Free consultation

Privacy and Personal Data Processing Policy

This language version is an informative translation. In the event of any discrepancy, the Slovak version shall prevail.

1. Controller

The controller of personal data is INFOSEC s.r.o., Trieda SNP 407/61, 040 11 Košice, Slovak Republic, Company ID No. 50889109, Tax ID No. 2120515771, VAT ID No. SK2120515771, registered with the Municipal Court Košice, Section Sro, Insert No. 41480/V.

2. Privacy contact details

Email [email protected]

Telephone +421 904 432 786

Address INFOSEC s.r.o., Trieda SNP 407/61, 040 11 Košice, Slovak Republic

The controller has not appointed a data protection officer. Please use the contact details above to exercise your data protection rights.

3. Personal data we process

3.1 Data provided when contacting us or submitting an enquiry

  • Full name
  • Email address
  • Telephone number
  • Message content and related communication

3.2 Technical data collected when visiting the website

We may process the IP address and technical logs related to website operation, including the date and time of access, requested page, browser and operating system identifiers, and security events. The hosting provider may also process these data where necessary for the operation and security of the service.

4. Purposes and legal bases

4.1 Enquiries and communication

Purpose: responding to questions, handling requests and taking steps at the data subject's request before entering into a contract.

Legal basis: Article 6(1)(b) GDPR and, where applicable, Article 6(1)(f) GDPR.

4.2 Performance of a contract and provision of services

Purpose: entering into and performing a contract, providing services and customer communication.

Legal basis: Article 6(1)(b) GDPR.

4.3 Legal obligations

Purpose: accounting, taxation, complaints and the establishment, exercise or defence of legal claims.

Legal basis: Article 6(1)(c) GDPR.

4.4 Website security and prevention of misuse

Purpose: protecting the website, infrastructure and users, and detecting attacks and security incidents.

Legal basis: Article 6(1)(f) GDPR.

5. Cookies and similar technologies

The website may use strictly necessary technical cookies or similar identifiers required for basic functionality, security and operation. Consent is generally not required for these purposes.

If analytics such as Google Analytics or other non-essential cookies are introduced in the future, they will be used only after the required consent has been obtained, and this policy will be updated.

6. Recipients of personal data

Personal data may be disclosed only to the extent necessary to:

  • The hosting and related service provider, in particular Webglobe, acting as a processor for website operation
  • Accounting and administrative service providers where a contractual relationship is established
  • Competent public authorities where disclosure is required by law or a binding request

7. Transfers outside the European Union and European Economic Area

The controller does not normally transfer personal data outside the European Union or European Economic Area. If a service involving such a transfer is used in the future, the controller will implement appropriate safeguards and update this policy.

8. Retention periods

  • Enquiries and communication: for the time necessary to handle the request and subsequently protect legal claims, generally no longer than two years after the last communication
  • Contractual and accounting documents: for the periods required by law, generally ten years
  • Technical logs: generally for days or months depending on hosting settings and security needs, typically no longer than six months unless longer retention is necessary to investigate an incident

9. Rights of data subjects

You have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Erase data where the legal conditions are met
  • Restrict processing
  • Data portability where processing is automated and based on a contract or consent
  • Object to processing based on legitimate interests
  • Withdraw consent where processing is based on consent

10. Complaint to a supervisory authority

If you believe that personal data are not being processed in accordance with applicable law, you have the right to lodge a complaint with:

Office for Personal Data Protection of the Slovak Republic, Budova Park one, Námestie 1. mája 18, 811 06 Bratislava, Slovak Republic

11. Automated decision-making and profiling

The controller does not carry out automated individual decision-making or profiling.

12. Validity and amendments

This policy is valid from 15 July 2026. It may be updated where the scope of processing, analytics tools, legal requirements or the technical operation of the website changes.