1. Identification of the controller

The Controller of your personal data is a non-governmental organization Humánny pokrok o.z., reg no. 42272262, with its registered seat at Belinského 1054/10, 85101 Bratislava-Petržalka, Slovak Republic, registered in the register of civil association of the Ministry of Interior of the Slovak Republic under reg. no VVS/1-900/90-41772 (“Controller”).

2. Introduction
This Privacy Notice explains why and how we collect and process your personal data and provide information about your rights related to the processing of your personal data.
Personal data means any information which can be used to identify you, or which is attributable to you as a natural person. Any other terms used throughout this Privacy Notice shall have the same meaning as defined in the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, “GDPR”)
Please do not send us any of your personal data if you do not want them to be used in the ways described in this Privacy Notice.
In particular, we may collect and use your personal data in connection with:
1. providing information you requested through an information request form;
2. existing relationship between you and us;
3. your interest to cooperate and the cooperation itself;
4. the protection of our legitimate interests; and
5. using our website.

3. Personal data collection
We will collect personal data directly from you and your representatives (e.g. your organization).
We may also collect personal data from third parties such as public authorities.
We may collect current or past personal data including your name, contract details, identification, organization, employment, positions and enquiry/complaint details. We may also collect personal data about your other dealings with us, including any contact we have with you in person, by telephone, email or online.
Our objective is to process only current and accurate personal data. Therefore, please inform us about any changes to your personal data provided to us, by email, to the address: [•] or by post to the above-mentioned addresses.

4. Personal data processing
The processed personal data includes, but is not limited to:
• general identification details (e.g. name, title or position and your relationship to us);
• contact details (e.g. postal address, email address and telephone number);
• financial data (through our ticketing partner GoOut.net);
• data concerning the use of our website (see our Cookie Notice);
• data provided by you in order to enter into a cooperation;
• any additional data provided by you at your discretion for the specific purpose of processing.
Therefore, in relation to the purposes mentioned in the introduction, we process following personal data:
• In case you request information through a contact form on our website, we process your general identification details and contact details, together with a short message/information that you have requested. The legal basis for such processing is namely performance of a contract, or other applicable purpose depending on the nature of your request.
• With regards to the existing relationship between you and us, we primarily process your general identification details, contact details (if necessary) and any other information that is necessary for the provision of the service to you. The legal basis for this processing is the performance of the contract.
• In case you are interested to cooperate with us and contact us via our website or via email, we process primarily your general identification details and contact details. The legal basis for this processing is an offer to conclude a contract and potential performance of a contract.
• To protect our legitimate interests, we ask you to provide us your identification details when you get in touch with us. This is necessary to comply with our obligations pursuant to Act no. 297/2008 Coll. on protection against money laundering and terrorist financing.
• Whenever you visit our website, we may process your personal data collected via cookies, provided you enabled them on your device. For more information about processing your personal data via cookies, please refer to our cookie notice.
• We may send you our marketing communication, provided you gave us your explicit consent. If you are our client, we may send you our marketing communication provided you have not declined to receive such communication. You may opt-out from receiving our marketing communication anytime by sending an email to [•].
We process your personal data both manually and by automated means. The manual processing is taking place in our premises in Bratislava.

5. Data retention
We process your personal data only for the time period necessary for the specific purpose. For example:
• When we process your data to perform a contract with you, we process your personal data for the duration of the contract and 10 years from the termination of the contract, in order to be able to defend any legal claims;
• In case we process your personal data to comply with a legal obligation, we process your personal data for the duration of the statutory period;
• For our legitimate interest, we process your personal data for the maximum duration of 3 years;
• In case we process your personal data based on your consent, we will process it until you withdraw your consent. Please note that withdrawal of your consent does not affect the legitimacy of the processing prior its withdrawal.

6. Disclosure and sharing of personal data
We do not sell or otherwise disclose your personal data to any other commercial entities.
We may share your personal data with third parties, if: (a) you have consented to such disclosure; (b) we are under a legal or professional obligation to do so (e.g. under anti-money laundering legislation); (c) it is necessary for the purpose of legal proceedings or in relation thereto, or to exercise or protect our rights; (d) it is necessary to disclose your personal data to partners, your professional advisors and our collaborating parties (e.g. involved in jointly organized events); (e) we disclose anonymous statistical data about our website users’ browsing actions and related user information to reliable third parties, including browser providers and analysts. We may share your personal data with some reliable third parties in accordance with contracts entered into with them. They include, in particular:
• our professional advisors and auditors;
• suppliers to whom we outsource certain ancillary services, such as word processing, translation, photocopying and review of documents, notary services, registry administration and archiving services;
• IT technology providers;
• third parties involved in hosting or organizing of events or seminars.
Your personal data may be disclosed to public authorities, courts and law-enforcement agencies solely for the reasons set forth in this document and only if the disclosure complies with our confidentiality obligations. Unless prohibited by applicable laws and regulations, we will use all reasonable endeavors to notify you in advance of any such disclosure.

7. Security
We take appropriate precautions to ensure that personal data (in electronic or hard copy form) are kept securely and protected from unauthorized access, change or disclosure. Our information security policy is supported by a number of security standards, processes and procedures. We store information in access-controlled premises or in electronic databases requiring logins and passwords. We require our data storage (including registry administration and archiving services) providers to comply with relevant information security industry standards. All partners, staff and service providers with access to confidential information are subject to confidentiality obligations.
The transmission of information via the Internet is not completely secure. Unless you inform us in writing that you request a specific security measures with respect a particular data that you transmit to us, we will use regular email and/or regular web communication services for transmission of such data between us.

8. Cookies
Information about cookies is available here.

9. Your rights
Under the GDPR and local data protection laws, you have the following rights:
You may request a confirmation that we process your personal data, for a copy of your personal data and/or for the correction of your personal data. In certain circumstances described in the GDPR, you have the right to request erasure of your personal data. You can also object to processing of your personal data under certain conditions, as described in the GDPR (for example, when we process your data for our legitimate interests). You have a right to withdraw your consent when the processing of your personal data is based on the consent. You also have the right to restrict processing of your personal data in certain circumstances and if applicable, to ask us to transfer some of your personal data to you or to other entities.
In case you wish to exercise any of the above-mentioned rights, please contact us at [careconf@humannypokrok.sk].

Should you have any doubts about our compliance with any of the obligations relating to the processing of your personal data, you can also refer your complaint to the following supervisory authority – Office for the Personal Data Protection of the Slovak Republic, with its registered office at Hraničná 12, 820 07 Bratislava, Slovak Republic, Email: statny.dozor@pdp.gov.sk, website: https://dataprotection.gov.sk/uoou/sk.

10. Update
We regularly review and update this document, and we reserve the right to make amendments hereto.