In the case of the processing of personal data which is based on the consent of the data subjects for the purpose of sending commercial communications and for the purposes of other direct marketing activities of the internet trader.
1. Identity and contact details of the controller
1.1. The controller of your personal data is the company:
nám. Slobody 10, 921 01 Piešťany, Slovakia
(hereinafter referred to as the “controller”)
1.2. The contact details of the controller are as follows:
nám. Slobody 10, 921 01 Piešťany, Slovakia
1.3. The controller did not appoint a Data protection officer (DPO)
2. Legal reason for processing personal data
2.1. The legal reason for processing your personal data is your
consent given to this controller in accordance with Art. 6 par. 1 letter a) Regulation 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (General Data Protection Regulation) ( hereinafter referred to as the “Regulation”)
3. Purpose of personal data processing
3.1. The purpose of processing your personal data is to send tax documents for renting the system, business announcements and other marketing activities performed by the controller against your person.
3.2. There is no automatic individual decision carried out by the controller in the sense of Art. 22 of the Regulation.
4. Time of storage of personal data
4.1. The period for which your personal data will be stored by the controller is 3 years, but the longest until the revocation of your consent to the processing of personal data (for this purpose of processing).
5. Other recipients of personal data
5.1. Other recipients of personal data include companies:
WebSupport, s.r.o. Karadžičova 12 821 08 Bratislava, Slovakia (server administrator)
External controllers of marketing tools:
ECOMAIL.CZ, Na Zderaze 15 , 120 00, Praha 2, Czech Republic
Banking service providers:
FIO banka, a.s., Dunajská 1, 811 08 Bratislava, Slovakia
Pay Solutions, a. s. Líščie údolie 119841 04 Bratislava, Slovakia
Companies that deal with IT solutions and IT administration and development of software programs, servers that we use for our service.
6. Rights of the data subject
6.1. Under the conditions set out in the Regulation, you have the right to request access to your personal data from the controller, the right to correct or delete your personal data, or restrict their processing, the right to object to the processing of your personal data, and the right to transfer your personal data.
6.2. You have the right to withdraw your consent to the processing of your personal data given to the controller at any time. However, this does not affect the lawfulness of the processing of your personal data prior to such withdrawal of consent. You can revoke your consent to the processing of personal data at the e-mail address: firstname.lastname@example.org
6.3. If you believe that the processing of your personal data has been violated or the Regulation is violated, you have, among other things, the right to lodge a complaint with the supervisory authority.
6.4. You are not required to provide personal information. The provision of your personal data is a necessary requirement for the conclusion and performance of the contract and without the provision of your personal data, it is not possible to conclude the contract or fulfil it by the controller.
Definitions of basic terms
data subject shall be any natural person whose personal data are processed,
controller is anyone who, alone or together with others, defines the purpose and means of the processing of personal data and processes personal data in his own name; the controller or specific requirements for its designation may be laid down in a special regulation or international agreement by which the Slovak Republic is bound, if such regulation or this agreement stipulates the purpose and means of personal data processing,
processor means anyone who processes personal data on behalf of the controller,
personal data processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction; regardless of whether it is performed by automated means or by non-automated means,
consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her
filing system means any structured set of personal data which are accessible according to specific criteria, whether centralised, decentralised or dispersed on a functional or geographical basis,
biometric data means personal data resulting from specific technical processing relating to the physical, physiological or behavioural characteristics of a natural person, which allow or confirm the unique identification of that natural person, such as facial images or dactyloscopic data,
restriction of processing means the marking of stored personal data with the aim of limiting their processing in the future,
profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements,
pseudonymisation means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person,
encryption is the transformation of personal data in a way that reprocessing is possible only after entering a selected parameter, such as a key or password,
online identifier is an identifier provided by an application, tool or protocol, in particular an IP address, cookies, online service credentials, radio frequency identification, which may leave traces that, in particular in combination with unique identifiers or other information, may be used to profile the data subject and to identify it,
personal data breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed,
recipient is anyone to whom personal data are provided, whether third party or not; the recipient is not considered a public authority that processes personal data on the basis of a special regulation or international agreement by which the Slovak Republic is bound, in accordance with the rules of personal data protection applicable to the purpose of personal data processing,
third party is anyone who is not a data subject, controller, processor or other natural person who processes personal data on behalf of the controller or processor,
Our company will adhere to the following principles of personal data processing:
- Personal data will be processed lawfully, fairly and transparently in relation to the data subject (“legality, fairness and transparency”);
- Legality of processing (Article 6 of the GDPR)
- Our company has undertaken to process data only in a lawful manner so as not to violate the fundamental rights of the data subject.
The processing of personal data by our company will be legal by ensuring that it is carried out on at least one of the following legal bases:
- the data subject has consented to the processing of his or her personal data for one or more specific purposes;
- processing is necessary for the performance of a contract to which the data subject is a party or for measures to be taken before the conclusion of the contract at the request of the data subject;
- processing of personal data is necessary according to a special regulation or an international agreement by which the Slovak Republic is bound (§ 13 par. 1 letter c, Personal Data Protection Act)
- processing is necessary to protect the vital interests of the data subject or of another natural person;
- processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority conferred on the controller;
- processing is necessary for the purposes of legitimate interests pursued by the controller or a third party, except where such interests outweigh the interests or fundamental rights and freedoms of the data subject, which require the protection of personal data, in particular if the data subject is a child.
These conditions take effect on August 31. 2020.