Privacy Policy

Privacy Policy

I. Basic Information

The controller of personal data pursuant to Article 4(7) of Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR) is BORRO CZECH, spol. s r.o., Company ID: 25545833, with its registered office at Kaštanová 529/75, 620 00 Brno – Brněnské Ivanovice, Czech Republic (hereinafter referred to as the “Controller”).

Controller’s contact details:
E-mail: hello@americandrinks.com
Phone: +420 720 273 955
Address: Kaštanová 529/75, 620 00 Brno, Czech Republic

Personal data means any information relating to an identified or identifiable natural person. The Controller has not appointed a Data Protection Officer.

II. Sources and Categories of Personal Data

The Controller processes personal data that you provide:

  • during registration on the B2B portal,
  • when submitting a contact form,
  • when placing an order,
  • during communication with the Controller.

The processed data may include identification data (name, surname, company), contact details (email, phone, address), and data necessary for fulfilling the contract (billing details, order information).

III. Legal Grounds and Purpose of Processing

The legal grounds for processing are:

  • the performance of a contract between you and the Controller under Article 6(1)(b) GDPR,
  • the Controller’s legitimate interest in direct marketing under Article 6(1)(f) GDPR,
  • your consent to receive marketing communications under Article 6(1)(a) GDPR, if no purchase was made.

The purposes of processing include:

  • responding to your enquiry or request,
  • registration and management of your account,
  • fulfilling the contractual relationship (orders, invoicing, delivery),
  • sending marketing communications and newsletters,
  • handling complaints and related communication.

The Controller does not perform automated decision-making or profiling under Article 22 GDPR.

IV. Data Retention Period

The Controller retains personal data:

  • for the duration of the contractual relationship and for 15 years thereafter, for the purpose of legal claims,
  • for marketing purposes based on consent, until the consent is withdrawn, but no longer than 10 years.

After the retention period expires, the personal data will be erased.

V. Recipients of Personal Data

Personal data may be shared with:

  • logistics and transportation partners,
  • IT and hosting service providers,
  • marketing and email service providers.

The Controller does not intend to transfer personal data to third countries (outside the EU). If a cloud or email service located outside the EU is used, it is done only in compliance with GDPR and appropriate safeguards.

VI. Your Rights

Under GDPR, you have the right to:

  • access your personal data (Article 15 GDPR),
  • rectify or restrict processing (Articles 16 and 18 GDPR),
  • erasure of personal data (Article 17 GDPR),
  • object to processing (Article 21 GDPR),
  • data portability (Article 20 GDPR),
  • withdraw consent at any time by written or electronic notice sent to the Controller’s contacts above.

You also have the right to lodge a complaint with the Office for Personal Data Protection, Pplk. Sochora 27, Prague 7, Czech Republic.

VII. Data Security

The Controller declares that it has implemented appropriate technical and organizational measures to secure personal data, including encryption and limiting access only to authorized persons.

VIII. Final Provisions

By submitting a form or registering on the portal, you confirm that you have read and agree to this Privacy Policy.

The Controller may update this Privacy Policy. The new version will be published on the website and, if necessary, sent to your email address.

These conditions take effect on: 01.12.2025