written pursuant to Regulation (EU) No 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter also referred to as the "Regulation") and in accordance with Act No 18/2018 Coll. on the Protection of Personal Data and on Amendments and Additions to Certain Acts (hereinafter also referred to as the "Act on the Protection of Personal Data")
We will only use the personal information you provide to us to provide you with a high quality service. We always consider your privacy when providing our services and treat the protection of your personal information with respect and responsibility. We encourage you to read this policy carefully to familiarise yourself with all your rights before entering into a legal relationship with us.
IDENTIFICATION OF THE DATA CONTROLLER
Data Controller: KMS-PT s.r.o.
Registered office: K Surdoku 5/A, 08001 Prešov
E-mail: email@example.com, tel: 0918897747
Responsible person: Iveta Janovčíková
(hereinafter referred to as "the Data Controller" or "we") hereby take the liberty to inform you, as data subjects, about the manner and scope of processing of your personal data, including the scope of your rights related to the processing of your personal data. The Data Controller is engaged in the provision of services in the field of mould manufacturing for injection moulding machines and vacuum forming.
In order to provide our services and/or enter into a contract, we need to collect personal information from the customer which will be used to provide those services and to communicate with the customer. We ensure the protection of any personal data you provide to us in any form in accordance with the OOU Act. In particular, we take care to prevent the occurrence of personal data breaches, in particular by taking reasonable precautions to prevent the occurrence of accidental or unlawful destruction, loss, alteration or unauthorised disclosure of, or unauthorised access to, transmitted, stored or otherwise processed personal data. We have put in place appropriate technical, organisational and staffing measures appropriate to the nature of the processing. All customer personal data is stored on a secure server and in locked rooms and we make every effort to protect it. In particular, when processing the personal data of clients, prospective clients and client representatives, we comply with the principles of lawfulness, purpose limitation, minimisation of personal data, accuracy, minimisation of storage, integrity and confidentiality and accountability.
In accordance with the Regulation and the OOU Act, as a controller we process the personal data you provide to us in connection with the performance of our activities. We only process such personal data in order to provide you with our services, individual products, to comply with our legal obligations and also to protect our legitimate interests. We collect personal data about our clients who are interested in our services or who have given us their consent so that we can address them with product and service offers, personal data that you provide to us in connection with the purchase of goods or the use of services (e.g. in the context of creating an order for goods electronically, by telephone, purchasing goods and entering your personal data in the context of the issuance of an invoice by the Operator or when making a claim for goods). This includes in particular personal data about:
The Data Controller processes this personal data only in accordance with the purposes set out below, to the extent and for the period necessary for the fulfilment of these stated purposes, otherwise only for the period of mandatory archiving in accordance with the specific provisions of Slovak law.
2. Processing of personal data in connection with the handling of complaints, enquiries and claims
3. Processing of personal data in connection with the exercise of data subjects' rights
4. Processing of personal data in connection with the legitimate interests of the Data Controller
5. Processing of personal data in connection with the fulfilment of the legal obligations of the controller, in particular the provision of assistance to state authorities and public authorities in the exercise of control, the purpose of registry and archiving of documents, the performance of activities to comply with obligations arising from special regulations, the fulfilment of obligations arising from the relevant tax and accounting regulations
III. If the client gives us consent to the processing of personal data, we will store the data for the period specified in the consent to the processing of personal data. If you withdraw your consent, this is without prejudice to the processing of your personal data carried out by the Data Controller under other legal titles, in accordance with this Policy.
1. Personal data may also be processed by entities other than the Data Controller and its employees in order to fulfil the above purposes. The Data Controller carefully selects the external partners that may process your personal data as processors and entrusts personal data only to those entities that provide sufficient guarantees to ensure appropriate technical and organisational security measures to prevent, in particular, accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or unauthorised access to, the personal data transmitted, stored or otherwise processed.
The entities that may have access to your personal data are, or may in the future be:
2. As the Data Controller, we are obliged to transfer certain of your personal data to the following recipients on the basis of generally binding applicable law in cases where such obligation arises from the law or is necessary for the establishment, exercise or defence of the rights and legitimate interests of us or of third parties. These recipients have the status of independent controllers.
The recipients of your personal data may be:
3. As the Data Controller, we are entitled to entrust the processing of your personal data to processors who are authorised to process personal data on our behalf and are obliged to follow our instructions. In accordance with the Regulation, your specific consent is not required for such delegation. Such a processor is any person who has entered into a separate contract with us for the processing of personal data.
Our intermediaries are:
We obtain your personal data directly from you when carrying out our activities, when entering into and during the term of a contract and in the performance of that contract, or through other persons insofar as these persons have your consent.
We do not transfer your personal data to a third country or international organisation
We do not use automated processing of your personal data or profiling of personal data in carrying out our activities.
Cookies are necessary on the site to ensure the functionality of the site. Analytical cookies allow the operator to recognise and count the number of users and to obtain information about how the website is used without personally identifying individual visitors. Google Analytics uses _ga as the main cookie, which allows the service to distinguish users and is valid for two years. It is used by all websites that implement Google Analytics (e.g. to identify which pages a user opens most often and whether they receive error messages from certain pages). This helps us improve the way our website works and allows you to easily find what you are looking for.
The proper processing of your personal data is important to us and its protection is a matter of course. You can exercise the following rights when processing your personal data:
Right of access to your personal data
You have the right to confirm whether or not your personal data is being processed and, if so, to access information on the purposes of processing, the categories of personal data concerned, the recipients or categories of recipients, the period of retention of personal data, information on your rights, the right to lodge a complaint with the Data Protection Authority, information on the source of personal data, information on whether or not automated decision-making and profiling is taking place, information and safeguards in the event of a transfer of personal data to a third country or an international organisation. You have the right to be provided with copies of the personal data processed. You may send your request electronically to our email address or in paper form to the address set out in Article I of this Policy. If you request specific personal data, we will require that the request under this paragraph be certified by an official.
Right to rectification of your personal data
Are we processing your outdated or inaccurate personal data? For example, have you changed your home address? Please inform us and we will correct the personal data. You can send your request electronically to our email address or in paper form to the address listed in Article I. of this Policy.
Right to have your personal data erased
In certain cases provided for by law, we are obliged to delete your personal data on your instruction. However, each such request is subject to an individual assessment as to whether the conditions are met because, for example, we may have an obligation or legitimate interest, if it outweighs your interests, to retain the personal data. You may send your request electronically to our email address or in hard copy to the address set out in Article I of this Policy.
The right to restrict the processing of your personal data
If you wish us to process your personal data only for the most necessary legal reasons or to block your personal data, you can send your request for restriction of processing of your personal data electronically to our e-mail address or in paper form to the address specified in Article I. of this Policy.
Right to data portability of your personal data
If you wish us to disclose your personal data to another controller, another company, we will transfer your personal data in an appropriate format, if we are not prevented from doing so by any legal or other significant obstacle, to an entity designated by you, if this is technically feasible and if
You may send your application electronically to our email address or in paper form to the address set out in Article I of these Rules, together with a certified signature on the application in question. We require a certified signature on the application in question in order to prevent unauthorised disclosure of your personal data to other entities.
Right to object to the processing of your personal data for marketing purposes and automated individual decision-making
If you become aware or believe that we are processing your personal data in breach of the protection of your private and personal life or in breach of the law, please contact us and ask us to explain or remedy the situation. Furthermore, you can also object directly to automated decision-making or the processing of your personal data for marketing or advertising purposes, if such processing is carried out without your consent for the purpose of the legitimate interest of the controller. You can send your request electronically to our email address or in paper form to the address set out in Article I. of this Policy.
You have the right not to be subject to a decision which is based solely on automated processing of your personal data, including profiling, and which has legal effects concerning you or similarly significantly affecting you. This right shall not apply where the decision is
Right to withdraw your consent to the processing of personal data
If the processing of your personal data is based on your specific consent, e.g. consent to the processing of personal data relating to your health, or marketing consent (see Article III Legal basis for the processing of personal data by purpose), you may withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of the processing of personal data based on consent prior to its withdrawal. You may send your request to withdraw consent electronically to our email address or in paper form to the address set out in Article I of this Policy. We can send you a template of such a request by email on request.
Right to lodge a complaint with the Data Protection Authority
You may at any time contact the supervisory authority with your complaint or complaint regarding the processing of personal data, namely the Office for Personal Data Protection of the Slovak Republic, located at Hraničná 12, 820 07 Bratislava 27, Slovak Republic, Business ID: 36 064 220, telephone No.: +421/2/3231 3220, website https://dataprotection.gov.sk/uoou/.
In order to be able to process your request and to uniquely identify you as a data subject, we are entitled to request additional information.
The client is obliged to provide only complete and truthful data. The Client is obliged to update his/her data in case of changes and bears full responsibility for the consequences of a breach of this obligation.
We provide all notifications and statements regarding the rights you have exercised free of charge. However, if the request is manifestly unfounded or inappropriate, in particular because it is repetitive, we shall be entitled to charge a fee taking into account the administrative costs of providing the requested information of EUR 10,-.
How long can I expect a reply
We will provide you with a statement and, where appropriate, information on the measures taken as soon as possible and within one month at the latest. We will inform you in due time of any extension of the deadline, including the reason.
In case of any query regarding the processing of your personal data or the exercise of the aforementioned rights, you may contact the Data Controller at the contacts listed in Article I. of these Rules.
In Prešov 20. 03. 2023