Privacy Policy for PEPE spol. s r.o.

Last updated: October 26, 2023

This Privacy Policy describes how PEPE spol. s r.o. (hereinafter referred to as "we," "us," or "our") collects, uses, discloses, and safeguards your personal data when you visit our website obchodnafirma.live (the "Site") or interact with our services. We are committed to protecting your privacy and ensuring compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and Slovak national legislation. Please read this policy carefully to understand our practices regarding your personal information.

1. Who We Are

PEPE spol. s r.o. is a limited liability company registered in the Slovak Republic with its registered office at [Insert Full Address Here]. Our company identification number (IČO) is [Insert IČO Here], and we are registered with the Slovak Commercial Register. We operate the website obchodnafirma.live to provide information about our products and services. For any questions regarding this Privacy Policy or our data handling practices, you can contact us at [Insert Contact Email] or by mail at the address above.

2. Definitions

For the purposes of this Privacy Policy:

  • Personal Data means any information relating to an identified or identifiable natural person.
  • Processing means any operation performed on personal data, such as collection, storage, use, or disclosure.
  • Data Subject means the individual whose personal data is being processed.
  • Controller means the entity that determines the purposes and means of processing personal data, which in this case is PEPE spol. s r.o.
  • Data Protection Officer (DPO) refers to our designated contact for data protection matters.

3. What Personal Data We Collect

We may collect the following categories of personal data when you interact with our Site or services:

  • Identity Data: This includes your first name, last name, username, or similar identifier.
  • Contact Data: This includes your email address, telephone number, and postal address.
  • Technical Data: This includes internet protocol (IP) address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access the Site.
  • Usage Data: This includes information about how you use our Site, products, and services.
  • Marketing and Communications Data: This includes your preferences in receiving marketing from us and your communication preferences.
  • Cookies and Similar Technologies: We use cookies, web beacons, and similar tracking technologies to enhance your browsing experience, analyze trends, and administer the Site. For more details, see our Cookie Policy.

We do not knowingly collect sensitive personal data, such as racial or ethnic origin, political opinions, religious beliefs, health information, or genetic data, unless required by law.

4. How We Collect Your Personal Data

We collect personal data through various methods:

  • Direct Interactions: You may provide us with your Identity and Contact Data by filling in forms on the Site, subscribing to newsletters, submitting inquiries, or contacting us via email or phone.
  • Automated Technologies: As you interact with our Site, we automatically collect Technical Data and Usage Data through cookies and similar tracking technologies. We may also receive data from third-party analytics providers like Google Analytics.
  • Third Parties: We may receive personal data about you from business partners, service providers, and publicly available sources, but only where you have given consent or where it is otherwise lawful.

5. Legal Basis for Processing Your Personal Data

We will only process your personal data when we have a lawful basis under GDPR. The most common legal bases we rely on are:

  • Consent: For certain processing activities, such as sending marketing emails or placing non-essential cookies, we rely on your freely given, specific, informed, and unambiguous consent. You have the right to withdraw consent at any time.
  • Contractual Necessity: Processing is necessary for the performance of a contract with you, such as when you request a quote or purchase a service.
  • Legal Obligation: Processing is necessary to comply with legal or regulatory obligations, such as tax or accounting requirements.
  • Legitimate Interests: Processing is necessary for our legitimate interests or those of a third party, provided your interests and fundamental rights do not override those interests. This includes improving our services, fraud prevention, and direct marketing to existing customers.

6. How We Use Your Personal Data

We use your personal data for the following purposes:

  • To Provide Services: To respond to your inquiries, process orders, deliver products or services, and manage our contractual relationship with you.
  • To Improve the Site: To analyze usage trends, diagnose technical issues, and enhance user experience.
  • For Marketing: To send you promotional materials, newsletters, or updates about our services, but only if you have consented or where we have a legitimate interest and have provided an opt-out option.
  • To Comply with Legal Obligations: To fulfill accounting, tax, and regulatory requirements, including fraud prevention and record-keeping.
  • To Protect Our Rights: To enforce our terms of service, defend against legal claims, and protect the security of our systems.

We will not use your personal data for automated decision-making or profiling that produces legal effects without your explicit consent.

7. Cookies and Tracking Technologies

Our Site uses cookies and similar tracking technologies. Cookies are small text files stored on your device that help us recognize you and improve your experience. We use the following types of cookies:

  • Essential Cookies: Necessary for the basic functioning of the Site, such as session management.
  • Analytical/Performance Cookies: Help us understand how visitors interact with the Site by collecting anonymous usage data.
  • Functionality Cookies: Remember your preferences (e.g., language) for a personalized experience.
  • Targeting/Advertising Cookies: Used to deliver relevant advertisements and measure their effectiveness.

You can manage cookie preferences through your browser settings or our cookie consent tool. For more details, please refer to our separate Cookie Policy available on the Site. Note that disabling cookies may affect the functionality of the Site.

8. Disclosure of Your Personal Data

We may share your personal data with the following categories of third parties:

  • Service Providers: We engage trusted third-party companies to perform functions on our behalf, such as hosting, analytics (e.g., Google Analytics), email delivery, payment processing, and customer support. These providers are contractually obligated to protect your data and use it only for the purposes we specify.
  • Legal and Regulatory Authorities: We may disclose your data if required by law, court order, or governmental regulation, or to protect our rights, property, or safety.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the new entity, subject to appropriate safeguards.
  • Other Third Parties with Your Consent: We will not sell, rent, or trade your personal data to third parties for their marketing purposes without your explicit consent.

9. International Data Transfers

Your personal data may be transferred to, stored, and processed in countries outside the European Economic Area (EEA), including countries that may not have the same level of data protection laws as the EEA. When we transfer your data, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, or reliance on adequacy decisions by the European Commission. For example, we may use service providers based in the United States who are certified under the EU-US Data Privacy Framework. By providing your data, you acknowledge these transfers.

10. Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes for which we collected it, including to satisfy any legal, accounting, or reporting requirements. To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the data, the potential risk of harm from unauthorized use or disclosure, and applicable legal requirements. For example:

  • Contact data for marketing purposes is retained until you unsubscribe or withdraw consent.
  • Contractual data is retained for the duration of the contract plus any applicable statutory retention periods (e.g., up to 10 years after contract termination for tax purposes).
  • Technical and usage data is retained for up to 26 months after collection, unless longer retention is required for specific purposes.

When we no longer need your data, we will securely delete or anonymize it.

11. Your Rights Under Data Protection Law

Under GDPR, you have the following rights regarding your personal data:

  • Right to Access: You have the right to request a copy of the personal data we hold about you and information about how we process it.
  • Right to Rectification: You can request correction of inaccurate or incomplete data.
  • Right to Erasure (Right to be Forgotten): You can request deletion of your personal data where there is no compelling reason for its continued processing.
  • Right to Restrict Processing: You can request that we restrict processing of your data under certain conditions, such as when you contest its accuracy.
  • Right to Data Portability: You have the right to receive your data in a structured, commonly used, machine-readable format and to transmit it to another controller.
  • Right to Object: You can object to processing based on legitimate interests, including direct marketing. We will comply unless we demonstrate compelling legitimate grounds.
  • Rights Related to Automated Decision-Making: You have the right not to be subject to decisions based solely on automated processing, including profiling, which produce legal effects.
  • Right to Withdraw Consent: Where processing is based on consent, you can withdraw it at any time without affecting the lawfulness of processing based on consent before its withdrawal.

To exercise any of these rights, please contact us using the details in Section 1. We will respond to your request within one month, but may extend this by two months if necessary. We may ask for additional information to verify your identity. You also have the right to lodge a complaint with the Slovak Data Protection Authority (Úrad na ochranu osobných údajov Slovenskej republiky) at [Insert Authority Address] if you are dissatisfied with our response.

12. Security of Your Personal Data

We implement appropriate technical and organizational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures include encryption of data in transit (SSL/TLS), firewalls, access controls, regular security assessments, and staff training on data protection. However, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security but strive to use industry-standard practices.

13. Children's Privacy

Our Site and services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you become aware that a child has provided us with personal data without parental consent, please contact us. If we discover such data, we will take steps to delete it promptly.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. The "Last Updated" date at the top of this page indicates the most recent revision. We will notify you of material changes by posting a prominent notice on the Site or by sending an email to registered users. We encourage you to review this policy periodically.

15. Third-Party Links

Our Site may contain links to third-party websites, plugins, or services. This Privacy Policy does not apply to those third parties, and we are not responsible for their privacy practices. We recommend that you read the privacy policies of any third-party sites you visit.

16. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:

  • By Email: [Insert Contact Email]
  • By Mail: PEPE spol. s r.o., [Insert Full Address], Slovak Republic
  • By Phone: [Insert Phone Number]

We will respond to your inquiry as soon as possible and within the timeframes required by law.

17. Additional Information for Slovak Residents

As a company operating in the Slovak Republic, we also comply with the Act on Protection of Personal Data (Act No. 18/2018 Coll. on Protection of Personal Data and on Amendments to Certain Acts). This includes obligations regarding data breach notification, data protection impact assessments, and the designation of a Data Protection Officer if required. If you believe your rights have been violated, you have the right to seek judicial remedy or file a complaint with the Slovak Data Protection Authority at [Insert Authority Address or Website].

18. Consent

By using our Site and providing your personal data, you acknowledge that you have read and understood this Privacy Policy. For certain processing activities, we will explicitly ask for your consent. You have the right to withdraw consent at any time, but this will not affect the lawfulness of processing based on consent before its withdrawal.

19. How to Opt-Out of Marketing Communications

If you no longer wish to receive marketing emails from us, you can opt out at any time by following the unsubscribe link in the emails or by contacting us directly. We will process your opt-out request within a reasonable timeframe. Please note that even if you opt out of marketing, we may still send you transactional or service-related communications.

20. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach. If the breach poses a high risk to you, we will also inform you directly without undue delay, unless the data has been rendered unintelligible or other exceptions apply.

21. Contacting the Supervisory Authority

If you are not satisfied with our response to your privacy concerns, you have the right to lodge a complaint with the data protection authority in your country or the Slovak Republic. The relevant authority is:

Úrad na ochranu osobných údajov Slovenskej republiky
Address: [Insert Full Address of the DPA, e.g., Hraničná 12, 820 07 Bratislava 27, Slovak Republic]
Website: [Insert Website of the DPA]
Email: [Insert Email of the DPA]

22. General Information

This Privacy Policy is provided in English. In case of any inconsistency between the English version and a translation, the English version prevails. We reserve the right to modify this policy at any time. Continued use of the Site after changes constitute acceptance of the updated policy.

Effective Date: [Insert Date]

© 2023 PEPE spol. s r.o. All rights reserved.

Používame cookies, aby ste u nás mali lepší zážitok. Ak budete pokračovať, súhlasíte s ich používaním.

Viac info