GDPR

Who we are

For more than 25 years, EEA s.r.o. has been a Slovak software house focused on modern solutions and the most advanced technologies. It delivers projects for local and international companies in Slovakia as well as abroad.

It is committed to protecting the privacy of individuals who provide them with their personal data as well as access to the ensuring of information protection with maximum responsibility.

It commits to clear and transparent information about what information it gathers and for what purpose it uses it.

How we protect your privacy

The purpose of these Principles on Processing Personal Data for EEA customers (“the Controller”) issued by EEA s.r.o., ID 17321204, Hattalova 12/B, 831 03 Bratislava, is to inform the data subject whose personal data may be processed, what personal data EEA processes as a controller in the provision of their Services, during visits to websites operated by EEA and contacts with potential customers, for what purposes and for how long EEA has processed these personal data in accordance with applicable law, to whom and for what reason may also transfer them, and also indicate what rights the data subject has in relation to the processing of his/her personal data.

These Principles applies to the personal data processing of customers and their respective representatives or contact persons, service users, people interested in services, and EEA-operated website visitors, always within the scope of personal data corresponding to their status toward EEA.

These Principles are issued in accordance with Regulation (EU) 2016/679 on the Protection of Individuals in the Processing of Personal Data (“the Regulation” or “the GDPR”) in order to ensure the information obligation of EEA as the Controller according to Art. 13 of the GDPR.

Data Recipients

Your personal data may be made available to other entities involved in the processing of your personal data under the contract solely for the purposes specified in the “Purposes, Legal Grounds and Time of Personal Data Processing” section. These are mainly providers of third-party IT services and applications, processors providing personal data processing services for marketing purposes, and other entities that provide our services to our company.

Purposes, Legal Grounds and Time of Personal Data Processing

The extent of the data processed depends on the purpose of the processing. For some purposes, it is possible to process data directly on the basis of a contract, the legitimate interest of EEA, or on the basis of the law (without consent), for others only under consent.

  • Processing Due to Performance of a Contract, the Fulfillment of Legal Obligations and Due to the Legitimate Interests of EEA

The provision of personal data necessary for the performance of the contract, the fulfillment of statutory obligations by EEA and the protection of EEA’s legitimate interests is mandatory. Without the provision of personal data for these purposes, it would not be possible to provide services. We do not need approval to process personal data for these purposes, but we can object to the processing of personal data for EEA’s legitimate interests. Processing due to the performance of the contract and fulfillment of statutory obligations cannot be refused.

  • Processing of Personal Data with Consent for Marketing Purposes

With the customer’s consent, EEA processing personal data for marketing purposes. Direct marketing is considered a suitable tool to alert you to new services or benefits we have prepared for our customers, or in cooperation with our contractual partners. In order to prepare a properly targeted offer, we need to process your data for this offer. On the basis of the targeted offer, you will only get information that can be of interest to you. We do not want to bother you with offers that are not relevant to you. If you have granted us consent to the processing of your personal data for marketing purposes, we are authorized on our own or through intermediaries to use your data for the submission of business offers, marketing services, offers of electronic communications services and value added services and for other purposes agreed upon with you. In regards to the offer of EEA services or possible from contractual partners, we will notify by telephone, through banners on our website, in writing on documents or other media, as well as in the form of business offers sent via SMS, e-mail, or MMS. We process personal data for marketing purposes for the period specified in the agreement or its revoking. We believe that we will offer you better services and great deals on the basis of targeted offers. However, you have the right to refuse the sending of electronic mail at any time.

  • Processing of Personal Data of Persons Who Have Granted Consent to Marketing Contact via Electronic Contact

For entities that have agreed to marketing contact via electronic contact, the EEA shall, with their consent, process the contacts made available to it by the entity for the purposes of marketing contact with EEA service offers. If this consent is granted through an EEA-operated website, the EEA cookie data stored on the websites for which has been granted this consent is processed along with these contacts only if the cookies are enabled in the web browser.

  • Processing of Cookies from EEA-Operated Websites

If cookies are enabled by the data subject in their web browser, we process cookie alerts on the EEA-operated websites for the purpose of ensuring the better operation of the EEA website and for EEA internet advertising.

  • Providing Support via Facebook

If the data subject decides to request support from EEA through Facebook, EEA will process the personal data entered in the Facebook profile of the data subject and the data that the data subject will provide during the communication.

The purpose of processing this personal data is to provide support at the customer’s request and the legal basis for the processing of personal data is Article 6, Par. 1, b) of GDPR regulations. The provision of personal data and their processing by EEA is essential to provide support at the customer’s request.

The recipient of the personal data is Facebook Ireland Ltd., located at 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland as the controller, and will process personal data in accordance with its Privacy Policy.

Personal data is processed for the time required to provide customer support.

Personal Data Retention Period

The Data will be processed by the Controller for a period of 2 years or until the Revocation of Consent and/or until the moment of objection to the processing of the Data. The Data will then be deleted. This Consent can be revoked at any time. Revocation of consent is not withstanding the lawfulness of processing based on the consent granted prior to its revocation.

The Rights of Data Subjects in Relation to the Processing of Personal Data

The data subject has the following rights in case EEA identifies him/her as a natural person and demonstrates his/her identity. These rights must be exercised in the manner determined for the application of a particular law and not to the address of the responsible person. Requests made in breach of these policies will not be taken into consideration. Those rights may also be exercised only in relation to personal data which undoubtedly belong to the applicant.

  • Right of Access to Personal Data

According to Article 15 of the GDPR, the data subject has the right of access to personal data, which includes the following rights:

  • receiving confirmation of processing personal data,
  • obtaining information on the purposes of processing, the categories of personal data concerned, the recipients to which the personal data have been or will be made available, the planned processing period, the existence of the right to require the controller to fix or delete personal data relating to the data subject or to limit their processing or to object to such processing, file a grievance with a supervisory authority, about all available information about the personal data source, unless it is obtained from the data subject, the fact that automated decision making takes place, including profiling, on appropriate safeguards in providing data outside the EU,
  • obtain a copy of the personal data in case that the rights and freedoms of others are not adversely affected.

In the event of a repeated request, EEA will be entitled to charge a reasonable fee for a copy of the personal data. In the event that the exercise of the right to a copy of personal data could, in relation to certain categories of personal data, adversely affect the rights and freedoms of third parties.

  • Right to Correct Inaccurate Data

According to Article 16 of the GDPR, the data subject has the right to correct inaccurate personal data that will be processed by EEA. The Customer also has the obligation to notify EEA on changing their personal data and to demonstrate that such a change has occurred. At the same time, the customer is required to cooperate with the EEA if it is found that the personal data processed by the EEA are inaccurate. EEA will make a correction without undue delay, but always in view of the technical possibilities.

  • Right of Deletion

According to Article 17 of the GDPR, the data subject has the right to delete personal data concerning him/her if the EEA does not provide reasonable grounds for processing such personal data. EEA has set up mechanisms to ensure the automatic anonymization or deletion of personal data if no longer needed for the purpose for which they were processed. However, if the data subject considers that his/her personal data have not been deleted, he may repeat the deletion request.

  • Right to Limitation of Processing

According to Article 18 of the GDPR, the data subject shall have the right to limit the processing, if he/she disclaims the accuracy of the personal data, the reasons for its processing, or if he/she opposes the processing of the data, by submitting a written request to the registered office address of the EEA.

  • Right to Notify About Corrections, Deletions, or Limitations of Processing

According to Article 19 of the GDPR, the data subject has the right to be notified by the EEA in the event of correction, deletion or limitation of the processing of personal data. If personal data are corrected or deleted, EEA will inform each recipient except where this proves to be impossible or requires unreasonable effort. At the request of the data subject, EEA may provide information about these recipients.

  • The Right to the Portability of Personal Data

According to Article 20 of the GDPR, the data subject has the right to request from the EEA personal data relating to him/her, which he/she has provided to EEA in connection with an employment contract or on the basis of consent, and which are processed in an automated manner in a structured, commonly used and machine-readable format, and the right to request the transfer of such data to another controller as far as technically possible.

In the event that the exercise of this right could adversely affect the rights and freedoms of others, the request cannot be accepted.

  • Right to Object to the Processing of Personal Data

According to Article 21 of the GDPR, the data subject has the right to object to the processing of his/her personal data because of the legitimate interest of the EEA.

In the event that EEA cannot establish that there are serious legitimate grounds for processing which overrides the interests or rights and freedoms of the data subject, the EEA shall terminate the processing on the basis of the objection without undue delay. The objection may be sent in writing to the address of the EEA registered office.

The data subject has the right to object to the processing of personal data relating to him/her for the purpose of direct marketing. If the data subject objects to the processing of personal data for the purposes of direct marketing, EEA may not process personal data for the purpose of direct marketing.

  • Right to Revoke Consent to the Processing of Personal Data

You may at any time appeal to the processing of your data for marketing purposes on the basis of an

  • express,
  • understandable and
  • definite manifestation of will (e.g., email to gdpr@eea.sk, a letter of recommendation, a phone call, etc., or by any other means specified on our website after your proper identification).

 

  • Right to Contact the Office for Personal Data Protection

The data subject has the right to contact the Office for Personal Data Protection located on Hraničná 4826/12, 820 07 Bratislava if you feel that your rights to personal data protection have been violated.

Cookies

With the purpose of continually improving the website https://www.eea.sk we use cookies for the anonymous collection of statistical data View or change your preferences in the Privacy Preferences section

Google Analytics

Google Analytics is the analytics tool we use to track the use of our website. With the tool it is possible to use a set of cookies and to collect information and statistical data about the use of the website without personally identifying individual visitors on Google. Of course, there is IP anonymization in Analytics service.

Learn more about  the cookies of Analytics services and Personal Data Protection.

Lead Forensics

Lead Forensics primarily identifies companies that have visited websites. The application will simplify what company has accessed your site so that it is able to assign a visit to a legal entity, thus, a company. In this case, Lead Forensics does not allocate visits to specific individuals or freelancers, but exclusively to limited liability companies or joint stock companies. Thus, Lead Forensics does not include personal data or process them, and GDPR is not primarily applicable to the application.