en
Cart
0
0.00 €

PRIVACY POLICY AND  COOKIE NOTICE

I. Controller

1.1. Identity and contact details of the Controller:

Business name: Akadémia Urgentnej Medicíny - Academy of Emergency Medicine

Registered office: 900 53, Pernek 141, Slovak Republic

Registered in the register of Non-Governmental Non-Profit Organizations maintained by the Ministry of Interior Registration number: VVS/1-900/90-44267

Company ID/CIN: 42364639

Tax ID/TIN: 2024131285

Bank account: SK47 0900 0000 0051 5117 6882

The Seller is not a VAT payer (Value Added Tax).

1.2. Email and telephone contacts for the Controller:

Email: store@academyofemergencymedicine.sk

Tel.: +421903740712

1.3. Mailing address for correspondence:

Akadémia Urgentnej Medicíny - Academy of Emergency Medicine, 900 53 Pernek 141, Slovak Republic

1.4. In compliance with Article 13, paragraphs 1 and 2 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons regarding the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (hereinafter "Regulation"), the Controller hereby provides the Data Subject from whom personal data are obtained, with the following information, instructions, and explanations:

II. References

2.1. These Privacy Policy guidelines form an integral part of the General Terms and Conditions published on the Seller's website.

2.2. Pursuant to §3, par. 1, letter n) of Act No. 102/2014 Coll., the Seller informs the consumer that there are no specific codes of conduct applicable to the Seller. A code of conduct is understood as an agreement or set of rules defining the Seller's behavior in relation to one or more specific commercial practices or sectors if these are not set by law or other legal regulations or measures of public administration bodies.

III. Personal Data Protection and Cookies Usage

3.1. The Controller provides this brief explanation regarding the functionality of cookies:

3.1.1. Cookies are text files containing small amounts of information downloaded onto your computer, mobile device, or another electronic device when visiting a website. 

Cookies allow the Controller's website not only to recognize the user's device but also enable user access to site functionalities.

Cookies are classified into two basic types:

Persistent cookies remain on the user's device for a specified period. They activate every time the user visits the website that created the cookies.

Session cookies temporarily link user activities during a browser session, ending when the browser window is closed. Session cookies are temporary and deleted upon closing the browser.

3.2. Explanation of Cookies

3.2.1. A cookie is a small text file that a website stores on your computer or mobile device when you browse it. It enables the website to remember your actions and preferences (e.g., login details, language, font size, display settings) so you do not need to re-enter them when revisiting the site.

3.3. Instructions on Cookies Usage

3.3.1. The Controller's website uses cookies to store:

3.3.1.1. The fact that you have already responded to a survey displayed in a separate window (pop-up), through which you may express your opinion regarding the content of the website (it will not be displayed again);

3.3.1.2. Your consent (or non-consent) regarding the use of cookies on this website.

3.3.1.3. Data for marketing and re-marketing purposes.

Similarly, certain subpages forming part of the Operator's website use cookies for the anonymous collection of statistical data regarding the referring source of our internet domain and the manner in which you accessed our website.

The use of cookies is not strictly necessary for the proper functioning of the website; however, it provides you with an improved user experience when browsing it. You may delete or block cookies at any time.

The information stored in cookies is not used to personally identify you, and the data structure is fully under our control. Cookies are not used for any purposes other than those specified in this text. Certain pages or sub-sites of our website may use additional or different cookies than those described above. In such cases, detailed information regarding their use will be provided in a specific cookie notice available on the respective page.

3.4. Controlling Cookies

3.4.1. You can control and/or delete cookies as desired; see aboutcookies.org. You can delete all cookies stored on your computer and set most browsers to prevent cookies storage.

IV. Processed Personal Data

4.1. The Controller processes the following personal data on its website: name, surname, residence, email address, home phone number, mobile number, billing address, shipping address, cookie-derived data, IP addresses.

V. Contact Details of the Person Responsible for Supervision of Personal Data Protection

5.1. The Controller has appointed a person responsible for personal data protection in accordance with Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data. Contact: store@academyofemergencymedicine.sk

5.2. The Controller is also the Seller according to definitions in the website's General Terms and Conditions.

VI. Purpose and Period of Personal Data Processing

6.1. Purposes include:

6.1.1. Record-keeping, drafting and processing of contracts and client data for the purpose of concluding contracts with third parties.

6.1.2. Processing of accounting documents and records related to the Controller's business activities.

6.1.3. Compliance with legal regulations concerning the archiving of documents and records, for example pursuant to Act No. 431/2002 Coll., the Accounting Act, as amended, and other relevant legislation.

6.1.4. Activities of the Controller in connection with the fulfillment of a request, order, contract, or similar legal act of the Data Subject.

6.2. Personal data storage aligns with contractual fulfillment and legal archival requirements.

VII. Legal Basis of Personal Data Processing

7.1. The legal basis for the processing of personal data of Data Subjects is, depending on the specific personal data processed and the purpose of such processing, the consent of the Data Subject to the processing of personal data.

7.2. Where the Controller carries out the processing of personal data based on the consent of the Data Subject, such processing shall commence only after the Data Subject has granted the relevant consent.

7.3. Where the Controller processes the personal data of the Data Subject for the purposes of pre-contractual negotiations, as well as for the conclusion and performance of a purchase contract, including the related delivery of goods, products, or services, the Data Subject is obliged to provide the personal data necessary for the proper performance of the purchase contract; otherwise, performance cannot be ensured. Personal data for this purpose are processed without the consent of the Data Subject.

VIII. Recipients or Categories of Recipients of Personal Data

8.1. The recipients of the personal data of the Data Subject shall be or may at least include:

8.1.1. The statutory bodies of the Controller or their members.

8.1.2. Persons performing work for the Controller under an employment relationship or a similar contractual relationship.

8.1.3. Commercial representatives of the Controller and other persons cooperating with the Controller in the performance of the Controller's activities. For the purposes of this document, employees of the Controller shall be deemed to include all natural persons performing dependent work for the Controller on the basis of an employment contract or agreements on work performed outside an employment relationship.

8.1.4. Recipients of the personal data of the Data Subject shall also include collaborators of the Controller, its business partners, suppliers, and contractual partners, in particular: the accounting company, the company providing services related to the development and maintenance of software, the company providing legal services to the Controller, the company providing advisory services to the Controller, companies ensuring transport and delivery of products to Buyers and third parties, marketing companies, operators of social networking platforms, companies providing payment gateways and other payment methods.

8.1.5. Recipients of personal data shall also include courts, law enforcement authorities, tax authorities, and other public authorities, where required by law. Personal data shall be provided by the Controller to such authorities and public institutions on the basis of and in accordance with the applicable legal regulations of the Slovak Republic.

IX. Information on the Transfer of Personal Data to Third Countries and the Period of Their Retention

9.1. Not applicable. The Controller does not transfer personal data of Data Subjects to third countries.

X. Information about Relevant Rights of the Data Subject

10.1. The Data Subject has, among others, the following rights:

10.1.1. The provisions under point 10.1 do not affect other rights of the Data Subjects.

10.1.2. The right of the Data Subject of access to personal data pursuant to Article 15 of the Regulation, which includes: 

the right to obtain from the Controller confirmation as to whether or not personal data concerning the Data Subject are being processed and, if so, to what extent. Where such personal data are being processed, the Data Subject has the right to obtain access to the content thereof and to request from the Controller information on the purpose of the processing, in particular information regarding: the purpose of processing, the categories of personal data concerned, the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations, the envisaged period for which the personal data will be stored or, if this is not possible, the criteria used to determine that period, the existence of the right to request from the Controller rectification or erasure of personal data concerning the Data Subject or restriction of processing, and the existence of the right to object to such processing, the right to lodge a complaint with a supervisory authority, where the personal data are not collected from the Data Subject, any available information as to their source, the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) of the Regulation and, in such cases, at least meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the Data Subject, and information about appropriate safeguards pursuant to Article 46 of the Regulation relating to the transfer of personal data where personal data are transferred to a third country or to an international organisation.

10.1.3. The right to obtain a copy of the personal data undergoing processing, provided that the right to obtain such a copy shall not adversely affect the rights and freedoms of others.

10.1.4. The right of the Data Subject to rectification pursuant to Article 16 of the Regulation, which includes the right to have the Controller rectify without undue delay inaccurate personal data concerning the Data Subject, as well as the right to have incomplete personal data completed, including by means of providing a supplementary statement. The right of the Data Subject to erasure of personal data (the so-called "right to be forgotten") pursuant to Article 17 of the Regulation includes:

10.1.5. The right to obtain from the Controller the erasure of personal data concerning the Data Subject without undue delay where one of the following grounds applies:

the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; the Data Subject withdraws consent on which the processing is based, provided that there is no other legal ground for the processing; the Data Subject objects to the processing pursuant to Article 21(1) of the Regulation and there are no overriding legitimate grounds for the processing, or the Data Subject objects to the processing pursuant to Article 21(2) of the Regulation; the personal data have been processed unlawfully; the personal data must be erased for compliance with a legal obligation under European Union law or the law of a Member State to which the Controller is subject; the personal data have been collected in relation to the offer of information society services pursuant to Article 8(1) of the Regulation.

10.1.6. The right to require that the Controller who has made the personal data of the Data Subject public, taking account of available technology and the cost of implementation, take reasonable steps, including technical measures, to inform other controllers processing the personal data that the Data Subject has requested the erasure by such controllers of any links to, or copies or replications of, those personal data. However, the right to erasure pursuant to Article 17(1) and (2) of the Regulation shall not arise where processing is necessary:

10.1.7. For exercising the right of freedom of expression and information.

10.1.8. For compliance with a legal obligation which requires processing under European Union law or the law of a Member State to which the Controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller.

10.1.9. For reasons of public interest in the area of public health in accordance with Article 9(2)(h) and (i) of the Regulation, as well as Article 9(3) of the Regulation.

10.1.10. For archiving purposes in the public interest, for scientific or historical research purposes, or for statistical purposes pursuant to Article 89(1) of the Regulation, insofar as the right referred to in Article 17(1) of the Regulation is likely to render impossible or seriously impair the achievement of the objectives of that processing; or for the establishment, exercise, or defence of legal claims.

10.1.11. The right of the Data Subject to restriction of processing pursuant to Article 18 of the Regulation, which includes:

10.1.12. The right to obtain from the Controller restriction of processing where one of the following applies:

the Data Subject contests the accuracy of the personal data, for a period enabling the Controller to verify the accuracy of the personal data; the processing is unlawful and the Data Subject opposes the erasure of the personal data and requests the restriction of their use instead; the Controller no longer needs the personal data for the purposes of processing, but they are required by the Data Subject for the establishment, exercise, or defense of legal claims; the Data Subject has objected to processing pursuant to Article 21(1) of the Regulation, pending verification whether the legitimate grounds of the Controller override those of the Data Subject.

10.1.13. The right that, where processing has been restricted, such restricted personal data shall, with the exception of storage, be processed only with the consent of the Data Subject or for the establishment, exercise, or defense of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of important public interest of the European Union or of a Member State.

10.1.14. The right to be informed in advance of the lifting of the restriction of processing of personal data.

10.1.15. The right of the Data Subject to compliance with the notification obligation towards recipients pursuant to Article 19 of the Regulation, which includes:

the right for the Controller to communicate any rectification or erasure of personal data or restriction of processing carried out pursuant to Article 16, Article 17(1), and Article 18 of the Regulation to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort; the right for the Controller to inform the Data Subject about those recipients, if the Data Subject so requests.

10.1.16. The right of the Data Subject to data portability pursuant to Article 20 of the Regulation, which includes the right to receive the personal data concerning the Data Subject that the Data Subject has provided to the Controller, in a structured, commonly used, and machine-readable format, and the right to transmit those data to another controller without hindrance from the Controller, where:

a) the processing is based on the consent of the Data Subject pursuant to Article 6(1)(a) of the Regulation or Article 9(2)(a) of the Regulation, or on a contract pursuant to Article 6(1)(b) of the Regulation; and simultaneously

b) the processing is carried out by automated means; and simultaneously:

10.1.17. The right to receive personal data in a structured, commonly used, and machine-readable format and to transmit those data to another controller shall not adversely affect the rights and freedoms of others;

10.1.18. The right to have the personal data transmitted directly from one controller to another controller, where technically feasible;

10.1.19. The right of the Data Subject to object pursuant to Article 21 of the Regulation, which includes:

10.1.20. The right to object at any time, on grounds relating to the particular situation of the Data Subject, to processing of personal data concerning the Data Subject which is based on Article 6(1)(e) or (f) of the Regulation, including profiling based on those provisions of the Regulation;

10.1.21. Where the right to object is exercised on grounds relating to the particular situation of the Data Subject against processing pursuant to Article 6(1)(e) or (f) of the Regulation, including profiling based on those provisions, the right that the Controller shall no longer process the personal data unless the Controller demonstrates compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the Data Subject, or for the establishment, exercise, or defense of legal claims;

10.1.22. The right to object at any time to the processing of personal data concerning the Data Subject for direct marketing purposes, including profiling to the extent that it is related to such direct marketing; where the Data Subject objects to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes;

10.1.23. In the context of the use of information society services, the right to exercise the right to object to processing of personal data by automated means using technical specifications;

10.1.24. The right to object, on grounds relating to the particular situation of the Data Subject, to processing of personal data concerning the Data Subject for scientific or historical research purposes or statistical purposes pursuant to Article 89(1) of the Regulation, except where the processing is necessary for the performance of a task carried out for reasons of public interest;

10.1.25. The right of the Data Subject related to automated individual decision-making pursuant to Article 22 of the Regulation, which includes:

10.1.26. The right not to be subject to a decision based solely on automated processing of personal data, including profiling, which produces legal effects concerning the Data Subject or similarly significantly affects the Data Subject, except in the cases referred to in Article 22(2) of the Regulation [i.e., except where the decision:

(a) is necessary for entering into, or performance of, a contract between the Data Subject and the Controller,

10.1.27. is authorized by European Union law or the law of a Member State to which the Controller is subject and which also lays down suitable measures to safeguard the rights, freedoms, and legitimate interests of the Data Subject; or (c) is based on the explicit consent of the Data Subject.

XI. Information on the Right of the Data Subject to Withdraw Consent to Personal Data Processing:

11.1. The Data Subject has the right at any time to withdraw consent to the processing of personal data without affecting the lawfulness of processing based on consent before its withdrawal.

The Data Subject has the right to withdraw consent to the processing of personal data either in whole or partially. A partial withdrawal may relate to specific types of processing operations, while the legality of personal data processing for other operations remains unaffected. A partial withdrawal of consent may also pertain to particular processing purposes, while processing for other purposes remains unaffected.

The right to withdraw consent to personal data processing may be exercised by the Data Subject either in writing to the Controller's registered address listed in the register at the time of withdrawal or electronically via email sent to the Controller's email address provided in the identification section of this document.

XII. Information on the Right of the Data Subject to Lodge a Complaint with the Supervisory Authority:

12.1. The Data Subject has the right to lodge a complaint with a supervisory authority, particularly in the EU Member State of their habitual residence, place of work, or place of the alleged infringement, if they consider that personal data processing concerning them violates the Regulation, without prejudice to other administrative or judicial remedies.

The Data Subject has the right to be informed by the supervisory authority about the progress and outcome of the complaint, including the possibility of seeking judicial remedy under Article 78 of the Regulation.

12.2. In the Slovak Republic, the supervisory authority is the Office for Personal Data Protection of the Slovak Republic.

XIII. Information Related to Automated Decision-Making Including Profiling

13.1. As the Controller does not process personal data of the Data Subject through automated decision-making including profiling as defined in Article 22 paragraphs 1 and 4 of the Regulation, the Controller is not obliged to provide information according to Article 13 paragraph 2(f) of the Regulation, i.e., information about automated decision-making including profiling, the logic involved, as well as the significance and envisaged consequences of such processing for the Data Subject. Not applicable.

XIV. Final Provisions

14.1. These Personal Data Protection Principles and Information, including the Cookie Policy, form an integral part of the General Terms and Conditions and the Complaints Procedure. The documents – General Terms and Conditions and the Complaints Procedure of this Website – are published on the domain of the Seller's Website.

14.2. These Personal Data Protection Principles shall become valid and effective upon their publication on the Seller's Website on 15.10.2021.

The online store https://www.academyofemergencymedicine.sk is certified by https://www.pravoeshopov.sk