Motion in Every Step
LEGAL

Privacy Policy

Přepnout do češtiny

Effective from: 30 April 2026

1. Introductory provisions

1.1. This Privacy Policy explains how personal data of customers and visitors of fortooto.com are processed in connection with the FORTOOTO brand, e-mail communication, orders, custom production, delivery of goods and handling of complaints.

1.2. This Privacy Policy applies in particular to:

  • the website fortooto.com,
  • e-mail communication with customers,
  • orders of FORTOOTO products,
  • custom production of clothing and accessories,
  • delivery of products,
  • invoicing and accounting,
  • complaints and customer support,
  • possible use of product photographs in the gallery or marketing presentation.

1.3. This Privacy Policy is intended mainly for customers, potential customers and website visitors.

2. Data controller

2.1. The data controller is:

Martin Janoušek
Business ID No.: 23706635
Registered office: Jetelová 1213, 332 02 Starý Plzenec, Czech Republic
E-mail: info@fortooto.com
Instagram: @fortooto_com

2.2. FORTOOTO is not a separate legal entity, but a business brand of the data controller.

2.3. In matters concerning personal data protection, the data controller can be contacted by e-mail at info@fortooto.com.

3. What personal data we process

3.1. The data controller processes only personal data that are necessary for communication with the customer, preparation of an order, conclusion and performance of a contract, custom production, delivery of the product, accounting, handling complaints, protection of the controller’s rights or fulfilment of legal obligations.

3.2. The data controller may process in particular the following categories of personal data:

a) Identification and contact details

  • first name and surname,
  • e-mail address,
  • telephone number, if provided by the customer,
  • delivery address,
  • billing address.

b) Order data

  • type of ordered product,
  • selected material,
  • colours,
  • fabric weight,
  • accessories and modifications,
  • price,
  • payment currency,
  • payment method,
  • shipping method,
  • content of communication related to the order.

c) Data necessary for custom production

  • body measurements and dimensions necessary for garment production,
  • in particular chest, waist, hip and wrist circumference, sleeve length, back length, height and other data needed according to the specific order,
  • fit preferences,
  • requested fit,
  • other individual customer requirements.

d) Payment and accounting data

  • information about received payment,
  • bank account number, if visible from the bank transaction,
  • variable symbol or other payment identification,
  • data necessary for issuing an accounting or tax document.

The data controller does not currently use a payment gateway.

e) Data related to complaints

  • description of the claimed defect,
  • photographic documentation of the defect,
  • communication related to the complaint,
  • data necessary for assessing and handling the complaint.

f) Photographs of products and customers

  • photographs of finished products,
  • photographs sent by the customer only if provided by the customer,
  • photographs of the customer or the customer with the product only if the customer agrees to their use.

g) Technical data related to the website

  • technical server logs,
  • IP address,
  • browser and device data,
  • technical cookies necessary for the functioning of the website, if used.

4. Purposes and legal bases of processing

4.1. Personal data are always processed only for a specific purpose and on an appropriate legal basis.

4.2. Overview of the main processing purposes:

Purpose of processing Legal basis
responding to a customer enquiry or requeststeps prior to entering into a contract
preparation of an order and order summarysteps prior to entering into a contract / performance of a contract
conclusion and performance of a contractperformance of a contract
custom production based on provided data and measurementsperformance of a contract
delivery of the product to the customerperformance of a contract
payment and payment recordsperformance of a contract / legal obligation
issuing and keeping accounting documentslegal obligation
handling complaintslegal obligation / performance of a contract
protection of rights in case of a possible disputelegitimate interest
technical operation of the websitelegitimate interest
use of a customer photograph in the gallery or marketingconsent
sending marketing communicationsconsent

4.3. If processing is based on consent, the customer may withdraw consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before its withdrawal.

5. Body measurements and custom production

5.1. Because FORTOOTO products are custom-made, it may be necessary to process body measurements and other data needed for the correct production of the product.

5.2. Body measurements and other production data are processed for the purpose of preparing the order, producing the custom-made product, checking the conformity of the product with the order, handling a possible complaint and protecting the rights of the data controller. These data are stored for the period necessary to complete the order and subsequently for a reasonable period in case of a complaint or for the protection of the controller’s rights.

5.3. The customer is responsible for the accuracy of the data provided to the controller. The controller may ask the customer to confirm or clarify the measurements before production begins.

5.4. The controller may send the customer a summary of the provided measurements and other production data for review and confirmation before production.

6. Photographs of products and customers

6.1. The controller may photograph finished products before shipping or handover, especially for the purposes of documenting custom production, checking workmanship, handling a possible complaint and presenting the controller’s work.

6.2. Photographs of the product itself that do not contain the customer’s personal data and where the customer is not identifiable may be used by the controller as examples of the controller’s work, for example on the website, in the gallery, on social media or in marketing materials.

6.3. If a photograph contains the customer, the customer’s body, face or other data by which the customer is identifiable, the controller will use it on the website, social media or in marketing presentation only with the customer’s consent.

6.4. If the customer sends a photograph with the product and agrees to its use, the controller may use it especially on the gallery page, on social media or in other presentation of the FORTOOTO brand.

6.5. Consent to the use of a photograph may be withdrawn by the customer at any time by e-mail to info@fortooto.com. After withdrawal of consent, the controller will stop using the photograph for future presentation, unless another legal reason prevents this.

7. Payments, invoicing and accounting

7.1. The controller processes personal data necessary for receiving payment, identifying payment, issuing an accounting or tax document and fulfilling accounting and tax obligations.

7.2. Payments may be made in particular by bank transfer, QR payment or in cash upon personal handover, if agreed.

7.3. The controller does not currently use a payment gateway. If a payment gateway is introduced in the future, this Privacy Policy will be updated accordingly.

7.4. Accounting and tax documents are kept for the period required by legal regulations.

7.5. The controller does not currently use separate accounting software and does not pass documents to an accountant or tax advisor. If this changes in the future, personal data may also be transferred to these recipients to the extent necessary for accounting, taxes and legal obligations.

8. Shipping and delivery

8.1. For the purpose of delivering the ordered product, the controller may transfer to the carrier the data necessary for delivery of the shipment.

8.2. These data may include in particular:

  • customer’s first name and surname,
  • delivery address,
  • e-mail,
  • telephone number, if necessary for delivery or provided by the customer,
  • shipment data.

8.3. In the Czech Republic and the Slovak Republic, Zásilkovna may be used in particular, or another carrier according to agreement with the customer.

8.4. For shipments to other countries, the carrier may be selected individually according to the destination country, price, availability of the service and agreement with the customer.

8.5. If the order is shipped outside the European Union, it may be necessary to transfer certain data also to the carrier, customs authorities or other entities involved in customs procedures, to the extent necessary for shipping, delivery and fulfilment of legal obligations.

9. Recipients of personal data

9.1. Personal data may be transferred only to the necessary extent to the following categories of recipients:

  • carriers and delivery service providers,
  • web hosting provider,
  • e-mail service provider,
  • banking service provider,
  • accountant or tax advisor, if used,
  • accounting software provider, if used,
  • public authorities, if required by legal regulations,
  • other persons if necessary for the protection of the controller’s rights.

9.2. The website and e-mail services are currently operated through the provider WEDOS, unless the controller decides to use another provider.

9.3. The controller does not sell customers’ personal data to third parties.

10. Transfers of personal data outside the European Union

10.1. The controller does not currently intentionally transfer personal data outside the European Union, except where this is necessary for delivery of a shipment to a country outside the European Union or for fulfilment of related obligations.

10.2. If the customer orders delivery outside the European Union, certain personal data may be transferred to the carrier, customs authorities or other entities involved in shipping and customs procedures.

10.3. If the controller starts using services in the future that may involve transfers of personal data outside the European Union, such as analytics, marketing, payment or newsletter tools, this Privacy Policy will be updated.

11. Website, technical data and cookies

11.1. The website fortooto.com is currently intended as an informational website without an online store, without user accounts, without customer registration and without login.

11.2. Orders are handled mainly by e-mail. The website does not currently contain an order form or customer database.

11.3. The website is currently a static website created mainly using HTML, CSS and JavaScript, without a database. This may change in the future.

11.4. The website may process technical data necessary for its safe and proper operation, especially server logs, IP address, browser and device data and other similar technical data.

11.5. The website uses locally stored fonts and currently does not use external elements such as embedded maps, YouTube videos, Instagram embeds, TikTok embeds or other similar elements. If such elements are added in the future, this Privacy Policy may be updated.

11.6. The website does not currently use analytics tools such as Google Analytics, Plausible, Umami, Fathom or similar services.

11.7. The website does not currently use Meta Pixel, Facebook Pixel or other advertising or marketing measurement tools.

11.8. The website does not currently use a newsletter tool.

11.9. The website may use technical cookies necessary for the functioning of the website, or technical data may be processed within server logs of the hosting provider.

11.10. The controller does not currently use analytics or marketing cookies. If analytics or marketing cookies are added in the future, this will be addressed in a separate Cookie Policy and, where required, by a cookie banner in accordance with applicable legal requirements.

12. Marketing communication

12.1. The controller does not currently send a newsletter.

12.2. The controller does not currently send regular commercial communications to customers about new fabrics, colours, products or services.

12.3. If the controller introduces a newsletter or other regular marketing communication in the future, it will be sent only on the basis of the customer’s consent or another legal basis under applicable legal regulations.

12.4. The customer will always have the option to refuse marketing communications or withdraw consent.

13. Complaints and customer communication

13.1. Complaints are handled by e-mail at info@fortooto.com.

13.2. When handling a complaint, the controller may process in particular:

  • customer’s first name and surname,
  • contact details,
  • order data,
  • description of the claimed defect,
  • photographic documentation of the defect,
  • communication related to the complaint,
  • method of complaint resolution.

13.3. These data are processed for the purpose of fulfilling legal obligations, handling the complaint, protecting the customer’s rights and protecting the controller’s rights.

13.4. Complaint communication and related documentation may be stored for 3 years from the resolution of the complaint, or longer if required by legal regulations or if necessary for the protection of the controller’s rights.

14. Retention period of personal data

14.1. Personal data are stored only for the period necessary for the given purpose or for the period required by legal regulations.

14.2. Indicative retention periods are as follows:

Category of data Retention period
enquiries that do not result in an orderno longer than 12 months from the last communication
orders and related communicationfor the duration of contract performance and subsequently usually 3 years for the protection of rights
accounting and invoicing documentsfor the period required by legal regulations
complaint communication and documentationusually 3 years from the resolution of the complaint
body measurements and production datafor the period necessary to complete the order and subsequently for a reasonable period in case of a complaint or for the protection of the controller’s rights
customer photographs used in the gallery or marketinguntil consent is withdrawn, or for the duration of the presentation for which consent was granted
marketing consentsuntil consent is withdrawn
technical server logsfor the period set by the hosting provider or for the period necessary for technical operation and website security

14.3. After the relevant period expires, personal data will be deleted or anonymised, unless there is another legal reason for their further storage.

15. Customer rights

15.1. In connection with the processing of personal data, the customer has rights under applicable legal regulations, especially the GDPR.

15.2. The customer has in particular the right to:

  • request access to their personal data,
  • request correction of inaccurate or incomplete data,
  • request deletion of personal data if the legal conditions are met,
  • request restriction of processing,
  • object to processing based on legitimate interest,
  • request data portability if the legal conditions are met,
  • withdraw consent if processing is based on consent,
  • lodge a complaint with a supervisory authority.

15.3. The customer may exercise their rights by e-mail at info@fortooto.com.

15.4. The controller may ask the customer to verify their identity if this is necessary to protect personal data and prevent their disclosure to an unauthorised person.

16. Supervisory authority

16.1. If the customer believes that their personal data are being processed in violation of legal regulations, they have the right to lodge a complaint with a supervisory authority.

16.2. The supervisory authority in the Czech Republic is:

Office for Personal Data Protection
Pplk. Sochora 27
170 00 Prague 7
Czech Republic
website: www.uoou.gov.cz

17. Security of personal data

17.1. The controller adopts appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration or disclosure.

17.2. Access to personal data is limited to the controller, or persons and service providers who need the data to provide a specific service, such as shipment delivery, hosting, e-mail services or accounting.

17.3. Personal data are processed mainly in e-mail communication, order documentation, accounting documents and, where applicable, in other tools necessary for the operation of the FORTOOTO brand.

18. Changes to this Privacy Policy

18.1. The controller may amend this Privacy Policy, especially if the method of personal data processing, used services, website tools, legal requirements or operation of the FORTOOTO brand changes.

18.2. The current version of this Privacy Policy will always be available on fortooto.com.

18.3. For the customer, the relevant version is the version effective at the time when their personal data are processed, or the version referred to when placing the order.

19. Language version

19.1. This Privacy Policy is prepared in Czech and English.

19.2. The Czech version is primary. In the event of any discrepancy between the Czech and English versions, the Czech version shall prevail.