Principles of Personal Data Processing and Data Protection System in accordance with the GDPR regulation
Prepared in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, in accordance with Articles 13 and 14 of the Regulation (hereinafter referred to as “GDPR”) and Act No. 18/2018 Coll. on the Protection of Personal Data (hereinafter referred to as the “Personal Data Protection Act”).
Controller: FAMIS PRO, s.r.o.
Langsfeldova 1A
036 01 Martin
Company ID: 36 384 682
Phone number: 043 3810 172
Email: info@famis.sk
What is personal data?
Personal data refers to any information related to an identified or identifiable natural person who can be identified directly or indirectly, particularly based on a generally applicable identifier or other identifiers such as name, surname, identification number, location data, or an online identifier, or based on one or more characteristics or traits that form their physical identity, physiological identity, genetic identity, psychological identity, mental identity, economic identity, cultural identity, or social identity.
What is the processing of personal data?
The processing of personal data involves a processing operation or a set of processing operations on personal data or sets of personal data, especially collecting, recording, organizing, structuring, storing, modifying, retrieving, consulting, using, providing by transmission, dissemination, or otherwise making available, rearranging or combining, restricting, erasing, regardless of whether it is carried out by automated or non-automated means. The Controller is not required to appoint a Data Protection Officer.
Sources and categories of personal data:
The Controller processes personal data (directly from you) that you have provided or personal data that has been obtained in the course of fulfilling your order. Your identification and contact details and data necessary for contract fulfillment.
Legal reason and purpose for processing:
The legal reason for processing is:
• Your consent to the processing of personal data for the purposes of direct marketing according to Article 6(1)(a) of GDPR.
• Performance of the contract between you and the Controller according to Article 6(1)(b) GDPR.
• Processing necessary for compliance with a legal obligation of the Controller under Article 6(1)(c) GDPR.
The purpose of processing personal data:
The purpose of processing your personal data is to handle your order and exercise the rights and obligations arising from the contractual relationship between you and the Controller. Personal data required for the successful handling of the order (name, surname, address, contact, company details) is processed under Article 6(1)(b) of the Regulation (this also includes subsequent payment execution, service provision, handling of complaints, etc.). The processing of customer personal data takes place without their consent, as the legal basis for processing is the order between the customer and the Controller.
Providing personal data is a necessary requirement for entering into and fulfilling the order; without providing personal data, the order cannot be created, nor can the conditions of the order be fulfilled by the Controller. Provision of the agreed service in the area of manufacturing precise mechanical parts and small iron parts for engineering use. The Controller declares that the records are not used in any way or provided to third parties or entities.
Data retention period:
The Controller retains personal data:
• For the necessary period to exercise the rights and obligations arising from the contractual relationship between you and the Controller and for asserting claims arising from these contractual relationships.
• For the period until consent to the processing of personal data for marketing purposes is withdrawn.
• After the expiration of the data retention period required by law No. 395/2002 Coll. (the Act on Archives and Records), the Controller deletes the personal data.
Recipients of personal data
Who is a recipient?
A recipient is anyone to whom personal data is provided, regardless of whether they are a third party. A public authority that processes personal data based on a specific law is not considered a recipient. Recipients may include persons involved in the delivery of goods, services, or payments under the contract. The Controller does not provide, disclose, or make personal data available to third countries.
Conditions for the protection of personal data:
The Controller declares that it has implemented appropriate personnel, technical, and organizational measures to ensure the protection of personal data. The Controller has taken technical measures to secure data storage and physical storage of personal data in document form. The Controller declares that only authorized persons have access to personal data.
Your rights:
Under the conditions specified in GDPR, you have:
• The right to access your personal data under Article 15 of GDPR.
• The right to correct personal data under Article 16 of GDPR.
• The right to restrict processing.
• The right to deletion under Article 17 of GDPR.
• The right to object under Article 21 of GDPR.
• The right to data portability under Article 21 of GDPR.
• The right to withdraw consent (electronically or to the correspondence address).
• The right to file a complaint with the Data Protection Authority if you believe that your personal data protection rights have been violated.
You also have the right to file a complaint with the Data Protection Authority if you believe your personal data protection rights have been violated.
How can you exercise your rights?
Right to access data:
You have the right to know whether we are processing your personal data. If we are processing it, you can request access to it. Based on your request, we will issue a confirmation with information about the processing of your personal data. You can submit a request electronically to the email address ek1@famis.sk or by mail to the following address:
FAMIS PRO, s.r.o.,
Langsfeldova 1A,
036 01 Martin.
Right to correction:
You have the right for your personal data that we process to be accurate, complete, and up-to-date. If your personal data is incorrect or out-of-date, you can request a correction or update either electronically at ek1@famis.sk or by mail at the correspondence address:
FAMIS PRO, s.r.o.,
Langsfeldova 1A,
036 01 Martin.
Right to deletion:
Under certain circumstances, you have the right to request the deletion of your personal data. You can request the deletion of your data at any time. We will delete your personal data if:
• We no longer need your personal data for the purpose for which it was provided,
• You withdraw your consent,
• You object to the processing of your personal data,
• We process your personal data unlawfully,
• Personal data must be deleted to fulfill a legal obligation,
• If you are a child, or a parent of a child, who consented to the processing of personal data via the internet.
Right to restrict processing:
You can request that we restrict the processing of your personal data. If we agree to your request, we will only store your personal data and will no longer process it. Your data will be restricted if:
• You inform us that your personal data is incorrect, and we will restrict processing until we verify its accuracy,
• We process your personal data unlawfully, but you do not agree to its deletion and instead request that we only restrict the processing of your personal data,
• We no longer need your data, but you need it to assert or defend your rights,
• You object to the processing of your personal data, and we are verifying whether our legitimate interests outweigh your reasons.
Right to data portability:
You have the right to request that we provide your personal data in an electronic format (e.g., XML or CSV file) that allows you to easily transfer the data to another company. You can also request that we directly transfer your personal data to another company of your choice. We will comply with your request if you provided us with the personal data and consented to its processing.
Right to object:
You have the right to object to the processing of your personal data. If we process your personal data in the following cases:
• Based on our legitimate interest,
• For creating a customer profile,
• You can object to the processing if you have personal reasons.
How can you exercise these rights?
You can contact us with your request using one of the following methods:
By email: ek1@famis.sk, or by mail to our business address:
FAMIS PRO, s.r.o.,
Langsfeldova 1A,
036 01 Martin,
Company ID: 36 384 682.
If you believe your personal data protection rights have been violated, you have the right to file a complaint with the supervisory authority, which is the Data Protection Office at the following address:
Hraničná 12,
820 07 Bratislava 27,
Slovak Republic.
Identification details:
Company ID: 36064220
VAT ID: 2021685985
Office Secretariat:
+421 /2 3231 3214
Email: statny.dozor@pdp.gov.sk
Given the epidemiological situation in Slovakia, the Office recommends submitting applications via postal or electronic services (www.slovensko.sk). Personal submissions from 29.11.2021 are only possible in urgent cases, and no later than 12:00.
