Privacy Policy
Personal Data Protection Notice
The protection of your personal data entrusted to us is of utmost importance. Therefore, we would like to inform you in the following text about the processing of your personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter referred to as the “GDPR”), and with Act No. 18/2018 Coll. on the Protection of Personal Data and on the Amendment and Supplementing of Certain Acts (hereinafter referred to as the “Personal Data Protection Act”).
The data controller of your personal data is ETL Slovakia a.s., with its registered office at Tajovského 17, Košice – Staré Mesto 040 01, Company ID: 51 445 557 (hereinafter referred to as the “Controller” or “ETL SLOVAKIA”). For any inquiries regarding the handling of your personal data, please contact us at info@etl-slovakia.sk.
This information is intended for visitors to our website, clients, contractual partners, and suppliers, and aims to explain how we collect, use, share, transfer, and protect your personal data. It also outlines your data protection rights and how to exercise them.
Personal data refers to any information that can identify you directly or indirectly. This may include standard contact and identification information such as: title, first name, last name, job title, email address, phone number, employer identification data, and in the case of clients, also address, date of birth, or national identification number.
Who We Share Your Data With
As the Controller, we are legally obliged to disclose your personal data during inspections, supervisory activities, or upon request from authorized government authorities or institutions, where required by specific regulations.
If we process your personal data in accordance with specific legal regulations, failure to provide such data may result in our inability to fulfil our legal obligations.
Your personal data may also be made available to other recipients, such as ETL SLOVAKIA’s service providers in the areas of:
Accounting
IT support
Website development and management
Occupational health and safety
Postal services
Legal services
Principles of Data Processing
We only process your personal data where we have a legal basis to do so. The legal bases for processing may include:
Contractual and pre-contractual relationships
Fulfilment of legal obligations
Our legitimate interest
Contractual and Pre-contractual Relationships
We process personal data based on pre-contractual and contractual obligations, which means that the data is required to enter into and perform a business contract. Without your personal data, we cannot conclude or fulfil the contract or provide our services.
Legal Obligation
Some personal data is processed to comply with legal obligations. The law specifies which data must be processed and to what extent. Without such data, we may not be able to fulfil our legal duties.
Legitimate Interest
We may process your personal data where we have a legitimate business reason to do so, unless your fundamental rights and freedoms override such interests. Where data is processed based on legitimate interest, you will be informed as outlined below.
| Purpose of Processing Your Personal Data | Legal Basis for Processing Activities Retention Period | Category of Recipients |
| Conclusion and performance of various contractual relationships | Contractual relationship. The retention period lasts during the term of the contractual relationship until its proper termination and settlement of all contractual obligations; no later than 10 years after the contract ends. | Contractual parties Service providers |
| Accounting and related obligations | Legal obligation under Act No. 431/2002 Coll. on Accounting, as amended. Retention period: 10 years. | Tax Authority |
| Contact information from the contact form | Legitimate interest of the controller under Art. 6(1)(f) GDPR for processing contacts of entities with whom it communicates or has business relations. Retention period: 1 year after request resolution unless a contract is concluded. | Controller’s employees |
| Handling and recording of data subject rights (GDPR) | Legal obligation under Chapter III of Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and the free movement of such data. Retention period: 5 years | Individuals exercising their data protection rights |
| Legal disputes, enforcement of legal claims (generally, not only in court), and court proceedings | Purpose compatible with the original purpose of personal data processing – performance of contractual obligations, where legal claims or defense may be anticipated, in accordance with the law. Retention period: 10 years from the end of the court dispute | Parties to the proceeding, legal representatives, competent court, entities authorized by specific regulations, chambers, statutory associations, court experts |
| Enforcement proceedings | Legal obligation under Act No. 59/2018 Coll. on Judicial Executors and Enforcement Activities (Enforcement Code) Retention period: 5 years | Entities authorized by applicable legislation, notaries |
| Archiving and registry management, including mail records | Legal obligation under Act No. 395/2002 Coll. on Archives and Registries Legal retention periods 10 years | Ministry of the Interior of the Slovak Republic, other authorized entities |
| Out-of-court debt recovery | Our legitimate interest The retention period follows statutory limitation periods. | Debt recovery service providers, legal representatives |
The Controller may also process personal data based on consent. In such cases, the specific purpose of processing is outlined in the consent request. Consent may be withdrawn at any time without affecting the lawfulness of processing prior to withdrawal.
Personal data will not be processed for purposes other than those originally specified unless allowed by law or with your consent, except where the original purpose is compatible with the new purpose (e.g., debt collection).
Information collected via our contact form (e.g., name, email, phone, location, service type, and additional details) is required to respond to your inquiry. If not provided, we may not be able to deliver relevant information or services.
Transfer of Data to Third Countries
Your personal data is not transferred to third countries or international organizations.
Sources of Personal Data
We obtain personal data directly from you, especially during contract conclusion or performance. Data may also come from publicly available sources such as client websites or online forms on our website.
Automated Decision-Making and Profiling
ETL SLOVAKIA does not use automated decision-making or profiling that would have legal or similarly significant effects on you.
Data Security
We have implemented appropriate technical, organizational, and physical measures to ensure data security. Our goal is to protect your data from unauthorized processing, accidental loss, damage, or destruction. Access to your data is granted only to authorized persons, in line with our security policy.
We safeguard your data using secure storage locations and restricted access. All access is predetermined and strictly controlled.
ETL SLOVAKIA responds promptly to any security incidents. If such an incident is likely to pose a high risk to your rights and freedoms, we will inform you without delay and describe the corrective actions taken.
Data Retention
Your data will be stored securely and only for as long as necessary to fulfil the processing purpose. It is backed up in accordance with our retention rules. Data from backups will be deleted once feasible, in accordance with backup policies. Backup data serves solely to protect against security incidents.
Your Rights Regarding Personal Data
You may contact us to exercise the following rights:
Right of Access – Obtain a copy of your personal data and information on its use.
Right to Rectification – Request correction of inaccurate or outdated data.
Right to Erasure – Request deletion of data that is no longer necessary.
Right to Restriction of Processing – Ask us to stop using your data in certain cases.
Right to Withdraw Consent – Withdraw consent at any time where processing is based on it.
Right to Data Portability – Request transmission of your data to another party under certain conditions.
Right to Object – Object to processing based on legitimate interest.
Right to Lodge a Complaint – Contact the Slovak Data Protection Authority at https://dataprotection.gov.sk, Hraničná 12, 820 07 Bratislava 27; Tel: +421 /2/ 3231 3214; Email: statny.dozor@pdp.gov.sk.
To exercise any of these rights, contact us via email at info@etl-slovakia.sk or in writing at the address of ETL SLOVAKIA.
We will respond within 30 days. If necessary, we may request additional information to verify your identity. In complex cases or multiple requests, our response may take longer, but we will inform you accordingly.
Requests are free of charge. However, we may charge a reasonable fee if the request is manifestly unfounded, repetitive, or excessive.
Changes to This Privacy Notice
If we decide to change this notice, the updated version will be published on our website.
Last updated: 16 December 2024.
