according to Articles 12, 13, and 14 of the GDPR (hereinafter as the “Information”)
The information describes how the controllers Continium Technologies s.r.o., with its registered office at Moyzesova 24, 04 001 Košice, Slovakia, ID number: 53 614 836, registered with the Commercial Register of the District Court Kosice I, Section .: Sro and Continium Technologies UG & Co. KG, with its registered office Krankenhausstr. 36, D-83043 Bad Aibling, Federal Republic of Germany, ID number: HRA 12346, registered with the Commercial Register of the District Court Traunstein Nr. HRB 24604 (hereinafter as “controllers”) processes personal data obtained through the contact form on the website www.continiumtech.com. If something from this Information is unclear or incomprehensible to you, we will be happy to explain any term or part to you. We process personal data in accordance with the requirements of the GDPR, Act no. 18/2018 Coll. on the protection of personal data and on the amendment of certain laws as amended and other generally binding legal regulations.
1. BASIC TERMS
a. Personal data - any information concerning an identified or identifiable natural person, such as name, surname, date of birth, birth number, telephone number, e-mail address, IP address, etc.
b. GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46 / EC (General Data Protection Regulation).
c. Data subject - a natural person to whom personal data relate.
d. Personal data processing - the activity or processing operations that the controller or processor carries out with personal data.
e. Controller - a natural person or legal entity that determines the purpose and means of personal data processing.
f. Purpose of personal data processing - a clearly defined or established intention to personal data process, which is linked to a certain activity.
g. Legitimate interest - the interest of the controller or of a third party which implies the need to process personal data if it does not outweigh the interests or fundamental rights and freedoms of the data subject.
h. Recipient - a natural or legal person, public authority, agency or other subject to which personal data are provided.
i. Client - a natural person to whom we provide a service.
2. PERSONAL DATA CONTROLLER
The joint controllers of personal data are:
|Continium Technologies s.r.o.
|limited liability company
|53 614 836
|Moyzesova 24, 04 001 Košice, Slovak Republic
|Continium Technologies UG & Co. KG
|Krankenhausstr. 36, D-83043 Bad Aibling, Germany
3. PURPOSES AND LEGAL BASIS OF PROCESSING
|Creating a communication channel between the potential client and the operators via a web form.
|Depending on the content of the query: Article 6 (1), letter b) GDPR - processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract. Article 6 (1), 1 letter f) GDPR - legitimate interest of controllers in the processing of data of persons who contacted them in the event that no contract is concluded.
4. LEGAL INTERESTS OF THE CONTROLLER OR A THIRD PARTY
|Processing of personal data of persons who have contacted the controllers throught a web form.
|Controllers have a legitimate interest in the personal data processing of persons who have contacted them through a web form published on the website. The data subject shall voluntarily provide the data to the controller in order to establish contact. If no contract is concluded between the natural or legal person and the controller, the processing shall be based on the legitimate interest of the controllers.
5. BENEFICIARIES AND TRANSFER TO A THIRD COUNTRY
The data obtained through the web form shall not be made available by the joint controllers to any recipients and shall not be transferred to a third country or to an international organization.
6. STORAGE PERIOD
We store personal data in a form that allows identification for a maximum period of time that is necessary to achieve the purpose for which the personal data are processed. The data will be kept for the duration of the contractual relationship with the controller until the expiry of the limitation periods from the contractual relationship or until the end of the settlement of the demand, in the event that the contractual relationship is not concluded.
7. RIGHTS OF THE DATA SUBJECT
The data subjects have the following rights:
a. Information on the personal data processing
The content of the information includes in particular the identity and contact details of the controller, processing purposes, categories of personal data concerned, recipient or categories of recipients of personal data, information on personal data transfers to third countries, storage period, authorized controllers, list of your rights, possibility to contact Office for Personal Data Protection of the Slovak Republic, source of processed personal data, information on whether and how automated decision-making and profiling occurs.
b. Right of access to personal data
You have the right to confirmation whether or not personal data are being processed and, if so, you have the right to access information on the purposes of the processing, the categories of personal data concerned, recipients or categories of recipients, storage period of personal data, information on your right to submit complaint to the Office for Personal Data Protection of the Slovak Republic, information on the source of personal data, information on whether there is automated decision-making and profiling, information and guarantees in case of transfer of personal data to a third country or international organization. You have the right to be provided with a copy of the personal data processed.
c. Right of correction
The data subject has the right to correction incorrect personal data. With regard to the purpose of the processing, the data subject has the right to supplementation incomplete personal data, including by providing a supplementary declaration.
d. Right to erase (right to be forgotten)
In some cases stipulated by law, we are obliged to delete the personal data of the data subject. However, each such request is subject to an individual assessment of whether the conditions are met, because, as the controller, we may be bound by a legal obligation or we may process personal data on the basis of a legitimate interest. If our legitimate interest (or the legitimate interest of a third party) outweighs the interests of the data subject, we are entitled to further process the personal data for the purpose in question.
e. Right to restriction of the processing
The data subject may request the controller to restrict the processing of personal data if any of the following situations occurs:
- the data subject has denied the accuracy of the personal data for the time necessary for the controller to verify the accuracy of the personal data;
- the processing of personal data is unlawful, but the data subject refuses to delete the data and instead requests a restriction on their use;
- the controller no longer needs the personal data for the purposes of processing, but requests the data subject to determine, enforce or defend legal claims;
- the data subject has objected to the processing of personal data in specific situations under the GDPR (public interest task, legitimate interest of the controller or profiling), until it is verified that the legitimate interests of the controller outweigh the legitimate interests of the data subject.
f. Right to data portability
If the data subject requests that we transfer his personal data to another controller, we shall transfer the personal data in the appropriate format, unless we are prevented from doing so by any legal or other significant obstacles, to the designated entity.
g. The right to object to automated individual decision-making
The data subject may at any time object to the processing of personal data by the controller for the purposes of direct marketing carried out on the basis of a legitimate interest of the controller and whenever we process personal data on the basis of a legitimate interest or public interest, including profiling.
h. Consent-based processing (right to withdraw consent)
Where the processing is based on the consent of the data subject within the meaning of Article 6 (1), 1 letter (a) of the GDPR or Article 9 (1); 1 letter a) of the GDPR, the data subjects have the right to withdraw their consent at any time. Such withdrawal of consent shall not affect the lawfulness of processing based on the consent given prior to its withdrawal.
i. The right to submit a proposal, complaint, complaint to the supervisory body
The data subjects may at any time file a proposal, initiative or complaint regarding the processing of personal data with the supervisory body, which is the Office for Personal Data Protection of the Slovak Republic, with its registered office at Hraničná 12, 820 07 Bratislava 27, Slovak Republic, tel. no .: +421/2/3231 3220, website: www.uoou.sk.
Deadline for reply
We will provide a statement and, if necessary, information on the measures taken as soon as possible, but no later than within one month. We are entitled to extend the deadline by two months if necessary and due to the complexity and number of applications. We will inform the data subject about the extension of the deadline, including the reason.
The individual rights may be exercised by the data subjects with the controller by e-mail address: peter.hospodar(at)continiumtech.com or in writing to the correspondence address: Krankenhausstr. 36, D-83043 Bad Aibling, Germany.
We provide all notices and statements about the exercised rights free of charge. However, if the request is manifestly unfounded or disproportionate, in particular because it is repeated, we are entitled to charge a reasonable fee taking into account the administrative costs or to refuse to act on the request. In the case of repeated applications for copies of processed personal data, we reserve the right to charge a reasonable fee for administrative costs.
8. PROVISION OF PERSONAL DATA
The provision of personal data to the web form is voluntary, and therefore the provision of data to us as the controller, as we are a private entity, is not a legal requirement. If you are interested in concluding a contract with us, the provision of personal data may be necessary for the conclusion of a contract. In this case, the provision is a contractual requirement. The data subject is not obliged to provide his personal data, he provides it voluntarily. Refusal to provide personal data does not have negative consequences for the data subject.
9. AUTOMATED DECISION-MAKING AND PROFILING
The controller does not use the so-called automated individual decision-making, including profiling.
10. PROCESSING FOR ANOTHER PURPOSE
When processing, we respect the principle of limiting the purpose limitation, it means that we process data only on the basis of a specified, explicitly stated and legitimate purpose, except in the case of processing for a compatible purpose. Processing for another purpose may also be based on the consent of the person concerned, European Union law or the law of Slovak Republic. To find out whether another purpose is compatible with the purpose for which the personal data were originally obtained, before processing, we perform the so-called compatibility test, in which we take into account:
a. any link between the purposes for which the personal data were obtained and the purposes of the intended further processing;
b. the circumstances in which the personal data were obtained, in particular as regards the relationship between the data subjects and the controller;
c. the nature of the personal data, in particular whether specific categories of personal data are processed pursuant to Article 9 of the GDPR or personal data relating to the criminalization of criminal offenses and offenses pursuant to Article 10 of the GDPR;
d. the possible consequences of the intended further processing for the persons concerned;
e. the existence of adequate safeguards, which may include encryption or pseudonymisation.
11. OVERVIEW OF SELECTED LEGISLATION IN THE FIELD OF PERSONAL DATA PROTECTION
- Charter of Fundamental Rights of the European Union (Article 8);
- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46 / EC (General Data Protection Regulation);
- Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications) (consolidated version);
- Act no. 351/2011 Coll. on electronic communications, as amended;
- Constitution of the Slovak Republic (published under No. 460/1992 Coll.);
- Act no. 18/2018 Coll. on the protection of personal data and on the amendment of certain laws as amended;
- Decree no. 158/2018 Coll. Office for Personal Data Protection of the Slovak Republic on the procedure for assessing the impact on personal data protection.
12. CHANGES TO THE RULES FOR THE PROCESSING OF PERSONAL DATA
We are entitled to change the wording of these rules for the processing of personal data, especially in the case of the need to incorporate legislative changes or changes in the purpose and means of processing. In the event that there are changes in the rules of personal data processing that would be capable of affecting the rights of the data subjects, we will notify them in a suitable manner in good time.
This document is regularly updated.
Last update: 21.02.2021