x-bionic® sphere

🎄 Milí návštevníci, kompletné otváracie hodiny počas vianočných sviatkov nájdete tu.
🎄 Dear visitors, the complete opening hours during the Christmas holidays can be found here.

Privacy and Personal Data Protection Policy

Personal Data Protection – X-BIONIC® SPHERE a.s.

 

Part I General provisions

ARTICLE 1

IDENTIFICATION OF THE OPERATOR, THE POOL OF AGGRIEVED PERSONS, AND INTRODUCTORY INFORMATION

 

  1. X-BIONIC® SPHERE a. s., in residence: Dubová 33/A, Šamorín, 931 01, Company Registration Number: 46 640 134, registered in the Business Register of the District Court Trnava, section: Sa, insert no.: 10684/T, is the operator of personal data (hereafter only as the “Operator”) in the information systems that process the personal data of Aggrieved To refer to the Operator in this Document, we may use the pronouns such as “We”, “Our” as well as all their modifications.
  2. The Aggrieved Persons are especially the customers who make contracts with the Operator in person or by phone or via the Operator’s Website at https://www.x-bionicsphere.com or via the websites used by the Operator to facilitate bookings, communication, and contract making in electronic The Aggrieved Person also refers to the other natural persons who have granted the Operator consent to process their personal data for particular purposes or the visitors to the grounds and premises of the Operator or the visitors to the Website (for further information please see the provisions on cookies). To refer to the Aggrieved Person in this Document, we may use the pronouns such as “You”, “Your” as well as all their modifications.
  3. We have elaborated this Privacy and Personal Data Protection Policy (hereafter only as the “Document”) for the Aggrieved Persons to strengthen adequate transparency, and to explain the basic rules we abide by to protect Your privacy and personal data. The provisions on personal data processing for the purposes of a loyalty program are treated in a separate
  4. The security and legality of Your personal data processing particularly lies at our heart. Therefore, in this Document we prepared the special binding regulations for data processing that are based on the basic principles for personal data processing pursuant to Art. 5, par. 1 of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereafter only as the “GDPR”).
  5. This Document represents our internal policy that we have introduced for the sake of privacy protection pursuant to 24 of the GDPR to show compliance with the GDPR.
  6. This Document regards personal data processing and the compliance of the basic rules for legal personal data processing that are based especially on the processing of personal data in a legal way, justly with respect to all interested parties and transparently to all Aggrieved Persons. We continuously put a great emphasis on the security of personal data processing, while minimizing both the data and the processing operations to a minimum necessary to duly make and keep obligations written in the contracts made with You, using the Website and entering our grounds and premises.
  7. Furthermore, we provide You in this Document with the information required pursuant to 13 of the GDPR, ensuring that You have the information about the content of this Document before acquiring personal data when You provide us with personal data for the first time, e.g., when granting us Your consent to process personal data for defined purposes.

 

ARTICLE 2

THE RESORT’S POLICY AND THE OPERATOR’S GUARANTEES

 

  1. We do not disclose personal data without Your consent, nor do we transfer it to any third country that does not guarantee an adequate level of personal data We guarantee You that personal data processing takes place exclusively in the territory of the European Union member states. Particularly, all personal data of the Aggrieved Persons is processed and physically stored in the territory of the Slovak Republic at the time when this version of the Document is in effect.
  2. Personal data can only be disclosed based on Your individually granted consent or Your deliberate action (e.g., content disclosure in our official profile created on social networks). In this respect we would like to inform You that the disclosure of contributions and photos or the pursuit of any activity that leads to Your identification in our official profile on a social network will result in processing Your personal data in the information systems of the respective social network and in our Your action pursuant to the previous sentence grants so-called implied consent to process Your personal data for our marketing activities.
  3. We regularly monitor and revise not only the adopted security measures intended to provide a high degree of security when processing personal data, but also other procedures and rules intended to protect privacy and personal data. On these we can cooperate with an expert appointed to be a responsible person (DPO – Data Protection Officer).
  4. We employ adequate means of information enciphering protection (SSL certificate) when transferring data through a publicly accessible computer network between Your end device and our server. Furthermore, we store all information and personal data in specialized data disposal sites that are secured through adequate means of information enciphering protection
  5. We guarantee You that we will not condition any consents for personal data by making or performing a You are free to grant your consent for personal data processing willingly, without putting at risk your access to our services and goods. You can revoke the consent you have granted for personal data processing at any time by contacting the Operator in any place of business or by sending a request in writing to the e-mail address at zodpovednaosoba@x-bionicsphere.com. The revocation of Your consent will not affect the legality of the processing of Your personal data prior to its revocation.
  6. All the entities that are in addition to us legally involved in the process of personal data processing are transparently identified within the framework of this Document, together with their status pursuant to the We will not perform any processing operation with your personal data in respect to a third party and/or a recipient unless the latter are transparently identified in this Document and unless we, at the same time, have a necessary legal basis for this action pursuant to Art. 6 of the GDPR.
  7. All recipients access personal data exclusively based on an authorization granted by us, while they are legally obliged by special requirements and legal guarantees that reinforce the protection of the personal data of the Aggrieved
  8. We do not turn Your personal data to any other parties for commercial purposes without having your prior individual and willing When using the Google Analytics service, there can, under certain circumstances, be the processing of the personal data of the Website visitors by Google Inc. as a third party and an independent operator; we have no influence or impact on this kind of personal data processing. We also regard as important to inform You that the part of personal data processing that concerns the use of the functions integrated into the Website at https://www.x-bionicsphere.com can be performed separately and completely independent from us by way of third parties that function as independent operators to be distinguished from our personal data information systems; these cases especially apply to so-called payment gateways intended to make cashless payments via the Internet. You provide these third parties with Your personal data directly without us entering and affecting this process in any way. This part of personal data processing follows the internal policies and security measures adopted by these third parties, while we have no influence on such personal data processing, including the option to exercise the rights of the Aggrieved Person about which we are going to inform You later in this Document.
  9. We have carefully scrutinized our business partners (so-called processors) whom we allow to process Your personal data with respect to their eligibility for and practical capability of providing security and legality when processing Your personal
  10. When processing personal data and communicating with the Aggrieved Persons we also use, in addition to common communication by telephone and e-mail, our Website at https://www.x-bionicsphere.com as well as our official profile on Facebook.
  11. We solely process the personal data of minors provided that this has been given to us by their legal guardians for the purpose of the performance of a contract, the participation in an event, the performance of our legal responsibilities, the protection of rights and legally protected interests or personal data processing for the purposes that require consent for personal data processing provided that the legal guardian has granted this consent for the processing of the personal data of
  12. We also process the personal data belonging to the special category of personal data pursuant to Art. 9 of the This especially involves the information about the state of health, physical condition, allergy indications, and other health issues that we always process with respect to the provision of goods and services or the participation in events and other contractual performances, exclusively for the sake of the protection of Your health and the provision of the due contractual performance that does not endanger Your health.
  13. If You, when making an order, provide on your own initiative as part of specific requirements the information that is beyond the required information which we need and that could, at the same time, be of sensitive nature or their context could engender a sensitive nature disclosing data from a special category of personal data that we do not require or that are not necessary to provide due contractual performance, we will do our best to immediately delete it or modify it to a more neutral form that does not allow creating a separate category of personal data from this randomly acquired additional information. At the same time, we would like to ask you not to provide any unnecessary data and information of private nature that are not directly related to an order or a particular contract during our mutual

 

Part II HOTEL

ARTICLE 1

THE LIST OF PERSONAL DATA THAT IS THE SUBJECT OF PROCESSING and a Legal Basis

 

  1. For the purposes of making and performing a contract on accommodation as well as accommodation booking we process Your following personal data: title (Mr/Ms), name, surname, e-mail, telephone number, a description of accommodation booking, information related to Your credit/debit card including card number, type, expiration date, holder’s name and surname, security code or CVC verification code, and, if appropriate, the special requests stated by You that are directly related to accommodation and Hotel services. At the same time, we also process the information about the services requested by You that are directly related to The legal basis for personal data processing is the contractual performance and the invoicing issued at Your check out or Art. 6, par. 1, letter b) of the GDPR.
  2. In case of the valid making of a contract and the subsequent utilization of Hotel services we will also process Your following personal data: name, surname, identity card or passport number, permanent address, period of Your stay, information about the consumed goods and services that You decide to use during the accommodation contract duration (e.g., type and price of meals, massages, wellness, ), room number, date and place of birth, identity card or passport number, permanent address, and nationality.
  3. However, if we are obliged to proceed according to a duty established by a separate law, in this case Act no. 404/2011 on Residence of Aliens and Amendment and Supplementation of Certain Acts, when accommodating a foreign national (i.e., a person who is not a citizen of the Slovak Republic), we will be obliged to verify their identity, usually by checking their passport or another proof of identification and to register in the hotel guestbook their name, surname, date of birth, nationality, passport or visa number, and check in and check out dates.
  4. Pursuant to Act no. 253/1998 Coll. on Residency Declarations of Citizens and the Register of Residents of the Slovak Republic as amended, we are obliged to keep a hotel guestbook that contains information about a guest’s name and surname, identity card or passport number, permanent address, and check in and check out
  5. With respect to Your accommodation we can ask You to identify a person under 15 years of age who is to be accommodated in the resort or to provide information whether You are a person with visual impairment or disabilities or to ask You to submit a proof that You are a person with severe disabilities. We process this personal data in accordance with the provisions of a public statute of the town of Šamorín in order to abide by our legal duty to exempt You from the obligation to pay a local tax, provided that You are a person pursuant to the previous sentence.
  6. Hereby You acknowledge that during the check in process at the Hotel reception desk You will be asked to submit a valid proof of identification to our authorized staff and obliged to undergo the verification of Your You are furthermore obliged to submit Your proof of identification, when requested by us, in order to verify Your right to enter the accommodation or non-public administration premises of the Resort. We will not scan, photocopy or record on an information carrier Your identity card or passport without acquiring Your prior consent in writing.
  7. When processing personal data, we limit it to the personal data necessary to meet the purpose of the processing that is defined especially by the need to duly make contracts and to perform mutual duties as well as the special duties that we are obliged to perform pursuant to the legal order of the Slovak In this respect we would like to inform You that we only process Your personal data pursuant to the accommodation contract during the period of Your accommodation or the period until all Your obligations will be covered that emerge pursuant to Act no. 40/1964 Coll. of the Civil Code (this can therefore include especially the obligation to pay the price for accommodation and related Hotel services as well as the obligation that arise due to the damage caused by You to our property and rights pursuant to the provisions of Art. 6, par. 1, letter f) of the GDPR).
  8. The processing of the personal data specified in this Article is necessary to perform our contract on accommodation, since we cannot perform this contract without You providing us with the personal data mentioned

 

Article 2

CONSENT GRANTING BY THE AGGRIEVED PERSON

  1. Before you check in the Hotel you can be asked at the Hotel reception desk to grant Your willing consent in writing in order to process Your personal data for the following purposes:
    • marketing purposes;
    • purposes of improving hotel services within the framework of the contract;
    • to fulfil Your requests to make and perform a contract with another
  2. Failing to grant any of the consents will have no impact on making a contract between You and us as stated in the provisions of Part I, 2, Clause 2.5 of this Document.
  3. You can revoke the consent you have granted for personal data processing at any time by contacting the Operator in any place of business or by sending a request in writing to the e-mail address at zodpovednaosoba@x-bionicsphere.com. The revocation of Your consent will not affect the legality of the processing of Your personal data prior to its

 

Article 3

INCREASED DATA PROTECTION REGARDING YOUR PAYMENT CARD

  1. Our hotel as well as our approved business partners who operate a global online reservation system provide the increased data protection regarding Your payment
  2. The reservation system operators have implemented appropriate security measures which make the transfer of Your personal data via a publicly accessible computer network secured at all times through strong and certified means of information enciphering protection, especially the 128-256 bit SSL (Secure Socket Layer).
  3. Our business partner who operates the reservation system at booking.com stores the data about Your payment card pursuant to the provisions that can be found here: http://www.booking.com/content/privacy.en- gb.html. For more information about the protection of Your personal data when using the reservation system at www.hrs.com please see: http://www.hrs.com/web3/showCmsPage.do?clientId=ZW5fX05FWFQ-&cid=47- 2&pageId=legals.
  4. In addition to the system of the adopted safety measures we especially minimize the number of approved and authorized persons who encounter this type of Your data, ensure the cryptographic protection of the related electronic data as well as immediately dispose of all data related to Your payment card as soon as

 

Article 4

PERSONAL DATA RETENTION PERIOD

  1. We process Your personal data as quickly as possible. We dispose of it immediately after the purposes of the processing is completed, i.e., generally after all contractual and noncontractual obligations are fulfilled. After the services are provided and the price for these services is paid, Your personal data will be processed for the next 24 months with respect to our responsibility for the imperfections of the goods and services that might appear within a contractually extended guarantee period or the legal 24-month guarantee period that is pursuant to Act no. 250/2007 Coll. on Consumer Protection. After the guarantee period for the provided services expires, Your personal data will be eliminated (i.e., deleted from all information systems).
  2. However, if You have granted us a special consent to process Your personal data, we will continue processing and storing this personal data until You revoke Your consent. If You revoke Your consent, we will eliminate (delete) Your personal data from all information systems pursuant to 12 of the GDPR.
  3. We can also process Your personal data during the period defined by a separate law, for example, by acts on tax duties and book keeping. In this case we are obliged to store Your personal data for the period defined by a separate law for the purpose of fulfilling our legal

 

Article 5

IDENTIFICATION OF THE PROCESSORS, RECIPIENTS, AND THIRD PARTIES INVOLVED IN PERSONAL DATA PROCESSING

  1. To process Your personal data, we use the following sufficiently approved and competent business partners who are able to guarantee the security of personal data processing, and who are in the role of processors pursuant to 28 of the GDPR:
    • C.C. – systems cards communications, s.r.o., in residence: Letná 35, 052 01 Spišská Nová Ves, Slovakia, Company Registration Number: /C, 31 727 794 and Asseco Solutions, a.s., in residence Plynárenská 7/C, 821 09 Bratislava, Slovakia, Company Registration Number: 00 602 311;
    • FASTBOOKING, societé par actions, in residence: Immeueble Axe France, 118 Avenue de France, 75648 Paris Cedex 13, France, Company Registration Number: 431 513 852.
  2. To process Your personal data, we also use additional business partners who, however, are independent operators or third In particular, these are the following:
    • com B.V., a member of Priceline Group, in residence: Herengracht 597, 1017 CE Amsterdam, the Netherlands, Company Registration Number: 31047344 that operates a reservation system at www.booking.com;
    • HRS – Hotel Reservation Service LTD, in residence: The Triangle 5-17 Hammersmith Grove, W6 0LG, London, Great Britain, and Robert Ragge GmbH, in residence: Blaubach 32, 50676 Cologne, Germany, that operate a reservation system at hrs.com.
  3. The other third parties with whom we cooperate to fulfil Your request to make and perform a contract with another operator (e.g., restaurant booking, car rental, ordering a hairdresser or another service, ).
  4. Pursuant to Act no. 253/1998 Coll. on Residency Declarations of Citizens and the Register of Residents of the Slovak Republic as amended, we are obliged to keep a hotel guestbook that contains information about a guest’s name and surname, identity card or passport number, permanent address, and check in and check out In case of a foreign national, this information includes name, surname, date of birth, nationality, passport or visa number, and check in and check out dates. We are obliged to provide this personal data to other third parties, namely, the authorities of the Slovak Republic that pursue a role in the protection of constitutional establishment, internal order and safety of the state or the defense of the state within the extent defined by separate regulations. These authorities especially include the Police Force of the Slovak Republic, the Slovak Information Service, and the Military Intelligence.
  5. If the Aggrieved Person is not a citizen of the Slovak Republic, he or she acknowledges that with respect to his or her accommodation we are obliged pursuant to Act 404/2011 Coll. on Residence of Aliens and Amendment and Supplementation of Certain Acts to fill out an official alien residency declaration form and to submit it to a respective police unit within five days after his or her check in. The information system to which we are obliged to provide the personal data of the Aggrieved Person pursuant to the provisions mentioned above is a third party, namely, the Ministry of Interior of the Slovak Republic.

 

Part III MARKETING

  1. We are very much interested in staying in touch with You to inform You about the news and events taking place in our resort and the offers of the goods and services we provide. For this aim we offer You an option to grant consent to process Your personal data for marketing purposes.
  2. If you grant us Your consent, we will process Your personal data in the extent: name, surname, date of birth, sex, personal interests, and postal and e-mail addresses, during the whole validity period, e., until You revoke Your consent. We will use this personal data to inform You pursuant to clause 1 and to send you the relevant information based on which You can use our offer.
  3. To process Your personal data, we can use the so-called person profiling, e., we classify You according to age, personal interests or sex to send you only those offers that will be of interest for You.
  4. Failing to grant any of the consents will have no impact on making a contract between You and us as stated in the provisions of Part I, 2, Clause 2.5 of this Document.
  5. You can revoke the consent you have granted for personal data processing at any time by contacting the Operator in any place of business or by sending a request in writing to the e-mail address at zodpovednaosoba@x-bionicsphere.com. The revocation of Your consent will not affect the legality of the processing of Your personal data prior to its
  6. Pursuant to Act No. 351/2011 Coll. on Electronic Communications we can also send You the commercial information and advertisements regarding the similar goods and services of our own provenience that are related to the sale of the goods or services that you have purchased from us. Please be aware that we always deliver this communication to the e-mail address you state when making our contract. In this case we do not require Your consent to deliver commercial communication as we are entitled to pursue these activities by Naturally, You can also cancel the delivering of this commercial communication simply by following the instructions that can be found in each one of these e-mails.

 

PHOTO AND VIDEO MAKING

  1. For the purpose of the promotion of goods, services, events, activities, business name and other forms of promoting our company, we also make visual, audio or audio-visual recordings (hereafter only as the “Recordings”) of Yourself, Your portrait, external expressions or expressions of personal nature. We pursue these activities exclusively in the premises of our Resort or in the premises or on the grounds outside the Resort, whereas we will always notify You in advance that the making of Recordings is underway, e., before You enter the premises or grounds where the Recordings are being made.
  2. We can use the Recordings for our marketing purposes by turning them into commercials and making them available, for example, on our Website, our company profiles on social networks, advertisement posters, billboards, commercials on the websites operated by third parties, commercials broadcasted on TV or radio, commercials placed in our Resort or in the premises of another legal entity in any commercial form or commercial communication pursued by our company.
  3. To process Your personal data in the form of Recordings we will always ask for Your consent. Failing to grant this consent, however, will have no impact on you being allowed to enter the premises or grounds where the Recordings are being made. Similarly, it will have no impact on making any contract between You and us as stated in the provisions of Part I, 2, Clause 2.5 of this Document.
  4. You can revoke the consent you have granted for personal data processing at any time by contacting the Operator in any place of business or by sending a request in writing to the e-mail address at zodpovednaosoba@x-bionicsphere.com. The revocation of Your consent will not affect the legality of the processing of Your personal data prior to its This consent is at the same time the consent pursuant to Art. 12, par. 1 of the Civil Code.

 

 

Part IV ENTERTAINMENT AND SPORTS EVENTS

  1. Part of the Operator’s line of business is also the organizing of entertainment and sports activities both within and outside the Operator’s premises (hereafter only as the “Event”). Your participation in each Event is conditioned by You agreeing to the terms of the Event in question. Your agreeing to these terms or Your participation in the Event represents Your consent to these Terms and, at the same time, the establishing of a contractual relationship between You and the Operator who is, in this case, in the role of the organizer or co- organizer of the Event in
  2. Since each Event follows its written rules, the rules of the Event in question will be used to process Your personal These rules establish the extent of the personal data necessary to process in order to fulfill the contract in the form of Your participation in the Event in question and the evaluation of the latter’s preliminary and final results.
  3. To register Your participation in the Event, to evaluate and disclose the results, to inform about the Event and its results and to pursue the other activities directly related to the Event and Your participation therein, we process especially personal data in the following extent: name, surname, age, date of birth, sex, e-mail address, signature, contest ranking, preliminary and final results of Your participation or, if appropriate, contest prize. The rules of the Event can also require the processing of some other personal data directly related to Your participation in the Event, result evaluation or the handing over of contest prizes, always depending on the specific nature of the Event in question and its course of action.
  4. Participating in the Event You acknowledge that the personal data in the extent of Your name, surname, and contest ranking will appear on the preliminary and final result lists placed on our Website and in our
  5. The personal data processed for the purpose of this Event will be deleted from our information systems within 5 days after the Event in question is finished.

 

PARTICIPATION IN AN EVENT BY PURCHASING A TICKET

  1. In case that You are a part of the audience participating in an Event by way of purchasing a ticket that enables You to enter the Event, we process Your personal data pursuant to the contract that You make with our company on ticket purchase and participation in the Event. To purchase a ticket, we generally do not require any personal However, the requirement to provide Your personal data can be subject to change from our side, depending on the nature of the Event in question (e.g., due to the verification of Your identity required by safety measures) or due to a specific way of ticket purchase (e.g., via a website intended for purchasing tickets which asks You to provide Your personal data for the purpose of invoicing or delivering the ticket to Your postal address or electronically to Your e-mail address). The processing of this personal data is necessary to perform our contract related to Your participation in the Event.

 

Part V

PRIVACY PROTECTION PRINCIPLES FOR THE USE OF WEBSITES AND THE USE OF COOKIES

  1. To process some of Your personal data we also use our web domain at https://www.x-bionicsphere.com (hereafter only as the “Website”).
  2. The Website uses files such as Cookies are small text files that the Website stores in Your computer or mobile device when You browse it. Thanks to this file the Website for a certain time keeps the information about Your steps and preferences (such as login, language, font size, and other display settings), so You do not have to indicate them anew at Your next visit to the Website or its subsites.
  3. We use our own cookie files (so-called first-party cookies) to optimize the Website functions and to increase the user’s comfort for our Website visitors as well as foreign cookies (so-called third-party cookies) to display so-called behavioral
  4. The Website also uses so-called short-term cookies that are automatically deleted from Your computer system or Your other end devices after You stop using the Internet browser. However, in some cases so-called long- term cookies are also used that remain in the device of an end user, enabling us to see that the Website is repeatedly visited by that particular device of the end user. Depending on the settings done by the user, this can be related to, for example, the remembering of a default access password
  5. Hereby we would like to inform You and all Website visitors that all cookie files that the Website can store in the end device of any Website visitor can be monitored and It is possible to effectively and completely disable the use of cookie files by setting the Internet browser appropriately. Specific information and instructions regarding the setting of various types of Internet browsers can be found here: https://www.aboutcookies.org/how-to-control-cookies/. Information necessary to delete cookie files from the technical device of a user can be found here: https://www.aboutcookies.org/how-to-delete-cookies/. Generally, it can be said that it is necessary to turn on the function in the Internet browser that is usually referred to as “Protection from tracking”.
  6. If the Internet browser used by Your end device allows the Website to use cookies to access and browse its content, we are entitled to regard this condition as Your valid consent with the use of
  7. On our Website we also use an Internet analytical service by Google Inc. while not processing, however, any personal data or other identificators that could be used for indirect identification (e.g., IP address) of the Aggrieved However, this does not mean that this does not involve personal data processing by Google Inc. that operates the Google Analytics and Google adWords services.
  8. To analyze Your behavior on the Website, Google Analytics and Google adWords also use cookies stored in the device of a Website end user (computer, tablet, smartphone). Google anonymizes the part of the IP address related to the device of a Website end user right when it is acquired to increase the protection of the Aggrieved Person’s Google Inc. uses the information acquired during Your use of the Website to evaluate the use of the Website by its users, to issue reports on the activity on the Website and to provide us with additional services related to the use of the Website and of the Internet. Again, this data processing by the Google Analytics and Google adWords services can be disabled by appropriately setting the Internet browser to which You install a plug in module available from the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
  9. We can also use Google Analytics and Google adWords on the Website to generate on-line advertising by way of remarketing, i.e., the outputs from our marketing communication can also be displayed by other digital service and Internet content providers, including Google , on various Internet websites that will be displayed on Your device in the future, after Your visit to the Website is finished.
  10. We also use Google Analytics reports for the sake of more effective marketing communication, while there can be the processing of the demographic characteristics and interests related to the Aggrieved Persons (e.g., age, sex, interests) that has been acquired by Google and that we are also allowed to use. When processing data by way of using Google Analytics, however, we will not process Your personal data as we do not have a sufficient identifier that would enable Your direct or indirect identification.
  11. You can reject the displaying of personalized commercial banners from Google by following this link.
  12. More information on how Google Inc. uses data in the context of using the Website can be found here: https://www.google.com/policies/privacy/partners/.
  13. Furthermore, we inform You that if you are logged in to other Internet services by Google Inc. when visiting and using the Website, Google Inc. may process Your personal data. We do not have any power or influence on, nor do we participate in any way in this personal data
  14. Google Inc. is with respect to the use of the Website by the Aggrieved Persons a third party in the position of an independent operator. The Aggrieved Persons can find more information on the current privacy protection policy adopted by Google here: https://www.google.com/policies/privacy/?hl=sk.
  15. To promote our goods and services we also use Instagram operated by Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA. However, we only have administrator authorizations for the processing of Your personal data through our profiles on this social network. This company is in the position of an independent personal data operator, whereas Your personal data is processed pursuant to the terms adopted by Instagram For this reason, Your personal data may be handed over by Instagram to third parties and, via international transfer, to third countries, while we have no control over and no responsibility for this personal data processing. An overview of Instagram supplements and their characteristics as well as a description of the way Instagram processes Your personal data can be found at: https://help.instagram.com/519522125107875.
  16. On our Website we also use the supplements to Facebook, namely, Facebook Conversion Pixel and Facebook Remarketing and other services provided by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. Through our company profile on Facebook we at the same time promote our goods and services. If You visit our Website that contains this supplement, a link will be established between Your browser and the social Subsequently, the social network will receive information about a visit to the Website from Your browser. If you are logged in to Facebook, Your visit can be linked to Your profile on the social network. Any information and meta-data produced by the supplement’s activity can be in turn stored by the operator of the social network. Using Facebook Conversion Pixel both we and Facebook can be aware that you clicked on our advertisement on Facebook and were redirected to our Website. However, we do not have access to the data from the other websites you have visited. The information acquired thanks to Facebook Conversion Pixel help us compile statistics about the use of our Facebook advertising campaigns. In this process, however, we do not acquire any information thanks to which it would be possible to identify You. Facebook Remarketing is a technology thanks to which the users who have already visited our Website can be again addressed with deliberate advertising also on other Facebook sites or on the sites that cooperate with Facebook. However, we do not acquire any information on the directness of this advertising with respect to concrete persons. More information on the purpose and volume of the acquired data and the processing of Your personal data by Facebook as well as on setting options to protect Your privacy on Facebook can be found in the Facebook Data Use Policy here. The displaying of on-line interest-based advertisements from Facebook and other involved companies can be disabled here. If you want to disable Facebook from acquiring Your personal data, it will be necessary to log off from the social network before visiting our Website.

 

Part VI

CCTV MONITORING OF THE GROUNDS AND PREMISES OF THE OPERATOR

  1. For the sake of the protection of our property and other legitimate interests and rights, we perform constant surveillance of our grounds and some indoor premises. During this process we make visual and audio-visual recordings pursuant to Art. 6, par. 1, letter f) of the GDPR for the purpose of protecting our property, rights, and legally protected interests of the Operator. This first and foremost involves the proving of illegal action, thefts, damages to our property or unauthorized trespassing and dwelling on our grounds or in the indoor In such case we naturally record Your image, behavior, and the external expressions of Your action.
  2. Our company is the sole operator of this CCTV system, data storage sites, and related means of personal data Access to the CCTV recordings is also granted, in addition to our personnel, to a private security company responsible for security surveillance on our grounds and in our premises. Hereby we declare that when selecting a private security company functioning as a personal data processor we have opted for sufficiently approved and competent private security companies that can guarantee the security of personal data processing and the due performance of their obligations. The private security companies and personal data processors pursuant to this Part are the following companies:
    • IBS – SECURITY, r. o., in residence: Banská 6301, Nové Mesto nad Váhom 915 01, Slovakia, Company Registration Number: 45 404 828, registered in the Business Register of the District Court Trenčín, section: Sro, insert no.: 22696/R; and
    • NAPOLI Services s. r. o., in residence: Hattalova 12/C, 831 03 Bratislava, Slovakia, Company Registration Number: 47 764 473, registered in the Business Register of the District Court Bratislava I, section: Sro, insert : 99181/B.
  3. Furthermore, we declare that we do not make any recordings of the premises that could infringe on Your legitimate right for privacy, civil honor or human dignity or in any way to endanger or harm Your rights and legally protected interests that exceed the interest in the protection of our rights and legally protected
  4. When we make recordings, we keep them for 15 calendar days from the day following after the day when they are made; after this period expires, we eliminate However, this does not apply if legal claims are exercised by our company or by a third party (personal data recipient) based on the protection of property, rights, and legally protected interests. In this case the processing and storing of the recordings continues during the period when these claims are legally filed, or the period specified by a public authority decree.

 

Part VII

INSTRUCTION ON THE RIGHTS OF THE AGGRIEVED PERSON

  1. We pay much attention to protecting the integrity and confidentiality of Your personal Therefore, we seek its strong protection not only through individual, up-to-date technological, and organizational security measures but also by giving You the opportunity to exercise the rights of the Aggrieved Person at any time through a request with one’s own signature that will make clear the identity of and the right that the Aggrieved Person claims from the Operator. The requests regarding the exercise of the right addressed to the Operator can be sent to our e-mail address: zodpovednaosoba@x-bionicsphere.com.
  2. Hereby we inform You that in the cases when the legal basis for personal data processing is established by Your consent, You are entitled to revoke Your consent at any You can revoke the consent you have granted for personal data processing at any time by contacting the Operator in any place of business or by sending a request in writing to the e-mail address at zodpovednaosoba@x-bionicsphere.com. The revocation of Your consent will not affect the legality of the processing of Your personal data prior to its revocation.
  3. In the cases when the legal basis is established by a contractual relationship it is necessary to provide us with the required personal data, otherwise the contractual relationship cannot be established, and we will not be able to provide You with the goods or service in question.
  4. In the cases when the legal basis for the processing of Your personal data is established by the protection of the rights and legally protected interests of the Operator (Art. 6, par. 1, letter f) of the GDPR), we are entitled to process Your respective personal data even without Your consent, and You are obliged to permit such
  5. You, at the same time, have the right of access to personal data (Art. 15 of the GDPR), right to rectification (Art. 16 of the GDPR), right to erasure (Art. 17 of the GDPR), right to restriction of processing (Art. 18 of the GDPR), right to data portability (Art. 20 of the GDPR), right to object (Art. 21 of the GDPR), right to request the examination of an individual decision that would be based on automated personal data processing (Art. 22 of the GDPR).
  6. Each request to exercise the right of the aggrieved person pursuant to the GDPR can be filed based on a request in writing and with one’s own signature sent to the address of our company as stated in the Business Register or to our e-mail address at zodpovednaosoba@x-bionicsphere.com.
  7. Hereby we would like to notify You that when attending to Your request to exercise the right of the aggrieved person we may ask You to authentically verify Your identity, especially if You file Your request in another way than a written letter with Your own signature, an e-mail message with Your authentic approved electronic signature or in person in the residence of our company (i.e., for example, in cases of regular e-mail requests or telephone calls).
  8. Each delivered request to exercise the right of the aggrieved person will be considered individually and We will always inform You about the result no later than 30 days after the request is delivered. The process of attending to the request related to the exercise of the right of the aggrieved person is free of charge. In case You believe we did not attend to Your request to exercise the right of the aggrieved person in accordance with the GDPR, You can file a complaint with a supervisory body (www.dataprotection.gov.sk) or claim a judicial means of correction directly with the respective general court.
  9. If You have any questions regarding privacy and personal data protection or the information about the content and exercise of Your rights or additional explanations of the content of this Document, please feel free to contact us at any time by e-mail at: zodpovednaosoba@x-bionicsphere.com.

 

Part VIII Final provisions

  1. If You do not agree with or sufficiently understand the content or meaning of any part of this Document, we will welcome Your factual objections and remarks that we will discuss with You with the aim of protecting and supporting Your rights and preventing the emergence or deepening of any risks to Your rights and liberties that might be engendered or affected by using the Website at https://www.x-bionicsphere.com and/or by another way of personal data processing described in this Document.
  2. We regularly revise and update this As a rule, the currently valid version of the Document is always the one displayed on the Website.
  3. You can address Your complaint regarding personal data processing to the supervisory body which is the Office for Personal Data Protection of the Slovak Republic. Contact details of the supervisory body:

 

Office for Personal Data Protection of the Slovak Republic

Hraničná 12

820 07 Bratislava

+421 /2/ 3231 3214

statny.dozor@pdp.gov.sk

 

In Šamorín, Slovak Republic On 25 May 2018