Controllers of personal data pursuant to § 5 let. o) of Act no. 18/2018 Z.z. on the protection of personal data, as amended (hereinafter referred to as the “Act”) is decorair, s.r.o., ID No. 44354738 with its registered office at Kruhy 5007/1, 905 01 Senica (hereinafter referred to as the “Controller”).
Controller contact details:
Kruhy 5007/1, 905 01 Senica
Business ID: 44354738
Tax ID: 2022677800
VAT reg. No.: SK2022677800
Registered at the Regional Court, Trnava, Section: Ltd., File No.22516 / T
Telephone contact: 0908 620 043
Personal data means all information relating to an identified or identifiable natural person; an identifiable natural person is a natural person who can be identified, directly or indirectly, in particular by reference to a specific identifier, such as name, identification number, location data, network identifier or by reference to one or more specific physical, physiological, genetic, mental, economic, cultural or the social identity of that individual.
Responsible Data Protection Officer appointed by the Controller: Janič Roman, email@example.com
Sources and categories of personal data processing
The Controller processes the personal data you provided or personal data obtained by the Controller based on your order fulfillment.
The Controller processes your identification and contact data and data necessary for performance of the contract.
Legal reason and purpose of personal data processing
The legal reason for personal data processing is
performance of the contract between you and the Controller pursuant to § 13 par. 1, let. b) of the Act,
the legitimate interest of the Controller in the provision of direct marketing (especially for sending business announcements and newsletters) pursuant to § 13 par. 1, let. f) of the Act,
your consent to processing for the purpose of providing direct marketing (especially for sending business announcements and newsletters) pursuant to § 13 par. 1, let. a) of the Act in the case that the goods or services were not ordered.
The purpose of personal data processing is:
processing your order and exercising the rights and obligations arising from the contractual relationship between you and the Controller; the order requires personal data necessary for successful order processing (name and address, contact), the provision of personal data is a necessary requirement for the conclusion and performance of the contract, without the provision of personal data it is not possible to conclude the contract or
send business announcements and perform other marketing activities.
There is no automatic individual decision-making in accordance with Section 28 of the Act. You have given your explicit consent to such processing.
Retention periods for personal data
The Controller keeps personal data
for the period necessary to exercise the rights and obligations arising from the contractual relationship between you and the Controller and to assert claims arising from these contractual relationships (for a period of 15 years from the termination of the contractual relationship).
for a period of 6 years if the consent to personal data processing for marketing purposes is withdrawn, if the personal data are processed with consent.
After the expiry of retention period for personal data, the Controller shall delete the personal data.
Recipients of personal data (subcontractors of the Controller)
The recipients of personal data are persons
Involved in the delivery of goods / services / payments under contract,
providing e-shop services and other services related to e-shop operations,
providing marketing services.
The Controller does not intend to transfer personal data to a third country (outside the EU) or to an international organization.
Under the conditions set out in the Act you have
the right to access your personal data pursuant to § 21 of the Act,
the right to rectify personal data pursuant to § 22 of the Act, or limitation of processing pursuant to Section 24 of the Act,
the right to delete personal data pursuant to § 23 of the Act,
the right to object to processing pursuant to Section 27 of the Act,
the right to data portability pursuant § 26 of the Act,
the right to withdraw the processing consent in writing or electronically at the address or email of the Controller referred to in Art. III of these conditions.
You also have the right to file a complaint with the Office for Personal Data Protection if you believe that your right to privacy has been violated.
Terms of privacy
The Controller declares that all appropriate technical and organizational measures have been taken to secure personal data.
The Controller has taken technical measures to ensure data and personal data storage.
The Controller declares that only the authorized persons on its behalf can access the personal data.
By submitting an order from the on-line order form, you confirm that you are familiar with the terms of privacy and that you accept them in their entirety.
These Terms and Conditions shall enter into force on 1.1.2020.