It’s important for everyone’s personal data to be safe!

All personal data collected during your visit to tatryresorts.sk, are processed in accordance with Act 122/2013 Coll. (“Personal Data Protection Act”) and with applicable European legislation.
Since 25 May 2018, they have been likewise processed in accordance with Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation - GDPR) and with Act 18/2018 Coll. on protection of personal data and on the amendment of certain acts, as amended.

What does this mean for you and your personal data?

Your personal data is any information related to you and on the basis of which you as a natural person are an identifiable entity for me. This is where I can identify you directly or indirectly, in particular from a generally applicable or another identifier such as your full name, identification number, location data or online identifier, or from one or more characteristics or features which make up your physical, physiological, genetic, psychical, mental, economic, cultural and social identity. It means identifying you from a number, code or one or more elements specific to you. Thus, personal data particularly include a natural person’s contact details, their IP address, and can also include information about the use of services or about their activities and preferences.

What data do we store?

During your visit to this website we record the IP address assigned to you by your ISP, which websites you have visited our website from, how long you have been on this website, which particular pages you are viewing and more.This information is considered personal data as it is your online identifier and, therefore, we handle such data with care.

Cookies

I use cookies in order to find out the preferences of website visitors and to be able to tailor a potential offer to a particular visitor. Cookies can be used to find out if you have ever visited this website from your computer. Without cookies, I would not know what you like, and I would not be able to meet your requirements flexibly in the world of the Internet.

Cookies are text files that your browser stores on your computer disk. If you do not wish cookies to be stored, you can disallow them in your browser as they are also your personal data.

From your preferences found through cookies, web logs and IP address, we will divide your data into interest groups. This is called customer profiling. The advantage for you is that you will receive emails with similar content that you have already been interested in. Under this system, we do not burden you with information outside of your interests. You can object to email profiling by contacting jan.olexa@bloomcore.eu and, within no longer than 1 month from delivery of the objection, it will be resolved. Customer groups are profiled and segmented mainly in your interest, so that you receive relevant information.

Other personal data

On webpages, you enter your personal data voluntarily in contact forms, registrations, orders and various other forms. The personal data most often stored are your email address and name. Your personal data is used for the purposes specified herein, and only to the extent necessary.

What is personal data processing?

Personal data processing is a legal term that means a processing operation or set of processing operations with personal data or sets of personal data, whether by automated or non-automated means; in particular collection, recording, organization, structuring, storage, alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, and erasure.

That means the collection of personal data, storage thereof on information media, access thereto and the modification or alteration, retrieval, use, transmission, dissemination, publication, storage, exchange, sorting or combining, blocking and destroying thereof. However, there are a lot of services and products for specifically enhancing your life we can only provide on the basis of the data you give us.

What do we use the information for? What is the legal basis?

BloomCore s.r.o., incorporated in the Companies Register of the Prešov District Court, CRN 40328/P, is the controller for the purposes of personal data processing. Personal data is collected at bloomcore.eu. Particular webpages have various product mechanisms that, for the purposes of personal data collection, are divided by me into the following groups for better understanding:

Personal data entered on the tatryresorts.sk website:
Contact and order form on the above websites:

Full name, permanent address (if you are self-employed or a legal entity, then also your trade name, place of business, CRN, VAT, TIN) - the legal basis in the case of invoices and related documents is compliance by the controller with tax laws, accounting regulations, the Civil Code and other specific legal regulations;

Name, surname, permanent address - for the purpose of customer care and it is in the controller´s legitimate interest to provide the customer with the highest possible value for their money;

e-mail – communication with the customer about processed orders, order delivery (entry into the application), updating of information and new content, delivery of additional information from the supplier, where the legal basis for processing this personal data is the performance of the contract;

e-mail – delivery of marketing information in which the controller has a legitimate interest, as the information sent is related to the controller´s products similar to those already delivered to paying customers and it is in my interest to provide you as a paying customer with the highest value for your money;

Mobile phone number - for the purpose of telling you about the status of your order, where the legal basis is the controller´s legitimate interest to provide the customer with the highest possible value for their money;

Payment data - technical security of payment, where the legal basis is the performance of a contract concluded online.

Personal data entered on the tatryresorts.sk website

e-mail – to send to your entered email address a potential link to a free video/ebook and a similar product, where a link to the video/ebook and other opportunities is sent to your email address free of charge. It also includes a request for your consent to receive additional consulting about the structure of the website to help you increase the number of orders received from the Internet and offers for other similar products. Unless you grant your consent to receiving the additional information, your email will no longer receive promotional and advisory information or offers from the controller.

Recommendations for website products:
Your references for my services and products will only be published with your express consent to such use, which you give me in response to a separate email asking you for such permission. I will only publish your photo with your consent and, whenever you withdraw your consent, I will remove your photo and references from the website and destroy your data. Finally, I declare that no sensitive information about your sexual orientation, health, race or ethnicity will be disclosed by me without your express consent.

Data retention

Personal data is stored with the controller for the above purposes over a period of 10 years, unless tax, labor, archiving or accounting laws require a different period, or until you revoke your consent (provided any special legislation does not require me to keep some or all of your data filed). Processing of your personal data remains lawful between your granting of consent and its revocation, even if you revoke your consent after having granted it.

You are safe

It is important that your personal data is safe. Various security systems have been implemented by us for data protection. As technology improves, the security systems are accordingly enhanced with virus scans, antivirus software and firewalls. Any data processors that come into contact with your data have been duly instructed of their duty of confidentiality and there is encrypted communication between them.

This website is equipped with a secure https:// protocol, with any online payment for services and products made through secure payment gateways and the data about you I store on servers secured by a password and encryption.

Any hard-copy customer lists are stored in a locked cabinet located in a building with a security lock. We do our best to keep your data secure even outside of computer systems.

If a hacker were to attack the systems, or a system to be otherwise compromised and there is even a threat of data leakage, you will be informed within 72 hours of the measures that have been taken and we will also communicate with the Office for Personal Data Protection, the supervisory personal data protection authority in Slovakia.

Your rights

As a data subject - whose personal data is processed - you have the right to be informed about the controller, the person processing your data.

The controller, for the purposes of personal data processing is BloomCore s.r.o., incorporated in the Companies Register of the Prešov District Court, CRN 40328/P Contacts:

Peter Očovan; e-mail: peter.ocovan@bloomcore.eu

You have the right to access the data we process about you. If you want to know what particular data about you I have stored, we will provide you with it in writing upon request

As a data subject, you have the right to correct and/or supplement the data you provided were there to be any inaccuracies or incomplete.

Having been provided with services and products under a consumer contract or another agreement under the Civil Code, the purpose forproviding personal data, you have the “right to be forgotten”, i.e to have your provided data erased. The right to have your personal data erased also applies if you revoke your consent to processing it. Where your personal data is processed at your consent, you have the right to revocation at any time. Revocation consent is as simple as granting it. Just write to the contact email address: peter.ocovan@bloomcore.eu

If the processing of your personal data is based on a legitimate interest, you have theright to object to that, too. If we find your objection well-founded, I will erase your processed data from the systems. I will also erase the data if it is proven that the data has been processed unlawfully.

However, the right to have your personal data erased is not absolute. If I need your data to fulfil legal obligations tax laws, accounting regulations and other special legislation impose upon me, the data will still have to be processed for that purpose.

As a data subject, you have the right to restrict the processing of your personal data were you to challenge the accuracy of your personal data during the data verification period, if the processing of your personal data is unlawful and you require it to be restricted rather than erased, or if the controller no longer needs your personal data for the purpose stated, but you need it to prove or defend your legal claims (such as for complaints or litigation where otherwise the data would be erased and we would not be able to provide you with it). If you restrict the processing by us of your personal data, they will remain in the systems, but will no longer be used for our purposes.

At your request, the controller will notify you of any change, correction and/or erasure of your personal data. You also have the right to request the transmission of your personal data to another controller, notifying us in writing about whichever data to transmit. It is technically feasible to transmit an email address, due to the difference in the purposes of processing (see above), but I cannot provide you with other data in a form which is machine-readable and transmissible to another controller.

All your requests for exercising the above rights, objections to a controller’s legitimate interest or consent to the processing of personal data will be themselves processed within 48 hours of delivery or, in the case of a complicated request, no later than one month from delivery of the request.

The controller declares that no personal data will be transmitted to third countries and your data is stored on servers located in the EU. Should personal data be accidentally transmitted to third countries, this will be due to the technical operations of our data processors, who are major market players, and therefore the data processing agreements I have concluded with them cover the security of your data and the transmission of the data outside the EU to the maximum possible extent.
The Office for Personal Data Protection of the Slovak Republic is the supervisory authority for personal data processing. In the event that no one responds to your request within one month of its receipt, you have the right to contact the Office for Personal Data Protection pursuant to Sect.100 Act 18/2018 Coll. as amended (personal data protection proceedings).

Data processors (data recipients) - or who else can access your data?

Our team operates pursuant to cooperation agreements concluded with the controller. Since May 25, 2018, data processing agreements have been added to the cooperation agreements to ensure your data is also safe with the members of our team.
Hosting is provided by Wedos internet a.s., (https://www.wedos.sk/kontakty) and, since May 2020, your data has received the highest possible protection by virtue of a data processing agreement that has been concluded with them.
Other data processors who access your data are major market players, with which data processing agreements worded by them have been concluded since May 2020. For more information about the GDPR rules governing our data processors see the following hyperlinks:
Gdrive (cloud services) - http://cloud.google.com/terms/data-processing-terms/partner/
Google Ads – https://privacy.google.com/businesses/processorterms/
Google Analytics – https://www.google.com/analytics/terms/dpa/dataprocessingamendment_20160909.html

Third party links

The website sometimes links to third party services and products. These third party websites have their own privacy policies and are independent of ours. Therefore, we cannot be held liable for the content and activities of these third parties. Nevertheless, our aim is to maintain a high level of security. Therefore, if you suspect any unfair conduct by those third parties, please contact us at peter.ocovan@bloomcore.eu. Thank you.

No data is provided to third parties

None of your personal data is sold, traded or otherwise provided by us to third parties. Such conduct is not fair and, at the same time, your personal data is the most sensitive thing you can provide me with.
Exceptions are data processors, recipients, about whom we have informed you in this Privacy Policy and who assist me in creating the website, collaborate on projects and serve you. The partners are bound to secrecy and data processing agreements, committed to confidentiality, and they have agreed to keep your data secure and consider it confidential.
Your personal data is provided to state organizations only in compliance with the law and final official or judicial decisions under Slovak legislation.

Amendment of the Privacy Policy

Any changes in this Privacy Policy will be published on this website and emailed to you.
The Privacy Policy is effective from 25 May 2020.
If you have any questions or suggestions, please contact us.