Information on personal data processing
Information on personal data processing with regard to data subjects pursuant to § 19 and § 20 of Act No 18/2018 Coll., on the protection of personal data and amending certain acts (hereinafter referred to as the ‘Act’) and Articles 13 and 14 of Regulation (EC) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to personal data processing and on the free movement of such data (hereinafter referred to as the ‘GDPR’)
The purpose of this information is to provide you with information about which personal data we process, how we treat such personal data, for which purposes we use the data, to whom we can provide it, where you can obtain information concerning your personal data and exercise your rights within the personal data processing.
Identification and contact details:
The data controller processing your personal data is HIMEX PLUS s.r.o., Mudrochova 2, 835 27 Bratislava, Business ID No: 35 837 187, email: firstname.lastname@example.org (hereinafter referred to as the ‘Data Controller’).
- The purpose of personal data processing and legal basis of processing
The purpose of personal data processing is: administration of the registry and of communication of the Data Controller with the public authorities
Personal data is processed pursuant to Act No 395/2002 Coll., on archives and registries and amending certain acts, as amended, and pursuant to Act No 305/2013 Coll., as amended.
Legitimate interests of the Data Controller or third party
Personal data processing for the legitimate interests of the Data Controller or a third party is not exercised.
- Identification of the processed personal data of data subjects
Data subjects whose personal data is processed are: senders and recipients of correspondence.
Scope of the processed personal data: degree, first name, surname, signature, address, email address, telephone number, scope of communication pursuant to Act No 305/2013 Coll.
- Identification of recipients, categories of recipients
The Data Controller may provide personal data to the authorised entities such as institutions and organisations, authorised by a specific law, or contractors (especially data processors) who have undertaken to accept reasonable guarantees to maintain processed personal data protection as follows:
|Ministry of Interior of the Slovak Republic||Act No 395/2002 Coll. on archives and registries and amending certain acts|
|other authorised entity||general binding law in accordance with § 13(1)(c) of Act No 18/2018 Coll., on personal data protection and amending certain other acts|
Personal data may be provided to other recipients with the data subject’s consent or by their order.
- Transfer of personal data to a third country/an international organisation
Transfer to the third countries or to the international organisations is not carried out.
- Personal data in the scope of identification of the source from which personal data was collected
Directly from the data subject or their legal representative
- Term of keeping the personal data
The Data Controller processes personal data for the time necessary to fulfil the purpose, but no longer than 10 years.
The Data Controller does not process personal data by profiling or similar manners based on automated individual decision-making.
- The data subject’s rights
The data subject has the right to request access to the data processed data from the Data Controller, and also the right to personal data rectification, the right to erase or restrict personal data processing, the right to object to personal data processing, the right to ineffectiveness of automated individual decision-making, including profiling, the right to personal data portability, as well as the right to bring proceedings to the supervisory authority. If the Data Controller processes personal data with the data subject’s consent, the data subject has the right to withdraw their consent to personal data processing at any time. Withdrawal of the consent does not affect the lawfulness of personal data processing based on consent prior to its withdrawal. The data subject can exercise their rights by sending an email to email@example.com or in writing to the Data Controller’s address.
- Obligation to provide personal data
Provision of personal data is a legal requirement; personal data processing is mandatory. The data subject has an obligation to provide personal data; the data subject violates the law if they do not provide the data.