Privacy Statement

In this Privacy Statement (“Statement”), we, Samtech s.r.o. (“Samtech”), describe our data collection and usage practices with respect to personal data we collect through www.samtech.sk . This Statement describes how Samtech collects, uses, and stores the personal information and other information you provide on the Site. It also describes the choices available to you regarding our use of your personal information and how you can access and update this information.

This Statement only covers information collected through the Site and information that we collect offline. Samtech will use data loaded by customers into our subscription services in accordance with the contractual agreement(s) between Samtech and that customer.

Samtech is the Controller as defined in the EU General Data Protection Regulation (GDPR).

Information That You Provide

You may visit the Site without registering or actively submitting personal data to us. If you do not register, then we receive only information that your computer or other device sends to us in connection with access requests and via cookies and other technologies that we use to analyze and enhance your use of our site.

When you request information from us, we may ask for personal information, such as your name, work e-mail, company, title, phone number, country, and industry. You can opt out of providing personal information by not entering it when asked. When you provide us with personal information about your referred persons we will only use this information for the specific reason for which it is provided.

If you believe that one of your business contacts has provided us with your personal information and you would like to request that it be removed from our database, please contact us at legal@samtech.sk.

Technologies such as cookies, beacons, tags, scripts or similar technologies are used by Samtech. These technologies are used in analyzing trends, administering the Site, tracking users’ movements around the Site and to gather demographic information about our user base as a whole. Users can control the use of cookies at the individual browser level. If you reject cookies, you may still use our Site, but your ability to use some features or areas of our Site may be limited.

As is true of most websites, we gather certain information automatically and store it in log files. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. We may combine this automatically collected log information with other information we collect about you.

We may not recognize or take action in response to Do-Not-Track (DNT) signals from Web browsers. At this time there is not any universally accepted standard for a company’s adoption for how to respond when a DNT signal is detected. In the event a final standard is established, we will determine how to appropriately respond to these signals.

Information We Share

We do not disclose your personal information to any kind of third parties. If we do not directly receive data from you, but you have an active profile on LinkedIn, and other professional social media networks, or you disclose an inactive or partially active profile to us during the application process, we may also collect data about it.

Widgets

Our Site includes social media features, such as the Facebook, LinkedIn buttons and widgets, such as the Share button or interactive mini-programs that run on our Site. These features may collect your IP address, which page you are visiting on our Site, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our Site. Your interactions with these features are governed by the privacy statement of the company providing it.

Data Retention

We will retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. The security of your personal information is important to us. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once it is received.

Contact options via our website

Due to statutory requirements, the Internet presence of Samtech contains information to allow quick electronic contact with our company as well as direct communication with us, which includes a general address for “electronic mail” (email address). To the extent that a data subject contacts the controller via email or a contact form, any personal data provided by the data subject will be stored automatically. Such personal data voluntarily transmitted by the data subject to the controller will be stored for the purpose of processing or contacting the relevant data subject. The personal data will not be disclosed to third parties. Because email communications are not always secure, please do not include credit card or other sensitive information in your emails to us.

Links to Other Websites

We may provide links on our Site to certain third-party websites or referrals to certain third-parties’ products or services. If you choose to visit a third party’s website, or use its products or services, the third party’s privacy statement, and not this Statement, will govern your activities and any information you disclose while interacting with the third party.

Unsubscribe/Opt-Out

You can opt out of receiving our newsletter or marketing emails by following the instructions at the bottom of each communication or at any time by e-mailing support@samtech.sk.

Routine deletion and blocking of personal data

The data subject’s personal data will be processed and stored by Samtech only for the length of time required to fulfill the purpose of its storage or to the extent that this is required by EU directives and regulations or other statutory provisions applicable to the controller.

Personal data is routinely blocked or deleted according to statutory provisions as soon as the reason for storage of such information is no longer applicable or the retention period prescribed by EU directives and regulations or other applicable statutory provisions has expired.

Legal basis for processing

Article 6, paragraph 1, point a GDPR is the legal basis for processing operations at Samtech for which we request consent for specific purposes. Where the processing of personal data is necessary for the performance of a contract in which the data subject is a contractual party, e.g. for processing operations required for the delivery of goods or the provision of other services or return services, then the processing shall be based on Article 6, paragraph 1, point b GDPR. The same shall apply for processing operations necessary in order to take steps prior to entering into a contract, e.g. for requests regarding our products or services.

Where Samtech is subject to a legal obligation requiring the processing of personal data, e.g. the fulfillment of tax obligations, then such processing shall be based on Article 6, paragraph 1, point c GDPR. In rare instances, the processing of personal data may become necessary for the protection of vital interests of the data subject or of another natural person. In such cases, the processing would be based on Article 6, paragraph 1, point d GDPR. Finally, processing operations may also be based on Article 6, paragraph 1, point f GDPR. This legal basis provides for processing operations not covered by any of the above if processing is necessary for the purposes of the legitimate interests pursued by Samtech or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject. These processing operations are permitted in particular because they are mentioned specifically by the EU legislator. In its opinion, a legitimate interest could be assumed if the data subject is a client of the controller (Recital 47, sentence 2 GDPR).

Rights of the data subject

Right to confirmation

The European legislative and regulatory body grants each data subject the right to obtain confirmation from Samtech as to whether or not personal data concerning him or her are being processed. Where a data subject wishes to execute this confirmation right, he or she can contact Samtech at any time.

Right of access

The European legislative and regulatory body grants any data subject affected by the processing of personal data the right to request at any time information about and a copy of the scope of personal data stored about his or her person free of charge from Samtech. The European legislative and regulatory body furthermore grants the data subject the right to request the following information:

  • the purpose for processing
  • the categories of personal data processed
  • the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations
  • where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period
  • the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing
  • the right to lodge a complaint with a supervisory authority
  • where the personal data are not collected from the data subject, any available information as to their source
  • the existence of automated decision-making, including profiling, referred to in Article 22 (1) and (4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as
  • the significance and the envisaged consequences of such processing for the data subject
  • Furthermore, the data subject shall have the right to be informed about whether personal data have been transferred to a third country or to an international organization. To the extent that this is the case, the data subject furthermore has the right to be informed of the appropriate safeguards relating to the transfer. Where a data subject wishes to execute this right of access, he or she can contact Samtech at any time.

    Right to rectification

    The European legislative and regulatory body grants any data subject affected by the processing of personal data the right to obtain without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject furthermore has the right to have incomplete personal data completed, including by means of providing a supplementary statement. Where a data subject wishes to execute this right to rectification, he or she can contact Samtech at any time.

    Right to erasure (‘right to be forgotten’)

    The European legislative and regulatory body grants any data subject affected by the processing of personal data to obtain from the controller the erasure of personal data concerning him or her without undue delay, where one of the following grounds applies and to the extent that processing is not necessary:

  • the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
  • the data subject withdraws consent on which the processing is based according to point (a) of Article 6 (1) GDPR, or point (a) of Article 9 (2) GDPR, and where there is no other legal ground for the processing.
  • the data subject objects to the processing pursuant to Article 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21 (2) GDPR;
  • the personal data have been unlawfully processed.
  • the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.
  • the personal data have been collected in relation to the offer of information society services referred to in Article 8 (1) GDPR.
  • Where one of the reasons listed above is applicable and a data subject wishes to arrange a deletion of his or her personal data stored by Samtech, he or she can contact Samtech at any time.

    Right to restriction of processing

    The European legislative and regulatory body grants any data subject affected by the processing of personal data the right to request from the controller the restriction of processing where one of the following applies:

  • the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.
  • the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead.
  • the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims.
  • the data subject has objected to processing pursuant to Article 21 (1) GDPR pending the verification whether the legitimate grounds of the controller override those of the data subject.
  • Where one of the conditions listed above is applicable and a data subject wishes to demand a restriction of the use of his or her personal data stored by Samtech, he or she can contact Samtech at any time.

    Right to data portability

    The European legislative and regulatory body grants any data subject affected by the processing of personal data the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format. The individual furthermore has the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where the processing is based on consent pursuant to point (a) of Article 6 (1) GDPR or point (a) of Article 9 (2) GDPR or on a contract pursuant to point (b) of Article 6 (1), and the processing is carried out by automated means, unless processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

    Furthermore, in exercising his or her right to data portability pursuant to Article 20 (1) GDPR, the data subject shall have the right to have the personal data transmitted directly from one controller to another, where technically feasible and to the extent that this does not adversely affect the rights and freedoms of others.

    The data subject can contact Samtech at any time in order to exercise the right to data portability.

    Right to object

    The European legislative and regulatory body grants any data subject affected by the processing of personal information the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on point (e) or (f) of Article 6 (1) GDPR, including profiling based on those provisions.

    In case of an objection, Samtech shall no longer process the personal data unless we demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims.

    Where Samtech processes personal data for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing, which includes profiling to the extent that it is related to such direct marketing. Where the data subject submits his or her objection to Samtech regarding the processing for direct marketing purposes, Samtech shall no longer process these personal data for such purposes.

    Where personal data are processed at Samtech for scientific or historical research purposes or statistical purposes pursuant to Article 89 (1) GDPR, the data subject, on grounds relating to his or her particular situation, shall furthermore have the right to object to processing of personal data concerning him or her, unless the processing is necessary for the performance of a task carried out for reasons of public interest.

    The data subject can directly contact Samtech at any time in order to execute the right to object. In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, the data subject may furthermore exercise his or her right to object by automated means using technical specifications.

    Automated individual decision-making, including profiling

    The European legislative and regulatory body grants every data subject affected by the processing of personal data the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her unless the decision (1) is necessary for entering into, or performance of, a contract between the data subject and a data controller; or (2) is authorized by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests; or (3) is based on the data subject’s explicit consent.

    Where the decision (1) is necessary for entering into, or performance of, a contract between the data subject and a data controller, or (2) where the decision is based on the data subject’s explicit consent, Samtech shall implement suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express his or her point of view and to contest the decision.

    Where a data subject wishes to execute his or her rights regarding automated decisions, he or she can contact Samtech at any time.

    Right to withdraw a data protection consent

    The European legislative and regulatory body grants any data subject affected by the processing of personal data the right to withdraw his or her consent to process personal data at any time. Where the data subject wishes to execute his or her right to withdraw this consent, he or she can contact Samtech at any time.

    We may update this Statement periodically and without prior notice to you to reflect changes in our personal information practices. If we make material changes to this statement, we will notify you here, by email, or by means of a notice on our home page prior to the change becoming effective.

    Contact Information

    If you have questions, concerns or suggestions related to our Statement or our privacy practices you may contact us at:

    Samtech spol. s r.o.
    Vojtecha Spanyola 29
    010 01 Zilina, Slovakia
    legal@samtech.sk

    Date of Last Revision: May 14, 2020