Act No. 18/2018 Coll. on the protection of personal data
The provider of the Information System is:
Company ID: 55106480
VAT ID: 2121873138
- Purpose of processing personal data: contacting for marketing and collecting cookies
- List of personal data processed:
- name and surname
- contact details
- contact addresses
- All data provided by the data subject on the site is stored on a secure server. The authorised entities will use their best endeavours to protect the data and personal data of data subjects.
- Identity/authority of the authorised person: personal data of data subjects is collected through the website.
- The personal data is provided voluntarily by the data subject to the Information System on several legal bases: pre-contractual relationships, as the processing of personal data is necessary for the performance of a sales contract in which the client acts as one of the parties. Later with existing clients when sending useful information on the basis of legitimate interest. Further on the basis of consent to the processing of personal data when there is no possibility of another legal basis. The period of validity of the consent for marketing purposes is provided by the data subject for 5 years from the date of the consent, whereby the data subject has the right to withdraw his/her consent at any time, in writing by registered mail to the address of the controller’s registered office or by email to the controller’s email address.
- Processing of personal data for marketing purposes: the controller will process the data subject’s personal data for marketing purposes and will use the data subject’s e-mail address for the purpose of sending newsletters. For existing customers on the basis of legitimate interest and new customers on the legal basis of consent to data processing for a limited period of 5 years.
- Form of disclosure: The personal data of the data subjects are not disclosed anywhere.
- Third countries, if it is foreseen or evident that a transfer of personal data will take place to these countries: Personal data is not transferred to third countries.
- The controller undertakes to treat the personal data of the data subjects in accordance with the applicable legislation of the Slovak Republic.
The provider has taken appropriate technical, organisational, personnel and security measures and safeguards which take into account, in particular:
– the principles of the processing of personal data, which are lawfulness, fairness and transparency, the limitation and compatibility of the purposes of the processing of personal data, as well as the minimisation of personal data, their pseudonymisation and encryption, as well as their integrity, confidentiality and availability;
– the principles of necessity and proportionality (also applicable to the scope and amount of personal data processed, the storage period and access to the data subject’s personal data) of the processing of personal data with regard to the purpose of the processing operation;
– the nature, scope, context and purpose of the processing operation;
– the resilience and recovery of personal data processing systems;
– instructions to authorised persons of the controller;
– taking measures to promptly determine whether a personal data breach has occurred and promptly informing the supervisory authority and the responsible person;
– taking measures to ensure the rectification or erasure of inaccurate data or the exercise of other rights of the data subject;
– risks of varying likelihood and severity to the rights and freedoms of natural persons (in particular accidental or unlawful destruction of personal data, loss or alteration of personal data, misuse of personal data – unauthorised access or unauthorised disclosure, assessing the risks with regard to the origin, nature, likelihood and severity of the risk in relation to the processing and to identify best practices to mitigate the risk).
Information on the purpose of processing and the retention period of personal data
One of the principles of the processing of personal data is the purpose limitation principle. Under this principle, personal data may only be collected for a specifically identified, explicitly stated and legitimate purpose and may not be further processed in a way that is incompatible with that purpose.
The processing of personal data should be closely linked to the purpose for which the personal data are processed, in particular as regards the list or scope of the personal data processed, which should be necessary for the processing of the personal data in question to achieve the purpose. It is not appropriate to artificially or additionally extend the list or scope of personal data in relation to the purpose. If the purpose and the list or scope of personal data is determined by law, it should be respected; if the controller determines the list or scope of the personal data to be processed, he should take care not to extend it unnecessarily beyond the purpose.
The Personal Data Protection Act provides for the obligation of the controller to provide the data subject with information on the purpose of the processing of personal data for which the personal data are intended, even if the personal data are not collected directly from the data subject. This information must be provided to the data subject at the latest at the time of obtaining his or her personal data, or in sufficient time, in a clear and comprehensible manner and in such a way that he or she can actually acquaint himself or herself with the information and understand it.
The period of retention of personal data shall be determined by the relevant law applicable to the document in question, in accordance with the retention period specified in the register record. If you are interested, please do not hesitate to contact us and we will inform you of the exact retention period relating to the specific document.
Basic and operational cookies of the provider
These files are used by the provider to remember your login to provider web and other affiliated sites, so that you do not have to fill in a login form with a nickname and password every time you open the site. If you disable these cookies you will not be able to log in to your account, you will not be able to add content or post discussion comments, as this will not be technically possible without cookies enabled.
Third party cookies
How can I edit cookies in my browser?
Open your browser settings (Mozilla Firefox, Google Chrome, Internet Explorer, Safari or Internet Explorer) and find the privacy settings bar and the cookies in it. Here you can see what cookies you have on your device, you can delete them manually or in bulk. You can find more detailed instructions in the help of each of these browsers.
Can I block the storage of cookies?
The provider respects your decision to accept cookies in your browser. However, disabling cookies may have an impact on the functionality of this website.
Embedded content from other websites
Articles on this website may contain embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the same way as if the visitor had visited another website.
Information about legitimate interest for marketing to clients:
Our company carries out an assessment of the proportionality of the legitimate interest in the processing of personal data in relation to the interests and fundamental rights and freedoms of data subjects and in relation to the reasonable expectations of data subjects. This Assessment relates to a marketing information system – sending newsletters to existing clients.
We mainly process contact data, namely e-mail and telephone. The provider’s legitimate interest in the processing of personal data in the IS is to inform the client about changes and news in the company. The provider considers the processing of personal data for the above purpose to be necessary, as the data is also necessary for informing clients about important information such as a change in the opening hours schedule, for example.
After a thorough examination of the proportionality of the legitimate interest, the controller considers that the fundamental rights and freedoms of the data subjects do not override the legitimate interests of the provider.
The provider complies with all its obligations under EU and Member State law, has taken appropriate technical and organisational measures and has duly examined the proportionality of the legitimate interest in relation to the rights, freedoms and legitimate expectations of data subjects.
It follows from the foregoing that the provider processes personal data in the IS for purposes that are proportionate in relation to the rights of data subjects.
Rights of the data subject:
- The right of access to personal data concerning him/her,
- the right to rectification of inaccurate personal data concerning him or her,
iii. the right to erasure of personal data concerning him or her,
- the right to restrict the processing of personal data,
- the right to object to the processing of personal data concerning him or her,
- the right to the portability of personal data,
vii. The right to withdraw at any time the consent given to the processing of personal data,
viii. the right to lodge a complaint with a supervisory authority.
The data subject may exercise his/her rights orally, in writing or electronically, via the contact details above. If the data subject requests information orally, the information shall be provided upon proof of his or her identity.G