PRIVACY POLICY

Last updated: June 29, 2026

Effective Date: 29 June 2026

Version: 1.0

1. Introduction

Minus3 s.r.o t/a TRUE linkswear EU ("TRUE linkswear", "we", "our" or "us") is committed to protecting your privacy and handling your personal data in an open, transparent and secure manner.

This Privacy Policy explains how we collect, use, disclose, store and otherwise process personal data when you visit www.truelinkswear.eu, create an account, purchase our products, communicate with us, subscribe to marketing communications, or otherwise interact with our services.

Protecting your personal information is an important part of maintaining the trust of our customers and business partners. We process personal data in accordance with applicable data protection legislation, including but not limited to:

  • Regulation (EU) 2016/679 (General Data Protection Regulation or "GDPR");
  • applicable national data protection legislation within the European Union;
  • the ePrivacy Directive (Directive 2002/58/EC) as implemented by Member States; and
  • other applicable privacy and consumer protection legislation.

This Privacy Policy should be read together with our Cookie Policy, Terms and Conditions of Sale, Returns Policy and any notices presented when personal data is collected.

2. Data Controller

For the purposes of the GDPR, the data controller responsible for processing your personal data is:

Minus3 s.r.o. t/a TRUE linkswear EU

Františka Ventury 1280

530 06 Pardubice

Czech Republic

Company Registration Number (IČO): 17525136

VAT Number: CZ17525136

Email: info@truelinkswear.eu

Telephone: +420 724 894 653

Website: www.truelinkswear.eu

Minus3 s.r.o. determines the purposes and means of processing personal data collected through the TRUE linkswear European website and associated services.

Where required by law, we will cooperate with supervisory authorities and comply with all applicable obligations relating to the protection of personal data.

3. Scope of this Privacy Policy

This Privacy Policy applies whenever you:

  • visit our website;
  • purchase products from us;
  • create an online customer account;
  • join our mailing list;
  • participate in promotions or competitions;
  • contact customer support;
  • leave product reviews;
  • communicate with us via social media;
  • interact with our advertising;
  • otherwise engage with TRUE linkswear Europe.

This Privacy Policy applies only to the European operations of TRUE linkswear conducted by Minus3 s.r.o.

It does not apply to websites operated by third parties or to websites linked from our website.

4. Definitions

For the purposes of this Privacy Policy:

Personal Data means any information relating to an identified or identifiable natural person.

Processing means any operation performed on personal data including collection, storage, use, disclosure, transmission, deletion or destruction.

Data Subject means the individual whose personal data is processed.

Controller means the natural or legal person determining the purposes and means of processing personal data.

Processor means a third party processing personal data on behalf of the Controller.

GDPR means Regulation (EU) 2016/679.

EEA means the European Economic Area.

Cookies are small text files stored on your device that allow websites to recognise your browser, remember preferences and analyse website usage.

5. Our Privacy Principles

TRUE linkswear is committed to processing personal data in accordance with the principles set out in Article 5 GDPR.

Accordingly, personal data is processed:

  • lawfully, fairly and transparently;
  • only for specified, explicit and legitimate purposes;
  • only where relevant and limited to what is necessary;
  • accurately and kept up to date;
  • only for as long as necessary;
  • securely using appropriate technical and organisational safeguards; and
  • in a manner that ensures accountability and compliance.

Privacy considerations are incorporated into the design and operation of our business processes, systems and technologies wherever reasonably practicable.

6. Commitment to Data Protection

We recognise that customers entrust us with personal information when purchasing products and interacting with our business.

We are committed to maintaining appropriate administrative, technical and organisational safeguards designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or unauthorised access.

Only personnel, contractors and authorised service providers who require access to personal data to perform their duties are permitted such access, and they are subject to appropriate confidentiality and security obligations.

7. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our legal obligations, business practices, technology, or the services we provide.

Where material changes are made, we will take reasonable steps to notify users by posting the revised Privacy Policy on our website and updating the "Effective Date" shown at the beginning of this document.

Where required by law, we will seek your consent before implementing changes that materially affect the way we process your personal data.

We encourage you to review this Privacy Policy periodically to remain informed about how your personal data is protected.

 

8. Personal Data We Collect

Depending on how you interact with TRUE linkswear Europe, we may collect and process different categories of personal data.

We only collect personal data that is relevant, adequate and limited to what is necessary for the purposes described in this Privacy Policy.

The categories of personal data we may collect include:

Identity Information

  • First name and surname
  • Username or customer account identifier
  • Date of birth (where voluntarily provided)
  • Customer reference numbers

Contact Information

  • Email address
  • Telephone number
  • Billing address
  • Shipping address
  • Country and preferred language

Transaction Information

When you purchase products through our website, we collect information relating to your orders, including:

  • Products purchased
  • Order history
  • Order value
  • Delivery method
  • Returns and exchanges
  • Refund history
  • Promotional discounts applied
  • Loyalty or promotional participation

Payment card details are not stored by TRUE linkswear. Payments are securely processed by authorised third-party payment providers.

Customer Account Information

Where you create an online account, we may collect:

  • Login credentials
  • Password (stored in encrypted form)
  • Saved addresses
  • Wishlist information
  • Purchase history
  • Product preferences
  • Account settings

Product Preference Information

To improve customer service and product recommendations, we may collect information including:

  • Shoe size
  • Product interests
  • Preferred styles
  • Colour preferences
  • Favourite products
  • Wishlist selections

Providing sizing or preference information is voluntary but may improve your shopping experience.

Marketing Information

Where permitted by law or where you have provided consent, we may collect:

  • Newsletter subscription status
  • Marketing preferences
  • Email engagement
  • SMS preferences (where offered)
  • Competition entries
  • Promotional responses

You may withdraw your consent or unsubscribe from marketing communications at any time.

Communications

If you contact us, we may process:

  • Customer service enquiries
  • Emails
  • Contact form submissions
  • Product enquiries
  • Warranty claims
  • Product reviews
  • Feedback
  • Social media communications directed to us

We may retain communications where necessary to manage customer relationships, resolve disputes, comply with legal obligations or improve our services.

Technical Information

When you visit our website, certain technical information may be collected automatically, including:

  • IP address
  • Browser type
  • Browser version
  • Device identifiers
  • Operating system
  • Language settings
  • Time zone
  • Referring website
  • Pages visited
  • Session information
  • Clickstream data

This information assists us in maintaining website security, improving website functionality and understanding how visitors use our services.

Cookie and Online Identifiers

Subject to your cookie preferences, we may collect:

  • Cookie identifiers
  • Session identifiers
  • Advertising identifiers
  • Analytics identifiers
  • Pixel tags
  • Device identifiers

Further information is available in our Cookie Policy.

9. Special Categories of Personal Data

TRUE linkswear does not intentionally collect or process special categories of personal data as defined under Article 9 GDPR, including information relating to:

  • racial or ethnic origin;
  • political opinions;
  • religious or philosophical beliefs;
  • trade union membership;
  • genetic data;
  • biometric data used for identification;
  • health information; or
  • information concerning a person's sex life or sexual orientation.

We ask customers not to provide such information unless specifically requested for a legitimate legal purpose.

If such information is inadvertently received, we will process it only where permitted under applicable law.

10. Information We Collect Automatically

When you access our website, certain information is collected automatically through cookies and similar technologies.

This may include:

  • pages viewed;
  • products viewed;
  • search terms;
  • referring websites;
  • date and time of visits;
  • duration of sessions;
  • navigation paths;
  • shopping basket activity;
  • device information;
  • browser information;
  • approximate geographic location derived from IP address; and
  • website performance information.

This information helps us:

  • improve website functionality;
  • diagnose technical issues;
  • analyse website performance;
  • personalise user experiences;
  • detect fraud; and
  • understand customer behaviour.

Where required by applicable law, non-essential cookies are only placed after obtaining your consent through our cookie consent platform.

11. Information Received from Third Parties

We may also receive personal data from carefully selected third parties, including:

  • payment service providers;
  • delivery companies;
  • fraud prevention providers;
  • identity verification providers;
  • analytics providers;
  • advertising partners;
  • social media platforms where you interact with our content;
  • customer review platforms; and
  • technology providers supporting our ecommerce operations.

We process such information only where there is a lawful basis under the GDPR.

12. Lawful Bases for Processing

Under Article 6 GDPR, we process personal data only where one or more lawful bases apply.

Performance of a Contract (Article 6(1)(b))

We process personal data where necessary to:

  • process orders;
  • deliver products;
  • process returns;
  • administer customer accounts;
  • provide customer support;
  • communicate regarding purchases;
  • process payments;
  • fulfil warranty obligations.

Without this information we may be unable to fulfil your order.

Compliance with Legal Obligations (Article 6(1)(c))

We process personal data where required by law, including for:

  • accounting obligations;
  • taxation requirements;
  • consumer protection legislation;
  • anti-fraud measures;
  • responding to lawful requests from authorities;
  • maintaining legally required business records.

Legitimate Interests (Article 6(1)(f))

We may process personal data where necessary for our legitimate business interests, provided such interests do not override your fundamental rights and freedoms.

These interests include:

  • improving our products and services;
  • website administration;
  • customer relationship management;
  • fraud detection and prevention;
  • IT security;
  • network security;
  • business reporting;
  • analysing customer purchasing behaviour;
  • improving website usability;
  • responding to enquiries;
  • defending legal claims;
  • maintaining business operations.

Where we rely on legitimate interests, we carefully assess and balance our interests against your rights and expectations.

Consent (Article 6(1)(a))

We rely on your consent where required by law, including for:

  • email marketing;
  • certain cookies and tracking technologies;
  • personalised advertising;
  • optional surveys;
  • promotional communications.

You may withdraw consent at any time without affecting the lawfulness of processing carried out before withdrawal.

Protection of Vital Interests (Article 6(1)(d))

In exceptional circumstances, we may process personal data where necessary to protect the vital interests of an individual.

Public Interest (Article 6(1)(e))

Where applicable, personal data may be processed where required for reasons of substantial public interest under applicable law.

13. Data Minimisation

TRUE linkswear is committed to collecting only the personal data necessary for the purposes described in this Privacy Policy.

We regularly review the categories of information we collect to ensure they remain appropriate, proportionate and necessary for our business operations and legal obligations.

14. Accuracy of Personal Data

We take reasonable steps to ensure that the personal data we process is accurate and kept up to date.

Customers are encouraged to notify us promptly of any changes to their contact details or account information.

Where inaccurate personal data is identified, we will correct or delete it without undue delay in accordance with applicable law.

15. How We Use Your Personal Data

We use personal data only where it is necessary to operate our business, fulfil our contractual obligations, comply with legal requirements, protect our legitimate business interests or where you have provided your consent.

The purposes for which we process your personal data include:

  • processing and fulfilling customer orders;
  • creating and managing customer accounts;
  • processing payments and refunds;
  • arranging delivery of purchased products;
  • providing customer support;
  • managing returns, exchanges and warranty claims;
  • communicating with customers regarding purchases;
  • responding to enquiries and complaints;
  • maintaining website functionality and security;
  • preventing fraud and other unlawful activity;
  • improving our products and services;
  • conducting analytics and business reporting;
  • sending marketing communications where permitted;
  • complying with legal and regulatory obligations.

We do not use personal data for purposes that are incompatible with those described in this Privacy Policy.

16. Customer Accounts

Customers may choose to create an online account to simplify future purchases and manage their relationship with TRUE linkswear.

Customer accounts may allow users to:

  • view previous orders;
  • track current orders;
  • manage delivery addresses;
  • save product preferences;
  • maintain wishlists;
  • access account-specific offers;
  • submit product reviews;
  • manage communication preferences.

Creating an account is voluntary.

Customers remain responsible for maintaining the confidentiality of their login credentials and should notify us immediately if they believe their account has been accessed without authorisation.

We may suspend or terminate customer accounts where required to protect our systems, comply with legal obligations or investigate suspected fraudulent activity.

17. Processing Customer Orders

Personal data is processed to fulfil the sales contract entered into when a customer purchases products through our website.

This includes processing information necessary to:

  • verify customer identity where appropriate;
  • confirm product availability;
  • process orders;
  • issue order confirmations;
  • process payments;
  • arrange shipment;
  • provide delivery updates;
  • process exchanges and returns;
  • administer warranties;
  • issue refunds;
  • respond to order-related enquiries.

Failure to provide certain personal data may prevent us from accepting or fulfilling an order.

18. Payment Processing

Payments made through our website are processed using trusted third-party payment service providers.

Depending on the payment method selected, payment information may be processed by providers including:

  • Shopify Payments;
  • Stripe;
  • PayPal; and
  • Klarna.

TRUE linkswear does not store complete payment card details.

Payment providers process payment information in accordance with their own privacy notices and applicable payment security standards, including the Payment Card Industry Data Security Standard (PCI DSS), where applicable.

Payment information may also be processed for fraud prevention, transaction verification and regulatory compliance.

19. Shipping and Delivery

To fulfil customer orders, we share relevant delivery information with our logistics providers.

Depending on the delivery destination, this may include:

  • customer name;
  • delivery address;
  • contact telephone number;
  • email address (where required for shipment notifications);
  • parcel information; and
  • order reference numbers.

Our shipping partners may include DPD, FedEx and other contracted logistics providers used from time to time.

Shipping providers process personal data only to the extent necessary to deliver products and provide shipment tracking.

20. Customer Service and Communications

We process personal data to provide customer support before, during and after a purchase.

This may include responding to:

  • product enquiries;
  • order enquiries;
  • delivery issues;
  • warranty requests;
  • returns;
  • exchanges;
  • complaints;
  • technical support requests; and
  • general customer correspondence.

Communications may occur through email, telephone, online contact forms or other customer service channels.

Customer communications may be retained where reasonably necessary to:

  • improve service quality;
  • maintain business records;
  • resolve disputes;
  • investigate complaints;
  • comply with legal obligations; or
  • protect our legal rights.

21. Returns, Exchanges and Warranty Claims

Where customers request a return, exchange or warranty assessment, we process personal data necessary to:

  • identify the customer;
  • verify the original purchase;
  • assess warranty eligibility;
  • arrange return shipping;
  • inspect returned products;
  • process exchanges;
  • issue refunds; and
  • comply with applicable consumer protection legislation.

Warranty records may be retained for the duration of the applicable warranty period together with any additional period required by law.

22. Product Reviews and User-Generated Content

Customers may choose to submit product reviews, ratings or other user-generated content through our website.

By submitting reviews, customers acknowledge that:

  • submitted content may be publicly displayed;
  • reviews may include the customer's first name or chosen display name;
  • reviews may be moderated for compliance with applicable laws and community standards;
  • reviews that are unlawful, offensive, misleading, fraudulent or otherwise inappropriate may be removed.

We reserve the right to moderate, edit or remove user-generated content where necessary to protect customers, comply with legal obligations or maintain the integrity of our website.

23. Marketing Communications

Where permitted by law, or where you have provided your consent, we may send information about:

  • new product releases;
  • product launches;
  • promotions;
  • exclusive offers;
  • events;
  • competitions;
  • newsletters;
  • seasonal campaigns; and
  • other marketing communications relating to TRUE linkswear.

Marketing communications may be delivered by:

  • email;
  • SMS (where available);
  • social media advertising;
  • personalised website content; and
  • other digital marketing channels.

Customers may unsubscribe from marketing communications at any time by:

  • clicking the unsubscribe link included in marketing emails;
  • updating communication preferences within their customer account;
  • contacting our customer service team.

Withdrawal of consent does not affect the lawfulness of processing carried out prior to withdrawal.

24. Personalised Marketing

Where you have consented, we may use information relating to your:

  • previous purchases;
  • browsing behaviour;
  • product preferences;
  • wishlist activity;
  • email engagement;
  • approximate location; and
  • interactions with our website

to personalise product recommendations, promotional offers and marketing communications.

Personalisation helps us provide information that is more relevant to customer interests.

You may withdraw consent to personalised marketing at any time through your cookie preferences, marketing preferences or by contacting us.

25. Business Analytics and Service Improvement

We continually seek to improve the quality of our products, website and customer experience.

Accordingly, we may analyse personal data and aggregated information to:

  • understand customer purchasing trends;
  • evaluate product performance;
  • improve website navigation;
  • optimise inventory planning;
  • improve customer service;
  • identify technical issues;
  • evaluate marketing effectiveness;
  • develop new products and services; and
  • improve overall business performance.

Where possible, analytical information is aggregated, anonymised or pseudonymised before analysis.

26. Fraud Prevention and Security

Protecting our customers and business from fraudulent activity is an important legitimate interest.

We may process personal data to:

  • verify customer identity;
  • detect suspicious transactions;
  • prevent payment fraud;
  • monitor unusual purchasing behaviour;
  • investigate suspected misuse of our website;
  • protect customer accounts;
  • secure our IT systems; and
  • comply with legal obligations relating to fraud prevention.

Where appropriate, automated systems may be used to identify potentially fraudulent transactions for further review by authorised personnel.

Any decisions producing legal or similarly significant effects will not be based solely on automated processing unless authorised by applicable law or carried out with appropriate safeguards.

27. Corporate Transactions

If TRUE linkswear or Minus3 s.r.o. undergoes a merger, acquisition, corporate restructuring, financing transaction, sale of assets or other business reorganisation, personal data may be disclosed to prospective purchasers, investors, advisers or successor organisations where necessary.

Any such disclosure will remain subject to appropriate confidentiality obligations and applicable data protection laws.

Customers will be informed where required by law.

28. Cookies and Similar Technologies

Our website uses cookies and similar technologies to ensure the website functions correctly, improve user experience, analyse website performance and, where you have provided consent, deliver personalised content and advertising.

Cookies are small text files placed on your device when you visit a website. They enable websites to recognise your browser, remember preferences, maintain secure sessions and collect analytical information.

Depending on your choices, we may also use web beacons, pixels, tags, local storage technologies and similar identifiers for the purposes described in this Privacy Policy.

29. Cookie Consent

TRUE linkswear is committed to complying with the GDPR, the ePrivacy Directive and applicable national cookie legislation.

Except for cookies that are strictly necessary for the operation of our website, cookies and similar technologies will only be placed on your device after you have provided your consent through our cookie consent platform.

We use the Shopify Consent API (or any successor consent management solution implemented on our website) to record and manage your cookie preferences.

You may:

  • accept all cookies;
  • reject all non-essential cookies;
  • customise your cookie preferences by category; or
  • withdraw or modify your consent at any time through the cookie preference centre available on our website.

Withdrawing consent does not affect the lawfulness of processing carried out before your consent was withdrawn.

30. Categories of Cookies

Strictly Necessary Cookies

These cookies are essential for the operation and security of our website and cannot be disabled through our cookie management tool.

They enable functions including:

  • website security;
  • customer authentication;
  • shopping cart functionality;
  • checkout;
  • payment processing;
  • fraud prevention;
  • load balancing;
  • session management;
  • remembering cookie preferences.

Because these cookies are necessary for providing the requested service, they are processed on the basis of our legitimate interest and, where applicable, the performance of our contract with you.

Functional Cookies

Functional cookies improve your browsing experience by remembering choices you make, such as:

  • preferred language;
  • region;
  • account preferences;
  • saved shopping cart;
  • product preferences;
  • previously viewed products.

These cookies may be enabled only where required by applicable law and your consent has been obtained.

Analytics Cookies

Analytics cookies help us understand how visitors use our website.

Information collected may include:

  • pages viewed;
  • navigation paths;
  • session duration;
  • traffic sources;
  • products viewed;
  • device information;
  • browser information;
  • approximate geographic region;
  • interactions with website features.

Analytics information is generally aggregated and used to improve website performance and customer experience.

Where legally required, analytics cookies are only activated after obtaining your consent.

Advertising and Marketing Cookies

Advertising cookies enable us and our advertising partners to:

  • measure campaign effectiveness;
  • understand customer interests;
  • display personalised advertising;
  • limit repeated advertisements;
  • measure conversions;
  • improve marketing performance;
  • create audience segments.

These cookies may track browsing activity across websites and online services.

Advertising cookies are only placed after obtaining your consent.

31. Google Analytics 4

We use Google Analytics 4 to better understand how visitors interact with our website.

Google Analytics may collect information including:

  • pages visited;
  • session duration;
  • user engagement;
  • approximate location;
  • browser information;
  • operating system;
  • device type;
  • referral source;
  • interactions with website content.

Where technically possible, IP addresses are shortened or otherwise protected before further processing.

Google Analytics data helps us improve website functionality, customer experience and overall website performance.

Google may process certain information on servers located outside the European Economic Area. Where such transfers occur, they are protected using appropriate safeguards in accordance with Chapter V of the GDPR, including, where applicable, participation in the EU-U.S. Data Privacy Framework or the use of Standard Contractual Clauses.

Google Analytics is only activated after you have provided consent where required by law.

32. Advertising Technologies

With your consent, we may use advertising technologies provided by trusted partners including:

  • Meta Pixel;
  • Google Ads;
  • TikTok Pixel; and
  • similar advertising platforms.

These technologies may help us:

  • measure advertising performance;
  • understand customer interactions;
  • improve campaign effectiveness;
  • create custom audiences;
  • deliver advertisements likely to be relevant to your interests;
  • prevent repeated advertising.

Advertising partners may combine information collected through our website with information obtained from other websites or services in accordance with their own privacy policies.

33. Email Marketing and Customer Relationship Management

We use Klaviyo and similar customer relationship management technologies to administer marketing communications and improve customer engagement.

Where you have consented, information processed may include:

  • email address;
  • purchase history;
  • browsing behaviour;
  • wishlist activity;
  • marketing preferences;
  • engagement with emails;
  • product interests.

This information allows us to:

  • personalise newsletters;
  • recommend products;
  • provide relevant offers;
  • measure campaign effectiveness;
  • improve customer communications.

You may unsubscribe from marketing emails at any time using the unsubscribe link contained within each communication.

34. Website Behaviour Analytics

To better understand how visitors interact with our website, we may use technologies including:

  • Microsoft Clarity; and
  • Hotjar.

These services may collect information relating to:

  • mouse movements;
  • clicks;
  • scrolling behaviour;
  • session recordings;
  • heatmaps;
  • device characteristics;
  • browser information;
  • page performance.

These technologies help identify usability issues, improve navigation and optimise website performance.

Where required by applicable law, these services are only activated after obtaining your consent.

Session recordings are designed to minimise the collection of sensitive information and are subject to technical measures intended to prevent the capture of payment card information and other confidential data.

35. Social Media Features

Our website may include features provided by social media platforms, including links, embedded content or sharing tools.

These features may collect information such as:

  • IP address;
  • browser information;
  • pages visited;
  • interactions with social media content.

Your interactions with these features are governed by the privacy policies of the relevant social media providers.

36. Managing Cookie Preferences

You may manage your cookie preferences at any time by:

  • using our cookie preference centre;
  • adjusting your browser settings;
  • deleting cookies stored on your device;
  • withdrawing consent through the Shopify Consent API interface.

Please note that disabling certain cookies may affect the functionality of parts of our website, including shopping cart functionality, account services and personalised content.

37. Do Not Track Signals

Some internet browsers provide "Do Not Track" ("DNT") signals.

Because there is currently no universally accepted technical standard governing the recognition and implementation of DNT signals, our website does not currently respond to such browser requests.

Customers remain able to manage cookies and tracking technologies through our cookie preference centre and browser settings.

38. Future Technologies

As technology evolves, we may introduce new cookies or similar technologies to improve our website and services.

Where any new technology requires consent under applicable law, it will only be activated after obtaining your consent and this Privacy Policy will be updated accordingly.

39. When We Share Personal Data

TRUE linkswear respects the confidentiality of your personal data and does not sell, rent or otherwise disclose personal data to third parties for their own independent marketing purposes.

We only share personal data where necessary to operate our business, fulfil our contractual obligations, comply with legal requirements or where you have provided your consent.

Where personal data is shared with third parties, we take reasonable steps to ensure that recipients process personal data securely, lawfully and only for authorised purposes.

40. Service Providers

We engage carefully selected third-party service providers to assist in operating our business.

Depending on the services provided, these organisations may process personal data on our behalf.

Examples include providers of:

  • ecommerce platform services;
  • payment processing;
  • order management;
  • fraud prevention;
  • website hosting;
  • cloud infrastructure;
  • email delivery;
  • customer relationship management;
  • marketing automation;
  • analytics;
  • website optimisation;
  • customer support systems;
  • logistics and parcel delivery;
  • product reviews;
  • IT security;
  • professional advisory services.

These organisations act as data processors where they process personal data on our behalf and are contractually required to process personal data only in accordance with our documented instructions and applicable data protection laws.

41. Shopify Platform

Our online store is hosted on the Shopify ecommerce platform.

Shopify provides the infrastructure required to operate our online store, including website hosting, checkout functionality, order administration, customer accounts and related ecommerce services.

Shopify processes personal data in accordance with its own privacy commitments and contractual obligations.

Where Shopify processes personal data outside the European Economic Area, appropriate safeguards are implemented in accordance with Chapter V of the GDPR.

42. Payment Providers

Payments made through our website are processed by authorised payment providers.

Depending on the payment method selected, personal data may be processed by providers including:

  • Shopify Payments;
  • Stripe;
  • PayPal; and
  • Klarna.

Payment providers independently determine certain aspects of payment processing required to comply with financial regulations, anti-money laundering legislation, fraud prevention obligations and payment security standards.

Payment information is transmitted using encrypted connections.

TRUE linkswear does not store complete payment card information.

43. Shipping and Logistics Providers

To fulfil customer orders, relevant personal data is shared with logistics providers responsible for delivering purchased products.

Depending on the delivery method selected, this may include:

  • customer name;
  • delivery address;
  • email address where required for delivery notifications;
  • telephone number where required by the carrier;
  • parcel reference numbers; and
  • delivery instructions provided by the customer.

Our delivery partners may include DPD, FedEx and other contracted logistics providers.

Such providers process personal data only to the extent necessary to complete delivery services.

44. Marketing, Analytics and Technology Providers

Where you have provided the necessary consent, we may share limited personal data with providers supporting:

  • website analytics;
  • advertising measurement;
  • customer relationship management;
  • email marketing;
  • website optimisation;
  • customer behaviour analysis;
  • advertising attribution;
  • audience creation.

These providers may include Google, Meta, Microsoft, TikTok, Klaviyo, Hotjar and similar technology partners.

Information shared is limited to what is necessary for the relevant processing activity.

45. Professional Advisers

We may disclose personal data to professional advisers where reasonably necessary, including:

  • legal advisers;
  • auditors;
  • accountants;
  • insurers;
  • financial advisers;
  • regulatory consultants.

Such disclosures occur only where required for legitimate business purposes or compliance with applicable legal obligations.

46. Legal and Regulatory Requirements

We may disclose personal data where required to:

  • comply with applicable laws;
  • respond to lawful requests from courts or governmental authorities;
  • enforce our contractual rights;
  • investigate suspected fraud;
  • protect our customers;
  • protect our employees;
  • protect our legal interests;
  • prevent unlawful activity;
  • defend legal proceedings.

Where legally permitted, we will seek to limit disclosures to the minimum information reasonably required.

47. Corporate Transactions

If TRUE linkswear or Minus3 s.r.o. becomes involved in a merger, acquisition, restructuring, sale of assets, financing transaction or similar corporate event, personal data may be disclosed to prospective purchasers, advisers, lenders or successor entities.

Such disclosures will remain subject to confidentiality obligations and applicable data protection legislation.

Where required by law, affected individuals will be informed.

48. International Transfers of Personal Data

Some of the service providers supporting our business operate internationally or may process personal data using infrastructure located outside the European Economic Area ("EEA").

Where personal data is transferred internationally, we ensure that such transfers comply with Chapter V of the GDPR.

We only transfer personal data where one or more appropriate safeguards apply.

49. European Commission Adequacy Decisions

Where personal data is transferred to a country recognised by the European Commission as providing an adequate level of protection, transfers may occur on the basis of the relevant adequacy decision.

50. EU-U.S. Data Privacy Framework

Where applicable, we may transfer personal data to organisations participating in the EU-U.S. Data Privacy Framework (DPF).

The DPF provides a recognised legal mechanism for transfers of personal data from the European Union to participating organisations in the United States that have self-certified their compliance with the DPF Principles administered by the U.S. Department of Commerce.

Where we rely upon the DPF, we take reasonable steps to verify that the relevant service provider maintains an active certification covering the relevant categories of personal data processed.

Participation in the DPF does not remove our obligation to assess the suitability of providers or implement additional safeguards where appropriate.

51. Standard Contractual Clauses

Where a service provider is not covered by an adequacy decision or an applicable DPF certification, international transfers may be protected using the European Commission's Standard Contractual Clauses ("SCCs").

These contractual provisions impose legally binding obligations designed to ensure that transferred personal data receives a level of protection essentially equivalent to that required under the GDPR.

Where required, SCCs are supplemented by appropriate technical, contractual and organisational measures.

52. Supplementary Safeguards

Depending upon the nature of the processing, additional safeguards may include:

  • encryption during transmission and storage;
  • pseudonymisation where appropriate;
  • strict access controls;
  • contractual confidentiality obligations;
  • regular security assessments;
  • vendor due diligence;
  • incident response procedures;
  • data minimisation measures;
  • audit rights where appropriate.

These safeguards are designed to reduce risks associated with international data transfers.

53. Data Processing Agreements

Where third parties process personal data on our behalf, we seek to enter into appropriate Data Processing Agreements ("DPAs") in accordance with Article 28 GDPR.

These agreements typically require processors to:

  • process personal data only on documented instructions;
  • implement appropriate security measures;
  • assist with GDPR compliance;
  • notify us of personal data breaches where required;
  • support data subject rights;
  • return or securely delete personal data following completion of services where appropriate;
  • permit audits or provide evidence of compliance where required.

54. Transfers to Other Jurisdictions

Where personal data is transferred outside the EEA to countries not subject to an adequacy decision, we will implement one or more appropriate safeguards recognised under applicable data protection legislation.

Where no appropriate safeguard exists, transfers will occur only where permitted under one of the derogations provided by Article 49 GDPR.

55. Further Information

You may request additional information regarding the safeguards applicable to international transfers of your personal data by contacting us using the contact details provided in this Privacy Policy.

Where legally permissible, we will provide relevant information regarding the transfer mechanism used without disclosing confidential contractual or security information.

56. Protecting Your Personal Data

TRUE linkswear recognises the importance of protecting personal data against unauthorised access, misuse, loss, destruction or alteration.

We implement appropriate technical and organisational measures designed to safeguard personal data throughout its lifecycle.

Our security programme is regularly reviewed to reflect developments in technology, cybersecurity threats and applicable legal requirements.

While we strive to maintain a high level of security, no method of electronic transmission or electronic storage can be guaranteed to be completely secure. Accordingly, we cannot guarantee absolute security.

57. Security Measures

Depending upon the nature of the information processed, our security measures may include:

  • encrypted transmission of personal data using Secure Socket Layer (SSL) or Transport Layer Security (TLS);
  • encryption of sensitive information where appropriate;
  • secure hosting environments;
  • firewall protection;
  • intrusion detection and monitoring systems;
  • role-based access controls;
  • multi-factor authentication for authorised personnel where appropriate;
  • password protection;
  • logging and monitoring of administrative access;
  • regular software updates and security patching;
  • vulnerability management procedures;
  • staff confidentiality obligations;
  • security awareness training;
  • business continuity and disaster recovery procedures.

Access to personal data is restricted to personnel and authorised service providers who require such access to perform their responsibilities.

58. Privacy by Design and by Default

TRUE linkswear seeks to apply the principles of privacy by design and privacy by default when developing, implementing and maintaining our systems and business processes.

Where reasonably practicable, we aim to:

  • collect only the minimum amount of personal data required;
  • restrict access to authorised personnel;
  • implement appropriate security controls during system design;
  • review privacy risks before introducing new technologies;
  • regularly assess the effectiveness of security measures.

59. Data Minimisation

We collect only personal data that is relevant, adequate and limited to what is necessary for the purposes described in this Privacy Policy.

We periodically review the information we collect to ensure that unnecessary or outdated personal data is not retained.

60. Accuracy of Personal Data

We take reasonable steps to ensure that personal data remains accurate, complete and up to date.

Customers are encouraged to:

  • maintain accurate account information;
  • promptly notify us of changes to contact details;
  • review their account information periodically.

Where inaccurate information is identified, we will take reasonable steps to correct or update it without undue delay.

61. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, taxation, regulatory and contractual obligations.

Retention periods vary depending upon the category of information and the purpose of processing.

By way of example:

Category

Typical Retention Period

Customer account information

Until account closure, plus a reasonable period to meet legal obligations

Order records

As required under applicable accounting and tax legislation

Customer service correspondence

For as long as reasonably necessary to manage customer relationships and resolve disputes

Marketing records

Until consent is withdrawn or the individual objects, unless a longer retention period is required by law

Website analytics

Retained in accordance with the configuration of the relevant analytics platform

Security logs

For as long as reasonably necessary to maintain network and information security

Warranty records

For the applicable warranty period and any additional period required by law

Where personal data is no longer required, it will be securely deleted, anonymised or irreversibly destroyed in accordance with our internal retention procedures.

62. Backup and Disaster Recovery

To protect business continuity, personal data may be included within secure backup systems.

Backups are maintained using appropriate security measures and are retained only for as long as necessary to support disaster recovery, legal obligations and operational resilience.

Where technically feasible, personal data contained within backups will be deleted or overwritten in accordance with applicable retention policies.

63. Personal Data Breaches

TRUE linkswear maintains procedures for identifying, investigating and responding to actual or suspected personal data breaches.

Where a personal data breach is likely to result in a risk to the rights and freedoms of individuals, we will notify the competent supervisory authority without undue delay and, where feasible, within 72 hours of becoming aware of the breach, in accordance with Article 33 GDPR.

Where a breach is likely to result in a high risk to affected individuals, we will notify those individuals without undue delay unless an exemption under applicable law applies.

We continually review our incident response procedures to strengthen our security posture and minimise future risks.

64. Fraud Prevention

Protecting customers from fraud is an important part of our legitimate interests.

We may use personal data to:

  • identify suspicious activity;
  • prevent fraudulent transactions;
  • verify customer identity;
  • detect misuse of customer accounts;
  • investigate suspected criminal activity;
  • comply with anti-fraud obligations.

Where appropriate, automated monitoring tools may assist in identifying unusual patterns requiring further review.

65. Children's Privacy

Our website and products are intended for general consumers and are not directed toward children under the age of 16.

We do not knowingly collect personal data directly from children under 16 years of age without appropriate parental or legal guardian consent where required by applicable law.

If we become aware that personal data relating to a child has been collected in circumstances where consent was required but not obtained, we will take reasonable steps to delete such information without undue delay.

Parents or legal guardians who believe that a child has provided personal data to us may contact us using the details provided in this Privacy Policy.

66. Links to Third-Party Websites

Our website may contain links to third-party websites, applications or online services operated independently of TRUE linkswear.

We are not responsible for the privacy practices, security measures or content of third-party websites.

We encourage users to review the privacy policies of any third-party websites before providing personal data.

The inclusion of a link does not constitute an endorsement of the third party or its privacy practices.

67. Business Continuity

We maintain appropriate business continuity and disaster recovery procedures designed to minimise disruption to our services and protect personal data in the event of technical failures, cyber incidents or other operational disruptions.

These procedures are reviewed periodically and updated where necessary to reflect changes in technology and business operations.

68. Your Privacy Rights

If you are located within the European Economic Area ("EEA"), the United Kingdom or another jurisdiction providing similar statutory rights, you may be entitled to exercise certain rights regarding your personal data.

TRUE linkswear is committed to facilitating the exercise of these rights in accordance with applicable data protection legislation.

In some circumstances, certain rights may be limited where exemptions apply under applicable law.

69. Right of Access

You have the right to request confirmation as to whether we process personal data relating to you.

Where we do, you may request access to:

  • the personal data we hold;
  • the purposes of processing;
  • the categories of personal data processed;
  • the recipients or categories of recipients;
  • the anticipated retention period;
  • the safeguards applicable to international transfers;
  • the source of the personal data where it was not collected directly from you;
  • information regarding automated decision-making where applicable.

We will normally provide a copy of your personal data free of charge unless a request is manifestly unfounded or excessive, or additional copies are requested.

70. Right to Rectification

You have the right to request that inaccurate or incomplete personal data be corrected without undue delay.

Where appropriate, we may ask for reasonable evidence supporting the requested correction.

Customers are encouraged to keep their account information accurate and up to date.

71. Right to Erasure ("Right to be Forgotten")

You may request deletion of your personal data where:

  • the personal data is no longer necessary for the purposes for which it was collected;
  • you withdraw consent and no other lawful basis applies;
  • you successfully object to processing;
  • the personal data has been unlawfully processed;
  • deletion is required by applicable law.

This right is not absolute.

We may retain personal data where continued processing is required for:

  • compliance with legal obligations;
  • establishment, exercise or defence of legal claims;
  • public interest obligations;
  • accounting or taxation requirements;
  • fraud prevention;
  • consumer protection legislation.

72. Right to Restriction of Processing

You may request that processing of your personal data be restricted where:

  • you contest its accuracy;
  • processing is unlawful but you oppose deletion;
  • we no longer require the information but you require it for legal claims;
  • you have objected to processing pending verification of overriding legitimate grounds.

During any period of restriction, personal data will generally only be stored unless further processing is authorised by law.

73. Right to Data Portability

Where processing is based upon your consent or the performance of a contract and is carried out by automated means, you may request a copy of your personal data in a structured, commonly used and machine-readable format.

Where technically feasible, you may also request that such information be transmitted directly to another controller.

74. Right to Object

You have the right to object to processing based upon our legitimate interests.

Where you exercise this right, we will cease processing unless we demonstrate compelling legitimate grounds that override your interests, rights and freedoms or where processing is necessary for legal claims.

You also have the right to object at any time to the processing of personal data for direct marketing purposes.

Where you object to direct marketing, we will cease processing your personal data for that purpose without undue delay.

75. Right to Withdraw Consent

Where processing is based upon your consent, you may withdraw that consent at any time.

Withdrawal of consent does not affect the lawfulness of processing carried out before consent was withdrawn.

Consent may generally be withdrawn by:

  • updating your account preferences;
  • using the unsubscribe link contained within marketing emails;
  • adjusting your cookie preferences;
  • contacting us using the details provided in this Privacy Policy.

76. Automated Decision-Making and Profiling

TRUE linkswear may use limited automated processing to assist with:

  • fraud prevention;
  • website security;
  • marketing personalisation (where consent has been provided);
  • product recommendations.

We do not make decisions based solely on automated processing that produce legal or similarly significant effects unless such processing is authorised by applicable law, necessary for the performance of a contract, or based upon your explicit consent.

Where applicable, you have the right to:

  • request human intervention;
  • express your point of view;
  • contest any automated decision.

77. Exercising Your Rights

Requests concerning your personal data may be submitted using the contact details provided in this Privacy Policy.

To protect your privacy and prevent unauthorised disclosures, we may request information necessary to verify your identity before responding.

We will respond to requests without undue delay and, in most cases, within one month of receipt.

Where permitted by law, this period may be extended by up to two additional months where requests are particularly complex or numerous.

If an extension is required, we will inform you within the initial one-month period.

78. Fees

We will not normally charge a fee for responding to requests concerning your personal data.

However, where requests are manifestly unfounded, repetitive or excessive, we may:

  • charge a reasonable administrative fee; or
  • refuse to act on the request where permitted by applicable law.

Any such decision will be explained to you.

79. Right to Lodge a Complaint

If you believe that we have processed your personal data unlawfully or failed to comply with applicable data protection legislation, you have the right to lodge a complaint with the competent supervisory authority in your country of residence, place of work or the place where the alleged infringement occurred.

As Minus3 s.r.o. is established in the Czech Republic, our lead supervisory authority is generally:

Office for Personal Data Protection (Úřad pro ochranu osobních údajů – ÚOOÚ)
Pplk. Sochora 27
170 00 Prague 7
Czech Republic

Website: https://www.uoou.cz

You also have the right to seek a judicial remedy where you consider that your rights under applicable data protection legislation have been infringed.

We encourage you to contact us first so that we have an opportunity to investigate and resolve your concerns promptly.

80. Contacting Us About Your Privacy

If you have questions regarding this Privacy Policy or wish to exercise any of your privacy rights, you may contact:

Privacy Contact

Minus3 s.r.o.
Františka Ventury 1280
530 06 Pardubice
Czech Republic

Email: info@truelinkswear.eu

Telephone: +420 724 894 653

We will make reasonable efforts to respond to all legitimate enquiries promptly and in accordance with applicable legal requirements.

 

81. Changes to this Privacy Policy

TRUE linkswear may amend or update this Privacy Policy from time to time to reflect changes in:

  • applicable laws or regulations;
  • guidance issued by supervisory authorities;
  • our products or services;
  • technology;
  • business operations;
  • security practices; or
  • the third-party service providers we use.

Where changes are material, we will take appropriate steps to notify customers through our website, customer account, email communication (where appropriate) or by other reasonable means.

The "Effective Date" shown at the beginning of this Privacy Policy indicates when the current version became effective.

Continued use of our website after an updated Privacy Policy becomes effective constitutes acceptance of the revised Privacy Policy to the extent permitted by applicable law.

Where applicable law requires your consent before implementing changes, we will obtain that consent before such changes take effect.

82. Governing Law

This Privacy Policy shall be governed by and interpreted in accordance with the laws of the Czech Republic and applicable European Union legislation, including the General Data Protection Regulation (EU) 2016/679 ("GDPR").

Nothing in this Privacy Policy limits or excludes any rights that individuals may have under mandatory consumer protection or data protection legislation applicable in their country of residence.

83. Severability

If any provision of this Privacy Policy is found by a court or competent authority to be invalid, unlawful or unenforceable, the remaining provisions shall remain in full force and effect.

Any invalid or unenforceable provision shall, where possible, be interpreted or modified to achieve its intended purpose while remaining legally enforceable.

84. No Waiver

Any failure or delay by TRUE linkswear to exercise any right or remedy under this Privacy Policy shall not constitute a waiver of that right or remedy.

85. Language

This Privacy Policy has been prepared in the English language.

Where translations are made available for customer convenience, the English version shall prevail in the event of any inconsistency or conflict, unless mandatory local law requires otherwise.

86. Third-Party Privacy Policies

Certain third-party providers whose services are integrated into our website maintain their own privacy notices describing how they process personal data.

Where relevant, we encourage customers to review the privacy notices of service providers including, but not limited to:

  • Shopify
  • Google
  • Meta
  • Microsoft
  • Klaviyo
  • Stripe
  • PayPal
  • Klarna
  • DPD
  • FedEx
  • Hotjar
  • TikTok

TRUE linkswear is not responsible for the privacy practices of independent third-party organisations.

87. Questions About This Privacy Policy

If you have any questions concerning this Privacy Policy, your personal data or how we process information, please contact us using the details below.

Data Controller

Minus3 s.r.o.

Františka Ventury 1280

530 06 Pardubice

Czech Republic

Company Registration Number (IČO): 17525136

VAT Number: CZ17525136

Email: info@truelinkswear.eu

Telephone: +420 724 894 653

Website: www.truelinkswear.eu

We aim to respond to privacy enquiries promptly and, where applicable, within the timeframes required by the GDPR.

88. Effective Date

Effective Date: 29th June 2026

Document Version: Version 1.0

This Privacy Policy supersedes all previous versions relating to the processing of personal data by TRUE linkswear Europe operated by Minus3 s.r.o.

Schedule A – Principal Categories of Service Providers

To operate our business efficiently, we may engage carefully selected service providers in the following categories:

Category

Purpose

Ecommerce Platform

Website hosting, checkout, customer accounts, order management

Payment Providers

Payment authorisation and transaction processing

Logistics Providers

Order fulfilment and delivery

Marketing Platforms

Email communications, marketing automation and customer relationship management

Analytics Providers

Website usage analysis and performance measurement

Advertising Platforms

Advertising measurement, audience management and campaign optimisation

Security Providers

Fraud prevention, cybersecurity and website protection

Professional Advisers

Legal, accounting, taxation and audit services

Cloud Infrastructure Providers

Secure hosting and information technology services

Service providers are selected based on their ability to support our business operations and their commitment to maintaining appropriate technical and organisational measures for the protection of personal data.

Where required by applicable law, Data Processing Agreements are implemented, and appropriate safeguards are applied for any international transfers of personal data.

Schedule B – GDPR Principles

TRUE linkswear is committed to processing personal data in accordance with the following principles established by Article 5 GDPR:

  • Lawfulness, fairness and transparency
  • Purpose limitation
  • Data minimisation
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality
  • Accountability

These principles guide the design, implementation and continuous improvement of our privacy and information governance programme.

End of Privacy Policy