Privacy Policy Statement

We process your personal data in a lawful manner, in accordance with applicable legislation, the Personal Data Protection Act and EU Regulation 2016/679 on the protection of natural persons in relation to the processing of personal data and on the free movement of such data.

1. IDENTIFICATION AND CONTACT DETAILS

COMPANY: E.W.S. s.r.o. 

Company Reg. ID: 46 542 604

Address: Engelsova 14

Prešov 080 01

Responsible person and personal Data Controller: Damián Miko

E-mail: damian.miko@ews-sk.com

This document describes how the Data Controller E.W.S. s.r.o., Engelsova 14, Prešov 080 01, ID No.: 46 542 604, registered in the Commercial Register of the District Court in Prešov, Section: Sro, File No.: 25766/P (hereinafter referred to as the "Data Controller") processes personal data. We process your personal data in accordance with the requirements of the GDPR, Act No. 18/2018 Coll. on the Protection of Personal Data and on amendments and supplements to certain Acts, as amended and other generally binding legal regulations.

2. DATA CONTROLLER

The Data Controller is:

Personal data is any information about an identified or identifiable natural person; an identifiable natural person is understood a natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as name, Identification No., Address, Birth ID No., Phone No., e-mail address consisting of the first or last name, location data, network identifier, etc. of such natural person.

3. RECIPIENTS OF PERSONAL DATA

Recipients or categories of recipients to whom data may be disclosed/communicated:

Public authorities, health insurers and others defined by relevant legislation; external Contractors in accordance with the Article 11 BDSG, external service providers, affiliated companies and internal departments for the fulfillment of their roles referred to in the paragraph 5.

GoDaddy.com, LLC., 2155 E. GoDaddy Way Tempe, AZ 85284 USA

MI:SU Design, s. r. o., Prostějovská 115, 080 01 Prešov

4. SOURCES AND CATEGORIES OF PERSONAL DATA PROCESSED

The Data Controller shall process personal data that you have provided to it or personal data the Data Controller has obtained based on the execution of your order.

The Data Controller shall process your identification and contact data and the data necessary for the execution of the Contract.

In particular, the Data Controller is entitled to process the following personal data of the Data Subject.:

• Address and Identification Data used to uniquely and unmistakably identify the Data Subject (e.g. Name, Surname, Title, permanent residence address, business address, delivery address, Reg. ID No., VAT No.) and contact details of the Data Subject (e.g. contact address, phone No., email address, etc.),
• Descriptive data (e.g. Bank Account No., order history),
• Photos, preview images, banners and videos,
• Data provided beyond the relevant laws processed within the scope of the consent provided by the Data Subject (e.g. use of personal data for the purpose of personnel management, use of personal data for advertising purposes, etc.),
• Personalized arrangements (preferences), including marketing settings and the use of cookies provided by the Data Subject,
• Other data necessary for the execution of the Contract,
• Other personal data provided by the Data Subject to the Data Controller.

5. PURPOSE OF THE PERSONAL DATA PROCESSING

The Data Controller processes the Data Subject's personal data for the purposes of:

1. A) Performance of a Contract, based on Art. 6 par. 1 letter b) GDPR,
2. B) Compliance with a legal obligation of the Data Controller established by a generally binding legal regulation, based on Art. 6 par. 1 letter c) GDPR (e.g. the Data Controller's obligation to keep accounting and tax documents),
3. C) Identification, enforcement or defense of the Data Controller's legitimate interests, based on Art. 6 par. 1 letter f) of the GDPR,
4. D) Delivery of commercial notices, based on Art. 6 par. 1 letter f) GDPR due to the existence of a legitimate interest of the Data Controller consisting in direct marketing,
5. E) Other marketing purposes of the Data Controller related to the offer of products and services; sending information about news (products, technologies, showrooms), company presentations (fairs, exhibitions), services, etc. (e.g. by sending newsletters, telemarketing); contacting for the purpose of market survey and marketing research; contacting to make wishes on important public holidays and delivery of gift vouchers, etc. based on Art. 6 par. 1 letter a) of the GDPR.

6. PERSONAL DATA RETENTION PERIOD

The company PGT, s.r.o. will destroy the stored data after the expiration of the period specified by law, the consent granted or if the data is no longer needed. Personal data will be processed only for the period necessary for the purpose of processing. With regard to the above mentioned:

The personal data will be processed pursuant to:

• letter A) above, until the termination of the obligations under the Contract (without prejudice to the option for the Data Controller to subsequently process personal data – limited to the extent required),
• letters B), C), D) and/or E) above,
• letter B) above; the personal data will be processed for the period of the relevant legal obligation of the Data Controller,
• letter C) above; personal data will be processed until the expiry of the 4th calendar year following the end of the guarantee period defined in the Contract (if a quality guarantee has been agreed in the Contract), but as a minimum until the expiry of the 5th calendar year following the expiry of the obligations arising from the Contract,
• If judicial, administrative or other proceedings has been started and continue, where the rights or obligations of the Data Controller in relation to the relevant Data Subject are disputed, the period of personal data processing shall not expire,
• letter C) above, before the conclusion of such proceedings,
• letter D) above; personal data will be processed for the purpose of the commercial communications delivery until the Data Subject expresses his/her opposition to such processing,
• letter E) above; the personal data will be processed for the period for which the Data Subject has provided his/her consent to the Data Controller based on to the separately provided consent to the processing of personal data. In such case, the Data Subject acknowledges that before the expiry of this period, the Data Controller may contact him/her to renew his/her consent.

7. USING LINKS TO SOCIAL NETWORKS

Our website may include the social networking features of Facebook and Instagram. The related services are provided by Facebook Inc. and Instagram (hereinafter "Providers").

Facebook is operated by the company Meta Platforms, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. An overview of Facebook buttons and their appearance can be found at: https://developers.facebook.com/docs/plugins

Instagram is operated by the company Meta Platforms, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. An overview of Instagram plugins and their appearance can be found at: https://developers.facebook.com/docs/instagram/embed-button

The link will tell the provider which of our websites you have visited. If you are logged into your Facebook or Instagram account while browsing our website, the provider can obtain information about your interests, i.e. information that you have accessed to via your user account. By using any of the linking functions (e.g. clicking the "Like" button, leaving a feedback), this information will also be transferred by the browser directly to the provider for retention.

For more information about Facebook's or Instagram's collection and use of data and the options available to protect your privacy in these cases, please refer to the provider's data protection/privacy notice:

Facebook's data protection/privacy notice:

http://www.facebook.com/policy.php

Instagram's data protection/privacy notice:

https://privacycenter.instagram.com/policy/?section_id=18-LegalBasisInformationConsent

If you want to prevent Facebook or Instagram from linking your visit to our site to your user account, you must log out of the respective user account before accessing our site.

8. YOUR RIGHTS

1. Pursuant to the conditions stipulated by the Act, you entitled to:

• access your personal data in accordance with Article 21 of the Act,
• rectification of your personal data in accordance with Article 22 of the Act, or restriction of its processing in accordance with Article 24 of the Act,
• require erasure of your personal data pursuant to Article 23 of the Act,
• the right to object to processing in accordance with Article 27 of the Act,
• data portability in accordance with Article 26 of the Act,
• withdraw your consent for personal data processing in writing or electronically, submitting the notice to the postal or email address of the Data Controller.

You can withdraw your consent to the processing or use of your personal data at any time with effects for the future. You can send an e-mail to damian.miko@ews-sk.com or a letter to the address: Engelsova 14, 080 05 Prešov.

Furthermore, you have the right to lodge a complaint with the Data Protection Authority if you believe that your right to data protection has been violated.

9. CONCLUSION

You agree to these terms and conditions by ticking the consent box in the online form. By ticking the consent box, you confirm that you are acquainted with the privacy policy and that you accept it in its entirety.

These rules shall apply to Data Subjects, unless otherwise agreed between the third party and the Data Controller. The Data Controller reserves the right to modify these privacy and data protection policies at any time and in any manner and the current version will always be posted on the website www.ews-sk.com.