1.1. „Web Portal” are all pages and services located at domain imhd.sk, mhd.sk and their subdomains.
1.2. „GDPR” is Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
1.3. „Privacy Protection Act” is Act no. 18/2018 Coll. on the protection of personal data.
2.1. Name: Startitup s.r.o.
2.2. IČO: 47759089
2.3. Address: Panónska cesta 7, 852 32 Bratislava, Slovakia
2.4. Contact: email@example.com
2.5. Controller participates in the IAB Europe Transparency & Consent Framework and complies with its Specifications and Policies. operates Consent Management Platform with the identification number 300.
3. Purpose of the processing:
3.1. ensuring of compliance with GDPR,
3.2. providing more exact information based on location,
3.3. distinction of contributors of posts in discussion forum, photo gallery and other content published by users,
3.4. responsibility for the content that can be published by registered users,
3.5. sending notification e-mails and e-mails regarding user account,
3.6. verification of user in case their requests regarding user account and technical issues,
3.7. traffic statistics of the Web Portal,
3.8. access to the parts of the Web Portal with limited access,
3.9. contacting user in order to deal with their question or request and in order to perform actions regarding question or request of the user.,
3.10. dealing with requests according to the GDPR.
4. Personal data are saved on servers in European Union.
5. Categories of personal data concerned:
5.1. All users of the Web Portal:
5.1.1. location data (only in case of approving providing these data in web browser; these data are not connected with other personal data).
5.2. Registered users:
5.2.1. online identifier,
5.2.2. name and surname,
5.2.3. e-mail address,
6. Special categories of personal data according to the article 9 and 10 of the GDPR and § 16 and 17 of the Privacy Protection Act are not processed.
7.1. Controller does not provide any personal data acquired via user registration to any third party.
7.2. Controller provide persional data in the following cases:
7.2.1. When required by law
7.2.2. When using the Web Portal - to the third parties listed in the consent management platform window displayed upon visiting the Web Portal or after clicking on Privacy in the page footer; in this case Controller does not provide personal data according to 7.1.
7.3. Processors of personal data in the name of the Controller are TechTrend, s. r. o. and mhd.sk, občianske združenie to the extent necessary for administration and updating of the Web Portal.
7.4. Regardles third parties according to 7.2.2., personal data may be provided to the following third parties:
Identification of third party
8. Personal data are kept during period of user registration on the Web Portal.
9. Legal basis for the processing of personal data is fulfilling of law, especially GDPR.
10. User has following rights:
10.1. Right of access by the data subject according to the article 15 of the GDPR and § 21 of the Privacy Protection Act,
10.2. Right to rectification according to the article 16 GDPR and § 22 of the Privacy Protection Act,
10.3. Right to erasure (‘right to be forgotten’) according to the article 17 GDPR and § 23 of the Privacy Protection Act,
10.4. Right to restriction of processing according to the article 18 GDPR and § 24 of the Privacy Protection Act,
10.5. Right to object according to the article 21 GDPR and § 27 of the Privacy Protection Act,
10.6. Right to data portability according to the article 20 GDPR and § 26 of the Privacy Protection Act,
10.7. Right to lodge a complaint with a supervisory authority according to the article 77 GDPR; supervisory authority in the Slovak Republic is Office for Personal Data Protection of the Slovak Republic according to the § 81 (1) of the Privacy Protection Act.
11. Informative part
11.1. User IP address:
11.1.1. Saving IP address is necessary to avoid attacks of hackers, non-authorized data mining and for blocking access from IP addresses that break law of the SR and EU.
11.1.2. Registered users:
184.108.40.206. IP address is processed during logging in.
220.127.116.11. IP address is processed during publishing of content.
11.1.3. Other cases that in 11.1.2:
18.104.22.168. IP address is anonymized according to the Court of Justice of the European Union verdict and does not fall under GDPR.
22.214.171.124. Last part of IPv4 address is changed to 0, i. e. addresses in range 126.96.36.199 to 188.8.131.52 are being changed to 184.108.40.206.
11.2. Publishing photos containing persons:
11.2.1. Controller publishes pictures from public areas that can contain faces. Controller does not acquire any personal data from pictures, therefore GDPR is not applied to the photos published on the Web Portal.
11.2.2. Publishing of photos is according to the act no. 40/1964 Coll. which allows to publish images containing persons e. g. for purposes of news.