Oversize s.r.o.
SIZE MATTERS

Našou prioritou je spokojný zákazník
a preto dbáme na vysokú profesionalitu.

Oversize s.r.o.
SIZE MATTERS

Našou prioritou je spokojný zákazník
a preto dbáme na vysokú profesionalitu.

GENERAL INFORMATION ON THE PROCESSING OF PERSONAL DATA (hereinafter referred to as “OU”).

Pursuant to the GDPR (“General Data Protection Regulation”), Regulation (EU) 2016/679 of the European Parliament and of the Council, valid and effective from 25.05.2018 and 18/2018 of the Personal Data Protection Act hereinafter referred to as (“Law and Regulation”) and (hereinafter referred to as the “Terms”)

 

CONTENT

  1. WHO ARE WE? 1

  2. DATA SECURITY 2

  3. BASIC TERMS 2

  4. WHAT PERSONAL DATA DO WE NEED AND HOW DO WE PROCESS IT? COLLECTION AND PROCESSING OF PERSONAL DATA 3

  5. SOCIAL NETWORKS 6

  6. BENEFICIARIES 7

  7. UNDER 16 YEARS OF AGE 7

  8. PROCESSING TIME 7

  9. TRANSFER TO A THIRD COUNTRY 7

  10. AUTOMATED PROFILING 8

  11. RIGHTS OF THE DATA SUBJECT 8

  12. FINAL PROVISIONS 9

1. WHO ARE WE?

The protection of your privacy when using our website located on the domain www.oversize.sk is extremely important to us. Therefore, we inform you thoroughly about the processing of your personal data in the following text.

Responsible for the protection of personal data of this website is: OVERSIZE, s.r.o. Winter 100/7 076 43 Čierna nad Tisou ID:47403071 TAX ID:2023850257 registered in the Commercial Register of the District Court Košice I, Section: Sro, Insert No. 33210/V is a natural person – entrepreneur (hereinafter referred to as “Operator” or “We” or “The Company”) is the operator of a website located on the domain www.oversize.sk (hereinafter referred to as the “Website”). When using and processing personal data, the Company strictly complies with the relevant data protection regulations.

Contact details of the operator:

E-mail: m.kovalchuk@oversize-trans.com

The controller has not identified the data protection officer in relation to the personal data.

The Company holds a domain name and is also the holder of rights associated with and related to this website. All published content on our website (such as texts, logos, trademarks, photographs, images, audio or audiovisual records is copyrighted and is our property or we use it under a license to which we have reserved rights. We only allow materials to be downloaded for personal, non-commercial purposes and in accordance with these Terms of Use.

Access to our website is free of charge. You bear all costs you incur in connection with accessing our website. The content of our website may not be available continuously, mainly due to a technical error by our decision if we choose to make the content of the site or any part of it inaccessible.

We shall not be liable for damages (direct or indirect), loss, costs and expenses of any kind that you may incur in connection with access to and/or use of our website and/or the publication of outdated, false or incorrect data that constitutes the content of our site and created by us or caused by technical equipment, human error or software application associated with our website. We do not guarantee the compatibility of our website with your computer system or software. Nor do we guarantee that this website is not infected with malicious code or that the server that makes it available is free of malicious code or without other malicious components.

It is expressly prohibited to link our website to another site or to select any part of it without our consent; use our website for illegal purposes or for spreading malicious code; change and/or modify its content.

2. DATA SECURITY

2.1 Security of personal data.

The Company adheres to strict security measures to protect personal data in order to prevent unauthorized or accidental access to, alteration, destruction or loss of such personal data, unauthorized transfers, as well as other unauthorized processing or misuse of such personal data. The company requires compliance with equally strict measures to ensure the security of the processing of personal data also from all processors it uses, based on concluded contracts on the processing of personal data within the meaning of Art. 28 of the Regulation.

The measures taken are subject to regular inspection and are continuously adapted to the latest knowledge of the state of the art. Should the protection of your personal data be violated, we will inform you without undue delay within 72 hours if such a breach of your personal data could lead to a high risk to your rights.

3. BASIC TERMS

  • The person concerned. Any natural person whose personal data are processed.

  • Consent of the data subject. Any serious and freely given, specific, informed and unambiguous expression of the will of the data subject in the form of a statement or an unambiguous affirmative action by which the data subject consents to the processing of his/her personal data.

  • Personal data. Data relating to an identified natural person or identifiable natural person who can be identified, directly or indirectly, in particular on the basis of a universally applicable identifier, such as name, surname, identification number, location data, or online identifier, or on the basis of one or more characteristics or features constituting his physical identity, physiological identity, genetic identity, psychological identity, mental identity, mental identity, economic identity, cultural identity or social identity.

  • Processing of personal data. A processing operation or set of processing operations involving personal data or sets of personal data, in particular collection, recording, organisation, structuring, storage, alteration, retrieval, browsing, use, disclosure by transmission, dissemination or otherwise, regrouping or combination, restriction, erasure, whether carried out by automated means or by non-automated means.

  • A personal data breach. Security breach leading to the accidental or unlawful destruction, loss, alteration or unauthorized provision of, or unauthorised disclosure of, or unauthorised disclosure of, or unauthorised access to, the personal data transmitted, stored or otherwise processed.

  • Operator. Anyone who, alone or together with others, defines the purpose and means of processing personal data and processes personal data on his own behalf.

  • Mediator. Anyone who processes personal data on behalf of the controller.

  • Recipient. Anyone to whom personal data are disclosed, regardless of whether they are a third party. A public authority that processes personal data on the basis of a special regulation or an international treaty by which the Slovak Republic is bound is not considered to be a recipient, in accordance with the rules on the protection of personal data relating to the purpose of personal data processing.

  • A third party. Anyone who is not a data subject, controller, processor or other natural person who, under the authority of the controller or processor, processes personal data.

4. WHAT PERSONAL DATA DO WE NEED AND HOW DO WE PROCESS IT? COLLECTION AND PROCESSING OF PERSONAL DATA

 

4.1 Personal data provided by you

We process personal data according to the currently valid legal provisions on the protection of personal data.

4.2 The persons concerned are:

Website visitors, future clients/customers, clients/customers, client employees, suppliers, subscribers, fans on the social network, etc.

4.3 Purpose of the PROCESSING of the OU, legal basis, category of personal data and time limit for erasure

 

P.No.

Category of personal data

Purpose of processing

Legal basis for the processing

Time limit for erasure of the OU

 

1.

Ordinary personal data (listed at fa)

Accounting agenda

The purpose of personal data processing is to keep accounts and fulfil legal obligations. The agenda also includes processing of orders, incoming invoices and invoicing to customers/suppliers, etc.

Pursuant to Article 6(1)(b).c) the fulfilment of legal obligations arising from specific regulations, e.g. the Act on Accounting

ten (10) years after the closure of the accounting year

2.

Ordinary personal data (necessary for the conclusion of the contract, performance and execution of the contract)

Contracts

The purpose of the processing of the OO is the conclusion, fulfilment and realization of obligations arising from contracts with suppliers/customers.

Within the meaning of Article 6(1)(a).b(ii) of the Regulation — contractual/pre-contractual relationship

until the settlement of rights and obligations under the contract, but not less than ten (10) years from the end of the contractual relationship

3.

Ordinary personal data (name, surname, title, company, classification, contact details)

Business communication

The purpose of OU processing is to maintain a database of suppliers/customers of their representatives, respectively employees of suppliers and customers due to the fulfilment of their work, service and functional duties to ensure smooth supplier-customer relations.

What legitimate interest?

Provision of smooth supplier-customer relations and performance from the contract.

Within the meaning of Article 6(1)(f) of the Regulation — legitimate interest

five (5) years from the termination of the contractual relationship/filing shorter if you object

4.

Data in the profile

Social networks

The purpose of personal data processing is to create company profiles on social networks, in order to better communicate with clients (former, potential ones). For more information, please refer to section 4 of these Terms and Conditions.

 

What legitimate interest?

The legitimate interest of the operator is better communication with clients/future clients. Information about news on the web application.

Within the meaning of Article 6(1)(f) of the Regulation — legitimate interest

until he/she cancels the follow-up of the page, the data subject does not delete the

5.

Ordinary personal data, e.g. in the form of personal data,

[first name, surname, e-mail, telephone number]

Marketing – if you are our client

The purpose of personal data processing is direct marketing of sending electronic newsletters and e-mail/sms messages about news, services, controller.

What legitimate interest?

Informing our clients about news, changes (e.g. information about new trends).

Within the meaning of Article 6(1)(f) of the Regulation — legitimate interest

four (4) years from the last service provided, or until they object to the

6.

Ordinary personal data, data contained in the application

Exercise of the rights of data subjects

The purpose of the processing of the OU is the exercise of the rights of data subjects (gdpr complaints).

Pursuant to Article 6(1)(b) of the Regulation.c) of the Regulation — legal obligation

five (5) years from the processing of the application

7.

Ordinary personal data

Registry

Managing incoming and outgoing mail (including e-mail).

Pursuant to Article 6(1)(b) of the Regulation.c, a legal obligation in conjunction with Article 6(1)(f) of the Regulation — legitimate interest

five (5) years

8.

title, first name, surname, address and, in the case of a foreigner (type of residence), bank account number, payment details, telephone number, e-mail, signature, ID, TAX ID

Legal/legal claims (Litigation Agenda)

The purpose of personal data processing is to resolve disputes between the controller and users and to recover claims and other claims of the controller through extrajudicial (e.g. mediation), judicial and enforcement proceedings or bankruptcy proceedings, including legal representation.

What’s the legitimate interest?

Application or defence of legal claims of the operator, prevention of damages and ensuring compliance of claims and other legal claims of the operator.

Legitimate interest of the controller, Article 6(1)(f) of the Regulation a legitimate interest

five (5) years from the final termination of the proceedings or the settlement of the legal claim

9.

Ordinary personal data, e.g. in the form of personal data,

[name, surname, e-mail, telephone number, message]

Contact form

 

The purpose of the processing of personal data is to equip the demand.

Within the meaning of Article 6(1)(a).b(ii) of the Regulation — pre-contractual relationship.

one (1) month after sending the form

 

 

5. SOCIAL NETWORKS

 

We use hyperlinks (so-called links) to third-party websites. By clicking on the above links, you will be redirected to these websites (e.g. social networking websites or those of our partners). We have no influence on the style and content of linked third-party websites, and at the same time we distance ourselves from any content on all such websites and from downloading such content as our own. These Terms of Use do not apply to third-party websites. To learn more about the terms of use of third-party websites, please visit the relevant third-party website.

 

More detailed information on the processing of personal data by the controller can be found at:

– META: https://www.facebook.com/privacy/explanation

The purpose of personal data processing is to create a business profile on social networks, in order to promote the web application and our services.

The legal basis for the processing of personal data is Article 6(1)(f) of the legitimate interest.

Personal data that you post on our sites and social media accounts, such as comments, likes, videos, images, etc., will be posted through the social networking platform. We do not process personal data for any other purpose. The Operator reserves the right to delete comments and other content (videos, images, etc.) in violation of applicable legislation (hateful comments, racist or otherwise violating fundamental human rights and freedoms), and the right to share your posts if you communicate through social networks.

Posts are stored on our timeline on the social networking site for an unlimited period of time or until you delete them, or if we as the controller delete them.

 

6. BENEFICIARIES

Your personal data may be provided to recipients. These are, for example, postage companies; professional advisers (e.g. lawyers, bailiffs, notaries, courts, translators); providers of standard software (e.g. Microsoft, Google); providers of technical support, development and management of IT systems and applications, data processing and storage; hosting service providers; social network operators; external collaborators of the OPERATOR (e.g. accounting company) and in relation to the published data are both recipients of personal data and persons visiting the website, users of social networks.

Personal data are provided in the framework of the fulfilment of obligations arising from applicable legislation (e.g. law enforcement authorities, public authorities, OCC, etc.) or EU regulations, which are directly enforceable and applicable also in the Slovak Republic or to intermediaries within the framework of contractual relations in accordance with the GDPR and the Personal Data Protection Act.

We choose our partners, inter alia, with regard to the guarantees of their professional care (competence), and these entities are bound by our confidentiality and the obligation to take appropriate technical and organizational measures to ensure that the processing of personal data meets the requirements of gdpr and the Act.

 

7. UNDER 16 YEARS OF AGE

Please note that all services on our website may only be used by persons who have reached the age of sixteen (16th) year of age. The use of services and the resulting processing of data by persons with a lower age limit without the consent of parents/legal guardians is prohibited. In case you become aware of such processing of personal data, we ask you to notify us without delay and we will remedy it.

 

8. PERIOD OF PROCESSING

The controller processes the OU only the necessary time and in doing so observes the principles of processing of the OU. If we have been granted consent, for the duration of the consent or withdrawal of consent. If we process the OU on the basis of the act, e.g. accounting documents, we process them for a period of 10 years. The exact storage period is given for each purpose of processing in point 4.3.

9. TRANSFER TO A THIRD COUNTRY

The operator shall restrict the transfer of the OU to a third country or international organisation, including the identification of the country or international organisation. However, some of the recipients may have servers located outside the EU (Google, Facebook). These servers can be located in the United States (U.S.). The US is considered to be a third country that does not ensure an adequate level of protection, given the decision of the Court of Justice of the EU in SCHREMS II of 16 July 2020, the privacy protection system so-called ‘Privacy Shield’ for data transfers is subject to the standard contractual clauses approved by the Commission. In our terms and conditions, there is a transfer of data when using these services i) fan page on the social network.

These transfers shall take place only on the basis of standard contractual clauses approved by the Commission and appropriate safeguards have been provided within the meaning of Article 46 of the GDPR:

Privacy Policy

Google https://policies.google.com/privacy?hl=en-US

META https://www.facebook.com/privacy/explanation

INSTAGRAM https://help.instagram.com/519522125107875

LinkedIn https://www.linkedin.com/legal/privacy-policy

 

Reasonable safeguards provided within the meaning of Article 46 gdpr.

Google https://privacy.google.com/businesses/controllerterms/mccs/

META https://www.facebook.com/help/566994660333381?ref=dp

                                                               https://www.facebook.com/legal/EU_data_transfer_addendum

10. AUTOMATED PROFILING

The Company does not use automated profiling within the meaning of Art. 22 of the Regulation.

  1. reCAPTCHA

Before submitting the contact form by registering on the website, we use services from Google reCAPTCHA (which will tell us whether or not you are a robot, viz. Google Privacy Policy and their Terms of Service) from Google, Inc..

12. RIGHTS OF THE DATA SUBJECT

You have the right to exercise your rights under the GDPR, namely (i) the right to rectification, (ii) the right to erasure, (iii) the right to data portability, (iv) the right to object, (v) the right to withdraw consent, (vi) the right to access information, (vii) the right to restriction. You can exercise these rights directly in the company by notice at the e-mail address m.kovalchuk@oversize-trans.com or in writing at OVERSIZE, s.r.o. Winter 100/7 076 43 Čierna nad Tisou.

  • Right of access

 

You may request confirmation/information from us, as well as a copy of the personal data processed, whether and to what extent your OU is being processed. Upon your request, we as a company are obliged to provide information within thirty (30) days of receipt of such a request. We may extend this period by another sixty (60) days. We would inform you of the postponement.

  • Right to rectification

 

You have the right to have us correct your incorrect OUs concerning you or to supplement your incomplete OLs without undue delay.

  • Right to erasure

As a data subject, you have the right to have the controller delete personal data concerning you without undue delay. The Controller is obliged to delete personal data without undue delay if any of the following reasons are fulfilled:

  • the personal data are no longer necessary for the purpose for which their controller was collected or processed,

  • if you withdraw your consent to the processing of personal data for at least one (1) specific purpose or the consent is invalid if the provision of it excludes a special regulation,

  • if you object to the processing of personal data and there are no legitimate reasons for the processing of personal data or if you object to the processing of personal data relating to direct marketing, including profiling,

  • if we process personal data unlawfully,

  • if there is a reason for erasure of an obligation under this Act, a special regulation or an international treaty by which the Slovak Republic is bound, or

  • if the personal data were collected in connection with the offer of information society services pursuant to (Section 15(1) of the Draft Law) and you are under 16 years of age.

  • Right to data portability

You may require us to make available to another controller in a structured, commonly used and machine-readable format to another controller in a structured, commonly used and machine-readable format, if technically feasible, and provided that the OUs are processed on the basis of the consent of the data subject, on the basis of the contract and the processing of the OU is carried out by automated means.

  • Right to object

If we process your OU on a legal basis a legitimate interest, you can object to the processing of your personal data at any time for reasons related to your particular situation. We may not further process personal data unless we demonstrate our imperative legitimate grounds for processing that outweigh your interests, rights and freedoms, or if there are grounds for proving, exercising or defending legal claims.

 

  • Withdrawal of consent

In cases where you have given us your consent, we inform you that you can withdraw this consent at any time. You can revoke it in the same way as you granted it. The withdrawal does not affect the lawfulness of processing from consent prior to its withdrawal.

 

  • You have the right to request restriction of the processing of your data when

 

– you deny the accuracy of this data for a period that allows us to verify the accuracy of the data;

– the processing of your data is unauthorized, but you refuse to delete it and instead request a restriction on the use of the data,

– we no longer need the data for the intended purpose, but you still need this data to assert, exercise or defend legal claims, or

– you have objected to the processing of the data.

  • Right to bring proceedings before the person concerned

If you are of the opinion that we have violated the Law or/a GDPR when processing your personal data, please contact us so that we can clarify any questions. However, of course you have the right to lodge a complaint with the Slovak Data Protection Authority. A model of the proposal is published on the website of the Office for Personal Data Protection, Hraničná 12, 820 02 Bratislava, Slovak Republic. The Office will assess your complaint within thirty (30) days and decide within ninety (90) days or may extend the time limit accordingly.

13. FINAL PROVISIONS

This information enters into force and enters into force on 26.04.2022 The Operator reserves the right to change these conditions in the event of a change in the processing of the OU in the company and in the event of a legislative change.