Privacy Policy
Dear Customer,
in connection with the processing of your personal data (hereinafter also referred to as the “PD”)by ECTA, s.r.o. as the controller, we hereby provide you as the person whose personal data we process (hereinafter also referred to as the “Data Subject”) with information pursuant to (i) Articles 13 and 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (the “GDPR”) and pursuant to (ii) Act No. 18/2018 Coll. on the Protection of Personal Data.
Controller
ECTA, s.r.o., with registered office at Révová 7, 811 02 Bratislava, Company ID: 35 871 431, registered in the Commercial Register of the Municipal Court Bratislava III, Section: Sro, Insert number: 30218/B (hereinafter also referred to as the “Controller”).
Data Protection Officer
The data protection officer has not been designated by the Controller.
Purposes of Processing of Personal Data by the Controller
implementation of the Controller’s core business and the fulfilment of its objectives
providing services to customers and applicants for the Controller’s services
complaint handling
direct marketing
litigation and out-of-court settlement
bookkeeping
clerical work
statistical processing
Legal Basis
The legal basis for the processing of personal data is:
performance of a contractual relationship to which the Data Subject is a party, or the performance of a pre-contractual measure at the request of the Data Subject,
legitimate interest, which is:
implementation of the Controller’s core business and the fulfilment of its objectives
direct marketing
customer care
comprehensive protection and increased customer comfort
Categories of Recipients to Whom Personal Data May be Disclosed
IT service providers
lawyers
experts
auditors
persons entrusted with the performance of activities for the Controller
Transfer of Personal Data to a Third Country
The Controller does not intend to transfer the personal data to a third country or an international organisation.
Retention Period of Personal Data
The Controller is entitled to process the personal data of the Data Subjects (i) for the duration of the contractual relationship and until the expiry of the limitation period for exercising the rights under the contractual relationship, (ii) for the period specifically determined by the relevant legislation and (iii) for the period necessary to comply with the Controller’s obligations under the relevant legislation. The processing of personal data in the case of consent is only possible for the period for which consent has been given.
Rights of the Data Subject
right to request access to the personal data from the Controller
right to rectification of personal data
right to erasure of personal data
right to restrict the processing of personal data
right to object to the processing of personal data
right to data portability
right to withdraw the consent at any time (where consent is the legal basis for the processing of personal data)
right to file a petition to initiate proceedings with the supervisory authority, which is the Office for Personal Data Protection of the Slovak Republic.
The rights of the Data Subject are further specified in Articles 15 to 21 of the GDPR. The Data Subject shall exercise the aforementioned rights in accordance with the GDPR and other relevant legislation. The Data Subject may assert his or her rights against the Controller by means of a written request or by electronic means. If the Data Subject so requests, the information may also be provided orally by the Controller if the Data Subject proves his or her identity in another way.
For detailed information, please contact us by email at info@ecta.sk