Privacy Policy

1.  
2. Privacy policy

Following informations are about processing of a personal data pursuant to section 13 and following relevant sections of regulation of the European Parliament and of the Council (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“the Regulation“) pursuant to §19 of act 18/2018 Z. z. on Protection of personal data (“the Act“)

The object of this text is to inform data subjects about processing and protection of their data which are provided to us as an controlers.

Controller:

Davis & Morgan a.s., Račianska 88 B, 831 02 Bratislava,
Identification number (IČO): 47 350 156, registered in the Business Register of the City Court Bratislava III, Insert no.: 5819/B
("D&M").

Phone: +421 2 38105122
Email: info@davismorgan.sk
Webpage: www.davismorgan.com

Data subject

Data subject is each natural person which is providing controller with personal data in accordance to usege of controllers services or with showed insterest to use controllers services. Natural person which is acting in the name of legal person is also considered as an data subject if the natural person is providing its personal data in order to use services of the controller or when showing a insterest to use controllers services.

Personal data

Personal data are any information, which identify the data subject or data that can make the data subject identifiable.

Amount and list of processed personal data is arising from particular contractual or precontractual relationships or are setted by data subject in a given consent.

Controller is collecting personal data straight from the data subject or from the third parties, which are providing controller with data about the data subject. (E. g. Government bodies, legal representative or agent).

Extent of processed personal data

Extent of processed personal data depends on a data subjects request adressed to the controller.

After ordering the service through the controllers webpage, controller is requesting personal data from data subject according to the request in extent of name, surname, phone number and email adress.

Depending on type of provided service, except aforementioned data, controller can also process: adress, nationality, date of birth, identification number, ID card and data stated on it, facial images, place of birth, name and surnames of mothers and fathers and surname of mother before marriage.

Purpose of usage of personal data

Controller is processing and using data subjects personal data for various purposes according to undermentioned legal basis.

1. Protection of communication between controller and data subject
   
   
   • Protection of communication through controllers customer form, which is published on controllers website, used for data subjects request execution and communication with data subject. In this case controller is processing personal data in extent of: name, surname, e-mail adress or phone number. Data subject agrees with the processing of personal data by filling and sending of the customers form.
   • Sending information about controllers working positions to data subjects, which are interested in employement with controller.
   
   
2. Performance of the contract, where a party of the contract is the data subject or when its needed to perform precontractual action due to the data subjects request.
   
   
   • Signing of the contract between controller and data subject and for proper performance by both contractual parties.
   • Before signing the contract, for purposes of data subjects request execution, related to provided controllers services, sended by the customers form or e-mail.
   
   
3. Securing of controllers legitimate interests
   
   
   • Exaction of demands arising from contract between controller and data subject
   • Cookies usage without profiling of data subject and without identification of connection between data subject and certain IP adress.
     You can find more information about cookies HERE.
   • For marketing purposes, especially for controller service advertaising
   
   
4. Fulfilling statutory duties
   
   
   • Collector is processing personal data in compliance with relevant legal acts which are setting out duty to retain personal data or documentation, which contains personal data, especially when its personal data of data subject stated in contract, request or invoice within collectors accounting reports or collectors internal trade database. It can be for example personal data, which collector is obliged to transfer to national authorities or public authorities, which are performing supervision of collectors, subjects resolving disputes or executing decisions.
   
   

Period of personal data retention

Collector is retaining and archiving personal data of data subject for period of time agreed in the consent or for period stated in legal acts.

If data subject and collector have signed a contract, processed data are retained for period of contracts validity and usually for 5 years after the termination of contract.

Disclosure of personal data to third parties

Collector can disclose data person‘s personal data to another trustworthy persons if it‘s necessary for contract performance or data person gave consent to dislosure.

Such persons are for example lawyer's office, notary office, bank, provider of accounting services, creator, operator or administrator of collectors website and IT services provider. Third parties can use the personal data only for actions related to the object of the contract or to provide another services to the collector or data subject.

Disclosure of personal data to third countries and international organizations

Collector is not disclosing processed personal data to third country subjects or international organizations.

Rights of data subject related to personal data processing

• Data subject should have the right to access to the processed data. That means he has a right to ask collector for a confirmation, whether collector is processing its personal data. If collector is processing data person‘s personal data, he shall issue a copy of the personal data, if requested. Issuance of the first copy is for free and each next requested issuance data subject can be charged for appropriate administrative expenses which arise from issuance of the copy. Data subject can ask for aforementioned online. In this case information will be disclosed to data subject by an e-mail, if different way wasn‘t requested.
• Data subject should have the right to have personal data concerning him or her rectified. This is concerning the case where collector has inaccurate personal data ,about data subject, in his evidence. The data subject also shall have the right to have incoplete personal data completed. Collector performs rectification or completion after receiving request or notice by data subject.
• Data subject has right to erasure of its personal data. Data subject is entitled to erasure if personal data were processed illegaly, personal data were ,personal data were collected when services were provided to person younger than 16 years old without authorisation by holder of parental responsibility, personal data are no longer needed for purposes for which they were collected or processed, data subject withdraws the consent, data subject is objecting collecting of personal data, or data subject fulfilled conditions for erasure arising from legal acts or international treaties which are binding for Slovak Republic. Erasure is executed by collector based on the request from data subject, if request is evaluated as reasonable. Erasure is not executed, if collecting is needed to comply with legal acts or international treaties which are binding for Slovak Republic, comlying with task performed in the public interest or for by public authority given to collector to secure public interest in area of public health, archivation purposes, statistic purposes and for identification or for enforcement of legal claims
• Data subject should have the right to transmit processed personal data to another collector after current collector provided him or her with the personal data in commonly used, readable format. This is possible when the personal data were collected in pursuance of the contract or the consent of data subject and processing was made by automated means.
• Data subject should have the right to restrict processing of his or her personal data if collector does’t have legal reason for processing and data subject is demanding not prohibition but restriction of personal data processing.
• Data subject should have the right to withdraw his or her consent at any time if personal data were processed based on date person’s consent.
• Data subject should have right to bring proceeding before Personal Data protection office of the Slovak Republic according to §100 of the Act.
• Data subject should have right to object processing of personal data according to §27 of the Act
  • collector is processing personal data for direct marketing purposes or profiling in extent which is related to direct marketing. In this case collector shall not process personal data
  • Data subject doesn’t enjoy the right when collecting is needed to perform tasks in public public interest or when personal data are collected for scientific, statistic or historical research purposes
  • delivered objection shall be reviewed by collector when he doesn’t demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims, he shall not process personal data no more.

Data subject can contact or inform collector, about collecting his or her personal data, on webpage info@davismorgan.sk.