The purpose of these principles is to demonstrate that the processing of personal data by operators is carried out in accordance with the currently valid legal regulation, in particular Act 18/2018 Coll. (EC) No 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, hereinafter referred to as the "GDPR Regulation" ). The new regulation obliges the operator to take appropriate technical and organizational measures to ensure and demonstrate that the processing of personal data is carried out according to the nature, scope and purpose of the processing of personal data and to the risks of varying likelihood and seriousness for the rights of a natural person with the new legislation. The above mentioned measures are updated by the operator.
This document is the result of an assessment of the processing of personal data by operators for the purposes of the legal provisions governing the protection of personal data. The introduction of standardized personal data protection based on the principles outlined below minimizes the risk of personal data breaches.
Business Name: Bluefin Century, s. r. o.
Address: Kremnická 3576/24, Bratislava 851 01, Slovak Republic
Legal Form: Limited Liability Company
ID: 46 019 138
Registration: company registered in the Commercial Register of the District Court Bratislava I., Section: Sro, Insert 70421 / B
Statutory authority: Roland Rozsi, Managing Director
(hereinafter referred to as the "Operator")
If you wish to contact us during processing of your personal information, you may contact us at:
Delivery Address: Kremnická 3576/24, Bratislava 851 01, Slovak Republic
Email Address: av@bluefin.sk
Phone Number: +421 220 633 178
The legal basis for the processing of personal data by the operator on the persons concerned in all categories is the following GDPR provisions, respectively. of the new ZOO Act:
We declare that, as the operator of your personal data, we meet all statutory obligations required by applicable law, in particular the Privacy Act and the GDPR, and that:
We process personal information you entrust to us for the following purposes:
The operator processes your personal data obtained in connection with business activities about their contractual and pre-contractual partners.
Your personal details - business name, postal address, billing details: VAT ID, e-mail address, telephone number, Skype name, contact person's name and surname are processed to:
The person concerned is required to provide true and up-to-date personal information. In the event of a change in personal data, the person concerned shall immediately notify the operator of the change.
We protect personal information to the fullest extent possible. We protect them as if they were our own. We have put in place all possible technical and organizational measures to prevent the misuse or destruction of your personal data.
We have taken appropriate technical and organizational measures to secure personal data, and only authorized persons have access to them. After the personal data retention period expires, these data are deleted.
Your personal data is accessed by authorized people, authorized by operators who are bound by confidentiality and training in the field of processing safety.
Most of the processing operations are handled by ourselves and we do not need to hand them over to a 3rd party.
In order to provide some specific processing operations that we can not provide ourselves with, we use the services of intermediaries who specialize in the processing and are bound by the broker agreement in accordance with the GDPR.
We process data only in the European Union or in countries that provide protection under the European Commission's decision.
The rights of the person concerned are defined in Chapter 3 of the GDPR. It is, for example, on the right to require the operator to access personal data relating to the data subject, the right to rectify or erase or restrict the processing or the right to object to processing, as well as data portability rights and the right to lodge a complaint with the supervisor.
You have several rights in relation to the protection of personal data. If you wish to use any of these rights, please contact us via the above-mentioned email address.
You have the right to the information that is already covered by these privacy policies. - Information obligation
Thanks to the right of access, you can invite us at any time, and we will provide you with a 30-day notice that we will process your personal data.
If anything changes or any of your personal information is outdated or incomplete, you have the right to supplement and change personal information.
You may benefit from the right to limit the processing if you believe that we are processing your inaccurate data, you think we are processing illegally, but you do not want to delete all the data or if you object to the processing.
You can limit the scope of personal data or processing purposes.
Right to Deletion (Even Forgotten): Your next right is the right of erasure, in the absence of a legal basis that entitles us or, the legal obligation that instructs you to process your personal information. In this case, we will delete all your personal information from our system, including from the system of all partial processors and advances within the statutory time limit.
Privacy Statement Complaint: If you feel that we do not treat your data in accordance with the law, you have the right to appeal at any time to the Office for the Protection of Personal Data. We will be very pleased if you first inform us about this suspicion so that we can do something about it and correct any mistakes.
However, in the processing of personal data by the controller for the purpose defined in this Article of the Directive, the person concerned may only exercise those rights which have a defined purpose and the legal basis on the basis of which personal data relating to the person concerned are processed.
Providing personal data that serves a defined purpose is both a legitimate and a contractual requirement. The data are necessary for the provision of the service, the delivery of the ordered goods, to fulfill the legitimate interests of the operator.
The operator declares that, on the basis of the personal data provided by the persons concerned, the operator does not have an automated, individualized decision, including profiling.
We assure you that as an operator and also our employees, co-workers and intermediaries who will process your personal information are required to keep confidential personal data whose disclosure would jeopardize the security of your personal information. This discretion lasts even after our relations with us have ended. Without your consent, your personal information will not be disclosed to a third party.
These privacy policies apply from May 25, 2018 and replace the previous Privacy Policy.
The person concerned hereby honestly declares that it gives the operator its explicit and unconditional consent to process its personal data to the above-mentioned extent for the purpose and for the aforementioned period.
The person concerned has the right at any time to withdraw his / her consent. Revocation of consent does not affect the lawfulness of processing based on consent prior to its revocation.