GDPR – Principles of Personal Data Protection

Information on the Processing of Personal Data

Data Controller Identification and Contact Details
Name of the Data Controller: HIT systems s.r.o. (hereinafter referred to as the “Data Controller”)
Postal Address of the Data Controller: Pod zámkom 2, 976 13 Slovenská Ľupča, Slovak Republic
Email Address of the Data Controller: info@hitsystems.sk

Telephone Number of the Data Controller: +421 948 941 353

Website: www.magnetverse.eu

Processing of Personal Data for Contact Maintenance

The legal basis for processing personal data is Article 6(1)(a) of the General Data Protection Regulation (GDPR), whereby the data subject has given consent to the processing of their personal data.
Purpose of Processing:
The purpose of processing is to respond to customer inquiries.
Scope of Processed Data:
Data provided by the data subject during communication (typically name, email address, and telephone number).
Duration of Processing:
Personal data is processed until the communication is concluded.

Processing of Personal Data During Registration

The legal basis for processing personal data is Article 6(1)(a) of the General Data Protection Regulation (GDPR), whereby the data subject has given consent to the processing of their personal data.
Purpose of Processing:
The purpose of processing is to distinguish customers and facilitate the ordering process.
Scope of Processed Data:
Name, address, telephone number, email address, details of purchased goods, and dates of purchases.
Duration of Processing:
Personal data is processed until the data subject withdraws their consent to be contacted.

Processing of Personal Data Related to Order Fulfilment

The legal basis for processing personal data is Article 6(1)(a) of the General Data Protection Regulation (GDPR), whereby the data subject has given consent to the processing of their personal data.
Purpose of Processing:
The purpose of processing is the fulfilment of the order.
Scope of Processed Data:
Name, address, telephone number, email address, details of the purchased goods, date of purchase, and weight of the ordered goods.
Duration of Processing:
Personal data is processed until the expiration of the statutory limitation period as defined by civil law

Processing of Personal Data for Invoicing

The legal basis for processing personal data is Article 6(1)(c) of the General Data Protection Regulation (GDPR), concerning the legal obligation of the Data Controller, specifically the fulfilment of statutory duties under the Accounting Act.
Purpose of Processing:
The purpose of processing is the issuance of invoices in accordance with legal regulations and the fulfilment of the obligation to retain accounting records.
Scope of Processed Data:
Name, address, and — in the case of electronic invoices — email address.
Duration of Processing:
The duration of data processing is determined by the applicable provisions of the Accounting Act.

Processing of Personal Data for Goods Delivery

The legal basis for processing personal data is Article 6(1)(b) of the General Data Protection Regulation (GDPR), concerning the performance of a contract.
Purpose of Processing:
The purpose of processing is the delivery of the ordered goods to the purchaser in cooperation with a contractual partner.
Scope of Processed Data:
Name, address, email address, and telephone number.
Duration of Processing:
Personal data is processed from the moment of delivery until the expiry of the return period.

Processing of Personal Data for Newsletter Distribution

The legal basis for processing personal data is Article 6(1)(a) of the General Data Protection Regulation (GDPR), whereby the data subject has given consent to the processing of their personal data.
Purpose of Processing:
The purpose of processing is to inform the data subject about the latest and most attractive offers and promotions.
Scope of Processed Data:
Name and email address.
Additional Information:
The newsletter may contain advertisements from third-party companies, not only from the Data Controller. However, personal data will not be shared with these third parties.
Duration of Processing:
Personal data is processed until the data subject unsubscribes from the newsletter.

Processing of Personal Data for Personalized Advertising

The legal basis for processing personal data is Article 6(1)(a) of the General Data Protection Regulation (GDPR), whereby the data subject has given consent to the processing of their personal data.
Purpose of Processing:
The purpose of processing is to send the data subject offers that best match their preferences and needs.
Scope of Processed Data:
Name and email address.
Duration of Processing:
Personal data is processed until the data subject withdraws their consent.

Processing of Personal Data Related to Warranty Claims

The legal basis for processing personal data is Article 6(1)(c) of the General Data Protection Regulation (GDPR), concerning the legal obligations of the Data Controller, specifically under the Consumer Protection Act.
Purpose of Processing:
The purpose of processing is to fulfil legal obligations related to the retention of complaints in written records and responses.
Scope of Processed Data:
Name, telephone number, email address, and the content of the complaint.
Duration of Processing:
The duration of data processing is determined by the applicable provisions of the Consumer Protection Act.

Processing of Personal Data Related to Other Consumer Complaints

The legal basis for processing personal data is Article 6(1)(c) of the General Data Protection Regulation (GDPR), concerning the legal obligations of the Data Controller, specifically under the Consumer Protection Act.
Purpose of Processing:
The purpose of processing is to fulfil legal obligations related to the retention of complaints in written records and corresponding responses.
Scope of Processed Data:
Name, telephone number, email address, and the content of the complaint.
Duration of Processing:
The duration of data processing is determined by the applicable provisions of the Consumer Protection Act.

Processing of Personal Data Related to Consent Documentation

The legal basis for processing personal data is Article 6(1)(c) of the General Data Protection Regulation (GDPR), concerning the legal obligations of the Data Controller, specifically Article 7(1) of the GDPR.
Purpose of Processing:
The purpose of processing is to provide evidence of consent.
Scope of Processed Data:
Date of consent and the corresponding IP address.
Duration of Processing:
Personal data is retained for the duration necessary to demonstrate valid consent, in accordance with applicable legal provisions.

Processing of Personal Data Related to Remarketing Activities via Cookies

The legal basis for processing personal data is Article 6(1)(a) of the General Data Protection Regulation (GDPR), whereby the data subject has given consent to the processing of their personal data.
Purpose of Processing:
The purpose of processing is to deliver offers that best match the preferences and requirements of the data subject.
Scope of Processed Data:
As specified in the Cookies section.
Duration of Processing:
As specified in the Cookies section

Automated Decision-Making: The Data Controller applies automated decision-making when determining the weight and value of goods, as well as when granting discounts. The purpose of such automated decisions is to fulfil the contract concluded between the Data Controller and the data subject.
The outcomes of automated decisions are subject to random checks by the Data Controller’s staff for each order.

Other Data Processing Activities

The Data Controller shall comply with written requests and orders issued by public authorities concerning personal data. During the execution of such requests, the Data Controller maintains a record indicating which authorities were involved, which personal data were disclosed, under which legal provisions, and when the disclosure took place.
Upon request from the authorities, the Data Controller may provide additional information, except in cases where such disclosure is prohibited by law.

Use of Cookies

Information about how we use cookies can be found in a separate document: Cookie Policy.

Use of the Data Controller and Their Data Processing Activities

Processing of Personal Data for Record-Keeping Purposes

Name: HIT systems s.r.o.
Registered Office: Pod zámkom 2, 976 13 Slovenská Ľupča, Slovak Republic
Contact: +421 948 941, info@hitsystems.sk

The Data Processor records personal data jointly with the Data Controller based on a written agreement. The Data Processor is not authorized to access or review the personal data beyond the scope defined in the agreement

Data Processing Activities Related to the Shipment of Goods

Name of the Data Processor:
Slovenská pošta, a. s.
Registered Office: Partizánska cesta 9, 975 99 Banská Bystrica, Slovak Republic
Contact: +421 850 122 413, zakaznickyservis@slposta.sk

The data processor cooperates in the shipment of the ordered goods. During this process, the data processor has access to the customer’s personal data (name, address, and telephone number) for the duration of the delivery or until the settlement of goods ordered with cash on delivery. After this period, the data is deleted.

Name of the Data Processor: Packeta Slovakia s. r. o.
Registered Office: Kopčianska 3338/82A, Bratislava – Petržalka, Slovak Republic
Contact: +421 221 201 135, info@packeta.sk

Data Processing Activities Related to Newsletter Distribution

Name: HIT systems s.r.o.
Registered Office: Pod zámkom 2, 976 13 Slovenská Ľupča, Slovak Republic
Contact: +421 948 941, info@hitsystems.sk

The data processor cooperates in the distribution of newsletters based on a written agreement with the data controller. During this process, the processor has access to the user’s name and email address, which are processed in connection with newsletter delivery. Upon the user’s request, the data is promptly deleted.

Data Security Measures

The data controller declares that appropriate security measures have been implemented to protect personal data against unauthorized access, alteration, transfer, disclosure, deletion, or falsification, as well as against accidental erasure and damage, and against data inaccessibility resulting from changes in the technology used.

Remedial Measures

If you believe that the data controller has violated any legal provisions related to data processing or has failed to comply with any of your requests, you may initiate an investigation with the competent data protection authority in the relevant Member State in response to the unlawful handling of your personal data. We inform you that in the event of a breach of legal provisions concerning data processing, or if the data controller has not fulfilled any of your requests, you may also seek redress through the courts.
Ak chceš, môžem pomôcť s kontrolou konzistencie celej sekcie o právach dotknutej osoby, vrátane odkazu na články 77–79 GDPR.

Modification of Information Regarding Data Processing

The data controller reserves the right to modify the current information regarding data processing. By continuing to use the website after such modifications take effect, you accept the updated information on data processing.