The company MICROCOMP - Computersystém s r.o. (hereafter referred to as the “Company”), within the scope of its activities including operation of its website, processes personal data of natural persons only to required extent in order to fulfill a specified purpose. Pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council dated 27th April 2016 on protection of individuals with regards to processing of personal data and on free movement of such data, repealing Directive 95/46 / EC (hereafter referred to as “the Regulation”) and Act No. 18/2018 Coll. on Personal Data Protection and on Amendments to Certain Acts (hereafter referred to as the “Personal Data Protection Act”), the Company is obliged to provide information concerning processing of such data.
Company identification and contact details
MICROCOMP - Computersystém s r.o.
IČO: 314 109 52
Kupecká 9, 949 01, Nitra
Tel: +421 2 5363 1222
contact for personal data protection: firstname.lastname@example.org
Purpose of personal data processing
The company processes personal data for the following purposes:
- personnel and payroll agenda of employees and collaborating persons
- internal records (working time sheets, asset management, employee training, GDPR management, integrated management system, ...)
- fulfillment of obligations imposed by valid legal norms (processing of accounting documents, reporting obligations, administration and archiving of selected documents, ...)
- business activities and marketing
- provision of service
- ensuring operation of the website and its optimization
- resumes of job applicants
Persons concerned and categories of processed data
Persons concerned include in particular:
- employees and their close contacts; other persons in an employment relationship; job seekers
- natural persons entering areas monitored by cameras
- service customers; representatives of business partners; customers or suppliers of goods or services; external experts
- winners of competitions; participants in events
- persons involved in insurance event; persons affected by recovery of a claim
- persons exercising their rights under the Regulation
The company processes personal data in the following categories:
- usual personal data (e.g. identification and contact data, education data, job classification data, etc.)
- special categories of personal data (e.g. in a framework of occupational accident documentation, safety questionnaire data, etc.)
- video or photography of person and his or her activities in monitored area
- image and text records mapping the historical development of the company
Legal basis for processing of personal data
Within various areas of activities, the Company uses following legal basis for processing of personal data:
- a person concerned has consented to processing of his or her personal data for a specific purpose
- processing is necessary for execution of contract
- processing is necessary for fulfillment of a legal obligation by the Company
- processing is necessary for purposes of legitimate interests pursued by the Company
Period of retaining personal data
In general, personal data is processed only for the time strictly necessary which is determined for individual areas by relevant legal norms or internal guidelines of the Company.
Access to personal data
Only employees of the Company authorized to process relevant agenda have access to personal data processed by the Company.
Transfer of personal data to the third countries or international organizations
Personal data processed by the Company are not transferred to the third countries nor international organizations.
Automated individual decision-making including profiling
Processing of personal data within the Company does not involve automated individual decision-making nor profiling.
Rights of person concerned and application of rights
The person concerned has the right to:
- withdraw his or her consent to processing of his or her personal data for a specific purpose
- lodge a complaint with a supervisory authority
require the Company
- to issue a confirmation about whether or not his or her personal data are processed by the Company
- for access to personal data of person concerned
- to correct incorrect personal data about person concerned
- to erase personal data concerning person concerned if one of the grounds set out in Article 17 of the Regulation is met
- to restrict processing of personal data concerning particular person if one of the grounds set out in Article 18 of the Regulation is met
- to obtain personal data relating to person concerned provided to the Company, in a structured, commonly used and machine-readable format, and has a right to transfer this data to another operator if conditions set out in Article 20 of the Regulation are met
- to object processing of personal data concerning him or her if requirements of Article 21 of the Regulation are met
More detailed information on rights of person concerned under the Regulation can be found on the website of the Office for Personal Data Protection .
Security of processed personal data
The company is a holder of Information Security Management System Certificate ISO 27001:2013. Organizational and technical measures to secure processed personal data against unauthorized access and manipulation are described in the Company's security documentation and verified by the annual external audit of the Information Security Management System.
Provision of personal data
Within various areas of activities, the Company provides processed personal data only to authorized entities while respecting an existing legal basis for provision of personal data in accordance with the Regulation.
A supervisory body for personal data protection in the Slovak Republic is the Office for Personal Data Protection in accordance with the Personal Data Protection Act.
Office for Personal Data Protection
820 07 Bratislava 27
Tel: +421 2 3231 3214
Information on the procedure for filing a motion to initiate proceedings on personal data protection can be found on the website of the Office for Personal Data Protection.