Consent with processing of personal data pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) and Act No. 18/2018 Coll. on personal data protection and on amendment and supplement to certain acts.
The company IMS GROUP, s.r.o., Mlynská 6/B, 934 01 Levice, Company ID No.: 44 710 411, Tax No.: 202 279 5269, VAT No.: SK 202 279 5269 under Section 4 of the law, Registered with: the BR of the District Court of Nitra, Section: Sro, Insert No.: 24223/N, as the Controller (hereinafter referred to as the “Controller”) informs you on the way and extent of processing your personal data, and on the rights you have as the Data Subject of the personal data processed by the Controller.
The Data Subjects whose personal data the Controller processes may be, in particular, customers, potential customers (especially, the visitors of web sites and users of other communication and business channels of the Controller), employees of the Controller, authorised third parties and any other persons whose personal data are being processed by the Controller based on legitimate interest.
The personal data are being processed in the extent you (the Data Subject) provided to the Controller in connection with conclusion of a contractual or other legal relationship with the Controller, or which the Controller acquired otherwise and processes them in line with the valid and effective regulations or in order to fulfil its legal obligations. The Controller acquires the personal data directly from the Data Subjects, third parties or from public databases.
The Controller processes the personal data of the customers in the extent:
Natural Persons: name, surname, birth certificate number, national ID No., EU health insurance ID No., address of residence, mailing address, phone number, e-mail address, name of bank, account number, and cookies
Legal Entity: business name, invoicing address, Company ID No., Tax No., VAT No., mailing address, name and surname of the contact person, phone number, e-mail address, name of bank, account number, and cookies
The Controller processes the personal data for the purposes of:
The Controller will not provide the personal data to third parties, with the exception of:
The personal data which you provide to the Controller by the registration form or direct order need to be true. In case of any changes thereof, you have to notify the Controller without undue delay.
The protection of your personal data is being governed by the provisions of the personal data protection laws, with your rights being regulated by the Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, like the right to demand in writing the following:
Right of Access – You have the right to obtain from us copies of the personal data we have on you, as well as information on how we are using them. In most of the cases, your personal data will be provided to you in writing, unless you request otherwise. In case you requested the information by electronic means, it will be provided electronically to you, if technically possible.
Right to Rectification – We adopt adequate measures in order to ensure all the information we have on you are accurate, complete and up to date. If you believe that the data we have on you are inaccurate, incomplete or not up to date, please, contact us so we can adjust it, update it or complete it.
Right to Erasure – Under certain circumstances, you have the right to ask us to erase your personal data, like in case the personal data we acquired on you are no longer necessary in relation to the purpose for which they were collected, or if you withdraw consent on which the processing is based. However, your right needs to be assessed from all relevant aspects. For example, we may be under certain legal and regulatory obligations, what means that we will not be able to comply with your request.
Right to Restriction of Processing – Under certain circumstances, you have the right to ask us to stop processing your personal data. Those are cases like when you believe that the personal data we have on you may be inaccurate or that we no longer need to use such personal data.
Right to Data Portability – Under certain circumstances, you have the right to ask for the transfer of the personal data you provided to use to a third party of your choice. However, the right to data portability concerns only the personal data we acquired from you upon your consent or the agreement you are party of.
Right to Object – You have the right to object to processing of the data on grounds of our legitimate justified interests (for example, we process the personal data for purposes of network and infrastructure security). In case we do not have a convincing legitimate justified reason to process the data and you object to it, we will stop processing your personal data.
Rights Related to Automated Decision-Making – You have the right not to be subject to a decision based on automated processing, including profiling, which produce legal effects concerning you or similarly significantly affect you. The company usually does not use automated decision-making or profiling at employing persons.
Right to Withdraw Consent – In most cases, we do not process your personal data based on your consent. However, we may ask for your consent to do so. In such cases, you have the right to withdraw your consent with processing your personal data.
Right to File Complaint – If you wish to file a complaint about the way we process your personal data, including the aforementioned rights, you can send an e-mail to: firstname.lastname@example.org or mail letter to the mailing address of the Controller.
If you are not happy with our answer or believe that we process your personal data unjustly or illegally, you can file a complaint with the supervisory authority, which is the Office for Personal Data Protection of the Slovak Republic, https://dataprotection.gov.sk, Hraničná 12, 820 07 Bratislava 27; Phone No.: +421/2 32 31 32 14; E-mail: email@example.com.
The Controller with store the personal data in line with the law on archives and registries, the law on bookkeeping and VAT, i.e. for 10 years after the respective year (the year of issue of the last invoice).
The Controller shall archive the personal data used for marketing purposes for 10 years after acquiring consent of the Data Subject, or until the consent is withdrawn.
The Controller processes the personal data of the Data Subjects with their consent, with the exception of cases when a consent is not legally required. In case the Controller processes the personal data based on consent, the Data Subject is entitled to withdraw the consent at any time. Withdrawal of the consent, however, does not affect the legality of personal data processing based on the consent prior to the withdrawal. The consent may be withdrawn in writing – by e-mail or mail letter sent to the mailing address of the Controller.
The Data Subjects may ask for correction of their personal data, for processing restriction or erasure in writing by e-mail or mail sent to the mailing address of the Controller.