Terms and Information Relating to Personal Data Processing – COOKIES
The company PROCUS s. r. o., Reg. No.: 35 757 230, with its registered office at Bukovinská 3, 831 06 Bratislava, registered in the Commercial register of the District court Bratislava I, Section: Sro, Insert No.: č. 18239/B (“Company“) as a personal data controller collects and processes personal data of data subjects pursuant to the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter as “GDPR”) and with regard to Act No. 18/2018 Coll. on personal data protection and on amendments to certain acts (hereinafter as “APDP”).
The below table presents the purposes of processing of personal data (hereinafter also referred to as “PD”) and clearly identifies the category of data subjects, legal basis for personal data processing, categories of processed PD as well as the period for which the PD shall be stored and processed by the Company.
Cookies file represents a small text file which is saved and/or opened on the hard-drive of your end device (e.g., computer, laptop or smartphone) via webpages visited by you. Cookies files also ensure safer and faster interactions with webpages due to the fact that they can remember your preferences (e.g. login data and languages) by means of sending the data they contain back to the original webpages (first party cookie file) or to another webpage to which they relate (third party cookie file) once you visit the respective webpage from the same end device.
|Data subjects||Purpose of personal data processing||Legal basis for personal data processing||Processing period||Recipients|
|1||User, natural person visiting the controller´s webpage||STRICTLY NECESSARY TECHNICAL COOKIE FILES (REQUIRED) Allow navigation on the webpage and the use of its basic functions. They are generally set in response to actions performed by the user and on the basis of which the user requested the services. These cookies files are necessary for the use of the controller´s webpage||Processing is necessary according to Art. 6 section 1 letter c) of the GDPR – necessary to fulfil STATUTORY OBLIGATIONS according to Act No. 351/2011 Coll.||1 month following the last visit on the webpage||Subjects to whom the provision of personal data to controller applies based on legislation, expert consultants and advisors bound by statutory and/or contractual confidentiality, companies providing IT services and/or providing cookies support services|
|2||Natural persons exercising the rights of data subjects||EXERCISE OF RIGHTS OF DATA SUBJECTS||Processing is necessary according to Art. 6 section 1 letter c) of the GDPR – necessary to fulfil STATUTORY OBLIGATIONS of the controller arising under the GDPR and the APDP and related legislation||5 years following the year in which the request was processed||Subjects to whom the controller provides personal data based on legislation, expert consultants and advisors bound by statutory and/or contractual confidentiality, companies providing IT services and/or providing cookies support services|
Apart from strictly necessary cookies which are required for browsing of a particular webpage we store no other cookie files. Please be informed that cookies files can be blocked or removed by you via your internet browser or by means of a third-party software, however please note that issues may occur with respect to specific parts of webpages.
If you wish to remove cookies saved in your devices and configure your web browser to reject cookies, this option is available to you in your web browser settings. Settings with respect to cookies can generally be found in “Options”, “Tools” or “Pre-sets” of the web browser which you use to access our web page. There may be several ways to disable cookies depending on the web browser used. If you require further information, please kindly visit the respective web browser´s website.
The Company shall not disclose personal data to any third parties other than required by law or under these terms for personal data processing. The controller does not transfer personal data to third countries (outside the EU/EEA). The Company shall not process personal data for the purposes of automated decision-making, including profiling.
If any of the purposes of processing has a contract as the legal basis for personal data processing, provision of such data represents a contractual requirement for performance under the respective contract. In case such data is not provided, neither can the contractual relationship be concluded, nor can the performance under the contract take place. If the legal basis for personal data processing is a law, provision of such data shall be a legal requirement. In case such data is not provided, the Company cannot duly perform its duties arising from the relevant general legislation.
The Company obtains personal data primarily from data subjects. The Company may also obtain personal data from public sources and registers, or from third parties, mainly regarding conclusion or performance of a contract. In case the Company is provided with personal data from a person different from the data subject, by providing such data the provider confirms that the data subject whose data is provided to the Company has given consent to process its personal data within the meaning hereof and pursuant to Section 78 (6) of APDP.
The data subject shall have mainly the following rights relating to its personal data processing:
- Based on its application, request from the Company to issue a confirmation whether its personal data is being processed, under what conditions, including the scope, purpose and period of the processing thereof, as well as information on the source of obtaining the personal data in question;
- Based in its application, request from the Company to correct incorrect or outdated personal data and/or complete the incomplete personal data;
- Based in its application, request from the Company to erase/destruct personal data, if:
- the personal data is not required for the purpose they were obtained or otherwise processed,
- in case the personal data have been processed based on a consent and such consent has been withdrawn, while there is no other legal basis for personal data processing or other legal exception;
- if the data subject objects personal data processing based on a legitimate interest and no legitimate reasons for processing prevail, or the data subject opposes direct marketing;
- personal data is unlawfully processed;
- the personal data shall be erased for compliance with a legal obligation;
- Based in its application, request from the Company to restrict personal data processing, if:
- the data subject objects the correctness of personal data during the period that shall enable the Company to verify the correctness of personal data;
- the personal data processing is unlawful, and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
- the Company does not need such personal data for the purpose of their processing, but the data subject needs such data to exercise their legal claim;
- Based in its application request from the Company the personal data provided to the Company relating to the data subject, and if it is technically feasible and the processing is carried out by automated means, the data subject is also entitled to transfer such personal data to another controller.
- Withdraw its consent, in case the legal basis for personal data processing is consent;
- Object to personal data processing relating to the data subject and carried out either (A) on the basis of performance of a task in the public interest or (B) based on the legitimate interest of the Company as the controller in personal data processing, including objecting to profiling on the given legal bases (in cases where the Company performs profiling based on automated decision-making);
- file an application to initiate proceedings at the Office for Personal Data Protection of the Slovak Republic.
The data subject shall be entitled to submit its applications in connection with the above rights at email@example.com or in the form of a registered letter delivered to the Company to the address specified in the first section of these terms. The e-mail/letter shall contain an explicit remark “PERSONAL DATA“.
Responses to the above applications of the data subject or measures taken upon such applications shall be provided by the Company free of charge. If an application of the data subject is manifestly unfounded or inappropriate, mainly due to its repeated nature (a repeated application), the Company shall be entitled to charge a fee taking into account its administrative costs for the provision of information, or a reasonable fee taking into account its administrative costs of notification and/or costs of implementation of the requested measure, or shall be entitled to refuse to act upon such application.
In case of doubts as to compliance with the obligations relating to personal data processing, you may contact the Company directly at firstname.lastname@example.org. You may also file a complaint to the Office for Personal Data Protection of the Slovak Republic, registered office at Hraničná 12, 820 07 Bratislava 27, e-mail: email@example.com, www: https://dataprotection.gov.sk/.