Privacy Policy

ATTENDANCE SYSTEM – ELECTRONICY

The purpose of personal data processing is employee records during attendance control, documents for documents directly related to the employment relationship or a similar relationship of the employee.

Range of affected persons: natural persons – employees, agreements on work performed outside the employment relationship
List of personal data: name, surname, title, date and time of arrival and departure from work, personal number
Legal basis for personal data processing: Art. 6 par. 1 letter c) GDPR Regulations: Act No. 311/2001 Coll. Labor Code as amended
Beneficiary categories: entities to which a special regulation entrusts the authority to decide on the rights and obligations of natural persons: courts, law enforcement agencies
The transfer of personal data to third countries is not carried out.
Deadlines for deleting personal data:

attendance records 3 years

Automated decision-making, including profiling, is not carried out.

Due to the observance of the principle of minimization, all personal data provided by you is a necessary legal requirement for fulfilling the purpose of their processing.

CAMERA INFORMATION SYSTEM

The purpose of personal data processing is the protection of the property of the operator, the protection of the health and property of the affected persons.

Circle of affected persons: persons located in the area monitored by the camera system
List of personal data: recording from cameras
Legal basis for personal data processing: Art. 6 paragraph 1 letter f) GDPR regulations
Beneficiary categories: entities to which a special regulation entrusts the authority to decide on the rights and obligations of natural persons: courts, law enforcement agencies
The transfer of personal data to third countries is not carried out.
Deadlines for deleting personal data:

video recording 3 days

Automated decision-making, including profiling, is not carried out.

The main legitimate interest is the protection of property, financial and other interests of the operator, as well as the protection of the property, life and health of the affected persons.

POST OFFICE

The purpose of processing personal data is to record incoming and outgoing mail.

Circle of affected persons: natural persons – addressees.
List of personal data: name, surname, title, address, organization name, job title, e-mail address, subject and content of mail
Legal basis for personal data processing: Art. 6 par. 1 letter c) GDPR Regulations: Act No. 395/2002 Coll. on archives and registries and on the addition of certain laws as amended, Act no. 305/2013 Coll. on the electronic form of the exercise of the powers of public authorities and on the amendment and supplementation of certain laws (e-Government Act)
Beneficiary categories: entities to which a special regulation entrusts the authority to decide on the rights and obligations of natural persons: courts, law enforcement agencies and intermediaries: BACKBONE, s.r.o., Medená 25, Bratislava 811 02, 36846104
The transfer of personal data to third countries is not carried out.
Deadlines for deleting personal data:

Ordinary correspondence 3 years

Automated decision-making, including profiling, is not carried out.

Due to the observance of the principle of minimization, all personal data provided by you is a necessary legal requirement for fulfilling the purpose of their processing.

ADMINISTRATION OF THE REGISTRY

The purpose of personal data processing is records associated with registry management such as organizing, handling records and files, sorting, recording, circulation, creation, processing, sending records and storage.

List of personal data: Personal data found in the files of all registry records originating from the company’s activities and all company records delivered, which were registered in the registry diary and assigned a file number: name, surname, title, permanent residence, date of birth, social security number pass
Legal basis for personal data processing: Art. 6 par. 1 letter c) GDPR Regulations: Act No. 395/2002 Coll. on archives and registries and on supplementing some laws as amended
Beneficiary categories: entities to which a special regulation entrusts the authority to decide on the rights and obligations of natural persons: courts, law enforcement agencies
The transfer of personal data to third countries is not carried out.
Deadlines for deleting personal data:

Registry diary 10 years

Automated decision-making, including profiling, is not carried out.

Due to the observance of the principle of minimization, all personal data provided by you is a necessary legal requirement for fulfilling the purpose of their processing.

ACCOUNTING AND TAX DOCUMENTS

The purpose of processing personal data is the record of accounting documents and the agenda associated with its processing.

Type of data subjects: natural persons – clients, employees
List of personal data: name, surname, title, permanent address, temporary address, telephone number, e-mail address, date of birth, type and number of identity document, signature, bank account number of the natural person
Legal basis for the processing of personal data: Article 6(1)(c) of the GDPR Regulation: Act No. 431/2002 Coll. on Accounting, as amended, Act No. 222/2004 Coll. on Value Added Tax, as amended, Act No. 40/1964 Coll. Act No. 152/1994 Coll. on the Social Fund and on amendment and supplementation of Act No. 286/1992 Coll. on Income Taxes as amended, Act No. 311/2001 Coll. on the Labour Code as amended, Act No. 311/2001 Coll. on the Labour Code as amended
Categories of recipients: social insurance office, health insurance office, tax office and entities to which a special regulation confers the power to decide on the rights and obligations of natural persons: courts, law enforcement authorities and intermediaries: Consultancy & Services, spol. s r.o., Horné Ozorovce 125, 957 03 Bánovce nad Bebravou, 51658925
Personal data is not transferred to third countries.
Time limits for erasure of personal data:

Accounting documents 10 years

Automated decision-making, including profiling, is not carried out.

Due to the observance of the principle of minimization, all personal data provided by you is a necessary legal requirement for fulfilling the purpose of their processing.

NOTIFICATION OF ANTI-SOCIAL ACTIVITIES

The purpose of the processing of personal data is to keep the agenda necessary to fulfil the legal obligation of the controller in the investigation of complaints submitted for the investigation of anti-social activities.

Data subjects: natural persons who have lodged a communication
List of personal data: title, name and surname, residence address of the person who lodged the complaint, date of receipt of the complaint, subject of the complaint, result of the verification of the complaint, date of the end of the verification of the complaint
Legal basis for the processing of personal data: Article 6(1)(c) of the GDPR Regulation: Act No 54/20019 Coll. on the protection of whistleblowers of antisocial activities and on the amendment and supplementation of certain acts
Categories of recipients: entities to which a special regulation confers the power to decide on the rights and obligations of natural persons: courts, law enforcement authorities
No transfer of personal data to third countries.
Time limits for erasure of personal data:

Initiatives 3 years

Automated decision-making, including profiling, is not carried out.

Due to the observance of the principle of minimization, all personal data provided by you is a necessary legal requirement for fulfilling the purpose of their processing.

REQUESTS BY DATA SUBJECTS TO EXERCISE RIGHTS

The purpose of the processing of personal data is the registration and processing of requests from data subjects to exercise their rights under the Regulation.

Type of data subjects: natural persons – data subjects / applicants
List of personal data: title, name, surname, permanent residence, email address
Legal basis for processing personal data: Article 6(1)(c) of the GDPR
Categories of recipients: entities to which a special regulation confers the power to decide on the rights and obligations of natural persons: courts, law enforcement authorities
No transfer of personal data to third countries.
Time limits for erasure of personal data:

Request 7 years

Automated decision-making, including profiling, is not carried out.

Due to the observance of the principle of minimization, all personal data provided by you is a necessary legal requirement for fulfilling the purpose of their processing.

CONTRACTS WITH NATURAL PERSONS

The purpose of processing personal data is the preparation and conclusion of contracts with individuals.

Type of data subjects: natural persons – contracting party
List of personal data: name, surname, title, permanent/temporary residence, account number of the natural person, name of the bank, identity card number, data relating to the subject of the contract
Legal basis for processing personal data: Article 6(1)(b) of the GDPR
Categories of recipients: entities to which a specific regulation confers competence to decide on the rights and obligations of natural persons: courts, law enforcement authorities
No transfer of personal data to third countries.
Time limits for erasure of personal data:

contracts 10 years

Automated decision-making, including profiling, is not carried out.

Due to the observance of the principle of minimization, all personal data provided by you is a necessary legal requirement for fulfilling the purpose of their processing.

Data subjects about whom personal data are processed for specific specified purposes may exercise the following rights:

The right to request access to their personal data – The right to rectification of their personal data – The right to erasure of their personal data – The right to restriction of processing of their personal data – The right to object to the processing of their personal data – The right to transfer their personal data – The right to lodge a complaint with the supervisory authority, i.e. the Office for Personal Data Protection of the Slovak Republic.

Those rights of the data subject are further specified in Articles 15 to 21 of the Regulation. The data subject shall exercise those rights in accordance with the Regulation and other relevant legislation. The data subject may exercise the rights against the controller by written request or by electronic means. Where the data subject requests the provision of information orally, the information may be provided in this way, provided that the data subject has provided proof of his or her identity.

DOBROTA Trenčín, s.r.o. has taken all appropriate personal, organisational and technical measures to protect your personal data to the greatest extent possible, in order to reduce the risk of their misuse. Pursuant to our obligation under Article 34 of the Regulation, we hereby notify you as data subjects that if a situation arises where we, as the controller, breach the protection of your personal data in a way that is likely to result in a high risk to the rights and freedoms of natural persons, we will notify you of this without undue delay.

Legislation and the related processing of your personal data may change. If we decide to update this policy, we will post the changes on our website and notify you of the changes. In cases where there is to be a more fundamental change to this policy, or where we are required to do so by law, we will inform you in advance. We ask that you read this policy carefully and check this policy regularly when you communicate with us or use our website.

If you have any questions about the processing of your personal data, including the exercise of the rights set out above, you can contact our Responsible Person provided by EuroTRADING Ltd (www.eurotrading.sk), by email at zo@eurotrading.sk. We will properly investigate all your suggestions and complaints and send you a statement.

If you are not satisfied with our response, or if you believe that we are processing your personal data unfairly or unlawfully, you may file a complaint with the supervisory authority, which is the Office for Personal Data Protection of the Slovak Republic, https://dataprotection.gov.sk, Hraničná 12, 820 07 Bratislava 27; telephone number: +421 /2/ 3231 3214; E-mail: statny.dozor@pdp.gov.sk.

Operator: DOBROTA Trenčín, s.r.o., Brnianska 2323, 911 05 Trenčín, ID: 47126248