INFORMATION ON THE PROCESSING OF PERSONAL DATA
1. GENERAL INFORMATION ON THE PROCESSING OF PERSONAL DATA (hereinafter referred to as PD)
The Company KG-bau, s.r.o., 949 01 Nitra, Stúrova 71/A, company ID number: 43 790 453, on whose behalf acts Ing. Pavol Knapo (hereinafter referred to as “controller”).
We follow the rules and therefore the protection of your PD is important to us. We process PD in accordance with these conditions.
By granting consent to the processing of PD on our website www.kg-bau.eu, you provide consent serious and freely given, specific, informed and unambiguous indication of data subject´s (client) wishes by which he or she, by a clear aﬃrmative action, signifies agreement in accordance with European Parliament and Council Regulation (EU) 2016/679, of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and also in accordance with the provisions of Act no. 18/2018 Coll., of 29 November 2017 on personal data protection and amending and supplementing certain Acts as amended to the controller (hereinafter referred to as “GDPR and LAW”).
2. THE PURPOSE OF PERSONAL DATA PROCESSING
If you have contacted us, you have used one of our services, we will inform you what we do with our PD. If you have any questions, do not hesitate to contact us.
2.1 Marketing – for marketing purposes, if you have given your consent to the controller by clicking opt in and providing us with an e-mail address. Marketing purposes include sales support, marketing oﬀers, newsletters, information about products and oﬀers in our field. If the customer does not want to receive these oﬀers, he or she simply unsubscribes directly from the newsletter (by clicking on the link – unsubscribe from the newsletter).
If the customer does not wish to receive these oﬀers, he or she can send us an e-mail to firstname.lastname@example.org and we will unsubscribe or delete his or her e-mail address from the mailing list.
The controller processes the PD on the basis of the data subject´s consent (Art. 6/1/a GDPR and LAW).
3. THIRD PARTIES
Your personal data may be provided to third parties.
We provide personal data to our partners:
AUDIT SK, s.r.o., 949 01 Nitra, Kmetkova 5, company ID number: 36 559 831 Slovenská posta, a.s.
4. PERIOD OF PERSONAL DATA PROCESSING
The client agrees to the processing of personal data from the date of consent for a period of 2 years or until the withdrawal of consent.
5. TRANSFER TO A THIRD COUNTRY
The controller does not intend to transfer the PD to a third country or international organisation, including the identification of the country or international organisation.
6. AUTOMATED PROFILING
The data controller does not use automated profiling.
7. IP ADDRESS
It is a set of numbers that uniquely identifies a device on a computer network.
From the point of view of personal data protection, an IP address can be designated as data relating to an identifiable natural person.
An IP address becomes personal data if:
– it is processed by the internet service provider with another identification (name,
– static IP addresses used by natural persons / individuals must be considered personal
– a dynamic IP address will by considered personal data if the internet service provider
processes together with the dynamic IP address also other identifiers considered as personal data (eg name, surname, mail, etc.).
If the IP address is stored on the website (eg WordPress content management system for comments), it is necessary to choose a suitable purpose of processing or use pseudonymisation.
8. SECURE DATA TRANSFER
Your personal data is securely transmitted thanks to encryption. The Secure Socket Layer (SSL) encryption system is most commonly used for secure communication with web servers. Personal data in our systems as well as the website are secured by appropriate technical and organisational measures against loss, destruction, alteration and further dissemination of data through unauthorised persons.
9. RIGHTS OF THE DATA SUBJECT
The data subject has the right under the GDPR to (i) the right to rectification, (ii) the right to erasure, (iii) the right to data portability, (iv) the right to object, (v) the right to withdraw consent, (vi) the right of access to personal data, (vii) the right to lodge a complaint to initiate proceedings.
– The right to rectification
The data subject has the right to obtain from the controller without undue delay the rectification of inaccurate PD relating to him or her and to have incomplete personal data completed.
– The right to erasure
The data subject has the right to obtain from the controller to erase PD concerning to him or her without undue delay and the controller must erase it where:
– PD are no longer needed for the purpose for which they were collected or processed
– the data subject withdraw the consent to the processing of the PD for at least 1 specific purpose or the consent is invalid if it is excluded by a special regulation,
– the data subject objects to the processing of the PD according to … and there are no legitimate reasons for processing PD or the data subject objects to the processing of the PD according to … this concerns direct marketing, including profiling,
– PD are processed illegally,
– the erasure of the PD is necessary for the purpose of complying the obligations with this Act, or a special regulation or international treaty binding upon the Slovak Republic or
– the PD were obtained in relation to the oﬀer of information society services
… the data subject is less than 16 years old.
Where the controller has made the personal data public and is obligated to erase the PD, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform other controllers which are processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data.
– The right to data portability
The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller, if technically feasible, where:
– the processing of PD is based on the consent of the data subject, on the contract and on the consent of the data subject, which is invalid if it is excluded by a special regulation,
– the processing of personal data is carried out by automated means.
– The right to object
The data subject shall have the right to object to processing of personal data concerning him or her for the purposes of direct marketing, which includes profiling to the extent that it is related to such direct marketing. The controller shall at the latest at the time of the first communication with the data subject, the right explicitly brought to the attention of the data subject and information about these rights shall be presented clearly and separately from any other information. The data subject may exercise his or her right to object by automated means using technical specifications.
– The right to withdraw consent
The data subject shall have the right to withdraw, at any time, his or her consent to personal data processing involving the data subject. The withdrawal of consent shall not aﬀect the lawfulness of personal data processing based on consent before its withdrawal; prior to giving consent, the data subject shall be informed thereof. The data subject can withdraw his or her consent as the same way as to give the consent.
– The right of access to personal data
The data subject shall have the right to obtain from the controller conformation as to whether or not personal data concerning him of her are being processed. Where the controller processes such personal data, the data subject has right of access to the personal data and the following information:
– the purpose of the personal data processing,
– the categories of personal data – in our case, they are ordinary PD, the controller does not process a special category of PD,
– identification of the recipient or category of recipient to whom the personal data have been or will be disclosed, in particular recipient in third country or international organisations, where possible,
– the period for which the personal data will be stored, or if that is not possible, the criteria used to determine that period,
– the right to request the controller to rectify personal data regarding the data subject or their erasure or restriction or the right to object to processing of the personal data,
– the right to lodge a complaint to initiate proceedings
– source of personal data, where the personal data are not collected from the data subject,
– the existence of automated decision-making, including profiling, in those cases, controller shall provide information about the logic involved, as well as the significance and the envisaged consequences fo such processing for the data subject.
The controller shall provide information on action taken on a request to the data subject within 30 days of receipt of the request. That period may be extended by two further months. The controller shall inform the data subject of any such extension.
For any further providing of personal data requested by the data subject, the controller may charge a reasonable fee based on administrative costs. The controller shall provide personal data to the data subject in a form as requested by the data subject.
The controller reserves the right to identify the client and find out if it is a specific client. The identification consists in providing additional information e.g. through control questions. The identification is important in terms of providing information on the PD that the controller processes.
– The right to lodge a complaint to initiate proceedings
The data subject has the right to lodge a complaint to initiate proceedings pursuant to section 100 if his or her rights are directly influenced, a complaint shall contain who is the complainant, identification of the entity against which the complaint is addressed, the subject of the complaint, identifying the rights that might have been infringed during personal data processing, evidence.
A template of complaint will be published at the website of Úrad na ochranu osobnych údajov (Oﬃce for the protection of personal data), Hranicná 12, 820 02 Bratislava. The Oﬃce shall review the petition within 30 days, decide within 90 days or in the reasonable cases extend this period.
10.2 What are cookies?
Cookies are small text files that can be sent to a web browser when you visit a website and stored on your device (computer or other device with internet access, such as a smartphone or tablet). Cookies are stored in the file folder of your internet browser.
Cookies usually contain the name of the website from which they originate, the expiration date and the value. The next time you visit the site, the web browser reloads the cookies and sends this information back to the website that originally created the cookies. The cookies we use do not harm your computer.
On the website www.kg-bau.eu may be used session cookies and persistent cookies.
– Necessary cookies
These cookies are essential for the operation of our websites and allow the use of basic functions, such as secure areas or online payments. The necessary cookies are e.g. remembering the login, enabling access to secure areas without to re- login, pre-filling forms, etc.
Without these cookies we will not be able to provide the services that are essential for our websites. If these cookies are disabled, we will not be able to guarantee the full functionality of the websites.
– Performance cookies
We use performance cookies to collect statistical information about how you use our websites. These technical informations like which links you clicked on our websites, which pages you last visited etc. These cookies help us to analyse and improve our websites in terms of content, performance and design. If these cookies are disabled, we will not be able to guarantee the full functionality of our websites.
– Third-party cookies
The websites www.kg-bau.eu contain links and integrated content from other websites. Therefor, cookies may be created during the use of our websites, which are not subject to control by www.kg-bau.eu. This is the case, for example, if the website being viewed uses a third-party analysis or marketing automation tool (such as Google tools) or displays content from a third-party websites, e.g.
You can set the cookies used on www.kg-bau.eu in your web browser. Most internet browsers are initially set to automatically accept cookies. You can change this setting by blocking cookies or by notifying you if cookies are to be sent to your device. Instructions for changing cookies can be found in the help option of each browser. If you use diﬀerent devices to access the site (e.g. computer, smartphone, tablet), we recommend that you adapt each browser on each device to your cookie preferences.
You can delete cookies individually or all at once in the browser, either directly (if you know where they are stored) or using the browser.
13. DO YOU HAVE QUESTIONS?
If you have any questions or comments regarding the processing of personal data, you can contact us, we will be happy to answer your questions.
Controller contact details:
Company name: KG-bau, s.r.o.
Address: 949 01 Nitra, Sturova 71/A
Company ID Number: 43 790 453
Contact details: email: email@example.com Tel.: +421 902 446 404
14. FINAL PROVISIONS
This information comes into force on 25 May 2018. The controller reserves the right to change these conditions in case of a change in the processing of PD in the company and in case of a change in legislation.