Any person acting on behalf of the controller or processor, who has access to personal data, processes this data only based on the instructions of the controller, except in cases where required by a special regulation or an international treaty.
If the controller has already instructed authorized persons in accordance with § 21 of Act No. 122/2013 Coll., such instructions may be considered as the controller's instructions, provided they reflect the actual state and set personal data protection processes as required by GDPR or Act No. 18/2018 Coll.
This means that the controller should take into account the results of risk analysis, e.g., whether the analysis indicates new rules for the current processing of personal data or changes in security measures related to previous processing, and whether the current instructions truly reflect the controller’s instructions according to up-to-date security standards.
I. Basic Provisions
The personal data controller under § 5 (o) of Act No. 18/2018 Coll. on the Protection of Personal Data, as amended (hereinafter referred to as the "Act"), is AMAT plus s.r.o., ID No. 47682400, with its registered office at Námestie slobody 32, 909 01, Skalica, Slovakia (hereinafter referred to as the "Controller").
The contact details of the Controller are:
Personal data means all information about an identified or identifiable natural person; an identifiable natural person is a person who can be directly or indirectly identified, in particular by reference to a specific identifier such as a name, identification number, location data, online identifier, or one or more specific physical, physiological, genetic, psychological, economic, cultural, or social identity factors of that natural person.
The controller has not appointed a Data Protection Officer.
II. Sources and Categories of Processed Personal Data
The Controller processes personal data:
The Controller processes your identification and contact details and any data necessary for fulfilling the contract.
III. Legal Basis and Purpose of Processing Personal Data
The legal basis for processing personal data is:
The purpose of processing personal data is:
The Controller engages in automated individual decision-making under § 28 of the Act. If so, you have provided explicit consent for such processing.
IV. Retention Period of Personal Data
The Controller retains personal data:
After the retention period, personal data will be deleted.
V. Recipients of Personal Data
Personal data may be shared with:
The Controller does intend to transfer personal data to a third country (outside the EU) or an international organization. Recipients in third countries may include mailing service or cloud service providers.
VI. Your Rights
Under the Act, you have the right to:
You also have the right to file a complaint with the Office for Personal Data Protection if you believe your rights have been violated.
VII. Data Security Conditions
The Controller declares that it has taken all appropriate technical and organizational measures to secure personal data.
The Controller has implemented technical measures to secure electronic data storage and paper-based records.
The Controller declares that only authorized persons have access to personal data.
VIII. Final Provisions
By submitting an order via the online form, you confirm that you have read and accept this privacy policy.
You agree to these terms by checking the consent box in the online form. Checking this box confirms that you are familiar with and fully accept this privacy policy.
The Controller reserves the right to amend this policy. The latest version will be published on the website and sent to your email.
Effective Date: January 20, 2025.
Stay Secure, Stay Updated
Join our newsletter!
Choosing a selection results in a full page refresh.
