Privacy policy

The General Data Protection Regulation is an European Union Privacy Policy valid from May 2018 and is binding on anyone who operates and interacts with personal data in an EU environment.

Here are the basic rules for protecting your personal information as a precedence over your consent to the processing of your personal data. The detailed terms of the commitments and relationships that are fully accepted by the G-Cert-i certification body are listed on the main page www.gcerti.com/GDPR, or you can communicate with the regional G-Cert-i representative in addition to the policies listed here.

Privacy Policy

If you are a customer, a news subscriber or a visitor to our website www.gcerti.sk, you entrust us with your personal information and we, as the operator, pay close attention to the protection of personal data and are responsible for their protection and security. Understand the fundamental principles of the GDPR (Personal Data Protection Regulation), what personal data we process, whether we process data based on our consent, or other legal reason for what purpose we use it, whom we can pass it on, and what we have in connection with it to process your personal data rights. When processing personal data, he / she proceeds in accordance with the following legal regulations with effect from 21.06.2019:

  • Act no. 18/2018 Z.z. on the protection of personal data
  • Regulation (EU) 2016/679 of the European Parliament and of the Council ("GDPR")

Who is the operator and who is the intermediar?

G-Cert-i, 15F, Eunpyengo-ro, Eunpyengo-gu, Seoul, Korea, is the operator processing your personal data for system and personal certification by your Owner and Data Controller. On its website www.gcerti.com/GDPR describes all the obligations of the privacy policy, hereinafter referred to as "operator".

The personal data broker for the operator G-Cert-i is in the territory of the Slovak Republic and the Czech Republic a contractual partner for the above-mentioned region, which is cannoway, sro, ID 47 974 834, with its registered office at Smaragdová 15, 040 11, Košice in the Commercial Register City Court Košice, Section Sro, Insert No. 42679 / V, as a contracting Global Network Partner G-Cert-i for the region to the extent of the Slovak Republic and the Czech Republic (www.gcerti.sk, hereinafter referred to as the "Intermediar"), which mediates personal data under the conditions set forth below for the assignee for the purpose of certification and at the same time processes personal data for the purpose of using the website www.gcerti.sk as shown below.

Contact information

If you want to contact us during the processing of your personal data, you can contact us by phone: +421 917 665319 or by email: info@gcerti.sk.

Why do we process personal information?

The processing of personal data is necessary for us to:

  • provide our services and products and, to this end, process the personal data of our clients, suppliers, business partners, employees and others;
  • fulfill our legal and contractual obligations;
  • protect the legitimate interests of us, our clients and others.

What personal data we process and for what purposes

cannoway, s.r.o., processes the following personal data for the use of the website "www.gcerti.sk": IP address, cookies and Google Analytics.

The legal basis for the processing of personal data is Article 6 (1). 1 (a) a) GDPR Regulations. The data subject has consented to the processing of personal data for at least one specific purpose. The consent of the person concerned is expressed by clicking the button I agree to use cookies directly on the website.

Cookies - are small text files that improve the use of the website eg. by enabling previous visitors to be recognized when logging in to the user environment, by remembering a visitor's choice when opening a new window, by measuring traffic to a website, or by using it to improve user experience.

Our website uses cookies in particular for basic / general traffic measurement purposes. They also help us to better understand the behavior of our website visitors. While information collected through cookies and other similar technologies is typically nonpersonal in nature, and to the extent that Internet Protocol (IP) addresses and similar identifiers are treated as personal information, we treat these identifiers as personal information.

Cookies may be temporary or permanent depending on how long they are used. Temporary cookies are deleted when the browser is closed, persistent cookies remain on the user's device during a predefined period.

Google Analytics - is an analytics tool that allows you to store information in cookies to generate statistics about website traffic. This functionality is not indispensable for browsing and serves to monitor the site's performance and improve it. Permanent cookies are used, the tool is provided by a third party.

The information stored in cookies is not used for your personal identification. Cookies are not used for purposes other than those specified herein. Third-party tools implemented may use cookies that are unaffected and stored and processed beyond any influence.

Sign out of newsletters and business information

We send you our e-mails with ongoing actions, articles, inspirations or products and services if you are a customer of our legitimate interest. If you are not yet our customer, we will only send them to you upon your consent. In both cases, you can end your email subscription by pressing the check-out link in each email you send.

Your privacy rights

With regard to your privacy, you have rights as a person:

Right to information - you have the right to information according to the GDPR principles, which are briefly summarized on this page.

The right to access data - you have the right to know whether and how we process your personal data. If so, you can request access to this data, we will provide you with 30 days to process your personal information and why.

Right to Repair - You have the right to have your personal data we process correct, complete and up to date. If we process incorrectly personal information about you, you can request us to correct it.

Right to erase - You have the right to delete your personal data we process in some cases. We will delete data without undue delay if any of the following is true:

Processing is no longer necessary for the purpose for which we acquired it.

By withdrawing your consent to the processing of personal data on the basis of your consent to us in the past. However, if we process the same personal data on a different legal basis than your consent, we have the right to continue processing it on that legal basis.

By opposing the processing of your personal data we process based on our legitimate interests. If our legitimate reasons do not outweigh your reasons as the data subject, we will delete the personal data.

Right to Restrict Processing - You may use, if you believe that we process your personal information inaccurately, you believe that the processing of your personal data is illegal, but you do not want to delete all data or if you have objected to processing as a data subject, you may limit the scope of personal data to verify that our legitimate reasons as an operator or intermediator override your legitimate reasons as the data subject.

Right to Data Transfer - You can use the right to take or transfer your personal information to someone else. We will proceed as if using the right of access to data. You can obtain the information electronically, which you can transfer to another operator.

Right to lodge a complaint - if you believe that you are directly affected by your rights under the GDPR Regulation or by applicable law, you have the right, as the person concerned, to initiate proceedings before the Office for Personal Data Protection of the Slovak Republic or the Czech Republic.

Providing personal data to third parties

We only disclose your personal information to the extent necessary. As an intermediary, we may disclose your personal data to persons other than our authorized employees only if we are permitted by the contract with you as the person concerned, with your consent, or if such an obligation arises from the law and all this, while keeping the recipient confidential data.

Depending on the purpose of the processing and the specific circumstances, typical recipients of your personal information are:

  • audit firms;
  • archiving companies;
  • shipping companies;
  • professional advisers (eg lawyers, accountants);
  • standard software equipment providers (eg Microsoft) or our company technical support;
  • providers of analytical, cloud or hosting services (e.g. Google);
  • employees and workers.

Transmission of data outside the EU

Your personal information cannoway, s.r.o. does not pass to countries that are not part of the European Economic Area, except for personal data on the relevant system certification certificates, respectively. personal certification that is necessary for the purpose of identifying certified legal and natural persons (www.gcerti.com/GDPR). You consent to this processing of personal data by submitting an appropriate electronic questionnaire (Application for System Certification and Application for Accredited Training) from this website.