Common definitions
"Controller" is the company EMIS s.r.o., with the registered office: Jana Holleho Street 8479/5, 917 01 Trnava, Slovak Republic, company registration number (IČO): 35708816.
"Regulation" is Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
"The Law" is Act No. 18/2018 Coll. on the protection of personal data.
"Regulations on the Protection of Personal Data" is the Regulation, the Law and other regulations on protection of personal data. "Website" is either website (URL) https://geovio.com.
"Service" is a service provided on the Website (URL) https://geovio.com/.
"User" is any Website visitor and a user of the Service.
"Registered User" is a Website visitor who has registered on the Website.
1. Recital
1.1. The Controller processes personal data in accordance with the Regulation, the Act and other regulations on the protection of personal data. The terms govern the processing of personal data by the Controller with regard to the use of the Website and the use of the Service. The Controller operates a Website and provides Services to all Users. The Website and the Services are publicly accessible to a wide range of Users.
1.2. The Terms do not apply to anonymous information, namely information which does not relate to an identified or identifiable natural person or to personal data rendered anonymous.
1.3. The Service can be used by each User. The User may become a Registered User by registering for the purpose of using the Service and at the same time by fulfilling these Terms. If the User does not register for the purpose of using the Service and does not become a Registered User, Article II of the Terms does not apply to him/her/them, since the User is not an identified or identifiable natural person in this case and the Controller does not have personal data about the User.
1.4. When registering, the User shall provide an email address to which an email with a login link will be sent. The user becomes a Registered user only after clicking on the link in the email. Upon registration, the Registered user will receive an Account.
1.5. The Registered User is entitled to delete the Account at any time by means of contacting the Controller using email [email protected]. The account deletion will cause all data and settings to be lost. Once you delete your account, data and settings cannot be restored.
1.6. The User, or the Registered User by each visit may grant or refuse to grant consent to the Controller for location tracking of the User, or the Registered User.
2. Protection of Personal Data
A. General provisions
2.1. Article 2 of these Terms applies to Users and Registered Users who are identified or identifiable as natural persons. This Article does not apply to personal information that has become anonymous in such a way that the individual is not identified or identifiable. To determine whether or not a natural person is identifiable, the Controller takes into consideration the use of all means and procedures for which there is a reasonable likelihood that the Controller identifies a natural person.
2.2. The Controller processes personal data in accordance with the principles relating to processing of personal data, i.e. lawfully, fairly and in a transparent manner, accurately, limitation of the purpose of processing, minimizing data, minimizing retention, confidentially and responsibly, while:
2.2.1. lawful, fair and transparent processing of personal data is ensured by determining the legal basis specified for each purpose of processing within the meaning of Article 2, Part B of these Terms,
2.2.2. the accuracy of processing of personal data is ensured by the Registered User's ability to modify and change his/her/their personal data on his/her Account at any time,
2.2.3. limitation of the purpose is ensured by the Controller through collection of personal data for specified, explicit and legitimate purposes, taking into consideration the fact that further processing for scientific or statistical purposes is not considered incompatible with the original purposes,
2.2.4. minimization of the data is ensured by the fact that the Controller requires from the natural person only the necessary and needed personal data in order to fulfil the purpose for which the personal data is processed (e.g. the Controller requires for registration of the Registered User only the e-mail address),
2.2.5. minimization of the retention of personal data is ensured by storing the data in a form which permits the identification of the Data subjects as long as it is necessary in order to achieve the purpose, taking into consideration the fact that further processing for scientific or statistical purposes is not considered incompatible with the original purposes, provided that the appropriate technical and organizational measures required under the Regulation are adopted,
2.2.6. the confidentiality of personal data is ensured by the processing of personal data safely, including appropriate and effective protection against unauthorized and unlawful processing, loss, destruction or damage, always by effective and proportionate technical and organizational measures (e.g. SSL certificate),
2.2.7. the responsibility of the Controller is ensured by his/her/their obligation to always duly demonstrate compliance with the principles of lawfulness, fairness and transparency upon request.
2.3. The Controller processes personal data on the following legal basis: consent, contract performance and fulfilment of legal obligations by the Controller.
2.4. The Controller obtains personal data exclusively from Users or Registered Users on the basis of the voluntary provision of these personal data to the Controller.
2.5. The Controller shall keep records of the processing activities in which the purpose of the processing of personal data is described, description of the categories of Data Subjects and the categories of personal data, respectively directly Data Subjects and personal data, categories of recipients to whom personal data have been or will be provided, transfers to a third country or international organization in the case of the transfer of personal data, possible legal time limits for erasure of different categories of personal data as well as a general description of technical and, organizational security measures as per the Controller's capabilities.
2.6. The Controller maintains a separate database for each purpose of personal data processing, in which the personal data of Users and/or Registered Users are detected.
2.7. After the expiration of the retention period, the Controller erases and/or pseudonymises personal data so that personal data cannot be attributed to a particular individual without the use of additional information. After pseudonymization (anonymization), the data already provided cannot be considered as personal data, as it is no longer possible to identify a natural person through this data.
2.8. Personal data recipients include Designated Employees of the Controller and IT Providers who cooperate on creation and development of the Website and Services.
2.9. The Controller has informed his/her/theirs employees with the procedures, processes and principles in regard to processing of personal data, as well as with the duty of confidentiality. The Controller declares that he/she/them has acted in accordance with the Regulation when selecting IT providers and he/she/them has concluded an agreement on brokering activities with them.
2.10. The Controller does not process personal data by profiling or any other automated form of processing of personal data. The Controller does not process personal information in any form in order to evaluate certain personal aspects relating to the User and/or Registered User, in particular by analysing or anticipating aspects of the User and/or Registered User related to his property, health, personal preferences, interest, reliability, behaviour, location or movement.
2.11. To comply with the protection of personal data about Users, and/or Registered Users, the Controller has accepted and duly maintains sufficient technical and organizational security measures that are part of the Internal Rules of the Controller.
2.12. The Controller processes personal data by collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
B. Processing of personal data
2.13. Signing up for Service
2.13.1. The Controller processes the personal data of Registered Users of the Service. Those personal data include an e-mail required for registration of the Account. The Registered User may also fill in other personal data - name, surname, telephone number and address whose filling is voluntary for the purposes of using the Account and the Services, and such data may be erased by the Registered User at any time.
2.13.2. The Controller also records other data that may be considered personal data. This data is the Movement of the Registered User in the Service, the content embedded by the Registered User into the Service, while the Controller monitors the clicks, searches and services used by Registered Users in the Service (hereinafter "User behaviour"). User behaviour is always attributed exclusively to the Account of a particular Registered User, and the Controller uses it to improve the Services.
2.13.3. The Controller processes the personal data of Registered based on a contract, in accordance with the License and Contract Terms between the Controller and the Registered User, respectively.
2.13.4. The Controller keeps the data within the meaning of 2.13.1. and 2.13.2. of those Terms for a period of 3 years from the last Registered User's log in to the Account.
2.14. Conclusion of Contract for provision of Services
2.14.1. The use of some Services may be subject to payment. The Registered User is entitled to order the provision of paid Services from the Controller. In case of ordering the Services, the personal data are processed for the purpose of fulfilling the Contract for the provision of Service/Services of the Controller and the Registered User will fill in for the purpose of order billing data in the scope of name and surname, e-mail, address/delivery address, data related to the payment (select payment method via an external supplier), and if applicable: business name/name designation, registered office/place of business, name and surname of contact person, telephone number of contact person, Business ID, Tax ID and/or VAT reg. No.
2.14.2. The legal basis for processing of personal data when providing Services for remuneration is performance of the contract.
2.14.3. The Controller keeps personal data for a period specified by applicable law, i.e. 10 years from the date of the conclusion of the contract between the Controller and the Registered User.
2.15. Handling of complaints
2.15.1. The Registered User has the right to complain about the Services provided. The Controller processes personal data when handling a complaint. The Registered User shall provide the Controller with the following personal data: e-mail, name and surname, address/delivery address, number of order or invoice, payment details.
2.15.2. The Controller processes personal data in the fulfilment of his legal obligations arising from the applicable legal regulations.
2.15.3. The Controller keeps personal data in order to handle a complaint within 2 years from the date when complaint has been handled.
3. Cookies
3.1. The Controller uses on his/her/their Website the so-called “Cookies” in order to improve provided Services. The “Cookies” record information about User, his/her/their device, preferences, and so on (hereinafter referred to as “Cookies”).
3.2. The Controller uses exclusively the essential Cookies necessary to maintain the basic functionality of the Website and analytical Cookies in order to improve the quality of the Website and the Services, while:
3.2.1. Essential Cookies are necessary to maintain the functionality of the Website and the Controller cannot disable them. Cookies are set to record clicks, preference settings, sign-ups and form filling by the User. These Cookies do not collect any identifiable information from the User and/or Registered User,
3.2.2. Analytical Cookies are needed to record visits and Website traffic resources, conversions of Users and/or Registered Users, to enhance Website performance and movement of Users on the Website. These cookies are used to improve the Services. All those Cookies are anonymous.
3.3. The Controller does not use the Cookies for advertising purposes to gain and profile the interests of Users and/or Registered Users on Website.
3.4. Due to the Controller's interest to improve the Services and to preserve the functionality of the Website, the User and the Registered User are always properly informed when visiting the Website about the use of Cookies.
3.5. Cookies do not identify any natural person on the Website or while provision of the Services. Personal data is recorded by the Controller in its databases. If the User or the Registered User are interested in using the Website and Services without Cookies, he/she/they can use the incognito feature in the browser and/or disable Cookies by using the browser settings.
3.6. Article 1, Article 2, and Article 4. of the Terms do not apply to Cookies.
4. Rights of Data Subjects
4.1. Right to Information
The User and/or the Registered User have the right to obtain from the Controller a confirmation whether personal data concerning him/her/them are being processed by the Controller and, if so, he/she/them has the right to access the processed personal data, in particular: the information about the purposes of processing personal data, categories of personal data, recipients or categories of recipients of personal data, about the presumed retention period, about the existence/non-existence of profiling. The Controller shall provide the User and/or Registered User with information about the processed personal data whenever the User or the Registered User requests it. Upon repeated requests, the Controller may request a reasonable fee.
4.2. Right to correction
The Registered User is authorized to modify, edit, and rectify their personal data in the Account at any time. At the same time, the Registered User is entitled to request the Controller to correct the personal data. This right may be exercised by sending an email with the request to [email protected].
4.3. Right to erasure
The Registered User has the right to delete their Account as well as the personal data found in the Account. This right can be exercised by sending an email with the request to [email protected]. Once you delete the Account, you cannot restore your Account information.
4.4. Right to restriction of processing
The User and/or the Registered User have the right to limit the processing of personal data, for example, if the Controller does not need personal data for processing, the User and/or the Registered User have objected the processing, etc. The Controller shall always restrict the processing of personal data whenever the processing of personal data is objected. By fulfilling contractual and/or statutory obligations, the Registered User acknowledges that the Controller will restrict the processing only to the extent that this does not affect the fulfilment of the contractual and/or statutory obligations of the Controller.
4.5. Right to transferability
The User and/or the Registered User have the right to receive the personal data concerning him/her/them and which he/she/they have provided to the Controller in a structured, commonly used and machine-readable format. The User and/or Registered User also has the right to transfer those data to another controller without hindrance from the controller to which the personal data have been provided, only if the processing is based on the consent of the User and/or the Registered User, or if the processing is carried out by profiling, and at the same time provided that such transfer is technically possible.
4.6. Right to object processing
If the User and/or the Registered User believe that the processing of personal data is in contrary to the Regulations on the Protection of Personal Data, the User and/or the Registered User may contact the Controller directly.
4.7. Right to file a complaint
The User and/or the Registered User have the right to file a complaint to the supervisory authority, especially in the Member State of their habitual residence. The supervisory authority in the territory of the Slovak Republic is the Office for Personal Data Protection, with its registered office Hranicna 12, 820 07 Bratislava, Slovak Republic.
5. Final provisions
5.1. These Terms become effective as of 11.03.2024.
5.2. The Controller is authorized to make changes to these Terms, subject to changes in the legal regulations and in case of changes in the processing of personal data. The change for the User will be published on the Provider's Website. Registered Users will be also notified about the change via e-mail specified in the Account. The Controller shall notify changes no later than 3 weeks before the effective date of change.
5.3. If the User and/or the Registered User are interested in providing information and/or exercising his/her/their rights, he/she/they can contact the Controller's responsible person at [email protected] or in writing at the registered office address of the Controller: EMIS s.r.o., with the registered office: Jana Holleho Street 8479/5, 917 01 Trnava, Slovak Republic.