INFORMATION ON THE PROCESSING AND PROTECTION OF PERSONAL DATA
Our approach to the protection of your personal data is extremely responsible and we place great emphasis on it. We rely on Act No. 18/2018 Coll. on the protection of personal data and on the amendment of certain regulations (hereinafter referred to as the "Act on the Protection of Personal Data") and REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL (EU) 2016/679 (hereinafter referred to as GDPR).
When processing your personal data, we pay attention to the principles of legality, limitation of the purpose of personal data, minimizing the scope of storage, correctness, integrity, confidentiality and responsibility.
1. Controller of personal data
Company name: CeMS
Headquarters: Snežienkova 1/A, Prievidza 971 01, Slovakia
ID: 35891823
VAT ID: 2021849049
Statutory body: Mr. Adrian Kubinec
Mr. Denis Barborík
2. DPO
Due to the subject of our activity, our company is not obliged to establish and publish the contact details of the DPO. In case of any questions regarding the processing of your personal data, you can contact us at info@cems-en.com.
3. Reason for processing personal data
Securing our services:
The company processes the provided personal data in the scope of: natural persons (title, first name, surname, address, e-mail address, telephone, bank connection) legal entities (business name, registered office address, ID number, VAT number, e-mail, telephone, bank connection), employees of legal entities (title, first name, last name, e-mail), for several purposes: records of contracts, including pre-contractual relations (price offers), records of incoming and outgoing mail, processing of accounting documents as a follow-up to accounting for keeping a complete accounting agenda, issuance of certificates and certificates, processing of presentation documents.
The processing of your personal data is part of our activity. Without the provision of personal data and without their processing, we would not be able to provide our services to customers and other interested parties in the required scope and quality.
Website visit
When you visit our website, for security reasons, our web servers always store the connection data of the computer connecting to our website, the list of websites you visit within our website, the date and duration of your visit, the identification data of the type of browser and operating system used, as well as website through which you connect to our site.
Online chat / contact form
Online chat ensures communication with the customer in the form of online chat. It serves to provide information to customers. In order to send you the information you are interested in, we need to store your name, email and phone number.
Marketing activity
Email communication (newsletter):
We only send email information based on consent and to customers CeMS based on legitimate interest to provide them with the most up-to-date relevant information. In both cases, you can revoke your consent at any time by clicking on Unsubscribe in every email you receive from us and at the bottom of the cems.sk page, or you can contact us by email: info@cems-en.com.
Photos from the training:
We only create photos of customers from our training if we have the consent of the training participants. You can revoke your consent at any time at: info@cems-en.com.
4. Legal basis for processing personal data of interested persons:
Our company operates in accordance with Act No. 18/2018 Coll. on Personal Data Protection and Amendments to Certain Regulations (hereinafter referred to as the "Personal Data Protection Act") and REGULATION OF THE EUROPEAN PARLIAMENT AND COUNCIL (EU) 2016/679 (hereinafter referred to as GDPR).
The legal basis for processing personal data is:
5. Beneficiaries
To provide some services, the company needs to know some personal data of data subjects and needs to provide them to other recipients in order to fulfil legal obligations and provide services of the highest quality.
In addition to its business activities, the company cooperates with several intermediaries who take care to provide services of the highest possible quality.
The company honestly declares that, when selecting individual intermediaries, it pays attention to their professional, technical, organizational and personnel competence and their ability to guarantee the security of processed personal data by means of security measures adopted in accordance with the Personal Data Protection Act.
When choosing a suitable intermediary, the company proceeded in such a way as not to jeopardize the rights and legally protected interests of the data subjects.
The company entered into an agreement with intermediaries pursuant to Art. 28 paragraph 3 of the Regulations of the written contract on ensuring the protection of personal data processed by intermediaries, who have been entrusted with the processing of personal data of data subjects to the extent, under the conditions and for the purpose agreed in the contract and in the manner according to the Personal Data Protection Act.
6. Automated individual decisions, including profiling
Cookies:
To ensure the proper functioning of this website, we sometimes store small data files, so-called cookies, on your device.
Most Internet browsers accept cookies, but visitors have the option to delete them or reject them automatically. Because every browser is different, visitors can set their cookie preferences individually using their browser's toolbar. If you decide not to accept cookies, you will not be able to use some functions on our website. See more about cookies. Cookies policy on our website.
more information about managing cookies in your browser's help or via websites such as www.allaboutcookies.org
Google Adwords a Google Analytics:
The company uses Google AdWords, through which it has the opportunity to create online advertisements and reach people just when they are interested in the products and services provided by the company. Remarketing features in AdWords allow us to reach people who have visited our website in the past and enables display of ads in search. Dynamic remarketing allows users to see ads for products or services they have viewed in the past. Cookies, ensuring remarketing codes, can be disabled by website visitors by appropriate browser settings.
Google Analytics only for anonymized detection of site traffic.
7. Conditions and method of processing personal data of data subjects
The company does not publish processed personal data. The only exception can be the request of a special legal regulation or a decision of a court or other state body.
The company will not process your personal data without your consent or other lawful legal basis for a purpose other than that stated.
8. Storage period of personal data of data subjects
It is determined according to the specific purpose of processing personal data and according to the requirements of special regulations.
Specifically, the retention period is prescribed by the company's internal regulation, the Registry Plan, drawn up in accordance with the Act on Archives and Registries.
The company securely disposes of all personal data whose processing purpose and retention period have ended. After the end of the defined purpose, the company is authorized to process personal data to the extent necessary for research or statistical purposes in their anonymized form.
The company ensures the processing of personal data of data subjects in a form that enables the identification of individual data subjects for a period not longer than is necessary to achieve the purpose of processing.
In the case of processing personal data for which consent to the processing of personal data has been granted, your data will be processed for a period of 5 years or until your consent is revoked.
9. Transfer of personal data to third countries
The company does not transfer personal data to third countries and international institutions.
10. Rights of the data subject associated with the processing of his personal data
Based on a written request, the data subject may exercise the following rights in all forms of personal data processing (legal obligation, consent of the data subject, legitimate interest, contractual relationships):
Based on a written request, the data subject has the following right (in case of consent to the processing of personal data and contractual relationships):
Based on a written request, the data subject has the following right (in case of legitimate interest):
In the event that the data subject does not have the capacity to perform legal acts, his or her rights may be represented by a legal representative. After the death of the data subject, his/her rights can be exercised by a close person.
According to the Personal Data Protection Act, the company will handle the data subject's request free of charge, except for payment in an amount that cannot exceed the amount of material costs incurred for the purpose of making copies, supplying technical media and sending information to the data subject, unless a special law provides otherwise.
The company is obliged to process the data subject's request in writing no later than 30 days from the date of delivery of the request.
The company is obliged to notify the data subject of a breach of personal data protection without undue delay if such a breach of personal data protection may lead to a high risk for the rights of the data subject.
As a data subject, you have been informed by the company about the protection of your personal data. You have also been informed about your rights in relation to the protection of personal data.