1 INFORMATION ON THE PROCESSING OF PERSONAL DATA (“PII”)
Information and instruction on the rights under Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, as well as under the provisions of Act No. 18/2018 Coll. of 29 November 2017 on the protection of personal data and on amending and supplementing certain acts, as amended.
registered at the District Court in Žilina, Section: Sro, Entry No.: 20125/L
with place of business Buffalo Wings & Pub Martin, Na Bystričku 37, 036 01 Martin
ID: 533 393 47
Contact details: e – mail/phone number: firstname.lastname@example.org | +421 905 760 777
We follow the rules and therefore the protection of your IP is important to us. We process your personal data in accordance with these terms and conditions. By giving your consent to the processing of your Personal Data on the www.buffalowingsmartin.sk portal, you are giving your consent as a serious and freely given, specific, informed and unambiguous indication of the data subject’s wishes in the form of an unambiguously confirmatory act within the meaning of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27. April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and also according to the provisions of Act No. 18/2018 Coll., of 29 November 2017 on the protection of personal data and on amending and supplementing certain acts, as amended, to the controller (hereinafter referred to as the “GDPR and the ACT”).
2 PURPOSE OF THE PROCESSING OF THE DATA
If you have contacted us, used one of our services or are a visitor to our website buffalowingsmartin.sk . We hereby inform you what we do with your OU.
2.1 Contact form
We work with personal data name and surname, email, phone number
2.2 Online environment
LinkedIN: https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy Google: http://www.google.com/intl/de/policies/privacy
If you do not want social networks to collect data about you, please do not click on the aforementioned logos. The controller processes the personal data of the data subjects to the extent specified in the relevant legislation, contracts and other documents of the controller.
3 THIRD PARTIES
Your personal data may be disclosed to third parties such as courts, state and public authorities, notaries, or our intermediaries, technical support providers, providers of data analysis, processing and storage tools
(Google Analytics, Adwords), software providers (Microsoft, Google), social networks such as Facebook, Instagram, LinkedIn. At the company, we take care to minimize the disclosure of your personal data. Where we process PII through intermediaries, we ensure that we choose intermediaries that meet the requirements of the GDPR i.e. technical, organisational and personnel.
4 PROCESSING PERIOD
The data subject consents to the processing of personal data from the date of consent in accordance with these terms and conditions. For a period of 5 years and within the meaning of specific regulations (Accountancy Act).
5 TRANSFER TO A THIRD COUNTRY
The controller does not intend to transfer the PI to a third country or international organisation, including the identification of the country or international organisation. However, some of the recipients may have servers located outside the EU (Google, LinkedIN, Facebook). These servers may be located in the United States of America (USA). Companies based in the US that have access to OU are certified under a privacy protection scheme called v Private Schields and are considered to provide an adequate level of protection. This transfer only takes place subject to strict compliance with the GDPR.
6 AUTOMATED PROFILING
The controller processes the PI in paper and electronic form. In order to improve the quality of marketing campaigns, the controller uses automated profiling. By profiling, we segment the offer(s) that may be of interest to you and are more profitable for you. In the case of profiling, we use the following systems Google Adwords, Facebook Pixel. Consent is not required for basic statistical data collection, e.g. by using the Google Analytics measurement code.
7 IP ADDRESS
Is a set of numbers uniquely identifying a device on a computer network. An IP address can be regarded as data relating to an identifiable person from a data protection perspective. An IP address becomes personal data if:
The IP address is personal data if it is processed by the ISP together with another identification (name, email…),
static IP addresses used by natural persons/individuals are to be considered as personal data,
a dynamic IP address will be considered as personal data if other identifiers considered as personal data (e.g. first name, last name, email, etc.) are processed by the online service provider together with the dynamic IP address.
In the case of storing the IP address on a website (e.g. WordPress editorial system for comments), it is necessary to choose an appropriate processing purpose or to use pseudonymisation.
8. SECURE DATA TRANSFER
Your personal data is transmitted securely thanks to encryption. The SSL (Secure Socket Layer) encryption system is most commonly used for secure communication with web servers. The personal data in our systems as well as the website are secured by appropriate technical and organisational measures against loss, destruction, alteration and further dissemination of data by unauthorised persons.
9 RIGHTS OF THE DATA SUBJECT
The data subject has the right under the GDPR to (i) the right to rectification, (ii) the right to erasure, (iii) the right to data portability, (iv) the right to object, (v) the right to withdraw consent, (vi) the right of access to information.
Right to rectification.
The data subject shall have the right to have incorrect personal data concerning him or her rectified by the controller without undue delay and to have incomplete
Right to erasure.
The data subject shall have the right to have the controller erase the personal data concerning him or her without undue delay. The controller is obliged to erase such PII without undue delay if one of the following grounds is met:
- The PII is no longer necessary for the purpose for which it was obtained or processed,
- the data subject withdraws consent to the processing of the PII for at least 1 specific purpose, or the consent is invalid if its provision is precluded by a specific regulation,
- the data subject objects to the processing of PI for the purpose of direct marketing, including profiling to the extent that it is related to direct marketing,
the processing of PI is unlawful,
- the reason for erasure is the fulfilment of an obligation under this Act, a special regulation or an international treaty to which the Slovak Republic is bound,
the personal data was collected in connection with the offer of information society services and the data subject is under 16 years of age. If the controller has disclosed the PII and is obliged to erase it, the controller is also obliged to take appropriate security measures, including technical measures, taking into account the available technology and the cost of implementing them.
To that end, it shall also inform other controllers who process the data subject’s PII of the data subject’s request that those controllers erase references to his or her PII and copies or copies thereof.
Right to data portability.
The data subject shall have the right to obtain the personal data concerning him or her which he or she has provided to the controller in a structured, commonly used and machine-readable format and shall have the right to transfer such personal data to another controller if technically feasible and if: – the personal data are processed on the basis of the consent of the data subject, on the basis of a contract and on the basis of the consent of the data subject, which shall be null and void if the provision of such consent is excluded by a specific regulation, – the processing of the personal data is carried out by automated means.
Right to object
The data subject shall have the right to object to the processing of personal data concerning him or her for the purpose of direct marketing, including profiling to the extent that profiling is related to direct marketing, the controller shall explicitly inform the data subject of his or her rights at the latest at the time of the first communication with him or her, and this right shall be clearly and separately stated from any other information. The data subject may exercise his or her right to object by automated means using technical specifications.
Withdrawal of consent
The data subject shall have the right to withdraw consent to the processing of personal data concerning him or her at any time. Withdrawal of consent shall not affect the lawfulness of the processing of personal data based on consent prior to its withdrawal; the data subject must be informed of this fact before consent is given. The data subject may withdraw the consent in the same way in which he or she gave the consent.
Right of access to information
The data subject shall have the right to obtain confirmation from the controller as to whether the personal data relating to him or her are being processed. If the controller processes such PII, the data subject has the right to obtain access to and information about that PII:
- the purpose of the processing of the PII,
- the category of PII processed – in our case, this is ordinary PII, the controller does not process a special category of PII,
the identification of the recipient or the category of recipient to whom the PII has been or is to be disclosed, in particular a recipient in a third country or an international organisation, if possible, – the retention period of the PII; if this is not possible, information on the criteria for determining it,
- the right to request the controller to rectify, erase or restrict the processing of personal data relating to the data subject, or to object to the processing of personal data,
- the right to bring an action, the source of the personal data, if the personal data were not obtained from the data subject,
- the existence of automated individual decision-making, including profiling, in these cases, the controller shall provide the data subject with information, in particular on the procedure used, as well as on the significance and foreseeable consequences of such processing of the personal data for the data subject
The controller shall provide the information on the basis of this request within 30 days of receipt of this request. The controller may extend this period by a further 60 days, and shall inform the data subject of the postponement. The controller may charge a reasonable fee corresponding to the administrative costs for the repeated provision of the PI requested by the data subject. The controller shall provide the data subject with a response in the manner requested by the data subject or as requested by the data subject
Right to bring proceedings by the data subject
The data subject may bring an action within the meaning of Section 100 of the Act if he or she feels that his or her rights have been affected. The petition must contain: – details of the petitioner – against whom the petition is directed with the subject matter of the petition with an indication of the rights alleged to have been violated in the processing of personal data – evidence to support the allegations. A template of the petition will be published on the website of the Office for Personal Data Protection, Hraničná 12, 820 02 Bratislava. The Office will consider the complaint within 30 days, make a decision within 90 days or may extend the time limit accordingly.
10 QUESTIONS ?
If you have any questions or comments regarding the processing of personal data, you may contact us at
phone number: +421 905 760 777
11 FINAL PROVISIONS
This information comes into force and effect on 1.11.2018. The controller reserves the right to change these terms and conditions in the event of a change in the company’s processing of Personal Data and in the event of a legislative change.
Information about cookies on our site
This page may be updated from time to time, even without notice. Please visit it from time to time.
What are cookies and how and why do we use them
Cookies are small text files that a web browser can store on your computer when you visit a website at the behest of the website. They are used to enable the website to do its job better and they also make the user’s job easier (e.g. remembering who is logged in, measuring traffic, customising advertising offers, remembering the data you enter). They make the site faster and help it remember your settings after a return visit.
By storing the data on your computer, the servers are relieved and the need for data transfer is reduced. You can delete or block them at any time via your web browser settings. In this case, however, I cannot guarantee the error-free functioning of the website. The cookies that we use on our site do not harm your computer in any way.
We use several types of cookies on buffalowingsmartin.sk
Basic and functional cookies – they ensure the basic functioning of our site, such as security, user logins, remembering logins, pre-filling out forms, etc. Functional cookies improve the functionality of the site, such as remembering your settings, etc. These files are necessary for the error-free functioning of the site.
Operational cookies – these are mainly used to provide statistical information about your visit and how you use our site. This includes data such as the number of visits, the time spent on the website, or the source from where you visited us. However, this data is anonymous and is not linked to a specific person.
The measurement of traffic is provided to us by Google Analytics.
Advertising cookies – used to serve ads that are tailored to your interests. They may collect information about your favourite websites and, based on this, serve ads that may be of interest to you. These cookies are operated by a third party, our advertising partner Google.
Other cookies – these are mainly cookies from third parties such as Google or Facebook (for example, if you like or share articles using Facebook) and so on.
What data we can process about you via cookies
- Information about your visit to our site
- Information about the IP address of the connection, browser type, operating system
- Information about activity on the site.
In our environment, there is no association of the above activities with your person and therefore the automated processing does not affect your rights and freedoms. Likewise, there is no profiling in the processing of your data.
How can you change the way cookies are used?
Instructions on how to control cookies for the most common browsers:
Mozilla Firefox: http://support.mozilla.org/sk/kb/povolenie-zakazanie-cookies
Google Chrome: https://support.google.com/chrome/answer/95647?hl=sk&hlrm=en
Internet Explorer: https://support.microsoft.com/sk-sk/help/17442/windows-internet-explorer-delete-manage-cookies
How long do we keep cookie data
Cookie data is not retained on our systems.
If you have questions, requests, or would like to notify us of a data breach, you can do so by sending an email to email@example.com