This privacy policy (hereinafter as the “Policy“) contains information about processing of personal data of data subjects by the company securion. s.r.o. at the website www.securion.sk (hereinafter as the “website“) or at the profile of the company securion. s.r.o. on social networks. Your personal data are processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter as the “Regulation“) and other regulations on the personal data protection, mainly by Act No. 18/2018 Coll. on Personal Data Protection and amending and supplementing certain acts (hereinafter as the “Act”) and other relevant regulations in relation to personal data protection.
The purpose of this Policy is to provide you with a clear answer mainly as to why your personal data are processed, how they are processed and what your rights in connection with the processing of your personal data are. This Policy also provides you with other relevant information about the processing of your personal data and the information obligation of a controller pursuant to Article 13, as well as pursuant to Article 14 of the Regulation, related to personal data processing at the website, are fulfilled by this Policy. The terms of personal data processing that occurs outside the website, are regulated in the general privacy policy of the controller and in other internal regulations of the controller related to personal data protection.
The controller when processing your personal data is the company securion. s.r.o., with its registered office at Hviezdoslavova 309/1, 905 01 Senica, Identification No. (IČO): 52 146 961, registered with the Commercial Register of the District Court Trnava, Section: Sro, Insert No.: 43629/T (hereinafter as the “Controller“).
In matters related to personal data processing and protection, you can contact the Controller at the address securion. s.r.o., Hviezdoslavova 309/1, 905 01 Senica or via e-mail to the e-mail address dpo@securion.sk.
The Controller processes your personal data always in accordance with the principle of minimisation, solely for the justified purposes, during limited period determined in accordance with the relevant legal regulations and by using the maximum possible level of security. The Controller processes the personal data only when relevant legal basis for the processing exists, i.e. they are processed in accordance with the principle of legality. You can find the specific purposes, legal bases, categories of personal data and information about the retention period with respect to your personal data being processed when providing services by the Controller, in the table below.
The Controller will also provide you with more detailed information about the retention period with respect to your personal data if you request so.
| Purposes | Legal basis | Categories of personal data | Retention period or criteria for its determination
|
| Receiving and registration of service orders and pre-contractual relationships | Art. 6 (1) b) of the Regulation –
fulfilment of a contract and pre-contractual relationships |
ordinary personal data (name, surname, residence address/address of the place of business, contact details – telephone number, e-mail address, bank connection)
|
until the conclusion of the contract or within 1 year from the date of delivery of the request of the data subject for cooperation / preparation of a price offer |
| Provision of free consulting and educational services | Art. 6 (1) b) of the Regulation –
fulfilment of a contract and pre-contractual relationships |
ordinary personal data (name, surname, e-mail address)
|
during the term of the contractual relationship and after the termination of the contractual relationship until the full settlement of legal and other claims arising from the contractual relationship
|
| Dealing with the rights exercised by data subjects | Art- 6 (1) c) of the Regulation – fulfilment of legal obligations
|
ordinary personal data contained in the request | until handling with the rights exercised |
| Keeping records of the exercised rights of data subjects and keeping records of the ways of handling with them
|
Art. 6 (1) f) of the Regulation – the legitimate interest of the Controller, which is keeping records of the exercised rights of the data subjects for the purpose of proving the fulfilment of obligations arising from legal regulations
|
ordinary personal data contained in the request | 5 years following the day of exercising the rights |
| Responding to messages and handling inquiries / requests from messages delivered to the Controller via the contact form on the website, messages on social networks, e-mail communication or via phone
|
Art. 6 (1) f) of the Regulation – the legitimate interest of the Controller, which is responding to messages from e-mail communication or messages received in another form for a proper business communication, the quality of service provision and the acquisition of new clients
|
name, surname, e-mail, telephone number, other data contained in the message
|
30 days following the receipt of the request or until the handling with the request (fulfilment of the purpose), depends on which of the conditions stated above occurs earlier |
| Direct marketing – past and current clients (newsletter)
|
Art. 6 (1) f) of the Regulation – the legitimate interest of the Controller, which consists of the Controller’s need to inform its clients about business offers and other information concerning clients
|
e-mail address, name, surname, relation to the client’s company
|
3 years following the day of provision of the service or until unsubscribing from the newsletter |
| Direct marketing – sending the newsletter | Art. 6 (1) a) of the Regulation – consent of the data subject | e-mail address, name, surname, relation to the client’s company
|
3 years following the day of granting the consent or until its withdrawal, depends on which of the conditions stated above occurs earlier
|
| Making and publishing photographs and audio-visual recordings of data subjects on the website of the Controller and on other communication channels (social networks Facebook, Instagram, LinkedIn and on the Youtube channel)
|
Art. 6 (1) a) of the Regulation – consent of the data subject | photograph, audio-visual recording | 5 years following the day of granting the consent or until its withdrawal, depends on which of the conditions stated above occurs earlier
|
| Publishing title, name, surname, phone number, e-mail address and function of data subjects on the website of the Controller and on other communication channels (social networks Facebook, Instagram, LinkedIn and on the Youtube channel)
|
Art. 6 (1) a) of the Regulation – consent of the data subject | name, surname, telephone number, e-mail address, function | 5 years following the day of granting the consent or until its withdrawal, depends on which of the conditions stated above occurs earlier |
| Organising competitions for the public and publishing the winners | Art. 6 (1) a) of the Regulation – consent of the data subject | ordinary personal data (title, name, surname, residence address, photograph)
|
2 years following the day of granting the consent or until its withdrawal, depends on which of the conditions stated above occurs earlier
|
| Publishing references about the Controller’s services (on the website, communication channels and in the Controller’s presentation and business materials)
|
Art. 6 (1) a) of the Regulation – consent of the data subject | name, surname, function in the client’s company | 3 years following the day of granting the consent or until its withdrawal, depends on which of the conditions stated above occurs earlier
|
| Personal data processing for the purpose of measuring website traffic and targeting the Controller’s advertising (through cookies) | Art. 6 (1) a) of the Regulation – consent of the data subject | IP address and other activity data at the Controller’s website | 2 years following the day of granting the consent or until its withdrawal, depends on which of the conditions stated above occurs earlier (depending on the type of cookie used)
|
The Controller takes care that an adequate level of protection of your personal data is ensured for each purpose of processing of your personal data. In relation to the security of personal data, the Controller has therefore adopted the Internal Directive on Personal Data Protection, in which the security measures adopted by the Controller to ensure the protection of your personal data, are specified in more detail.
When processing personal data, the Controller obtains your personal data directly from you in case you provide the Controller with them yourself (e.g. by sending a request addressed to the Controller via the contact form on the website, by subscribing to a newsletter, by ordering services from the Controller, taking part in a competition organised by the Controller) or directly by visiting the website of the Controller (online identifiers).
If you are a representative or a contact person of a company which orders services from the Controller, this company is the source of your personal data.
In certain cases, the Controller is obliged to provide your personal data to public authorities or other recipients that are authorized to process your personal data. Such recipients include courts, law enforcement authorities, the relevant tax administrator, supervisory authorities (Slovak Trade Inspection) as well as the Office for Personal Data Protection.
Other recipients of your personal data include companies operating social networks and the YouTube platform in case you contact the Controller via a message on a social network, take part in a competition organised by the Controller on a social network or on the website, you grant your consent to publishing your reference about its services or your photograph (Facebook Inc. and LinkedIn Corporation).
If you visit the Controller’s website and grant your consent to the use of analytical and marketing online tools (cookies), the recipients of your personal data are also companies providing online advertising and analytical tools (Facebook Inc, Google, LLC).
Processors
In certain cases, the Controller provides your personal data also to its processors, i.e. external subjects which process your personal data on behalf of the Controller. Processors process personal data based on the agreement concluded with the Controller, in which they committed to adopt adequate technical and security measures in order to secure the processing of your personal data. The Controller uses the following companies as its processors:
When processing your personal data by the Controller, in certain cases, your personal data are transferred to third countries:
The transfer of your personal data in all the above cases is secured through standard contractual clauses which, in accordance with the terms of use of the above services, are part of the personal data processing authorization agreements concluded with the above specified entities.
The Controller does not process your personal data by profiling or any form of automated individual decision-making, by which evaluation of your personal aspects would take place.
V súvislosti so spracúvaním Vašich osobných údajov máte ako dotknutá osoba v zmysle ustanovení Nariadenia nasledujúce práva:
| Your rights | |
| Right of access – As a data subject, you have the right to obtain a confirmation on whether the Controller processes your personal data and if so, you have the right to obtain access to such personal data and information pursuant to Article 15 of the Regulation. The Controller will provide you with a copy of the personal data being processed. If you file the request via electronic means, the Controller will provide you with the information by commonly used electronic means, unless otherwise requested by you.
|
RIGHT TO OBJECT – You have the right to object to processing of your personal data, for example if the Controller processes your personal data based on the legitimate interest or to processing in which profiling occurs. If you object to such personal data processing, the Controller will not further process your personal data unless it demonstrates necessary legitimate grounds for the further processing of your personal data.
|
| Right to rectification – The Controller has taken adequate measures to ensure that your personal data are accurate, complete and up-to-date. As a data subject, you have the right that the Controller corrects your incorrect personal data or completes your incomplete personal data without undue delay.
|
RIGHT TO WITHDRAW CONSENT – If the Controller processes your personal data on the basis of your consent, you have the right to withdraw the consent at any time in the same way as you granted it. Withdrawal of the consent does not affect the lawfulness of the processing carried out before the withdrawal of the consent. |
| Right to erasure (“right to be forgotten“) – You have also the right that the Controller deletes your personal data without undue delay if certain conditions are met, for example if the personal data are no longer necessary for the purposes for which the Controller obtained or processed them. However, this right needs to be assessed individually, as there may be a situation when the Controller is prevented from the erasure of the personal data by other circumstances (for example, by legal obligation of the Controller). This means that in such a case, the Controller will not be able to comply with your request to delete the personal data. | Right to data portability – Under certain circumstances, you have the right to transmit the personal data to another controller which you determine. However, the right to portability applies only to personal data which the Controller processes on the basis of the consent you have given to the Controller, on the basis of the contract to which you are one of the contractual parties or in case the Controller processes the personal data by automated means.
|
| Right to restriction of processing – You have also the right that the Controller limits the processing of your personal data, for example if you object the accuracy of the personal data or if the processing is illegal and you request restriction of the processing or if the Controller no longer needs your personal data for the purpose of processing, but you need them to prove, assert or defend legal claims. The Controller will restrict the processing of your personal data, if you request so. | Right to lodge a complaint or request – If you believe that your personal data are being processed in breach of applicable legal regulations, you can lodge a complaint with the supervisory authority which is Office for Personal Data Protection of the Slovak Republic, with its office at Hraničná 12, 820 07 Bratislava 27; website: dataprotection.gov.sk, telephone number: 02 3231 3214; e-mail: statny.dozor@pdp.gov.sk. |
You may exercise your rights stated in the table above via contact addresses stated in the beginning of this document.
Response to a request regarding exercise of your rights will be provided to you by the Controller free-of-charge. In case of repeated, unreasonable or disproportionate request to exercise your rights, the Controller is entitled to charge a reasonable fee for providing the information. The Controller will provide you with the response within 1 month from the day of exercise of your rights. In certain cases, the Controller is entitled to prolong the period for providing the response, i.e. in case of a high number and complexity of the requests submitted by the data subjects, maximum by 2 months. The Controller will always inform you in advance about prolongation of the period.
This updated Policy is valid and effective as of 22 December 2020. Due to the fact that it may be required to update the information on the processing of personal data contained in this Policy in the future, the Controller is entitled to update this Policy at any time. However, in such a case, the Controller will notify you in an appropriate manner.
Created by a digital agency UPVISION
securion © 2021
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.