In our operations, we process your personal data. For our company, CertiWise, s.r.o., proper processing and protection of your personal data is important, in line with our policies on quality, impartiality, and confidentiality of provided information. Therefore, we provide information on personal data processing to data subjects whose personal data are processed by CertiWise, s.r.o., on our website (www.certiwise.sk) in accordance with Regulation (EU) No. 2016/679 (GDPR) of the European Parliament and of the Council from April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as the "Regulation") and Act No. 18/2018 Coll. on the protection of personal data, as amended (hereinafter referred to as the "Act").
Controller:
CertiWise, s.r.o.
Račianska 88 B, Bratislava-mestská časť Nové Mesto 831 02
IČO: 52 941 311
Contact:
info@certiwise.sk
A data subject is an individual whose personal data is processed. This includes personal data of natural persons, especially employees, authorized persons, appointed persons, website visitors, and others. In performing our tasks and obligations, we obtain your personal data directly from you or in fulfilling our duties, from third parties. When CertiWise, s.r.o. processes your personal data, you are the data subject, i.e., the person whose personal data is being processed. We have a legal obligation to provide your personal data during inspections, supervisory activities, or upon request from authorized state bodies or institutions, if required by specific regulations. Your personal data will be securely stored, in accordance with CertiWise, s.r.o.'s security policy, and only for the time necessary to fulfill the purpose of processing, limited to the necessary personal data. Access to your personal data will be granted exclusively to individuals authorized by the controller to process personal data, who process them based on the controller's instructions, in line with the controller's security policy.
The information we collect about you and how we use it depends on the specific service you utilize with us as the controller. The controller may process the following personal data, which you provide, in paper or electronic form: name, surname, title, permanent or temporary residence address, email, and phone contact.
a) For Fulfilling Contractual Obligations - in the area of provided services, conducted training, and auditing activities. Identification and contact details: name and surname, title, address, signature, place of business, IČO, DIČ, IČ DPH, phone number, email address, billing address, your position in the organization if representing a legal entity. These data are processed based on Act No. 431/2002 Coll. on Accounting, as amended, Act No. 250/2007 Coll. on Consumer Protection, as amended, Act No. 513/1991 Coll. Commercial Code, Act No. 222/2004 Coll. on Value Added Tax, as amended, among others. Data are processed by the controller during the contractual relationship and retained for 10 years after its termination.
b) Handling Requests for Information Disclosure and Appeals - processed under Act No. 211/2000 Coll. on Free Access to Information (Freedom of Information Act), as amended.
c) Handling Complaints - processed under Act No. 9/2010 Coll. on Complaints, as amended.
d) Contacting Data Subjects via Selected Communication Channels (email, phone) - based on the controller's legitimate interests, regarding information you requested through contact details published on CertiWise's website.
e) Supplier Contracts (Contact Details) - processing is necessary for the controller's legitimate interests.
f) Based on Data Subject's Consent - for marketing purposes, company promotion, product promotion, assessing satisfaction with company products, references, sending offers, and direct communication with potential clients.
Providing consent for these purposes is entirely voluntary; however, it is necessary to receive service offers. Any voluntary consent you explicitly confirm with your signature can be withdrawn at any time in writing sent to the controller's address or by email to info@certiwise.sk. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
We also utilize services of other processors who process personal data only according to our instructions and for the purposes we determine. We have concluded data processing agreements with these processors or ensured that these processors have committed in writing to process personal data in accordance with GDPR. Categories of recipients include: - Accounting service providers, - IT and security technology providers, website administrators, database administrators of email contacts and consents, - State administration and public authorities, courts, law enforcement agencies, executors, notaries, - Tax advisors, auditors, - Other entities to whom the provision of personal data is mandated by law.
The controller does not intend to transfer your personal data to a third country or international organization.
Your personal data is not used for automated individual decision-making, including profiling.
The controller retains personal data for the duration of each processing purpose and subsequently for the period defined in the registry plan in accordance with Act No. 395/2002 Coll. on Archives and Registries, as amended.
The controller retains your personal data for at least the duration of the contractual relationship and after its termination until all obligations arising from or related to it are settled, or until the legitimate interest in their processing ceases. If the controller processes your personal data based on consent, your personal data will be processed for that purpose for the duration of this consent or until you withdraw consent.
Withdraw Consent - In cases where we process your personal data based on your consent, you have the right to withdraw this consent at any time. You can withdraw consent electronically at the address of the responsible person, in writing, by notifying the withdrawal of consent. Withdrawal of consent does not affect the lawfulness of personal data processing that we carried out based on it about you.
Right of Access - You have the right to confirm whether your personal data is being processed. If so, you have the right to access this personal data and information about how we use your personal data. Your personal data will be provided to you in electronic form unless you request another method of provision.
Right to Rectification - We take reasonable steps to ensure the accuracy of information we have about you. If you believe that the data we hold is inaccurate or incomplete, you have the right to request their correction or completion.
Right to Erasure (Right to be Forgotten) - You have the right to ask us to delete your personal data, for example, if the personal data we obtained about you is no
Right to Restriction of Processing – Under certain circumstances, you have the right to request that we stop using your personal data. This applies, for example, in cases where you believe that the personal data we hold about you may be inaccurate or when you believe that we no longer need to use your personal data.
Right to Object – You have the right to object to the processing of your personal data. If we do not have a compelling legitimate reason for processing and you submit an objection, we will no longer process your personal data.
Right to Object – You have the right to object to the processing of your data. If we do not have a compelling legitimate reason for processing and you submit an objection, we will cease processing your personal data.
Right to File a Petition for the Initiation of Personal Data Protection Proceedings – If you believe that your personal data is being processed unfairly or unlawfully, you can file a complaint with the supervisory authority, which is the Office for Personal Data Protection of the Slovak Republic, located at Hraničná 12, 820 07 Bratislava, Slovak Republic.www.dataprotection.gov.sk, e-mail: statny.dozor@pdp.gov.sk.