Here are the basic rules for protecting your personal information as a precedence over your consent to the processing of your personal data. The detailed terms of the commitments and relationships that are fully accepted by the G-Cert-i certification body are listed on the main page www.gcerti.com/GDPR, or you can communicate with the regional G-Cert-i representative in addition to the policies listed here.
If you are a customer, a news subscriber or a visitor to our website www.gcerti.sk, you entrust us with your personal information and we, as the operator, pay close attention to the protection of personal data and are responsible for their protection and security. Understand the fundamental principles of the GDPR (Personal Data Protection Regulation), what personal data we process, whether we process data based on our consent, or other legal reason for what purpose we use it, whom we can pass it on, and what we have in connection with it to process your personal data rights. When processing personal data, he / she proceeds in accordance with the following legal regulations with effect from 21.06.2019:
- Act no. 18/2018 Z.z. on the protection of personal data
- Regulation (EU) 2016/679 of the European Parliament and of the Council ("GDPR")
Who is the operator and who is the intermediar?
The personal data broker for the operator G-Cert-i is in the territory of the Slovak Republic and the Czech Republic a contractual partner for the above-mentioned region, which is IDEEX PLUS, sro, ID 36 572 853, with its registered office at Mlynárska 16, 040 01, Košice in the Commercial Register District Court Košice I, Section Sro, Insert No. 14195 / V, as a contracting Global Network Partner G-Cert-i for the region to the extent of the Slovak Republic and the Czech Republic (www.gcerti.sk, hereinafter referred to as the "Intermediar"), which mediates personal data under the conditions set forth below for the assignee for the purpose of certification and at the same time processes personal data for the purpose of using the website www.gcerti.sk as shown below.
Why do we process personal information?
The processing of personal data is necessary for us to:
- provide our services and products and, to this end, process the personal data of our clients, suppliers, business partners, employees and others;
- fulfill our legal and contractual obligations;
- protect the legitimate interests of us, our clients and others.
What personal data we process and for what purposes
IDEEX PLUS, s.r.o., processes the following personal data for the use of the website "www.gcerti.sk": IP address, cookies and Google Analytics.
Cookies - are small text files that improve the use of the website eg. by enabling previous visitors to be recognized when logging in to the user environment, by remembering a visitor's choice when opening a new window, by measuring traffic to a website, or by using it to improve user experience.
Cookies may be temporary or permanent depending on how long they are used. Temporary cookies are deleted when the browser is closed, persistent cookies remain on the user's device during a predefined period.
Google Analytics - is an analytics tool that allows you to store information in cookies to generate statistics about website traffic. This functionality is not indispensable for browsing and serves to monitor the site's performance and improve it. Permanent cookies are used, the tool is provided by a third party.
Sign out of newsletters and business information
We send you our e-mails with ongoing actions, articles, inspirations or products and services if you are a customer of our legitimate interest. If you are not yet our customer, we will only send them to you upon your consent. In both cases, you can end your email subscription by pressing the check-out link in each email you send.
Your privacy rights
With regard to your privacy, you have rights as a person:
Right to information - you have the right to information according to the GDPR principles, which are briefly summarized on this page.
The right to access data - you have the right to know whether and how we process your personal data. If so, you can request access to this data, we will provide you with 30 days to process your personal information and why.
Right to Repair - You have the right to have your personal data we process correct, complete and up to date. If we process incorrectly personal information about you, you can request us to correct it.
Right to erase - You have the right to delete your personal data we process in some cases. We will delete data without undue delay if any of the following is true:
Processing is no longer necessary for the purpose for which we acquired it.
By withdrawing your consent to the processing of personal data on the basis of your consent to us in the past. However, if we process the same personal data on a different legal basis than your consent, we have the right to continue processing it on that legal basis.
By opposing the processing of your personal data we process based on our legitimate interests. If our legitimate reasons do not outweigh your reasons as the data subject, we will delete the personal data.
Right to Restrict Processing - You may use, if you believe that we process your personal information inaccurately, you believe that the processing of your personal data is illegal, but you do not want to delete all data or if you have objected to processing as a data subject, you may limit the scope of personal data to verify that our legitimate reasons as an operator or intermediator override your legitimate reasons as the data subject.
Right to Data Transfer - You can use the right to take or transfer your personal information to someone else. We will proceed as if using the right of access to data. You can obtain the information electronically, which you can transfer to another operator.
Right to lodge a complaint - if you believe that you are directly affected by your rights under the GDPR Regulation or by applicable law, you have the right, as the person concerned, to initiate proceedings before the Office for Personal Data Protection of the Slovak Republic or the Czech Republic.
Providing personal data to third parties
We only disclose your personal information to the extent necessary. As an intermediary, we may disclose your personal data to persons other than our authorized employees only if we are permitted by the contract with you as the person concerned, with your consent, or if such an obligation arises from the law and all this, while keeping the recipient confidential data.
Depending on the purpose of the processing and the specific circumstances, typical recipients of your personal information are:
- audit firms;
- archiving companies;
- shipping companies;
- professional advisers (eg lawyers, accountants);
- standard software equipment providers (eg Microsoft) or our company technical support;
- providers of analytical, cloud or hosting services (e.g. Google);
- employees and workers.
Transmission of data outside the EU
Your personal information IDEEX PLUS, s.r.o. does not pass to countries that are not part of the European Economic Area, except for personal data on the relevant system certification certificates, respectively. personal certification that is necessary for the purpose of identifying certified legal and natural persons (www.gcerti.com/GDPR). You consent to this processing of personal data by submitting an appropriate electronic questionnaire (Application for System Certification and Application for Accredited Training) from this website.