Information sheet about personal data protection and processing
In this document, we provide you information about your rights relating to personal data processing in the CITY GATE company. While processing personal data, we comply with the legislation, in particular with the GDPR and Act on Personal Data Protection. Personal data processing always takes place in the scope of the given specific service or purpose of processing.
This document will be regularly updated.
We handle personal data with all due care and in compliance with the valid legislation. We provide the maximum possible level of protection for personal data using state-of-the-art equipment.
Strict rules apply in the CITY GATE company determining which employee or department may bes allowed access to personal data and which personal data they can process. We in principle do not pass on personal data outside the CITY GATE company, with the exception of cases when we have consent to do so, when this obligation is imposed on us or in cases when the legislation or our legitimate interest allows us to do so (for example, in the case of suppliers or requests by the law enforcement authorities etc.).
We only process the personal data of children (i.e. people under the age of 18) if the child was initially represented by a parent or other guardian. The high standards of personal data protection which apply to personal data processing in our company also apply to children unchanged in scope. These standards are absolutely sufficient for processing the personal data of children. As parents or other guardians of the child, you are responsible for provision of data about the child being in compliance with their interests and for informing the child about processing of their personal data by us and their rights in a comprehensible manner.
We recommend that you read the information carefully. We have done our best to ensure that it is as easy-to-understand as possible. If despite this, anything is unclear, we will be happy to explain any terminology or passage to you. More details about personal data processing can be found at www.citygate.sk/en/principles-of-personal-data-processing
If you do not agree to the method in which we process your personal data, you can take the steps listed below to protect your rights.
Supervision of privacy and personal data is performed by:
The Office for Personal Data Protection
Address: Hraničná 12, 820 07 Bratislava 27
Tel.: 2/3231 3220 website: https://dataprotection.gov.sk/uoou/
Principles of personal data processing
Basic information about the administrator
CITY GATE, s.r.o, with registered office at Nám. SNP 478/19 811 01 Bratislava, company ID number: 3583026, registered in the Commercial Register kept with the District Court in Bratislava I, insert 3576/B, Section: Sa (hereinafter referred to only as “CITY GATE”, „Administrator“)
Purpose and scope of personal data processing
The Administrator processes personal data in compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (the General Data Protection Regulation) (hereinafter referred to only as the “GDPR”).
The Administrator processes personal data only for the determined purpose, in the scope determined below and for the period specified in the concluded contracts or in the respective legislation.
The Administrator processes personal data which is necessary for performance of contracts concluded between the administrator and data subject, for the purpose of implementation of the commercial relationship between the administrator and the data subject contained in the contract and for management of the relationship with the data subject. The administrator processes personal data on the basis of its legitimate interests, as well as on the basis of the legitimate interests of its partners, if these interests are not outweighed by the interests, rights or freedoms of the data subject. The Administrator also processes personal data for analysis and improvement of the quality of the services, for market analysis and market research. The Administrator will use personal data for creation of the relevant promotional campaigns and offers of the products and services of company.
Basic purpose of personal data processing
Purposes of personal data processing which personal data is designated for and legal basis for its processing:
- performance of contracts and provision of services
- ensuring operational activities
- accounting and tax purposes
- recovery of receivables
- meeting legal obligations
- direct marketing
- protection of property and people
- archiving kept by law.
Scope of personal data processing
The Administrator processes personal data in the scope in which it was provided to him by the data subject or which the administrator collected in another manner and which it processes in compliance with the valid legislation or for meeting of the legally determined obligations of the administrator. This in particular concerns the following categories of personal data:
- address and contact data, i.e. in particular name, surname, date of birth, personal ID number, address, place of birth, telephone number and other data,
- likeness,
- descriptive data, e.g. bank account number,
- other data arising from the specific contract or required by law,
- data provided above the framework of the respective acts processed within the framework of consent granted by the data subject (processing of photographs, use of personal data for the purpose of HR procedures, cookies etc.).
Rights of the data subject:
The Administrator processes personal data in a transparent, correct manner and in compliance with the GDPR. The data subject is entitled to access his/her data, to explanation and also has other rights if he/she believes that there is a problem with processing. The data subject may submit a complaint to the Office for Personal Data Protection.
The Joint Administrators hereby inform data subjects about their rights, these being as follows:
- the right to know the purpose of personal data processing,
- the right to know the categories of personal data in question,
- the right to know the recipient or categories of recipients of personal data,
- the right to know the period over which personal data will be stored,
- the right to request of the administrator correction or deletion of personal data or restriction of its processing and the right to raise objection to this processing,
- the right to submit a complaint to the supervisory authority,
- the right to all available information about sources of personal data if not obtained from the personal data subject,
- the right to withdraw consent to personal data processing at any time if personal data is processed on the basis of consent given,
- information as to whether automated decision-making occurs, including profiling,
- the right to be informed if the Administrator intends to process the data provided for a different purpose than that which it was collected for,
- the right to refuse recording or monitoring of telephone calls with employees of the administrator.
The data subject is entitled to not provide his/her personal data to the Administrator. If provision of this personal data is obligatory (by law or on a contractual basis), the Administrator hereby warns the data subject that he will not be able to provide him/her services.
Administrators and recipients of personal data:
Processors and recipients of personal data which is administered by the Administrator are:
- suppliers and service providers,
- financial institutions and banks,
- governmental and other authorities within the framework of meeting legally determined obligations.
Handover of personal data to third countries
The Joint Administrators may hand over personal data to third countries outside of the European Economic Area, e.g. to the USA and Switzerland.
If personal data is handed over to countries outside of the European Economic Area or to countries which do not have the appropriate level of protection in line with the valid legislation, in particular the GDPR and other EU regulations and national regulations on personal data protection, this handover shall be performed on the basis of an exception relating to the specific situation, or the Administrator shall ensure that the appropriate guarantees are provided to ensure personal data protection in compliance with the GDPR, i.e. in particular in compliance with art. 42 para. 2 of the GDPR.
Cookies
What are “cookies”?
“Cookies” are small data files used as unique identifiers. Each cookie file is unique to your web browser. The cookie file contains anonymous information and is sent from the server of the website you are looking at to your computer or mobile telephone. It will be saved on your device and only that server will be able to search for or load the content of that cookie file. Cookie files which are sent may be sent back to the website servers with updated data while you browse the website. Cookies are used by the vast majority of websites to ensure their operation.
Cookie files may be set by the websites you visit (“our cookies”) or may be set by an organisation which is not the owner of the website you are browsing (“third-party cookies”). They may for example be set by another website which launches content on the website you are browsing or by an independent analytics company. The websites you visit may also include content inserted from other websites and these websites may also set their own cookies. Websites may use the advertising network of a third party for provision of targeted advertising. These cookies may have the option of monitoring your browsing of various websites.
Classification of cookies
Cookies can be divided according to who places them on the website for you, i.e. into:
- First-party cookies – their validity is limited to the domain of the website you are browsing. These cookies are regarded as safer.
- Third-party cookies – these are placed with the aid of a script from a different domain. The user can thus be tracked across domains. These are frequently used for evaluation of the effectiveness of advertising channels.
This website uses two types of cookies:
Short-term session cookies – session cookies are saved only temporarily during the browsing session and are deleted from your device once the browser is closed.
Long-term persistent cookies – This type of cookie is saved on your computer for a fixed period of time depending on your browser settings and cookie settings (usually a month, year or longer) and these cookies are not deleted once the browser is closed. Persistent cookies are used to identify you from one browsing session to another, for example for saving your preferences, so these will be remembered for your next visit. You can remove them manually.
How do we use cookies?
We use cookie files to improve your user experience by allowing the website to identify you, either for the duration of your visit (using session cookies) or for repeated visits (using third-party cookies). The cookies which we use may:
- be necessary for your movement around the site or provision of certain basic functions; or
- improve the function of our website, for example by saving your preferences. They record your choices (for example, your user name or selected language) and allow us to provide a personalised environment; or
- help us to improve the performance of our website allowing us to offer you a better user experience. The information provided using these cookies is anonymous and helps us to understand how our visitors use our website allowing us to improve presentation of our content. These services are generally provided by independent companies for measurement and research, so these cookies may be third-party cookies.
If we didn’t use cookies, our website would regard you as a new visitor every time you open a new page of our website – for example, if you enter your login details and move to another page, it would not recognise you and you could not stay logged in.
We need to use cookies to preserve the effectiveness of our website and to provide you a user-friendly environment. This is why it is not possible to block cookies individually and by continuing to browse our website and to use our online services, you consent to us placing these cookie files in your device.
Our website also uses cookies for behaviourally-targeted advertising which allows us to modify advertising and to ensure that it is relevant to you, this being on the basis of the areas you browse on our website and the geographical location of your IP address. These cookies are placed by the advertising networks of third parties with our consent.
What we use cookies for
We use the following cookies on our website:
- Technical – first-party, short-term. These ensure the basic technical functioning of the website, i.e. login, remembering settings and use of services etc.
- Statistical and diagnostic (e.g. Google Analytics) – first-party, long-term. These are used for generation of anonymous statistics about use of the website.
- Advertising - first-party and third-party. These are used for behaviourally-targeted advertising by interest. If adverts really have to be displayed (as the main revenue for the website and creation of its content) the user/reader should at least be shown offers which really might be of interest to them.
What to do if you don’t want to use cookie files
Consent to placing of cookie files is voluntary. If you so wish, you can block some or all cookie files or delete cookies which have already been set. Full details regarding management of cookies and options for blocking them in various types of web browsers can be found at www.aboutcookies.org, or
You must however realise that if you block or delete cookies sent from our website which are absolutely essential or which ensure functioning or performance, it may be impossible to use the website.
.
You can display the types of cookies used on our website and thus gain information on how to change the cookies settings or how to block the cookies used on our website.
Third-party websites
If you use the websites of our partners, a cookie file may be set by the websites you have visited. We do not operate these websites and thus have no control over distribution of these cookies. More information about these cookies can be found on the website of the respective third party.
CITY GATE uses the following cookie files.
All of the above-mentioned cookies are used only for the purpose specified in this table.
Contact details
If you have any queries or if you would like to exercise your rights determined by the GDPR, the Joint Administrators hereby provide their contact details which the data subject can use to contact them.
E-mail: gdpr@citygate.sk
