Who is the administrator?
POTIFOB, s.r.o., registered seat: Adyho 43, 900 45 Malinovo, Slovakia, Company ID No.: 44 811 829, Tax No.: 2022845561, EU VAT No.: SK2022845561, registered in the Commercial Register kept by the the District Court Bratislava I, Section B, File No. 59101.
We process your personal information as an administrator, that is, determine how personal data will be processed and for what purpose, for how long time, and select any additional processors who will assist us with the processing.
If you wish to contact us during processing, you can contact us at +421 904 313 618 or by e-mail: email@example.com.
We declare that, as the administrator of your personal data, we comply with all legal obligations required by applicable law, in particular the Personal Data Protection Act and the GDPR, and that:
- we will process your personal data only on the basis of a valid legal reason, in particular the legitimate interest, performance of the contract, legal obligation or consent
- comply with Article 13 of the GDPR with the obligation to provide information prior to the processing of personal data
- we allow you and we will support you in implementing and enforcing your rights under the law of personal data protection and GDPR
Scope of personal data and processing purposes
We process personal information you entrust to us for the following reasons (to fulfil these purposes):
- provision of services, performance of the contract
your personal information in the extent of: email, name, surname, delivery address, phone we absolutely need to fulfil the contract (for example sending study materials, sending pre-course instructions, sending e-learning / online course access, securing international certification exams, including certificates, sending publications, ensuring your participation in our events - seminars, conferences, consultations, etc.
If you are a customer, we absolutely need your personal information (billing information, name, e-mail, telephone) to comply with the statutory obligation to issue and record tax documents.
- marketing - sending newsletters
Your personal information (email and name), the IP address, what you click on in the e-mail and when you open it most are used for direct marketing purposes - sending business messages. If you are our customer, we are doing a legitimate interest, as we reasonably expect that our news interest you. We will be send them during a period of 5 years.
If you are not our customer, we will send you newsletters only upon your approval for 5 years from the award. In both cases, you can revoke your consent by using an unsubscribe link in each email you receive from us.
- Advanced marketing based on consent
We may also send you inspirational third-party offers or use your email address, for example, for remarketing and targeting a Facebook/ Linkedin ad, based on your consent only, during the period of 5 years from your consent. This can, of course, be withdrawn at any time through our contact information.
- photographic documentation
from our trainings, seminars, lectures, conferences etc. We use it for the purpose of promoting our company on web sites and marketing materials, based on your consent. We retain your personal information for the duration of the limitation period, unless the law provides for a longer period for its retention or we have not stated otherwise in specific cases.
we use the evaluation questionnaires for the purpose of promoting our company on web sites and marketing materials, based on your consent. We retain your personal information for the duration of the limitation period, unless the law provides for a longer period for its retention or we have not stated otherwise in specific cases.
Is located in the external premises of the company and monitoring its immediate surroundings. We use it to ensure the security and protection of the people and we perceive it as our legitimate interest. We keep your personal information for 2 weeks, then they are deleted.
Security and Privacy
We protect personal data to the fullest extent possible using modern technologies that correspond to the level of technical development. We protect them as if they were our own.
We have accepted and maintained all possible (currently known) technical and organizational measures that prevent the misuse, damage or destruction of your personal information.
Transmission of personal data to third parties
Our employees and co-workers have access to your personal data.
In order to provide specific processing operations that we can´t provide ourselves, we use the services and applications of processors who can protect data better than we do and specialize in the processing.
They are the following companies/ providers of platforms:
- Amazon - supplier of training publications
- Bitly - social network
- Český hosting - web domains
- DPD and other courier companies - shipping study materials
- Dropbox - cloud data storage
- Elbia - web domains, company e-mails
- EXIN - international accreditation and certification authority
- Facebook - social network
- Google - Google Ads, Google Analytics, Youtube
- Instagram - social network
- LinkedIn - social network
- Mailchimp - e-mailing tool
- Masterweb - webhosting provider and sites/ security management
- Mimeo - printshop for study materials
- Mozilla Thunderbird - e-mail client
- Microsoft - MS Office, MS Windows
- MxB - accounting and tax administratin
- PeopleCert - international accreditation and certification authority
- Pinterest - social network
- POHODA - accounting system
- SmarterQueue - social network
- TSO - supplier of training publications
- Twitter - social network
- Websupport - web domains
It is possible that in the future we will decide to use other applications or processors to facilitate and improve the processing. However, we promise you that in such a case when choosing, we will put at least the same demands on the processor for security and quality of processing as we are on ourselves.
Transmission of data outside the European Union
Personal information (name and e-mail) will be passed to the Mailchimp marketing tool to send e-mail campaigns. With the provider of The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 USA, we have a signed addendum that complies with GDPR. The Mailchimp tool itself uses TLS encryption. Mailchimp sign-in pages and logins are protected by MailChimp APIs and are protected against coarse force. Employees of this company are not be able to access to our data without logins and passwords.
All US business partners - Mailchimp, Google, Facebook, Twitter, LinkedIn, Amazon, Microsoft, Dropbox, Mozilla meet the GDPR conditions and comply with the EU-US Privacy Shield.
Your rights in connection with the protection of personal data
You have a number of rights in relation to the protection of your personal data. If you wish to use any of these rights, please contact us via e-mail: firstname.lastname@example.org.
- Based on your right of access, you can ask us at any time and within 14 days we will provide you with proof, how we process your personal data and why.
- If something changes or you find your personal information outdated or incomplete, you have the right to add and change your personal information.
- Right to processing restrictions might be helpful if you believe we process your inaccurate information, you think that processing is performed illegally, but do not want to delete all the data, or if you objected to the treatment. You can limit the range of personal data or processing purposes. (For example, unsubsrcribe from newsletter restricts, based on the purpose of processing, to send you business messages.)
- The right to portability
If you would like to take your personal information and transfer it to someone else, we will proceed it the same way like with using the right of access - we deliver you the information in machine-readable form, so we need at least 30 days.
- The right to erase (be forgotten)
Your next right is the right to erase (be forgotten). We don´t want to forget about you, but if you wish, you have this right. In this case, we will delete all your personal data from our system and the system of all partial processors and backups. We need 14 days to secure the right to erase.
- The right not to be subject to automated processing
In some cases, we are bound by a statutory obligation and, for example, we must record the tax documents issued after a period prescribed by law. In this case, we will delete all such personal data that is not bound by any other law. We will notify you by e-mail about the completion of the deletion.
Complaint at the Office for Personal Data Protection
If you feel that we do not comply with the law with your data, you have the right to appeal at any time to the Office for Personal Data Protection. We will be very pleased if you first inform us about this suspicion so we can do something with it and correct any misconduct.
Unsubscribe from newsletters and business announcements
Emails with inspiration, articles, or product and service information are sent to you only if you our customer, based on our legitimate interest. If you are not our customer yet, we will send them to you only based on your consent. In both cases, you can end subscribing to our emails by pressing the unsubsrcibe link in each email you receive.
Please be assured that our employees and collaborators who process your personal information are required to maintain confidentiality about personal information and security measures, whose disclosure would compromise the security of your personal information. This confidentiality persists even after the end of our engagement with them. Without your consent, your personal data will not be released to any third party.