pursuant to Act 18/2018 Coll. on personal data protection (hereinafter referred to as the ‘Act’) and Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to personal data processing and on the free movement of such data (hereinafter referred to as the ‘GDPR’)
In accordance with § 6 to §12 of the Act, the basic Personal data processing principles are:
Principle of lawfulness: Personal data may only be processed lawfully and in a way that does not violate the data subject’s fundamental rights.
Principle of purpose limitations: Personal data may only be collected for a specific, explicit and legitimate purpose and may not be further processed in a way incompatible with that purpose; further personal data processing for archiving purposes, for scientific purposes, for historical research purposes or for statistical purposes, if they comply with a specific regulation and if adequate safeguards for the protection of the data subject’s rights pursuant to § 78(8) of the Act, is not considered incompatible with the original purpose.
Principle of personal data minimisation: The processed personal data shall be adequate, relevant and limited to the extent necessary for the purpose that they are processed.
Principle of accuracy: The processed personal data must be accurate and updated as necessary; adequate and effective measures shall be taken to ensure that personal data which is inaccurate in relation to the purposes for which they are processed are erased or rectified without undue delay.
Principle of storage minimisation: Personal data shall be stored in a form which allows the data subject to be identified at the latest until it is necessary for the purpose for which the personal data is processed; personal data may be kept longer if it is to be processed solely for archiving purposes, scientific purposes, historical research purposes or for statistical purposes on the basis of a specific regulation and if adequate safeguards for protecting the data subject’s rights under § 78(8) of the Act are met.
Principle of integrity and confidentiality: Personal data shall be processed in a manner that ensures adequate personal data security by appropriate technical and organisational measures, including protection against unauthorised personal data processing, unlawful personal data processing, accidental loss of personal data, deletion of personal data or damage to personal data.
Principle of responsibility: The controller shall be responsible for adhering to the basic personal data processing principles, for the compliance of personal data processing with personal data processing principles and shall demonstrate such compliance with personal data processing principles at the request of the Slovak Republic Personal Data Protection Office.
Principle of responsibility: In accordance with § 12 of the Act, the controller shall be responsible for adhering to the basic principles for personal data processing, for compliance of personal data processing with the personal data processing principles and shall demonstrate such compliance with the personal data processing principles at the request of the Office.
Your personal data controller is WOOWSTUDIO s. r. o., with its registered office at Černyševského 26, 851 01 Bratislava, Business ID: 50 449 192 (hereinafter referred to as the ‘Company’).
The Company endeavours to act lawfully and responsibly when acquiring, collecting, using and protecting personal data.
The Personal Data Protection Principles (hereinafter referred to as the ‘Principles’) were prepared to this end, which:
if you use our services and we provide the services to you.
The use of our services and the provision of services by our Company shall mean:
These Principles also apply to security measures for the protection of personal data taken by our Company.
These Principles also apply to the functioning of the CCTV system in the building of our Company’s main office.
Our Company processes personal data:
Our Company processes personal data solely to fulfil contractual and legal obligations.
In order to fulfil our contractual and legal obligations, we process the following personal data with respect to our suppliers:
In order to fulfil our contractual and legal obligations, we process the following personal data with respect to our customers:
We process personal data for customer care purposes based on the controller’s legitimate interest, which is customer care and protection.
In order to ensure customer safety and protect Company assets, we process personal data based on legitimate interest. In this case, we can use the building operator’s CCTV records at the building’s entrance.
For purposes of legal claims, we process personal data as described above.
We do not share your personal data with third parties.
We may share personal data with other companies for the following reasons:
We only disclose your personal data to authorised persons, and persons with whom we have a valid contract on personal data processing, these are:
Your fundamental right as a data subject is the right to access personal data – the right to see the personal data we process and store. In order to obtain a copy of the personal data that we process, please send us ‘a request for the data subject’s access to personal data’ in writing to the Company’s address or by email. In this case, you will need to prove that you are the data subject.
Other rights related to personal data:
your personal data will be limited in our databases. In other cases, we will review your request/objection and decide what to do next.
your personal data will be erased from our databases. In other cases, we will review your request/objection and decide what to do next.
We store your personal data while performing our contractual obligations solely for the period of fulfilling an order or an agreement and for the period necessary to complete a complaint procedure.
Based on your consent, we will only store your personal data for the duration of the consent or the termination of a given service.
Based on the legitimate interest, we store your personal data only for the duration of the legitimate interest.
We will not keep your personal data longer than necessary.
The security of your personal data is extremely important to us, so we have taken the necessary security measures, including mechanical, technical and organisational.
Our Company’s main office premises are monitored by the building owner’s CCTV system.
The Company’s main office has a controlled entrance, is protected by alarm and mechanical means.
The data in computers are password protected.
Documents with personal data are placed in cabinets at the Company’s main office.
In connection with the personal data collection, storage and disclosure, we require compliance with all security measures in accordance with the Personal Data Protection Directive approved by our Company.
However, please note that despite the necessary technical and organisational measures to protect your personal data, we cannot guarantee the security of personal data that you transmit to us over the Internet.
Any questions, complaints or suggestions regarding your personal data can be sent by email, to the Company’s address (Černyševského 26, 851 01 Bratislava), or by calling 00421 905 678 663.
The Personal Data Protection Principles become effective on the date of their publication on the Company’s website.
The Company reserves the right to change the personal data processing principles in our Company changes. New or changed Principles will be posted on the Company’s website.