.
• Rectification – if you believe that your personal data is inaccurate or incomplete, you have the right to request that it be corrected. In some cases, we may ask you to confirm the accuracy of the updated information.
• Erasure – you may request the deletion of your personal data where there is no longer a valid reason for us to retain it. This also applies where you object to processing, where the data has been processed unlawfully, or where erasure is required by law. In certain circumstances, however, we may not be able to comply with your request; we will always inform you if this is the case.
• Objection to processing – where we process your data on the basis of our legitimate interests, you may object if you believe that such processing infringes your rights. This right also applies where your data is used for direct marketing purposes.
• Restriction of processing – you may request that we temporarily suspend processing of your data, for example where you wish to verify its accuracy, where the processing is unlawful but you do not want the data erased, where you need the data for the establishment, exercise or defence of legal claims, or where you have objected to processing and verification is ongoing.
• Data portability – you have the right to receive your personal data in a commonly used, machine-readable format so that it can be transferred to another controller. This right applies only to data processed electronically and either on the basis of your consent or in performance of a contract with you.
• Withdrawal of consent – where processing is based on your consent, you may withdraw that consent at any time. Processing carried out before withdrawal remains lawful. Withdrawal of consent may mean that we are no longer able to provide certain services or products; in such cases, we will inform you in advance.

How we handle requests

If you wish to exercise any of these rights, please contact us at safety@lunzo.ie.

There is no fee for making a request. We may charge a reasonable fee only where a request is manifestly unfounded, excessive or repetitive. In such cases, we may also refuse to act on the request where justified.

To prevent misuse, we may ask you to provide additional information to verify your identity. This helps ensure that personal data is not disclosed to unauthorised persons. For faster processing, we may also ask you to clarify your request.

We aim to respond to standard requests within 30 days. Where a request is particularly complex or multiple requests are submitted at the same time, this period may be extended. In such cases, we will inform you in a timely manner and provide an estimated response date.

Explanation of Terms

Legal bases for processing

Legitimate interest refers to our need to operate and manage our business in order to provide you with high-quality services, products and a secure environment. Before processing any personal data, we assess the potential impact on you, taking into account both positive and negative effects and safeguarding your rights. We do not process personal data for purposes where our interests would override your rights unless we have your explicit consent or are otherwise permitted to do so by law. If you would like further information on how these assessments are carried out, you may contact us at any time.

Performance of a contract means that we process personal data where it is necessary to fulfil a contract to which you are a party, or to take steps at your request prior to entering into such a contract.

Legal or regulatory obligation refers to situations in which we are required to retain or process personal data in order to comply with a legal obligation or a requirement imposed by a competent authority.

Cooperation with Third Parties

External partners

• IT suppliers and system administration providers based in the Czech Republic, who act as data processors on our behalf.
• Professional advisers operating in the Czech Republic—such as lawyers, banking institutions, auditors and insurers—who may act either as processors or as joint controllers.
• Public authorities and supervisory bodies in the Czech Republic, which may in certain cases require reporting of specific processing activities.
• Selected business partners, including for example Google, Facebook, Bing or Mailchimp, providing marketing, payment, analytics or customer support services.

Contact

If you have any questions, comments or requests relating to this Privacy Policy, please contact us at safety@lunzo.ie.