GDPR / Privacy policy

ON THE BASIS OF WHAT REGULATION IS THIS INFORMATION OBLIGATION?

Pursuant to Articles 13 and 14 of Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter referred to as the “GDPR”) (hereinafter referred to as the “Information Obligation”)

WHO IS THE CONTROLLER OF MY PERSONAL DATA?

The controller of your personal data is:

AnyHR s.r.o., registered office: Medzilaborecká 141/6 821 01 Bratislava – Ružinov district, ID No.: 54649366 (hereinafter referred to as the “Controller”)

CONTACT: hello@anyhr.eu

WHO CAN I CONTACT IF I HAVE ANY QUESTIONS?

We care about protecting your privacy. If you have any questions or queries about the protection of your personal data, you can contact the responsible person of the Data Controller at any time:

Name and surname: Dušan Snopko

Contact details: dusan.snopko@anyhr.eu

dusan.snopko@anyhr.eu

FOR WHOM IS THIS INFORMATION OBLIGATION INTENDED?

This information obligation is intended to:

natural persons – suppliers or customers who enter or have entered into a contractual relationship with the Operator (hereinafter referred to as “Suppliers/Customers”)
natural persons authorised by the Supplier to enter into a contractual relationship on behalf of the Supplier (hereinafter referred to as ‘Supplier/Customer Authorised Person’)
Visitors to websites where the Operator uses cookies necessary to provide the functionality of the website and to improve the user experience (hereinafter referred to as “Website Visitor”).
Other data subjects whose personal data are processed by the Controller on the basis of a specific legal provision or a legitimate interest of the Controller (senders and recipients of the Controller’s correspondence; job applicants; data subjects exercising their rights under the GDPR)

IN WHAT SITUATIONS DO YOU PROCESS MY PERSONAL DATA?

We only process your personal data without your consent in cases where applicable law permits us to do so. You must provide us with the personal data you provide on the basis of a contract, a specific regulation or a legitimate interest, otherwise we will not be able to fulfil your or our obligations for the purpose.

We will only process your personal data without your consent in the following cases and on the following legal bases:

If you are a Visitor to the Website, we process your personal data on the basis of a legitimate interest in tracking traffic to the Operator’s website.
If you are the sender and recipient of correspondence from the Operator, we process your personal data on the basis of a specific legal provision.2
If you are a data subject exercising your rights under the GDPR, we process your personal data on the basis of the Controller’s legitimate interest in complying with the GDPR.
If you are the recipient or sender of correspondence from the Controller, we process your personal data on the basis of a specific legal regulation.2
If you are a visitor to the Operator’s website Your personal data is processed on the basis of a legitimate interest in tracking traffic to the Operator’s website.
If you are a data subject exercising your rights under the GDPR, we process your personal data on the basis of the Controller’s legitimate interest in complying with the GDPR.
2 Act No. 395/2002 Coll. on archives and registers and on the amendment of certain acts, as amended

3 Act No. 311/2001 Coll. on the Labour Code, as amended; Act No. 55/2017 Coll.

WHAT PERSONAL DATA DO YOU PROCESS ABOUT ME?

We process your personal data in the following cases and to the following extent:

If you are the recipient and/or sender of the Controller’s correspondence, we process routine personal data about you, such as your title, name, surname, address, email address and other data necessary for the performance of our obligations under specific legislation.2
If you are a Visitor to the Website, we process your IP address and cookies.
If you are an applicant for employment with the Operator, we process routine personal data about you, in particular contact details and personal data provided in your CV and/or cover letter.
If you are a data subject exercising your rights under the GDPR with the Controller, we process personal data about you that are necessary for record keeping and compliance with the obligations under the GDPR (ordinary personal data – identification data, contact data, etc.) and other data that you have provided to us as part of your application.
2 Act No. 395/2002 Coll. on archives and registers and on the amendment of certain acts, as amended

HOW LONG DO YOU PROCESS MY PERSONAL DATA?

We will retain your personal data for no longer than is necessary to fulfil the purposes set out above. When storing personal data, we are governed by specific regulations that set storage periods and/or the GDPR’s basic principles regarding the retention and disposal of personal data.

If you are a visitor to a public area in which we carry out CCTV monitoring, this data is stored on our server provider’s server, which meets international security standards, for a maximum period of 180 days.

WHAT ARE THE SOURCES OF MY PERSONAL DATA?

We process data that you have provided to us in connection with the conclusion of a contract or that you have communicated to us in the course of our cooperation.

WHO IS THE RECIPIENT OF MY PERSONAL DATA?

We only disclose your personal data in justified cases and only to the extent necessary to the following categories of recipients:

To the server provider
To programmers who develop and maintain the source code of the software.
To the extent necessary, to other entities in cases where we are required to disclose your personal data by law or where it is necessary to protect our legitimate interests.
In other cases (unless you are a visitor to a public area), we will only disclose your personal data in justified cases and only to the extent necessary to these categories of recipients:

to our contractual partners that we need for our normal functioning and the implementation of contractual relationships (server provider, external accounting firm, programmers, etc.).
to other entities in cases where we are obliged to provide your personal data by law or where it is necessary to protect our legitimate interests.

DO YOU ALSO TRANSFER MY PERSONAL DATA TO THIRD COUNTRIES?

We do not transfer your personal data to third countries outside the EU.

WHAT ARE MY RIGHTS IN RELATION TO THE PROTECTION OF MY PERSONAL DATA?

right of access – you can ask us for access to the personal data we process about you
the right to rectification – you can ask us to correct inaccurate or incomplete personal data we process about you.
Right to erasure – you can ask us to erase your personal data if any of the following situations occur:
- The personal data is no longer necessary for the purposes for which it was collected or otherwise processed;
- you have previously provided us with consent for processing, which you withdraw, and we are not entitled to process the personal data in question without your consent;
- you object to processing carried out in specific situations under the GDPR (task carried out in the public interest, legitimate interest of the Controller or profiling) and your interests, rights and freedoms are not overridden by any legitimate grounds for processing; or
- you object to processing for direct marketing purposes;
- the personal data have been unlawfully processed;
- the personal data must be erased in order to comply with a legal obligation under EU law or the law of a Member State to which the Controller is subject;
- the personal data was collected in connection with the offer of information society services under the GDPR.
The right to restrict processing – you may ask the Controller to restrict the processing of your personal data if any of the following situations occur:

- You have denied the accuracy of the personal data, for the time necessary for the Controller to verify the accuracy of the personal data;
- the processing of your personal data is unlawful, but you refuse to erase this data and instead request a restriction on its use;
  the Controller no longer needs the personal data for the purposes of the processing, but you require it for the establishment, exercise or defence of legal claims;
  you object to the processing of your personal data in specific situations under the GDPR (task carried out in the public interest, legitimate interest of the Controller or profiling) until it is verified that the Controller’s legitimate grounds outweigh your legitimate grounds
- the right to data portability – if we process your personal data on the basis of your consent; or it is necessary for the performance of a contract to which you are a party and the processing is carried out by automated means, you have the right to request the transfer of the personal data to another controller. This applies if you have provided the personal data to the Controller, in a structured, commonly used and machine-readable format and this right does not adversely affect the rights and freedoms of others.
- right to object – you may object at any time to the processing of your personal data by the Controller for direct marketing purposes carried out on the basis of the Controller’s legitimate interest and whenever we process your personal data on the basis of legitimate interest or public interest, including profiling
- the right to lodge a complaint – you have the right to lodge a complaint with the supervisory authority, which is the Office for Personal Data Protection of the Slovak Republic, Hraničná 12, 820 07 Bratislava 27, www.uoou.sk.Your rights may be limited by relevant EU or Member State law.The data subject may exercise his/her rights orally, in writing or electronically, via the contact details above. If the data subject requests the exercise of the right, he/she is obliged to prove his/her identity to the Data Controller.1 Act No. 172/2005 Coll. on the organisation of state support for research and development, as amended; Directive No. 27/2006-R of the Ministry of Education of the Slovak Republic of 21 December 2006 on the system of branches of science and technology and the codebook of branches of science and technology; Annex No. 1 to Directive No. 27/2006-R of the Ministry of Education of the Slovak Republic of 21 December 2006 on the system of branches of science and technology and the codebook of branches of science and technology.
  Act No 395/2002 Coll. on archives and registers and on the amendment of certain acts, as amended
  
  3 Act No 311/2001 Coll. on the Labour Code, as amended; Act No 55/2017 Coll.

Try out