Principles of processing and protection of personal data
Article I. Basic Provisions
The controller of personal data pursuant to Article 4 point 7 of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as "GDPR") is 3MAGNOLIE s. r. o., with its registered office at Ľ. 518 072 62, registered in the Commercial Register of the District Court of Trenčín, Section Sro, File No.: 36716/R (hereinafter referred to as: "the Operator"). Contact details of the Operator: postal address: Manor Villa Bork, Borčice 19, 018 53 Bolešov e-mail: email@example.com. Personal data are data relating to an identified natural person or an identifiable natural person who can be identified, directly or indirectly, in particular by reference to a generally applicable identifier, to another identifier such as a first name, surname, identification number, location data or an online identifier, or to one or more characteristics or attributes which constitute his or her physical identity, physiological identity, genetic identity, psychological identity, mental identity, economic identity, cultural identity or social identity.
Sources of personal data processed, lawful reason and purpose for processing personal data
The controller processes personal data that you have provided to it or personal data that it has obtained on the basis of the completion of your questionnaire and that are necessary to obtain more detailed information about the wedding or to fulfil the contract concluded between you and the controller.
Processing and retention period of personal data
The controller processes and stores personal data:
for the period necessary to exercise the rights and obligations arising from the contractual relationship between you and the Operator and to exercise claims arising from these contractual relationships (for a period of 5 years from the termination of the contractual relationship),
for as long as the consent to the processing of personal data for the purposes of marketing and protection of property and health of persons located in the monitored premises of the Operator, promotion of the premises and events in the premises of the Operator is withdrawn, for a maximum of 10 years, if the personal data are processed on the basis of consent. After the expiry of the retention period, the Controller shall delete the personal data.
The lawful reason for processing personal data is:
(a) the performance of the contract between you and the Operator pursuant to Article 6(1)(a)(1)(b).
(b) the legitimate interest of the Controller in the provision of direct marketing (for the sending of commercial communications and newsletters) pursuant to Article 6(1)(a) of Directive 95/46/EC.
c) Your consent to processing for the purpose of providing direct marketing (for sending commercial communications and newsletters) pursuant to Article 6(1)(a)(1)(b) of Directive 95/46/EC.
d) GDPR in the event that there is no order for the service,
(e) the legitimate interest of the Controller in the protection of the property and health of persons on the Controller's monitored premises pursuant to Article 6(1)(b) of Directive 95/46/EC.
(f) the legitimate interest of the Operator in the promotion of the premises and events on the premises of the Operator pursuant to Article 6(1)(a)(1)(b).
g) The purpose of the processing of personal data is also the processing of your order and the exercise of rights and obligations arising from the contractual relationship between you and the Controller; when placing an order, the personal data required for the successful processing of the order are required (title, name, surname, address of residence/address for delivery, email and telephone contact).
The provision of the above personal data is a prerequisite for the conclusion and performance of the contract, without the provision of personal data it is not possible to conclude the contract or to perform it on the part of the Controller. The purpose of processing personal data is also the protection of property and health of persons located in the monitored premises of the Operator.
IV. Recipients of personal data
Recipients of personal data are persons involved in the delivery of the service, the execution of payments under the contract, persons providing marketing services. The controller does not intend to disclose personal data to countries outside the European Union or to an international organisation.
Article V. Rights of the data subject - Your rights
Your rights Under the terms of the GDPR, you have:
- the right of access to their personal data,
- the right to rectification of personal data,
- the right to restrict the processing of personal data
- the right to erasure of personal data concerning you, provided that the personal data are no longer necessary for the purposes for which they were collected or otherwise processed; the data subject withdraws the consent on the basis of which the processing is carried out, the data subject objects to the processing of personal data pursuant to Article II. (11), the personal data have been unlawfully processed, the erasure is based on compliance with an obligation imposed by law, a special regulation or an international treaty to which the Slovak Republic is bound, or the personal data were collected in connection with the offer of information society services to a person under the age of 16,
- the right to erasure of personal data provided that processing is necessary: to exercise the right to freedom of expression and information; for the performance of an obligation under a law, a special regulation or an international treaty by which the Slovak Republic is bound, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller, for reasons of public interest in the field of public health, for archiving purposes in the public interest, for scientific or historical research purposes or for statistical purposes, unless the right to erasure is likely to render impossible or seriously impede the attainment of the objectives of such processing, or for the establishment, exercise or defence of legal claims
- the right to restrict the processing of personal data insofar as he or she challenges the accuracy of the personal data by objecting pursuant to Article II, paragraph 1. 11, during a period allowing the controller to verify the accuracy of the personal data; the processing is unlawful and the data subject requests restriction of the use of the personal data instead of erasure; the controller no longer needs the personal data for the purposes of the processing but the data subject needs them to establish, exercise or defend legal claims; the data subject has objected to the processing of the personal data on the basis of a legitimate claim of the controller until it has been verified whether the legitimate grounds on the part of the controller outweigh the legitimate grounds on the part of the data subject,
- the right to data portability, (i.e. to obtain personal data which he or she has provided to the controller, while having the right to transmit those data to another controller in a commonly used and machine-readable format, provided that the personal data have been obtained on the basis of the data subject's consent or on the basis of a contract and the processing is carried out by automated means),
- the right to object at any time to the processing of his or her personal data on grounds relating to his or her particular situation,
- the right to withdraw your consent to the processing of your personal data at any time, if the processing of your personal data was based on this legal title
- the right to lodge a complaint with the Office for Personal Data Protection if you believe that your right to personal data protection has been violated.
Article VI. Special Provisions
The controller declares that it has taken all technical and organisational measures to secure personal data, in particular technical measures to secure data storage and storage of personal data in writing. The controller declares that only persons authorised by it have access to the personal data.
Cookies are small text files that are stored on your computer when you visit our website. They are used to make our website work more efficiently, as well as to provide website owners with information about the performance of the website. This ensures that you are able to take full advantage of the website's features.
By collecting and remembering information about your personal preferences, cookies can tailor the operation of our website to your needs and what you like or dislike. In no way do cookies give us access to files on your computer or any information about you, other than the information you provide and some of the activities you perform on our website.
We know that people are concerned about cookies. But we believe that the benefits we gain from each other from using them properly are worth it. However, you can delete cookies from your computer at any time and advice on how to do this is available at www.allaboutcookies.org.
Facebook - Search advertising and remarketing
Instagram - Search advertising and remarketing
Google Adwords - Search advertising and remarketing
Google Analytics - Website performance and audience analysis
LinkedIn - Search advertising and remarketing
YouTube - Search advertising and remarketing
HotJar - Website performance and audience analysis
Most web browsers allow some control over most cookies through browser settings. To learn more about cookies, including how to find out your cookie settings and how to manage and block/disable cookies, please visit www.allaboutcookies.org.