Privacy policy

We are the company GRANTECH s.r.o.,

IČO: 36574767,

DIČ: 2021301689,

IČ DPH: SK2021301689, 

with registered office at Hroncova 1, 040 01 Košice,

contact: mail@grantech.sk

We promote the sale of our products and services on the website www.grantech.sk. When providing our services, selling goods and operating our website, we process some personal data.

The processing of personal data is mainly governed by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the processing of personal data and on the free movement of such data, which repeals 95/46/EC (General Data Protection Regulation) ("GDPR ").

Processing of personal data

a) Processing of personal data in the case of using the contact form

Range of affected persons: natural persons

If you contact us in connection with our products and services, we will work with your contact information, which you notify us through the contact form.

These are personal data: e-mail address, first and last name.

For what reason?

Based on the personal data sent, we will then contact you in connection with our offer of goods and services.

Legal basis for personal data processing: Art. 6 par. 1 letter a) GDPR regulations

Providing your personal data is voluntary. However, if you do not provide us with personal data, we will not be able to communicate with you and answer your questions.

Periods for erasure of personal data: a maximum of 6 months (in case of fulfillment of legal obligations or legal claims of the operator according to applicable legislation).

Categories of recipients to whom your personal data may be provided: entities empowered by a special regulation to decide on the rights and obligations of natural persons: courts, law enforcement agencies and intermediaries: Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland

The transfer of personal data to third countries is not carried out.

b) Processing of personal data in the case of a camera information system

Circle of affected persons: persons located in the area monitored by the camera system

List of personal data: recording from cameras

For what reason?

The processing of personal data is the protection of the property of the operator, the protection of the health and property of the affected persons.

Legal basis for personal data processing: Art. 6 paragraph 1 letter f) GDPR regulations

Categories of recipients to whom your personal data may be provided: entities to which a special regulation entrusts the authority to decide on the rights and obligations of natural persons: courts, law enforcement authorities

The transfer of personal data to third countries is not carried out.

Periods for deletion of personal data: video recording - 3 days

c) Processing of personal data in the event of a request by the persons concerned to exercise their rights

Range of affected persons: natural persons - affected persons/applicants

List of personal data: title, first name, last name, permanent residence, email address

For what reason?

The purpose of the processing of personal data is the recording and processing of the requests of the persons concerned when exercising their rights in accordance with the Regulation.

Legal basis for personal data processing: Art. 6 par. 1 letter c) GDPR regulations

Categories of recipients to whom your personal data may be provided: entities to which a special regulation entrusts the authority to decide on the rights and obligations of natural persons: courts, law enforcement authorities

The transfer of personal data to third countries is not carried out.

Periods for deletion of personal data: ordinary correspondence - 3 years

d) Processing of personal data in the case of using mail

Circle of affected persons: natural persons - addressees

List of personal data: name, surname, title, address, organization name, job title, e-mail address, subject and content of mail

For what reason?

The purpose of processing personal data is to record incoming and outgoing mail.

Legal basis for personal data processing: Art. 6 par. 1 letter c) GDPR Regulations: Act No. 395/2002 Coll. on archives and registries and on supplementing certain laws as amended, Act no. 305/2013 Coll. on the electronic form of exercising the powers of public authorities and on the amendment and supplementation of certain laws (e-Government Act)

Categories of recipients to whom your personal data may be provided: entities empowered by a special regulation to decide on the rights and obligations of natural persons: courts, law enforcement agencies and intermediaries: Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland

The transfer of personal data to third countries is not carried out.

Periods for deletion of personal data: ordinary correspondence - 3 years

e) Processing of personal data in the case of accounting and tax documents

Range of affected persons: natural persons - clients, employees

List of personal data: name, surname, title, address of permanent residence, address of temporary residence, telephone number, e-mail address, date of birth, type and number of identity document, signature, bank account number of a natural person

For what reason?

The purpose of personal data processing is the recording of accounting documents and the agenda associated with its processing.

Legal basis for personal data processing: Art. 6 par. 1 letter c) GDPR Regulations: Act No. 431/2002 Coll. on accounting, as amended, Act no. 222/2004 Coll. on value added tax, as amended, Act no. 40/1964 Coll. Civil Code, as amended, Act No. 152/1994 Coll. on the social fund and on amendments to Act no. 286/1992 Coll. on income taxes, as amended, Act no. 311/2001 Coll. Labor Code as amended

Categories of recipients to whom your personal data may be provided: social insurance, health insurance, tax office and entities to which a special regulation entrusts the authority to decide on the rights and obligations of natural persons: courts, law enforcement agencies

The transfer of personal data to third countries is not carried out.

Periods for deletion of personal data: accounting documents - 10 years

Automated decision-making, including profiling, is not carried out.

The person concerned has the right to withdraw consent to the processing of personal data concerning him at any time. The withdrawal of consent does not affect the legality of the processing of personal data based on consent before its withdrawal; before giving consent, the person concerned must be informed of this fact. The person concerned can revoke the consent in the same way in which he gave the consent.

Affected persons whose personal data is processed for specifically defined purposes may exercise the following rights:

  • The right to request access to your personal data
  • The right to correct personal data
  • The right to erasure of personal data
  • The right to restrict the processing of personal data
  • The right to object to the processing of personal data
  • The right to transfer your personal data
  • The right to file a complaint with a supervisory authority, i.e. Office for the Protection of Personal Data of the Slovak Republic

GRANTECH, s.r.o. has adopted all appropriate personnel, organizational and technical measures for the purpose of maximum protection of your personal data in order to reduce the risk of their misuse as much as possible. In accordance with our obligation arising from Article 34 of the Regulation, we inform you as the affected persons that if a situation arises where we, as the operator, violate the protection of your personal data in a way that is likely to lead to a high risk for the rights and freedoms of natural persons, we will notify you of this fact without undue delay.

Legal regulations and related methods of processing your personal data may change. If we decide to update this policy, we will post the changes on our website and notify you of the changes. In cases where there is to be a major change to these principles, or in cases where the law requires us to do so, we will inform you in advance. We ask you to read these policies carefully and in the next communication with us, or regularly check these policies while using our website.

If you have any questions regarding the processing of your personal data, including the exercise of the above-mentioned rights, you can contact our contact person: by email at mail@grantech.sk. We will properly check all your suggestions and complaints.

If you are not satisfied with our answer, or if you believe that we process your personal data unfairly or illegally, you can file a complaint with the supervisory authority, which is the Personal Data Protection Office of the Slovak Republic, https://dataprotection.gov.sk, Hraničná 12 , 820 07 Bratislava 27; tel. number: +421 /2/ 3231 3214; E-mail: statny.dozor@pdp.gov.sk.