DECLARATION OF THE CONTROLLER ON THE PROCESSING OF PERSONAL DATA

Data controller ICT industrial construction technologies, s. r. o., with registered office at Robotnícka 2192, Považská Bystrica 017 01, Company ID No.: 46786406 (hereinafter referred to as the “Controller”), has implemented adequate technological and organisational measures to ensure data subjects’ rights are protected, thereby declaring the lawful processing of personal data. Furthermore, the Controller has implemented a transparent system for tracking security incidents as well as any questions from the data subject and others.

Individual information can also be obtained by phone at: +421 (0)42 42 61 135, through email at: info@ict-slovakia.sk in person at Robotnícka 2192 Považská Bystrica, 017 01, or in this dedicated Privacy Policy section.

Below we provide information on personal data processing and protection in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) and Slovak Act No 18/2018 Coll. on the Protection of Personal Data and on Amendments and Additions to Certain Acts (hereinafter referred to as the: “Personal Data Protection Act”).

Controller
ICT industrial construction technologies, s. r. o.,
Robotnícka 2192 Považská Bystrica, 017 01
Company ID No.: 46786406

As the Data Controller, we process your data for our own purposes. This means that we define the purposes for which we gather your personal data, choose the means of processing, and are responsible for their proper execution.

Categories of processors and recipients

In some situations, the Controller may additionally process the personal data of data subjects through processors entrusted with personal data processing under Article 28 of the GDPR.

Processors process the personal data of data subjects on behalf of the Controller. The processor’s processing of personal data must not impair the ability of data subject to exercise and enjoy his/her rights. The Controller shall only engage processors who could provide appropriate technological, organisational, and other means to guarantee that the processing complies with the GDPR standards and that the data subject’s rights are effectively protected.

When processing the personal data of data subjects, the Controller uses the following types of processors:

Purpose of personal data processing

On behalf of ICT industrial construction technologies, s. r. o., as the Controller, we only collect the data that are necessary to offer you with a full service in the field of development, manufacturing, sales, and service of machines and equipment for dry ice blasting and dry ice production. The purposes of the processing of personal data for each procedural step are:

List of personal data processed

Period of personal data processing and storage

Your personal data that we have processed or are processing in accordance with Article 6(1)(b) of the GDPR Regulation - in the performance of the obligations of the Controller ICT industrial construction technologies, s. r. o., towards customers and clients, or further processing for the purpose of fulfilling our legal obligations relating to taxation and accounting, which are imposed on us by generally binding legal regulations (for example, storage of individual accounting records of your confirmed orders and invoicing for the purpose of delivering selected goods to your contact address in accordance with Act No. 431/2002 Coll. on Accounting as amended, for cases of proving the fulfilment of tax obligations in accordance with tax legislation Act No. 595/2003 Coll. on Income Tax, Act No. 563/2009 Coll. on Tax Administration, and so on.), must be kept for the period of time specified by the relevant legislation. In any case, we are driven by the concept of minimising personal data retention in accordance with Article 5(1)(e) of the GDPR, and thus your personal data that are not subject to archiving under special legislation will be destroyed or anonymized.

Personal data processed in accordance with Article 6(1)(f) of the GDPR Regulation - on the basis of legitimate interest, obtained in response to an enquiry/suggestion or question submitted by you regarding the services provided and products supplied, where it was necessary to verify the validity of the request, or to carry out any follow-up contact of the client/data subject that was not subsequently transferred to a pre-contractual or contra contractual relationship, is deleted without delay.

As the Controller, we will ensure the erasure of personal data without undue delay if the following events have occurred: all contractual ties between you and us as the Data Controller have been terminated; and/or

In any case, we do not systematically process any inadvertently collected personal data for any purpose stated by us. Where possible, we will notify the data subject to whom the inadvertently obtained personal data pertain of their accidental acquisition and, depending on the nature of the case, we will provide them with the cooperation required to reclaim control over their personal data. Following these required procedures to remedy the situation, we will securely dispose of any inadvertently collected personal data.

If you require any additional information about the particular retention period of your personal data, please contact us using the contact details provided.

Data disclosure

Our company does not disclose the collected data in any case.

Cross-border transfer of personal data

There is no transfer of personal data across borders.

Rights and obligations of the data subject

We will make every effort to respond to you as soon as possible, but we will always respond within 30 days of receiving your request. The applicable legislation and the GDPR Regulation or the Personal Data Protection Act, provides you in particular with:

Right of access – You are entitled to ask us if we are processing your personal data and, if so, to receive a copy of that data and other information in accordance with Article 15 of the Regulation or Section 21 of the Act. We may require you to specify your request for a range of specific data that we process about you if we acquire a large amount of data about you.

Right to rectification – To ensure that we always process up-to-date personal data on you, we require you to notify us of any changes as soon as they occur. If we process inaccurate data about you, you are entitled to have it corrected.

Right to erasure – If the conditions of Article 14 of the Regulation or Article 23 of the Act are met, you may request that your personal data be erased. You may request erasure if, for example, you have withdrawn your consent to the processing of your personal data and there is no other legal basis for processing, or if we are processing your personal data unlawfully, or if the purpose for which we processed your personal data no longer exists and we are not processing it for another compatible purpose. We will not, however, erase your data if it is required for the establishment, exercise, or defence of legal claims.

Right to restrict the processing – If the conditions of Article 18 of the Regulation or Article 24 of the Act are met, you are entitled to request that we restrict the processing of your personal data. You can therefore request a restriction, for example, if you object to the integrity of the processed data or if the processing is unlawful and you do not want us to erase the data but need the processing to be restricted while you exercise your rights. We will continue to process your data where legal claims can be established, exercised, or defended.

Right to data portability – If the processing is based on your consent or carried out for the performance of a contract to which you are a party and also carried out by automated means, you are entitled to receive from us your personal data that we have collected from you in a commonly used machine-readable format. We can transmit your personal data directly to another controller if you request it and it is technically feasible. This right does not extend to processing done in the course of performing a duty in the public interest or exercising official authority.

Right to object to processing – You are entitled to object to processing if we process your personal data in the course of performing a duty in the public interest or exercising official authority vested in us, or if the processing is carried out on the basis of our legitimate interests or the legitimate interests of a third party. We will restrict the processing of your personal data based on your objection, and we will delete your personal data unless we can demonstrate compelling legitimate grounds for processing that override your interests, rights, and freedoms, or for the establishment, exercise, or defence of legal claims. You are entitled to object to the processing of personal data for direct marketing purposes at any time, including profiling insofar as it is connected to such direct marketing. If you object, we shall stop using your personal information for this purpose.

Right to file a complaint – If you believe that the processing of your personal data violates the Regulation or the Act, you are entitled to file a complaint with one of the competent supervisory authorities, preferably in the Member State of your habitual residence, place of employment, or the alleged breach. For the territory of the Slovak Republic, the supervisory authority is the Office for Personal Data Protection, with its headquarters at: Hraničná 4826/12, 820 07 Bratislava, Slovak Republic, web: www.dataprotection.gov.sk, tel.: +421 /2/ 3231 3220.

Right to withdraw consent – If your personal data is processed with your consent, you are entitled to withdraw your consent at any time. The withdrawal of consent has no effect on the processing that has already occurred. If you change your mind and want to receive sales and marketing offers from us about our products and services again, you can re-grant your withdrawn consent (or file a complaint) at any time by contacting us using any of the contact methods listed above.

Contact details of the Office and of the person responsible

Office for Personal Data Protection of the Slovak Republic
Permanent Address:
Hraničná 12
820 07, Bratislava 27
Slovak republic
Company ID No.: 36 064 220

Filing Office:
Monday – Thursday: 8:00 - 15:00
Friday: 8:00 - 14:00

Data protection consultations over the telephone:
Tuesday and Thursday from 8:00 to 12:00 +421 2 323 132 20
Secretariat of chair of the Office +421 2 323 132 11
Secretariat of the Office +421 2 323 132 14
Fax: +421 2 323 132 34

Spokesperson:
Tel.: 0910 985 794
E-mail: hovorca@pdp.gov.sk

E-mail:
a) general: <a href="mailto:statny.dozor@pdp.gov.sk">statny.dozor@pdp.gov.sk</a>
b) request for information in accordance with the Act No. 211/2000 Coll.: <a href="mailto: info@pdp.gov.sk"> info@pdp.gov.sk</a>
c) website: <a href="mailto: webmaster@pdp.gov.sk"> webmaster@pdp.gov.sk</a>
d) for requests for information in accordance with the Act No. 211/2000 Coll. on freedom of information please use the online form.
e) the email address where the authority will provide you personal data protection advice. It is meant for children, adolescents, students, teachers, and parents who believe their personal information has been misused: <a href="mailto: ochrana@pdp.gov.sk"> ochrana@pdp.gov.sk</a>

A template for initiating a personal data protection proceeding can be found on the website of the Office
(https://dataprotection.gov.sk/uoou/sk/content/konanie-o-ochrane-osobnych-udajov).

Website security

Our website uses an encrypted SSL connection for any user connection and data transmission, which stops third parties from reading and altering sent data while it is being transmitted over the Internet. Personal data stored in the Controller’s databases is safeguarded by encryption and non-public access data in accordance with cutting-edge technical standards.

Back to homepage