GENERAL PRINCIPLES OF DATA PROCESSING
Controller
Company CEA Finance I, s.r.o., Registered seat: Slávičie údolie 106, 811 02 Bratislava, ID No.: 51319969, Registered in Business Register of District Court Bratislava I, Section: Sro, File No.: 125744/B (hereinafter referred to as the “Controller”) is the operator of this website and information systems in which it processes your personal data as the data of the data subject.
The controller shall process personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/ EC (hereinafter referred to as the “Regulation“), taking utmost account of the privacy of the persons concerned and the protection of their personal data.
The data subject is a natural person – a visitor of this website whose personal data is processed.
The personal data are identifiers through which the person concerned can be identified, directly or indirectly, in particular the name, surname, e-mail address, telephone number, online identifier. Controller does not process other personal data through this site.
Processing of personal data is an operation or a set of operations regarding personal data or personal data files, such as obtaining, recording, organizing, structuring, storing, reprocessing or altering, searching, browsing, using, providing, transmitting, disseminating or restriction, erasure or disposal, whether carried out by automated or non-automated means.
Reasons for processing personal data
Processing of collected and provided personal data is part of the Controller’s activities. Without the processing of such personal data, he would not be able to operate this website and offer his services in the required scope and quality or protect and assert his rights and legitimate interests against its business partners, potential business partners as well as other data subjects.
Legal basis for the processing of personal data
Although Regulation allows for the processing of personal data on several legal bases, processing of personal data may also take place without the consent of the data subject. These situations are mainly the fulfillment of the legal obligation, the fulfillment of the provisions of the contract, rep. for the legitimate interests of the Controller or a third party.
In the absence of any other legal basis for the processing, personal data shall be processed only with and to the extent of the data subject’s consent.
For the purposes of:
- replying to messages sent via the contact form, including those sent by electronic means,
- direct marketing of his services as referred to in the previous point
the Controller processes: name, surname, e-mail address, telephone number, cookies during its existence, unless the data subject withdraws consent to the processing of personal data or requests to delete his/her personal data.
Provision of personal data to third parties
Personal data processed by the Controller may also be processed by third parties, provided that the Controller so decides, or the obligation to provide personal data arises from the relevant legal framework.
In cases where the choice of the recipient of personal data is up to the Controller, he always aims to ensure that a high standard of data protection of the data subject is guaranteed.
The personal data of the data subject may be processed in the countries of the European Union and in countries which are parties to the Agreement on the European Economic Area. The transfer of personal data may only take place to third countries legal regime of which the European Commission deems sufficient to ensure an adequate level of protection of personal data.
Recipients of personal data processed by the Controller may be divided into the following categories:
- business partners providing physical and program services of the Controller’s information technologies, especially information systems, computer programs and servers,
- business partners providing the Controller with advertising and marketing services,
- business partners ensuring the fulfillment of the Controller’s duties in the area of legal services, human resources, taxes, audit and accounting,
- public authorities in cases where the Controller is obliged to provide personal data from a generally binding legal regulation or a decision of a public authority (especially courts, law enforcement authorities, bailiffs).
Security of personal data
The Controller processes personal data using electronic information systems. He has taken all necessary measures, to ensure that the level of personal data protection is as high as possible.
Rights of data subjects
Data subject shall have the right:
- to be informed in accordance with Article 13 and 14 of the Regulation,
- to require access to his/her personal data in accordance with Article 15 of the Regulation,
- to rectification of his/her personal data pursuant to Article 16 of the Regulation,
- to erasure of his/her personal data pursuant to Article 17 of the Regulation,
- to restriction of processing of his/her personal data pursuant to Article 18 of the Regulation,
- to portability of his/her personal data pursuant to Article 20 of the Regulation,
- to object to the processing of his/her personal data pursuant to Article 21 of the Regulation,
- file a complaint or a motion to initiate proceedings to the supervisory authority, according to relevant national legal regulation.,
- withdraw his/her consent with the processing of personal data at any time.
Any personal data protection issues may be sent to the person concerned by email: Jan.Pila@cbre.com or directly to the address of the Controller.
The Controller shall notify the data subject without undue delay if the personal data breach could lead to a high risk for the data subject’s rights.
Effectiveness of these General Principles of Personal Data Processing
These General Principles of Personal Data Processing are effective from the day of their publication. The Controller reserves the right to revise and update them at any time. Therefore, it is advised to check this General Privacy Policy regularly as you visit the website as it may have been updated since your last visit.