- the availability, integrity and reliability of management systems using the most advanced information technologies,
- the protection of personal data against loss, damage, theft, modification, destruction, and to maintain their confidentiality,
- the identification of potential problems and sources of disruption and to prevent them.
Contact for the person responsible for supervising the processing of personal data: support@emanate.sk
2. Privacy Policy
3.1. "personal data" means any information relating to an identified or identifiable natural person (hereinafter referred to as "data subject"); an identifiable natural person is one who can be identified directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or reference to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person;
3.2. "processing" means any operation or set of operations performed on personal data or on sets of personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction, whether performed by automated or non-automated means;
3.3. "restriction of processing" means marking stored personal data with the aim of limiting their processing in the future;
3.4. "profiling" means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s work performance, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements;
3.5. "information system" means any structured set of personal data which is accessible according to specified criteria, regardless of whether it is centralized, decentralized, or distributed in functional or geographic terms;
3.6. "controller" means a natural or legal person, a public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union law or the law of a member state, the controller or the specific criteria for its identification may be provided for by Union law or the law of a member state;
3.7. "processor" means a natural or legal person, a public authority, agency or other body which processes personal data on behalf of the controller;
3.8. "third party" means a natural or legal person, a public authority, agency or body other than the data subject, the controller, the processor, and the persons who, under the direct authority of the controller or the processor, are authorized to process personal data;
3.9. "consent of the data subject" means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which she or he, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to her or him;
3.10. "personal data breach" means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data which are transmitted, stored or otherwise processed;
3.11. "relevant and reasoned objection" means an objection to a proposed decision as to whether there has been a breach of this regulation or whether a planned action concerning a controller or a processor complies with this regulation, which must clearly demonstrate the severity of the risks posed by the proposed decision regarding the fundamental rights and freedoms of data subjects and, where applicable, the free movement of personal data within the Union.
4. Purposes of Processing Personal Data
4.1. Fulfillment of a contract to which the data subject is a party, or to take steps at the request of the data subject prior to entering into a contract
The personal data we process about our customers is processed based on the contract in accordance with Article 6(1)(b) of the regulation (processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to entering into a contract). The scope of processed personal data: title, first name, last name, address, signature, phone number, and email. They are subsequently stored in accordance with Act No. 395/2002 Coll. on Archives and Registries.
4.2. Record of Requests
The personal data we process through emails are processed only to address your request. By filling out and submitting the request, you consent to the processing of personal data in accordance with Article 6(1)(a) of the regulation (the data subject has given consent to the processing of their personal data for one or more specific purposes). The scope of processed personal data: first name, last name, address, phone, email. Personal data will be retained only until the purpose for which it was processed is fulfilled. If retention periods must be observed according to commercial and tax law, the retention period is governed by Act No. 395/2002 Coll. on Archives and Registries. Transfer of personal data to a third country does not take place. Personal data will not be used for automated individual decision-making, including profiling.
4.3. Processing of Accounting Documents
Processing is necessary to fulfill a legal obligation of the controller in accordance with Article 6(1)(c) of the regulation. The scope of processed personal data: title, first name, last name, address, phone number, bank account number, email. They are subsequently stored in accordance with Act No. 395/2002 Coll. on Archives and Registries. Processors: my office 8 s. r. o., Za stanicou 10, 831 04 Bratislava - Nové Mesto, ICO 55 187 285
4.4. Complaints
In the case of complaints, personal data is processed in accordance with Article 6(1)(c) of the regulation. The scope of the processed personal data includes: title, first name, last name, address, phone, email. Subsequently, they are stored in accordance with Act No. 395/2002 Coll. on archives and registries.
4.5. Debt Recovery
In the case of debt recovery, personal data is processed according to Article 6(1)(c) of the regulation. The scope of the processed personal data includes: first name, last name, personal identification number, address, phone,
email. They are subsequently stored in accordance with Act No. 395/2002 Coll. on archives and registries.
4.6. Enforcement
The processing of personal data is necessary for fulfilling the legal obligation of the operator under Article 6(1)(c) of the regulation. The scope of the processed personal data includes: regular personal data, other personal data found or provided during the proceedings. They are subsequently stored in accordance with Act No. 395/2002 Coll. on archives and registries.
4.7. Marketing
The personal data we process about our customers for marketing purposes is processed based on the consent of the data subject according to Article 6(1)(a) of the regulation. The scope of the processed personal data includes: first name, last name, address, phone, email, and signature. They are subsequently stored for a duration of 5 years.
4.8. Monitoring Spaces for Asset Protection
At our facility located at Steinov Dvor 3, 81107 Bratislava, a camera information system is installed to monitor the internal areas of the fitness center for the purpose of asset protection in line with the legitimate interests of the operator in accordance with Article 6(1)(f) of the regulation. Recordings from the camera system are not provided to third parties. They are only accessible to authorized personnel of the operator and IT specialists who perform maintenance on them. Personal data obtained from the camera system is used for asset protection and as evidence in administrative proceedings in cases where personal data obtained from the camera system is utilized as evidence in ongoing administrative procedures. If the recorded footage is not used for criminal proceedings or misdemeanor proceedings, the recording will be automatically deleted by programmed action within 5 days from the day following the date the recording was made.
4.9. Record Keeping of Supplier and Customer Representatives
The processing of personal data of suppliers and customers is conducted in accordance with the legitimate interests of the operator, in compliance with Article 6(1)(f) of the regulation. The scope of personal data processed includes: title, first name, last name, job position, service appointments, functional position, employee identification number, professional department, workplace, telephone number, fax number, workplace email address, and employer identification details. Subsequently, this data is retained for a period of 10 years after the termination of the contract or business relationship.
4.10. Direct Marketing
The personal data we process about our customers for marketing purposes is processed based on the legitimate interest of the operator in accordance with Article 6(1)(f) of the regulation. The scope of the processed personal data includes: first name, last name, phone number, and email address. Subsequently, this data is retained for the duration of the contractual or business relationship between the customer and the operator.
5. Rights of the Data Subject
5.1. Right to Withdraw Consent - in cases where we process your personal data based on your consent, you have the right to withdraw this consent at any time. You may withdraw your consent electronically, at the address of the authorized person, in writing, by notifying us of the withdrawal of consent, or in person at our company’s headquarters. The withdrawal of consent does not affect the legality of the processing of personal data that we have processed about you based on that consent.
5.2. Right of access - you have the right to request a copy of the personal data we hold about you, as well as information on how we use your personal data. In most cases, your personal data will be provided to you in written form unless you request another method of delivery. If you request this information electronically, it will be provided to you electronically if technically feasible.
5.3. Right to rectification - we take reasonable steps to ensure the accuracy, completeness, and current status of the information we hold about you. If you believe that the data we hold is inaccurate, incomplete, or outdated, please do not hesitate to request that we rectify, update, or supplement this information.
5.4. Right to erasure (right to be forgotten) - you have the right to request the deletion of your personal data, for example, if the personal data we have obtained about you is no longer necessary for the purposes for which it was processed. However, your right needs to be considered in light of all relevant circumstances. For instance, we may have certain legal and regulatory obligations, which means we may not be able to fulfill your request.
5.5. Right to restriction of processing - under certain circumstances, you have the right to request that we stop using your personal data. This applies, for instance, when you believe that the personal data we have about you may be inaccurate or when you believe that we no longer need to use your personal data.
5.6. Right to Data Portability - under certain circumstances, you have the right to request us to transfer personal data that you provided to us to another third party of your choice. However, the right to portability only applies to personal data that we have collected from you based on your consent or under a contract to which you are a party.
5.7. Right to Object - you have the right to object to the processing of data that is based on our legitimate interests. If we do not have a compelling legitimate reason for processing and you raise an objection, we will no longer process your personal data.
If you believe that any personal data we have about you is inaccurate or incomplete, please contact us.
If you wish to file an objection regarding the way we process your personal data, please contact our data protection officer via email at: support@emanate.sk or in writing at the address:
Emanate s.r.o.
Zadunajská cesta 3434/8
851 01 Bratislava - Petržalka district
Our designated officer will review your objection and work with you to resolve this matter.
If you believe that your personal data is being processed unfairly or illegally, you have the right to file a complaint with the supervisory authority, which is the Office for Personal Data Protection of the Slovak Republic, Hraničná 12, 820 07 Bratislava 27; phone number: +421 /2/ 3231 3214; email: statny.dozor@pdp.gov.sk, https://dataprotection.gov.sk.
Revised on January 1, 2025.