Privacy policy

Information on the processing of personal data

Pursuant to §19 (1) and (2) of Act No. 18/2018 Coll. on the Protection of Personal Data and on Amendments and Additions to Certain Acts, if personal data concerning the data subject are obtained from the data subject, the controller is obliged to provide the data subject with the following information when obtaining them: 

The controller: 
Montáže Zemplín s. r. o.
Hlavná 2271/168
07701 Kráľovský Chlmec
Slovak Republic

+421 911 424 773
info@montazezemplin.sk

Responsible person: 

Rober Rostáš,
+421 911 424 773

Purpose of personal data processing: 

• conclusion and execution of contracts with clients 
• protection of property and ensuring order 

Legal basis for processing personal data: 

• § 13 (1) (b) of Act No. 18/2018 Coll. Act on the Protection of Personal Data and on Amendments to Certain Acts: "the processing of personal data is necessary for the performance of a contract to which the data subject is a party or for the performance of a pre-contractual measure at the request of the data subject" 
• the legitimate interest of the controller ( CCTV system ) 

Recipients of the personal data collected: 

• webex.digital s.r.o. Ostrovského 2 040 01 Košice - website administration 
• Queen Control s.r.o. Masarykova 1669/21, 04001 Košice - accounting administration

Retention period of personal data: 

• Contracts within the meaning of legal requirements 

Intermediaries authorised by the controller: 

• webex.digital s.r.o. Ostrovského 2 040 01 Košice - website administration 
• Queen Control s.r.o. Masarykova 1669/21, 04001 Košice - accounting administration

Rights of the data subject

Data subjects whose personal data are processed by the controller have the following rights: 

To request from the controller access to the personal data concerning the data subject 

The data subject has the right to obtain confirmation from the controller as to whether personal data concerning him or her are being processed. 

The controller is obliged to provide the data subject with the personal data it processes. The controller may charge a reasonable fee corresponding to the administrative costs for the repeated provision of the personal data requested by the data subject. 

Right to rectification of personal data. 

The data subject shall have the right to have inaccurate personal data concerning him or her rectified by the controller without undue delay. Having regard to the purpose of the processing of personal data, the data subject shall have the right to have incomplete personal data completed. 

Right to data portability 

The data subject shall have the right to obtain the personal data concerning him or her which he or she has provided to the controller in a structured, commonly used and machine-readable format and shall have the right to transmit those personal data to another controller, if technically feasible 

The right to withdraw his or her consent at any time, if consent has been given 

The right to lodge a complaint with the Data Protection Authority 

The right to object to the processing of personal data 

If the personal data are being processed unlawfully, the reason for the processing has ceased to exist or the data subject has withdrawn his or her consent to the processing of his or her personal data, the data subject has: 

The right to erasure of personal data 

The right to restrict the processing of personal data 

In order to demonstrate compliance with the Act, the controller is obliged to process personal data in accordance with the principles set out in Sections 6 to 13 of the Act and to comply with the information obligation. 

Purpose limitation principle 

The controller shall only obtain personal data for a specifically identified, explicitly stated and legitimate purpose and shall not further process it in a way that is incompatible with that purpose; 

The principle of minimisation of personal data 

The personal data processed shall be adequate, relevant and limited to the extent necessary for the purpose for which they are processed. 

Principle of accuracy 

The controller shall endeavour to ensure that the personal data processed are correct and updated as necessary 

Principle of minimisation of retention 

Personal data shall be kept in a form which permits identification of the data subject at the latest for as long as is necessary for the purpose for which the personal data are processed; personal data shall be kept longer if they are to be processed solely for archiving purposes 

The principle of integrity and confidentiality 

Personal data shall be processed in a manner which ensures, through appropriate technical and organisational measures, adequate security of personal data, including protection against unauthorised processing of personal data, unlawful processing of personal data, accidental loss of personal data, erasure of personal data or damage to personal data. 

The information obligation is fulfilled by the controller by applying §19 (1) and (2) of the Act by providing the following information to the data subject when personal data relating to him or her are obtained from the data subject: 

• identification and contact details of the controller and of the controller's representative, if any, 
• the contact details of the responsible person, if designated, 
• the purpose of the processing of the personal data for which the personal data are intended, as well as the legal basis for the processing of the personal data, 
• the legitimate interests of the controller or of a third party, if the personal data are processed on that legal basis (pursuant to Article 13(1)(f)), 
• identification of the recipient or category of recipient, if any, 
• the period of retention of the personal data; if this is not possible, information on the criteria for determining it 
• whether the provision of personal data is a legal requirement or a contractual requirement or a requirement necessary for entering into a contract, and whether the data subject is obliged to provide personal data, as well as the possible consequences of not providing personal data 
• the processor, if any, who processes the data subject's personal data on behalf of and on the basis of instructions from the controller 

The controller shall also fulfil the information obligation by providing information to data subjects on their rights: 

• the right to request from the controller access to the personal data relating to the data subject, 
• the right to rectification of personal data, 
• the right to erasure of personal data 
• the right to restrict the processing of personal data, 
• the right to object to the processing of personal data, 
• the right to the portability of personal data, 
• the right to withdraw consent at any time, if consent has been given, 
• the right to lodge a complaint with the Data Protection Authority. 

The controller shall observe the confidentiality pursuant to Section 79 of the Act. 
The controller has authorised and instructed the persons who process personal data in the terms and conditions of the controller.