Privacy policy Ekotox EU

Thank you for your interest in www.ekotox.eu and this Privacy Policy! At EKOTOX EU, we take the protection of your Personal Data very seriously.

In principle, we will only use your personal data in accordance with the applicable data protection laws, in particular with the General Data Protection Regulation (“GDPR”), and only as described in this Privacy Policy. Unfortunately, it is in the nature of things that these explanations sound very technical, but we have tried to describe the most important things as simply and clearly as possible when creating them.

Privacy policy Ekotox EU

What is Personal Data?

Personal data is any information relating to personal or material circumstances that relates to an identified or identifiable individual. This includes, for example, your name, date of birth, e-mail address, postal address, or telephone number as well as online identifiers such as your IP address. In contrast, information of a general nature that cannot be used to determine your identity is not personal data. This includes, for example, the number of users of a website.

Responsible for data processing

Responsible for data processing in accordance with the provisions of the GDPR is:

Ekotoxikologické centrum Bratislava s.r.o.
Tomášikova 10/F
821 03 Bratislava
Slovenská republika
Tel.: +421 (2) 4594 3712, 4594 5223
Mobil: +421 903 413 711
E-mail: ekotox(at)ekotox.sk

Facebook: https://www.facebook.com/ekotoxcentrum/

Twitter: https://twitter.com/ekotox_centers

LinkedIn: https://www.linkedin.com/company/ekotoxsk/

General information on data processing

In the course of our business and website operations, we process data. This also includes disclosure by transmission to third parties and, where applicable, to so-called third countries outside the European Economic Area (EEA). Where we transfer data outside the EEA, we have highlighted this accordingly below.

Data processing

All personal data that we obtain from you via the website will only be processed for the purposes described in more detail below. This is done within the framework of the respective legal regulations mentioned or only with your consent.

In particular, Art. 6 GDPR specifies when data processing is permitted. We collect personal data only if:

  • you have given your consent (Art. 6 para. 1 lit. a GDPR),
  • the data is necessary for the fulfillment of a contract / pre-contractual measures (Art. 6 para. 1 lit. b GDPR),
  • the data is necessary for the fulfillment of a legal obligation (Art. 6 para. 1 lit. c GDPR) or
  • the data is necessary to protect the legitimate interests of our company, provided that your interests are not overridden (Art. 6 para. 1 lit. f GDPR).

We process and store your personal data only for the period of time required to achieve the respective processing purpose or for as long as a legal retention period (in particular commercial and tax law) exists. Once the purpose has been achieved or the retention period has expired, the corresponding data is routinely deleted.

a) Hosting

To provide our website, we use the services of LUNETA, sro who process the below-mentioned data and all data to be processed in connection with the operation of our website on our behalf. The legal basis for the data processing is our legitimate interest in providing our website.

b) Collection of access data and log files

We also collect data on every access to our website. The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider.

Log file information is stored for security reasons (e.g., for the clarification of abuse or fraud) for a maximum of 7 days and then deleted. Data whose further storage is necessary for evidentiary purposes is exempt from deletion until the respective incident is finally clarified. The legal basis for the data processing is our legitimate interest in providing an appealing website.

c) reCAPTCHA

We also use Google Inc.`s reCAPTCHA to check whether data input is made by a human being or by an automated program. For this purpose, reCAPTCHA analyses the behavior of the website visitor on the basis of various characteristics. This analysis begins automatically as soon as the website visitor enters the website. The legal basis for the data processing is our legitimate interest in operating a secure and spam free website.

d) Cookies and similar technologies

For the processing of personal data using cookies and similar technologies on our website, please refer to our Cookie Policy, which is part of this privacy policy. The legal basis for the use of cookies is our legitimate interest or your consent when you agree to the use of analysis and performance cookies, as further explained in our cookie policy.

e) Contacting us

If you contact us, we process the following data from you for the purpose of processing and handling your enquiry: Name, contact details (phone number and e-mail address) -if provided by you- and your message. The legal basis of the data processing is our obligation to fulfill the contract and/or to fulfill our pre-contractual obligations and/or our legitimate interest in processing your enquiry.

f) When you use our services

When you are using our Services including our trainings and/or webinars, we process various data within the framework of the provision of our services and for the initiation and processing of the existing contractual relationship between you and us. As such we process your personal data and all information that is necessary in the context of fulfilling the services, exclusively for the purpose of processing and handling the contractual relationship. Accordingly, and when you use our services, the data is processed on the basis of fulfilling our contractual obligations as well as to fulfill our legal obligations and the consent of the relevant service user.

We use Webex by Cisco to conduct our webinars and online meetings and various types of data are processed when using an online platform for meetings. The scope of the data depends on the information you provide before or during participation in an online meeting. The legal basis for this is our legitimate interest and, insofar as it concerns an enquiry to enter into or fulfill a contract, also the fulfillment of a contract / pre-contractual measures.

g) Administration, financial accounting, service organization, contact management

We process data within the scope of administrative tasks as well as organization of our business, financial accounting, service organization and compliance with legal obligations, such as archiving.

In doing so, we process the same data that we process in the context of providing our contractual services. The purpose and our interest in the processing lies in the administration, financial accounting, archiving of data, i.e., tasks that serve the maintenance of our business activities, performance of our tasks and provision of our services. The deletion of data with regard to contractual services and contractual communication corresponds to the information mentioned in these processing activities.

In this context, we disclose or transmit data to the tax authorities, consultants such as tax advisors or auditors as well as other fee offices and payment service providers. Accordingly, the data is processed on the basis of fulfilling our contractual obligations as well as to fulfill our legal obligations.

Duration of data storage

We only store personal data for as long as it is necessary for the purposes for which it is processed or for as long as any consent you have given us has been revoked by you. Insofar as statutory retention obligations must be observed, the storage period for certain data may be up to 10 years, irrespective of the processing purposes.

Transfer of personal data

We will not disclose or otherwise distribute your personal data to third parties unless this:

  • is necessary for the performance of our services,
  • you have consented to the disclosure,
  • or the disclosure of data is permitted by relevant legal provisions.

However, we are entitled to outsource the processing of your personal data in whole or in part to external service providers acting as processors within the framework of the GDPR. External service providers support us, for example, in the technical operation of the service organization and support of the website, data management, the provision and performance of services, marketing, as well as the implementation and fulfillment of reporting obligations.

The service providers commissioned by us however will process your data exclusively in accordance with our instructions and we remain in accordance with the GDPR responsible for the protection of your data. Doing so we always make sure that service providers commissioned by us are carefully selected, follow strict contractual regulations, technical and organizational measures, and additional controls by us.

We may also disclose Personal Data to third parties if we are legally obliged to do so e.g., by court order or if this is necessary to support criminal or legal investigations or other legal investigations or proceedings at home or abroad or to fulfill our legitimate interests.

Advertising and Marketing

We use the data you provide to fulfill and process our contract and to respond to your enquiries in or on the basis of your consent. Insofar as you have also given us your separate consent to process your data for consulting, marketing and advertising purposes, we are entitled to contact you for these purposes via the communication channels you have given your consent to.

You may give us your consent in a number of ways including by selecting a box on a form where we seek your permission to send you marketing information, or sometimes your consent is implied from your interactions or contractual relationship with us. Where your consent is implied, it is on the basis that you would have a reasonable expectation of receiving a marketing communication based on your interactions or contractual relationship with us.

Direct Marketing generally takes the form of e-mail but may also include other less traditional or emerging channels. These forms of contact will be managed by us, or by our contracted service providers. Every directly addressed marketing sent or made by us or on our behalf will include a means by which you may unsubscribe (or opt out).

Social Media

We are present in “social media” (currently, LinkedInTwitter and Facebook) in order to communicate with our customers, interested parties and users registered there and to be able to inform them about our offers. We would like to point out that you use social media platforms and their functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g., commenting, sharing, rating). We, as the provider of our Social Media Profile, do not collect and process any data from your use of our social media platforms and beyond this. The processing of users’ personal data is based on our legitimate interests in providing users with effective information and communicating with users.

Automated decision-making

Automated decision-making including profiling pursuant to Art. 22 (1) and (4) GDPR does not take place.

Services for statistical, analytical, and Content Management purposes

We use third party services for statistical, analytical, and marketing purposes. This enables us to provide you with a user-friendly, optimized use of the website. The third-party providers use cookies to control their services (see our Cookie Policy for more information).

a) Google Analytics

We use Google Analytics, a service provided by Google Inc. This means that the data collected can in principle be transmitted to a Google server in the USA, whereby the IP addresses are anonymized by means of IP anonymization so that an allocation is not possible. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You can object to the collection and processing of this data by Google Analytics by setting an opt-out cookie that prevents the future collection of your data when you visit this website: http://tools.google.com/dlpage/gaoptout?hl=en. The legal basis for this processing is our legitimate interest (Art. 6 (1) f) GDPR).

b) Google Tag Manager

We use Google Tag Manager, a web analytics service provided by Google Inc. This service allows website tags to be managed via an interface. The Google Tag Manager only implements tags. No cookies are set, and no Personal Data is collected. The Google Tag Manager triggers other tags that may collect data. The Google Tag Manager does not access this data.  If a deactivation has been made at domain or cookie level, it remains in place for all tracking tags, insofar as these are implemented with the Google Tag Manager. More information on the Google Tag Manager can be found at the following link: http://www.google.com/tagmanager/use-policy.html. This service transmits data to the USA. The legal basis for this processing is our legitimate interest (Art. 6 (1) f) GDPR).

c) Google Site Tag

We use Google Site Tag to determine information about the use of our offers across different end devices. For this purpose, we store a unique ID on your end device. You can object to the collection and storage of data at any time in the settings of your Google account. This service transmits data to the USA. The legal basis for this processing is our legitimate interest (Art. 6 (1) f) GDPR).

d) Content Management System (CMS)

We also use the Content Management System (CMS) of WordPress a service provided by Automattic Inc, to publish and maintain the created and edited Content and texts on our website and to provide the forms used. This means that all content and texts submitted to us by users for publication is transferred to WordPress. In addition to texts, this also includes, for example your data in our forms. This service transmits data to the USA. The legal basis for this processing is our legitimate interest (Art. 6 (1) f) GDPR).

Your data subject rights

These rights are standardized in the GDPR. These include:

  • the right to information (Art. 15 GDPR),
  • the right to rectification (Article 16 GDPR),
  • the right to erasure (Article 17 GDPR),
  • the right to restriction of data processing (Article 18 GDPR),
  • the right to data portability (Article 20 GDPR),
  • the right to object to data processing (Article 21 GDPR),
  • the right to revoke any consent you have given (Art. 7 (3) GDPR), and
  • the right to lodge a complaint with the competent supervisory authority (Art. 77 GDPR).

Please contact us at any time with questions and suggestions regarding data protection and to enforce your rights as a data subject.

We encourage you to get in touch if you have any concerns with how we collect or use your personal data. You also have the right to lodge a complaint with your local data protection supervisory authority. We would, however, appreciate the chance to deal with your concerns before you approach any supervisory authority.

Security

Cutting-edge internet technologies guarantee data security. Your info is encrypted with SSL during online inquiries. Firewalls block external unauthorized access for data storage. We employ tech and organizational measures to safeguard your data from manipulation, loss, or unauthorized access.

Updating your information

If you believe that the information, we hold about you is inaccurate or that we are no longer entitled to use it and want to request its rectification, deletion, or object to its processing, please do so by contacting us. For your protection and the protection of all of our users, we may ask you to provide proof of identity before we can answer the above requests.

Keep in mind, we may reject requests for certain reasons, including if the request is unlawful or if it may infringe on trade secrets or intellectual property or the privacy of another user. Also, we may not be able to accommodate certain requests to object to the processing of personal information, notably where such requests would not allow us to provide our service to you anymore.

Links to other providers

Our website also contains – clearly recognizable – links to the websites of other companies. Insofar as there are links to websites of other providers, we have no influence on their contents. Therefore, no guarantee or liability can be assumed for these contents. The respective provider or operator of the pages is always responsible for the content of these pages.

The linked pages were checked for possible legal violations and recognizable infringements at the time of linking. Illegal contents were not recognizable at the time of linking. However, permanent monitoring of the content of the linked pages is not reasonable without concrete indications of a legal violation. Such links will be removed immediately if infringements of the law become known.

Changes and updates to the privacy policy

Please stay informed about our privacy policy changes. We’ll update it if our data processing methods change, promptly notifying you for cooperation, such as consent.

Concerns and Contact

If you have any concerns about a possible compromise of your privacy or misuse of your personal information on our part, or any other questions or comments, you can contact us.

Who should I contact for more information?

If you have any questions or comments about our Privacy Policy or wish to exercise your rights under applicable laws, please contact us using the following contact details:

EKOTOXIKOLOGICKÉ CENTRUM BRATISLAVA, s.r.o.
Tomášikova 10/F
821 03 Bratislava
Slovenská republika

Tel.: +421 (2) 4594 3712, 4594 5223
Mobil: +421 903 413 711
E-mail: ekotox(at)ekotox.sk

Tax ID: 2020362949
VAT ID: SK 2020362949

This Privacy Policy was last updated on Tuesday, 11 October 2022.