From 25. 5. 2018 (hereinafter referred to as “Policy”)
Due to the fact that our company New Way system s.r.o. with registered office: Červenej armády 1
1.1. The User is an identified natural person, and is thus in the position of an entity of personal data (hereinafter also the “Entity”).
1.2. The Provider is the Administrator of personal data (hereinafter also the “Administrator”) towards the User.
- Processing of personal data
2.1. The Administrator processes personal data that it obtains directly from the User and that are necessary for the fulfilment of the contractual relationship between the Entity and the Administrator. The Administrator processes personal data for the duration of the contractual relationship and for the time strictly necessary from the point of view of registration and archiving.
2.2. Purpose of processing personal data obtained from the User: personal data are processed by the Administrator for the purposes of fulfilling the contract and exercising the rights and obligations arising from the contractual relationship between the provider and the user. Furthermore, with the consent of the Administrator, it processes personal data for marketing purposes or for the purposes of communication with Users; in this case, the provision of personal data is not a legal or contractual requirement.
2.3. We mainly process the following personal data:
Identification data, which means in particular name, surname, birth certificate number, if assigned, otherwise date of birth or age, address of permanent residence, ID card number, etc., which allow us to fulfil the contractual relationship (including invoicing), – all to fulfil the contractual relationship.
Contact data, which means personal data, especially name, surname, correspondence address, telephone number, e-mail address, etc., which allow us to contact you – all to fulfil the contractual relationship.
- PERSONAL DATA PROCESSING
3.1. The Administrator is entitled in some cases to use the services of external companies that process personal data provided to the Administrator. For this purpose, he is in particular entitled to conclude a processing contract with another entity.
3.2. Based on its legitimate interest, the Administrator is entitled to process the Users’ personal data for the purposes of direct marketing, because direct marketing is in the GDPR’s legitimate interest of the Administrator. You can object to this method of processing (see section 5.2.6).
3.3. The User acknowledges that he is not obliged to provide any data about himself or to consent to their processing.
3.4. Users’ personal data will not be made available to third parties in the form of a publicly accessible list.
3.5. Personal data will not be sold to third countries or international organizations.
- CONTACT regarding the protection of personal data
4.1. If necessary, it is possible to contact the Administrator via email firstname.lastname@example.org
- RIGHTS OF THE PARTIES
5.1. The entity is entitled to exercise the following rights against the Administrator to the extent and under the conditions specified in Chapter III of the GDPR Regulation.
5.2. The Rights of the Entity are as follows:
5.2.1 Right of access to personal data: You have the right to obtain confirmation from the Administrator whether it processes personal data concerning you. If your personal data is processed, you have the right to access this data. This approach will include e.g. information on the purposes of processing, categories of personal data and information on the source of personal data. You also have the right to request a copy of the personal data processed.
5.2.2 Right to correction: You have the right to have the Administrator correct, without undue delay, any inaccurate personal data concerning you which the Administrator processes about you.
5.2.3 Right of deletion: If any of the reasons defined by the GDPR Regulation occur (e.g. Personal Data will no longer be needed for the purposes for which they were collected or otherwise processed, or your consent will be revoked), then you have the right to have the Administrator delete personal data without undue delay. which concern you. However, this right does not apply indefinitely. Deletion will not occur, e.g. if the information is processed on the basis of a legal obligation arising from legal regulations.
5.2.4 Right to processing restrictions: You have the right to have the Administrator restrict processing in cases defined by the GDPR. It is e.g. the situation in which you will deny the accuracy of personal data and the restriction will take place as long as the Administrator verifies the accuracy of personal data.
5.2.5 Right to data portability: In some cases, defined by the GDPR Regulation (e.g. when processing is based on your consent), you have the right to have the Administrator provide you with your personal data in a structured, commonly used and machine-readable format, and the right to pass this data on to another Administrator. You also have the right, if technically possible, for the Administrator to provide this information to another Administrator directly, if technically possible.
5.2.6 Right to object: You have the right to object at any time to the processing of personal data concerning you, for reasons relating to your specific situation, if such personal data are processed in the performance of a task performed in the public interest or in the exercise of public authority or legitimate interests of the Administrator or a third party, including profiling based on these provisions. You have the right to object to processing for direct marketing purposes.
5.2.7 The right not to be the subject to automated individual decision-making, including profiling: You have the right not to be the subject of any decision-making based solely on automated processing, including profiling, which has legal effects for you or significantly affects you in a similar way. However, this right does not apply in all cases, e.g. If the decision is necessary for the conclusion or performance of a contract between you and the Administrator.
5.3 You can make any of the above claims via email@example.com
- GRANTING CONSENT AND THE RIGHT to withdraw it at any time
6.1. Consent to the processing of personal data is granted to the Provider, as the Administrator of personal data.
6.2. In cases where the processing of your personal data is based on your consent, you can revoke this consent at any time.
6.3. If you provide any personal data and agree to their processing, you do so quite voluntarily. Withdrawal of consent, but also its granting, is thus your free choice, and the Administrator is not entitled to force you to do so or to punish you in any way. However, the withdrawal of consent does not affect the lawfulness of the processing before its revocation (i.e. its revocation has no retroactive effect).
6.4. You can revoke your consent to the processing of Personal Data via email firstname.lastname@example.org
7.1. You also have the right to lodge a complaint concerning the processing of your personal data with the supervisory authority, in particular in the Member State of habitual residence or work, which for the Slovak Republic is The Office for Personal Data Protection of the Slovak Republic (Úrad na ochranu osobných údajov Slovenskej republiky) Hraničná 12 820 07 Bratislava.
- TRANSFER OF DATA BY THE PERSON CONCERNED
8.1. In cases where the provision of your personal data by you is a legal requirement, you are obliged to provide this personal data. The same situation occurs if it is your duty to provide personal data on the basis of a concluded contract. If the provision of personal data is obligatory and is not provided by you, the consequences specified in the relevant legal regulation, resp. contracts may apply.
- BUSINESS ANNOUNCEMENT.
9.1. Our company does not send any business announcements.
- CHANGES IN PERSONAL DATA PROTECTION