Information on the processing of personal data

Information on the processing of personal data

Pursuant to Articles 13 and 14 of Regulation (EU) No 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter also referred to as “GDPR”)

Spoločnosť:

Name: brainit.sk, s.r.o.

Headquarters: Veľký diel 3323, 010 08 Žilina

IČO: 52577465

DIČ: 2121068763

IČ DPH: SK 2121068763

Contact details:

info@brainit.sk

+421 918 022 030

Contact person responsible:

gdpr@brainit.sk

which is the supplier of the trusted certificate services you require, processes your personal data (hereinafter referred to as “PII”), which you are obliged to provide to it in accordance with the relevant legislation, as follows

Purpose of processing

Provision of trusted certificate services and related proving, exercising and defending legal claims.

Legal basis

Our legal obligation in accordance with the following regulations and standards

EU Regulation 910/2014 on electronic identification and trust services for electronic transactions in the internal market
Act No. 272/2016 Coll. on trust services for electronic transactions in the internal market (“the Act”)
the relevant ETSI standards related to the provision of trust services

Source OU

You or the person to whom the trust service is provided in the framework of which the certificate is made for you

Recipient of the RoO

The qualified certificate for electronic signature and therefore the personal data included therein are distributed to the National Security Authority in accordance with Section 6(2) of the Act
if we terminate the provision of trust services by another trust service provider or the National Security Authority in accordance with section 4(2) of the Act
Registration authority

Duration of retention of OA

If a qualified certificate is issued 10 years from the date of revocation or expiry of the certificate in question
if a ‘non-qualified’ certificate is issued 7 years from the date of revocation or expiry of the certificate in question

Your rights

Under the GDPR, you have the right to:

access to your personal data, which includes the right to obtain confirmation as to whether we are processing personal data about you and, if so, the right to obtain information about the processing of such data (purpose of processing, categories of personal data, recipients of personal data, duration of retention, source of personal data, etc.),
the rectification of your incorrect or outdated personal data and to update and complete it (depending on the type of processing),
restricting the processing of your personal data if:
you challenge the accuracy of your personal data during the time it takes us to verify its accuracy,
the processing is unlawful, you object to the erasure of your personal data and instead request the restriction of its use,
we have no use for your data but need it to prove, exercise or defend legal claims,
erasure of your personal data (unless one of the grounds of Article 17(3) GDPR is met), in the options that personal data:
Are unnecessary for the purposes for which we obtained or processed them,
have been unlawfully processed,
it must be erased in order for us to comply with our legal obligation,
the right to make a complaint to the Data Protection Authority.

Some of these rights are only valid with certain exceptions further defined in the GDPR and only on the condition that I can identify you – we will accept your requests in accordance with these legal conditions. You can exercise your rights with us in paper or electronic form by contacting us at the contact details listed at the head of this information.