General Principles of Personal Data Protection

Data Controller

Datapac s.r.o.
Company ID (IČO): 35698870
Registered office: Elektrárenská 4, 831 04 Bratislava
(hereinafter referred to as the “Controller”)

The Controller manages and processes personal data in information systems necessary for providing its products and services. Processing is carried out in accordance with the legal regulations of the Slovak Republic and the GDPR, ensuring a high level of personal data protection.

Purposes of Personal Data Processing

The processing of personal data is necessary for the provision of the Controller’s services. Without processing personal data, it would not be possible to ensure support, communication, system operation, service administration, customer accounts, or business cooperation to the required extent and quality.

Data Sharing within the Group / Internal Processing

The Controller may process personal data through internal systems, partner companies, or external service providers if this is necessary to ensure operations, service development, marketing analyses, internal administration, or customer support. Personal data are always shared only to the extent necessary for the given purpose and exclusively in compliance with appropriate security measures protecting the data against unauthorized access or disclosure.

Legal Basis for Personal Data Processing

Personal data are processed only on a lawful legal basis, in particular:

• performance of a contract or pre-contractual measures,
• legitimate interest of the Controller,
• compliance with a legal obligation,
• consent of the data subject, where required.

If no other legal basis exists, personal data are processed only with the consent of the data subject and solely within the scope for which the consent was granted.

Provision of Personal Data

Personal data may be provided to third parties if:

• required by law, or
• necessary to fulfill the purpose for which the data were obtained.

The Controller ensures that all partners meet high standards of personal data protection.

Personal data may be processed within the countries of the European Union and the European Economic Area. Transfers of personal data to third countries are only possible where the European Commission has recognized the country as providing an adequate level of protection or where appropriate safeguards are applied (e.g. standard contractual clauses).

Categories of Recipients May Include:

a) providers of IT infrastructure, servers, software, and technical support,
b) marketing and advertising service providers,
c) providers of legal, tax, HR, audit, and accounting services,
d) domain registration authorities (where applicable),
e) public authorities, where required by law.

Security of Personal Data

The Controller processes personal data manually and electronically through information systems.
All necessary technical, organizational, and control measures have been implemented to ensure a high level of personal data protection, including:

• access control,
• encryption,
• system monitoring,
• protection against unauthorized access,
• regular review of security measures.

Rights of the Data Subject

The data subject has the right to: a) request access to their personal data,
b) request correction of inaccurate personal data,
c) request erasure of personal data or restriction of processing,
d) object to the processing of personal data,
e) request data portability,
f) lodge a complaint with the Office for Personal Data Protection of the Slovak Republic,
g) withdraw consent to the processing of personal data at any time.

If you have any questions or wish to exercise your rights, you may contact us at:
info@datapac.sk

The Controller is obliged to inform the data subject without undue delay of any personal data breach if such a breach is likely to result in a high risk to the rights of the data subject.

Cookies Settings

Detailed information on the use of cookies can be found in the separate cookie policy available on our website.