/Principles and guidance on the protection of personal data provided by the operator of the data subject when obtaining personal data from the data subject of Internet commerce www.northfinder.sk
1.The operator is hereby appointed in accordance with Article 13 (2). 1 and 2. Regulation (EU) 2016 / 679 of the European Parliament and of the Council of 27 May 2016 on the protection of natural persons regard to the processing of personal data and on the free movement of such data and repealing Directive 95 / 46 / EC (General Data Protection Regulation) (‘ the Regulation ’) shall provide the following information to the data subject from whom the Operator obtains the personal data to which it is subject:
II. Identity and contact details of the Operator:
Trade name: NORTHFINDER a.s.
Registered office: Levická 7, Nitra 949 01, Slovak Republic
Entered in the register of the District Court of Nitra, Section Sa, Case No 10297 / N
Business ID: 35 933 011
Tax ID: 2021994359
Bank account: SK81 0200 0000 0037 4778 2251
Prepayment is VAT / Value Added Tax /
2.1.1. These principles and the guidance on the protection of personal data form part of the General Terms and Conditions of Internet Commerce published in the Internet commerce of the Seller.
III. Processing of personal data
3.1.The operator shall provide the following personal data: Name, surname, address, telephone number, data obtained from cookies, IP addresses.
IV.Identity and contact details of the Operator ’ s representative:
4.1.The representative of the Operator shall not be appointed. The operator is also in position of Seller according to General Terms and Conditions of Internet Commerce.
V.Contact details of the responsible person:
5.1.The responsible person shall not be stated.
VI.The purposes of the processing of personal data of the data subject:
6.1.The purpose of the processing of personal data by the data subject shall be:
6.1.1.Processing of accounts
6.1.2.Evidence of contracts and clients for the purpose of concluding and performing contracts
6.1.3.Archiving documents in accordance with the law
6.1.4.Marketing activities of the operator
VII. Legal basis for the processing of the personal data of the data subject:
7.1.The legal basis for the processing of the personal data of the data subject will be, depending on the specific personal data and the purpose of the processing, the consent of the data subject to the processing of personal data, the fulfilment of the legal obligation of the operator, the performance of the contract to which the data subject is a party.
VIII. Recipients or categories of recipients of personal data:
The recipients of the personal data of the data subject shall be, or may at least be:
8.1.Statutory authorities or members of the Statutory Bodies of the Trustee
8.2.Employees of the Operator
8.3.Commercial agents of the operator and other persons of the operator and the operator in the performance of the tasks of the operator. For the purposes of this document, all natural persons performing dependent work for the Operator on the basis of an employment contract or non-employment contract shall be considered to be employees of the Operator.
8.4.The recipient of the personal data of the data subject will also be the operator ’ s associates, business partners, suppliers and contractors, in particular: The accounting company, the company providing the services related to the creation and maintenance of the software, the company providing the legal services to the operator, the company providing the advice to the operator, the companies transporting and delivering the products to the purchasers and third parties.
8.5.The recipient of personal data will also be the courts, law enforcement authorities, public authorities and other public authorities, in the cases provided for by law.
IX. Information on the intended transfer of personal data to a third country:
Not applicable — The operator does not intend to transfer personal data to a third country.
X. Retention period of personal data:
Personal data shall be retained in accordance with the law for the necessary period of time for thepurposes of the performance of the contract and its subsequent archiving.
XI. A statement on the existence of relevant rights of the person concerned:
The person concerned shall have, inter alia, the following rights:
11.1 The right of the data subject to have access to the data referred to in Article 15 shall include:
11.1.1.the right to obtain confirmation from the Operator as to whether personal data collected by the data subject are being considered;
11.1.2.The right to be informed of adequate safeguards under Article 46 concerning the transfer of personal data where personal data are transferred to a third country or international organisation;
11.1.3.The right to be provided with a copy of the personal data being processed, subject, however, to the condition that the right to be provided with a copy of the personal data being processed must not adversely affect the rights and elements of others;
11.2.The right of the person concerned to a correction under Article 16 of the Regulation, the content of which shall be:
11.2.1.The right for the Operator to correct, without undue delay, incorrect personal data withheld by the data subject;
11.2.2.The right to complete the incomplete personal data of the person concerned, including by providing a supplementary declaration of the person concerned;
11.3.The right of the data subject to have his or her personal data erased (so-called ‘ right to forget ’) under Article 17 of a Regulation, the content of which shall be:
11.3.1.The right to obtain from the Operator, without undue delay, the deletion of personal data which are withheld by the data subject if any of the following is fulfilled: personal data are no longer needed for the purposes for which they were collected or otherwise processed;
11.4.The right for the Operator who has disclosed the personal data of the data subject, having regard to the technology available and the cost of implementing the measures, to take appropriate measures, including technical measures, to inform other operators who are carrying out personal data processing that the data subject requests them to delete all references to those personal data, a copy or copies thereof;
The right to the deletion of personal data containing rights pursuant to Article 17 (1,2) of the [i.e. containing the content of the rights under (i) and (ii) of this point J(c) of this document] shall not be created if personal data are to be processed:
11.4.1.for the exercise of the right to freedom of expression and information;
11.4.2.In order to fulfil a legal obligation requiring investigation under European Union law or the law of the Member State to which the Trustee belongs, or in order to fulfil a task carried out in the public interest or in the exercise of public authority vested in the Trustee;
11.4.3.Because of the public interest in the field of public health in accordance with Article 9 (2) (h) and Article 9 (3) (h) and (i) of this Regulations;
11.4.4For the purposes of public archiving, or for the purposes of historical research or for the purposes of Article 89 (1) of such Regulation if the right referred to in Article 17 (1) of Regulation make it impossible or seriously difficult to achieve the objectives of such processing of personal data; or
11,4.5 to prove, validate or defend legal claims
11.5.The right of the data subject to restrict the processing of personal data pursuant to Article 18 of the Regulation,the contents of which are:
11.5.1The right of the Operator to have personal data processed in respect of one of the following:
11.5.2.The right, where the processing of personal data is restricted pursuant to point (i) of this point (d) of point J. of this document, to use such restricted personal data, except in the case of storage, only with the consent of the person concerned or for the purpose of proving, validating or defending legal claims or protecting the rights of another natural or legal person in the European Union, or of an important public interest;
11.5.3. the right to be informed in advance of the lifting of the restriction on the processing of personal data;
11.6.The right of the person concerned to fulfil the obligations incumbent upon him under Article 19 of the Agreement, which shall include:
11.6.1.the right for the Operator to notify any recipient to whom personal data have been provided of any rectification or erasure of personal data or limitation of searches carried out pursuant to Article 16, Article 17 (1), (2), (3), (3), (4) and (5). 1. and Article 18, unless this proves impossible or requires disproportionate effort;
11.6.2.The right for the Operator to inform the person concerned of these recipients if the person concerned so requests;
11.7.The data transmission right of the data subject referred to in Article 20 shall consist of:
11.7.1.The right to obtain personal data which the person concerned has received and which he has provided to the Operator, in a structured, commonly used and machine-readable format, and the right to transmit such data to another operator without being prevented by the Operator, provided that:
11.7.2.The right to transfer personal data directly from one operator to another, where technically possible;
11.8.the right of the person concerned to exercise his right under Article 21 of the Treaty, the content of which shall be:
11.8.1.The right to request, at any time, information concerning the specific situation of the person concerned against the processing of personal data concerning him or her, which is exercised on the basis of Article 6 (1) (e) or (f) of the Regulation, including opposition to profiling based on those provisions;
11.8.2. [In the event of exercise of the right to request, at any time, information relating to the specific situation of the person concerned against the processing of personal data concerning him or her which is carried out on the basis of Article 6 (1) (e) or (f) of the Regulation, including opposition to profiling based on these provisions Reasons, that the Trustee shall no longer examine the personal data of the person concerned unless it is shown to be the necessary legitimate reason for the questioning which prevails over the rights, rights and freedoms of the person concerned or the grounds for proving, dismissing or defending a right
11.8.3.The right to object at any time to the processing of personal data relating to the person concerned for the purposes of direct marketing, including profiling in so far as it relates to direct marketing; however, where the person concerned objects to the processing of personal data for the purposes of direct marketing, personal data may no longer be processed for such purposes;
11.8.4. (In connection with the use of the services of a company) the right to exercise the right to refuse the processing of personal data by means of technical specifications;
11.8.5.The right to request information on the specific situation of the data subject against the processing of personal data concerning the data subject, where personal data are being processed for the purposes of scientific or historical research or for the purposes of statistic research, in accordance with Article 89 (1) of the Regulation, except where the investigation is necessary for the performance of a task of general interest;
11.9.The right of the person concerned in connection with the adoption of an individual decision pursuant to Article 22, the content of which shall be:
11.9.1.The right not to be subject to a decision which is based exclusively on the processing of personal data, including profiling, and which has legal effects which affect him or her in a similar way, except in the cases provided for in Article 22 (2) of the Regulations [i.e. except where the decision is: (a) necessary for the conclusion or performance of a contract between the person concerned and the Operator,
11.9.2.authorised by the law of the European Union or by the law of a Member State, to which the Operator shall lays down appropriate measures for the protection of the rights and freedoms and legitimate interests of the person concerned; or (c) based on the express consent of the person concerned.]
XII. Denunciation of the right of the data subject to withdraw his consent to the processing of personal data:
12.1.The data subject shall be entitled to withdraw his consent to the processing of personal data at any time, without prejudice to the lawfulness of the processing of personal data based on the consent given prior to his or her withdrawal.
The data subject is entitled to withdraw his consent to the processing of personal data at any time, in whole or in part. Partial withdrawal of the consent to the processing of personal data may constitute a type of processing operation / processing operations, leaving the lawfulness of the processing of personal data within the scope of the remaining processing operations unaffected. A partial withdrawal of the consent to the processing of personal data may serve a specific purpose of the processing of personal data / specific purposes of the processing of personal data, while the lawfulness of the processing of personal data for other purposes remains unaffected.
The right to revoke the consent to the processing of personal data may be exercised by the person concerned in paper time at the address of the Trustee registered as its registered office in the business register at the time of the revocation of the consent to the processing of personal data or in electronic time by electronic means (by sending an e-mail to the e-mail address of the Operator when identifying the Operator in that document or completing the electronic form published on the website of the Operator.
XIII. A reference to the right of the person concerned to complain to the Authority:
13.1.The person concerned shall have the right to submit a complaint to the supervisory authority, in particular in the Member State of his habitual residence, the place of work or the place of the alleged infringement, if he considers that the processing of personal data concerning him is contrary to the Directive, without prejudice to any other administrative or judicial remedies.
The person concerned shall have the right to be informed by the supervisory authority to which the complaint has been made, as the complainant, of the progress and outcome of the complaint, including the possibility of judicial redress under Article 78 of the Regulation.
The Supervisory Authority in the Slovak Republic is the Office for the Protection of Personal Data of the Slovak Republic.
XIV. Information on the existence / absence of an obligation on the person concerned to provide personal data:
14.1.The operator shall inform the person concerned that the provision of personal data to the person concerned is necessary for the conclusion and performance of the contract of sale. The operator shall inform the person concerned that the person concerned is not obliged to provide personal data or to consent to their processing. As a result of the non-provision of personal data and / or the non-sharing of consent to the processing of personal data, the Trustee will not enter into and perform the sales contract.
XV.Information related to decision making including profiling:
15.1.Not applicable. - As the Operator is not concerned with the processing of the personal data of the data subject during the period of its decision-making, including the profiling referred to in Article 22 (1), (4) of the Regulation, the Operator is not obliged to provide information pursuant to Article 13 (2) (f) of the Regulation, i.e. information on the choices made, including profiling, and the procedure used, as well as on the meaning and expected consequences of such transfers of personal data for the person concerned.
In the context of the EU ’ s protection of privacy in electronic communications, we offer a brief explanation of the function of cookies. Cookies are text files that capture a small amount of information that is downloaded into your computer, cell phone or other device when you visit a website. Cookies are useful because they allow the website not only to recognise the device, but also toallow the user to access the functionalities on the site.
We divide cookies into two types of cookies.
Permanent cookies — these cookies remain in the device, the period of time specified in the cookie. They shall be activated whenever the user visits the website that created the cookie file.
Relational cookies — these files allow the website operator to continue activities when the browser window is opened and ends when the browser window is closed. Relational cookies are created on a temporary basis. After the browser is closed, all relational cookies are deleted.
16.1.What are cookie files?
A cookie is a small text file that a website stores on your computer or mobile device when it is scanned. Thanks to this file, the website retains information about your actions for a certain period of time (such as your login name, language, size, and other display settings), so you do not have to reintroduce them when you visit the site or browse its individual pages.
16.2.How do we use the cookies?
Our online store uses cookie files to store:
Also, some of the subsites that are part of our website receive cookies for anonymous collection of specific data on how you got there and which video clips you watched.
The authorisation of cookies is not necessarily necessary for the proper functioning of the website, but it will provide you with better personal comfort when working with it. You can delete or block cookies. However, in such a case, certain functionalities of the website may not function as they should.
The information stored in the cookies is not linked to your personal identification and the data structure is fully under our control. Cookies are not intended for purposes other than those set out in this text.
16.3.Do we use other cookies?
Some of our sites or subsites may use additional or different cookies than those mentioned in the previous text. In this case, details of their use will be provided on the cover page of the separate cookie file notice.
16.4.How to check cookies?
You can check and / or delete your cookies as you wish – see aboutcookies.org. You can delete all cookie files on your computer and you can save most browsers to prevent them from being saved. However, in such a case, you will probably have to manually modify some settings for each visit to the website and some services and functions will not work.
XVII. Final provisions
These Principles and Instructions on the protection of personal data form an integral part of the General Terms of Return Policy. Documents — General terms and conditions of the online shop are published on the Internet shop domain prior to the launch.
These principles of personal data protection overstate the validity and effectiveness of their publication in the Internet trade prior to 10.03.2020
This document is certified http: / / www.praveshopov.sk