Who we are
For more than 30 years, EEA s.r.o. has been a Slovak software house focused on modern solutions and the most advanced technologies. It delivers projects for local and international companies in Slovakia and abroad.
It is committed to protecting the privacy of individuals who provide them with their data and access to ensure information protection with maximum responsibility.
It commits to clear and transparent information about what information it gathers and its purpose.
How we protect your privacy
The purpose of these Principles on Processing Personal Data for EEA customers (“the Controller”) issued by EEA s.r.o., ID 17321204, Mlynské nivy 12, 821 09 Bratislava, is to inform the data subject whose personal data may be processed, what personal data EEA processes as a controller in the provision of their Services, during visits to websites operated by EEA and contacts with potential customers, for what purposes and for how long EEA has processed these personal data under applicable law, to whom and for what reason may also transfer them, and also indicate what rights the data subject has with the processing of his/her personal data.
These Principles apply to the processing of personal data of customers and their respective representatives or contact persons, service users, people interested in services, and EEA-operated website visitors, always within the scope of personal data corresponding to their status toward EEA.
These Principles are issued in accordance with Regulation (EU) 2016/679 on the Protection of Individuals in the Processing of Personal Data (“the Regulation” or “the GDPR”) to ensure the EEA’s information obligation as the Controller according to Art. 13 of the GDPR.
Data Recipients
Your personal data may be made available to other entities involved in processing your personal data under the contract solely for the purposes specified in the “Purposes, Legal Grounds and Time of Personal Data Processing” section. These are mainly providers of third-party IT services and applications, processors providing personal data processing services for marketing purposes, and other entities that provide our services to our company.
Purposes, Legal Grounds and Time of Personal Data Processing
The extent of the data processed depends on the purpose of the processing. For some purposes, it is possible to process data directly on the basis of a contract, the legitimate interest of the EEA, or on the basis of the law (without consent), while for others, only under consent.
- Processing Due to the Performance of a Contract, the Fulfillment of Legal Obligations and Due to the Legitimate Interests of EEA
The provision of personal data necessary for the performance of the contract, the fulfilment of statutory obligations by the EEA and the protection of the EEA’s legitimate interests are mandatory. Without the provision of personal data for these purposes, it would not be possible to provide services. We do not need the approval to process personal data for these purposes. Still, we can object to the processing of personal data for EEA’s legitimate interests. Processing due to the performance of the contract and fulfilment of statutory obligations cannot be refused.
- Processing of Personal Data with Consent for Marketing Purposes
With the customer’s consent, EEA processes personal data for marketing purposes. Direct marketing is a suitable tool to alert you to new services or benefits we have prepared for our customers or in cooperation with our contractual partners. We need to process your data for this offer to prepare a properly targeted offer. Based on the targeted offer, you will only get information that can interest you. We do not want to bother you with offers that are not relevant to you. If you have granted us consent to the processing of your data for marketing purposes, we are authorized on our own or through intermediaries to use your data for the submission of business offers, marketing services, offers of electronic communications services and value added services and for other purposes agreed upon with you.
Regarding the offer of EEA services or possibly from contractual partners, we will notify you by telephone, through banners on our website, in writing on documents or other media, and in the form of business offers sent via SMS, e-mail, or MMS. We process personal data for marketing purposes for the period specified in the agreement or its revoking. We believe we will offer you better services and great deals based on targeted offers. However, you can refuse to send electronic mail at any time.
- Processing of Personal Data of Persons Who Have Granted Consent to Marketing Contact via Electronic Contact
For entities that have agreed to marketing contact via electronic contact, the EEA shall, with their consent, process the contacts made available to the entity for marketing contact with EEA service offers. If this consent is granted through an EEA-operated website, the EEA cookie data stored on the websites for which this consent has been granted is processed along with these contacts only if the cookies are enabled in the web browser.
- Processing of Cookies from EEA-Operated Websites
If the data subject’s web browser allows cookies, we process cookie alerts on EEA-operated websites to ensure the better operation of the EEA website and for EEA internet advertising.
- Providing Support via Facebook
If the data subject requests support from EEA through Facebook, EEA will process the personal data entered into the data subject’s Facebook profile and the data the subject provides during the communication.
The purpose of processing this personal data is to provide support at the customer’s request. The legal basis for the processing of personal data is Article 6, Par. 1, b) of GDPR regulations. The provision of personal data and their processing by EEA are essential to providing support at the customer’s request.
The recipient of the personal data is Facebook Ireland Ltd., located at 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland, as the controller. Facebook will process personal data in accordance with its Privacy Policy.
Personal data is processed for the time required to provide customer support.
Personal Data Retention Period
The Controller will process the Data for 2 years or until the Revocation of Consent and/or until the moment of objection to the Data processing. The Data will then be deleted. This Consent can be revoked at any time. The revocation of consent does not affect the lawfulness of processing based on the consent granted prior to its revocation.
The Rights of Data Subjects in Relation to the Processing of Personal Data
The data subject has the following rights in case EEA identifies him/her as a natural person and demonstrates his/her identity. These rights must be exercised in the manner determined for applying a particular law and not to the address of the responsible person. Requests made in breach of these policies will not be taken into consideration. Those rights may also be exercised only in relation to personal data which undoubtedly belong to the applicant.
- Right of Access to Personal Data
According to Article 15 of the GDPR, the data subject has the right of access to personal data, which includes the following rights:
- Receiving confirmation of processing personal data,
- Obtaining information on the purposes of the processing, the categories of personal data concerned, the recipients to which the personal data have been or will be made available, the planned processing period, the existence of the right to require the controller to fix or delete personal data relating to the data subject or to limit their processing or to object to such processing, file a grievance with a supervisory authority, about all available information about the personal data source, unless it is obtained from the data subject, the fact that automated decision making takes place, including profiling, on appropriate safeguards in providing data outside the EU,
- Obtain a copy of the personal data in case the rights and freedoms of others are not adversely affected.
In the event of a repeated request, EEA will be entitled to charge a reasonable fee for a copy of the personal data. In the event that the exercise of the right to a copy of personal data could, about specific categories of personal data, adversely affect the rights and freedoms of third parties.
- Right to Correct Inaccurate Data
According to Article 16 of the GDPR, the data subject has the right to correct inaccurate personal data that EEA will process. The Customer also should notify EEA of changing their data and demonstrate that such a change has occurred. At the same time, the customer is required to cooperate with the EEA if it is found that the personal data processed by the EEA are inaccurate. EEA will correct it without delay, but always because of technical possibilities.
According to Article 17 of the GDPR, the data subject has the right to delete personal data concerning him/her if the EEA does not provide reasonable grounds for processing such personal data. The EEA has set up mechanisms to ensure the automatic anonymization or deletion of personal data if they are no longer needed for the purpose for which they were processed. However, if the data subject considers that his/her data has not been deleted, he/she may repeat the deletion request.
- Right to Limitation of Processing
According to Article 18 of the GDPR, the data subject has the right to limit the processing if he/she disclaims the accuracy of the personal data or the reasons for its processing or opposes the processing of the data by submitting a written request to the registered office address of the EEA.
- Right to Notify About Corrections, Deletions, or Limitations of Processing
According to Article 19 of the GDPR, the data subject has the right to be notified by the EEA in the event of correction, deletion, or limitation of the processing of personal data. If personal data are corrected or deleted, the EEA will inform each recipient except where this proves to be impossible or requires unreasonable effort. At the request of the data subject, the EEA may provide information about these recipients.
- The Right to the Portability of Personal Data
According to Article 20 of the GDPR, the data subject has the right to request from the EEA personal data relating to him/her, which he/she has provided to EEA in connection with an employment contract or based on consent, and which are processed in an automated manner in a structured, commonly used and machine-readable format, and the right to request the transfer of such data to another controller as far as technically possible.
The request cannot be accepted if the exercise of this right could adversely affect the rights and freedoms of others.
- Right to Object to the Processing of Personal Data
According to Article 21 of the GDPR, the data subject has the right to object to the processing of his/her personal data because of the EEA’s legitimate interest.
In the event that the EEA cannot establish that there are serious, legitimate grounds for processing that override the interests or rights and freedoms of the data subject, the EEA shall terminate the processing on the basis of the objection without undue delay. The objection may be sent in writing to the address of the EEA registered office.
The data subject has the right to object to processing personal data relating to him/her for direct marketing. If the data subject objects to the processing of personal data for direct marketing, EEA may not process personal data for direct marketing.
- Right to Revoke Consent to the Processing of Personal Data
You may at any time appeal to the processing of your data for marketing purposes based on an
- express,
- understandable and
- definite manifestation of will (e.g., email to gdpr@eea.sk, a letter of recommendation, a phone call, etc., or by any other means specified on our website after your proper identification).
- Right to Contact the Office for Personal Data Protection
The data subject can contact the Office for Personal Data Protection located on Hraničná 4826/12, 820 07 Bratislava, if you feel your data protection rights have been violated.
Cookies
To continually improve the website https://eea.solutions, we use cookies to collect anonymous statistical data. You can view or change your preferences in the Privacy Preferences section.
Google Analytics
Google Analytics is the analytics tool we use to track the use of our website. The tool allows us to use a set of cookies and collect information and statistical data about the website’s use without personally identifying individual visitors on Google. Of course, there is IP anonymization in the Analytics service.
Learn more about privacy policies used in analytics services and personal data protection.
Lead Forensics
Lead Forensics primarily identifies companies that have visited websites. The application will simplify what company has accessed your site so that it can assign a visit to a legal entity, thus a company. In this case, Lead Forensics does not allocate visits to specific individuals or freelancers but exclusively to limited liability companies or joint stock companies. Thus, Lead Forensics does not include personal data or process them, and GDPR is not primarily applicable to the application.
Leady
The Leady application primarily identifies companies that visit your website. Simply put, the system recognizes these visits by associating them with a legal entity, i.e., a company. The Leady application does not link visits to specific individuals or sole proprietors but exclusively to limited liability companies or joint-stock companies. Therefore, the application does not contain or process personal data, and GDPR legislation does not primarily apply to it. An audit report confirming GDPR compliance is available for download and review here: Leady Application Audit Report.
The Leady application includes and, in some cases, displays the names of members of statutory bodies in the company details. These details are sourced from the public ORSR registry and are retrieved directly from the registry. As a result, no data processing occurs within the application; it merely displays the information. If the export of names of sole proprietors is required, this is handled through a direct connection to publicly available data.