Rules for Processing Personal Data

under Act no. 18/2018 on the Protection of Personal Data and the amendment of certain laws (“GDPR”)

Controller:             Vertere – jazykový servis, s.r.o.;      www.vertere.sk;

Registered office:       Svätého Rócha 1404/1, 045 01 Moldava nad Bodvou

ID no: 46543074         VAT no.: SK2023421543 under Section 4

Company director:      Róbert Takács, tel: 0948172727, email: robert@vertere.sk

(hereinafter referred to as the “Controller”)

1. A data subject is considered to include: a user of the web site, a legal guardian, a person calling or a person ordering the services of the controller.
2. Every data subject that telephones, writes an email and/or views the website vertere.sk, or makes an order is considered to be a data subject and thereby expresses their voluntary CONSENT for the Controller and the contractual intermediary to the process their personal data.
3. If the ordering data subject agrees a scope of services from the Controller, then the Controller processes personal data for the purpose of filling an order or fulfilling an contract.
4. The data subject hereby acknowledges that the Controller, employees, authorized persons and third parties will protect their data from misuse, will maintain confidentiality and process data for a legitimate interest over a period stipulated by law as follows:

• A request sent in writing or electronically for 31 days,
• For the purposes of records in information systems for min. 1 year,
• Where the law on accounting requires archiving, for 10 years,

Until the completion of the period of their legitimate processing or until deletion.

5. The Controller declares that it will not provide personal data to third parties without a contractual relationship for further processing, intermediation, marketing purposes and it does not plan to transfer it to third countries.
6. Personal data acquired are not subject to profiling or aed decision-making.

7. Rights of the data subject:

• The right to know who is processing what and why;
• The right for processing to be limited;
• The right for access to their data;
• The right to object to the processing of their data;
• The right for accuracy and correction of personal data;
• The right at any time to withdraw consent to the processing of personal data;
• The right for the erasure of data and the right to be forgotten;
• The right to express their point of view on aed decision-making and profiling;
• The right for data portability;
• The right to lodge a complaint with a supervisory authority.

8. REQUEST: The data subject may at any time withdraw their consent in a Request submitted to the Controller in which they state their first name, surname, telephone number, e-mail address, residence. In the written request it must be clear what is being requested and when, with the signature of the person making the request. The right to deletion of data may be limited by the legal obligation to store data under the relevant laws. (see the form “Data Subject Request”)

9. COMPLAINT: Every data subject has the right to lodge a complaint if they believe that their request has not been satisfactorily handled by the Controller. The Office informs the data subject within a reasonable period about the status of the handling of their complaint and on the result of investigating the complaint. The supervisory authority is an independent organ of public authority: The Office for Personal Data Protection of the Slovak Republic (the “OPDP”), address: Hraničná 12, 820 07 Bratislava 27, Slovakia, tel: +421/2/32313214; e-mail: statny.dozor@pdp.gov.sk; https://dataprotection.gov.sk/uoou/. The full text of Act no. 18/2018,: https://www.slov-lex.sk/static/pdf/2018/18/ZZ_2018_18_20180525.pdf; https://dataprotection.gov.sk/uoou/sk/content/narodny-pravny-ramec

10. These rules are valid and effective as of 25.5.2018