FinStat, s. r. o., fully respects and complies with the personal data protection requirements set forth in the relevant legal regulations, in particular, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter, the “Regulation”).

This information is intended for customers and registered users of the website https://hithorizons.com/, whose personal data are processed by FinStat, s. r. o. Its aim is to provide data subjects with a sufficient overview of how their personal data are processed by FinStat, s. r. o. and what rights they have in relation to FinStat, s. r. o. regarding these data.

I. Who is processing your personal data?

The personal data controller is FinStat, s. r. o., with its registered office at Plynárenská 7/B, 821 09 Bratislava, the Slovak Republic, Corporate ID No.: 47 165 367, incorporated in the Business Register of the Bratislava III Municipal Court, Section Sro, File No. 89268/B (hereinafter referred to as “FinStat” or the “Controller”). The Controller’s contact information can be found in Article 13.

II. Which of your personal data are processed?

FinStat processes your personal data to the following extent: email address (which also serves as the log-in name), password in connection with the method of identification of these data with a particular computer / phone / tablet belonging to a particular natural person, name (or company name if the customer or registered user is a legal entity), address, contact email regarding the order, and the email used to log in to the user account. Voluntary data that users can provide include Corporate ID number, Tax ID number, VAT ID number in case of an entrepreneur, name and surname of a contact person, telephone and email address, information on services provided and any other data generated in the provision of services by our company.

III. Why do we process your personal data?

Your personal data are used in the processing activities of FinStat:

• a) to perform a service agreement to which you are a contracting party;
• b) to develop relationships with customers by performing marketing activities and supporting the Controller’s business;
• c) to meet the legal obligations of our company related to bookkeeping;
• d) for the purposes of maintaining a customer database – the CRM application.

IV. On what legal basis is your personal data processed?

Your personal data are processed by the Controller on the following legal basis:

• the processing for the purpose specified in Article 3, letter a) of this Information is necessary to conclude and fulfil service agreements with you as the Controller’s customers;
• the processing for the purpose specified in Article 3, letter b) of this Information is performed in connection with the legitimate interests of the Controller, which have been validated by the so-called proportionality test.;
• your personal data are processed for the purpose specified in Article 3, letter c) of this Information on the basis of the legal obligations of our company arising in particular from Accounting Act No. 431/2002 Coll.;
• your personal data are processed for the purpose specified in Article 3, letter c) of this Information on the basis of the legal obligations of our company arising in particular from Accounting Act No. 431/2002 Coll.;

V. Where are your personal data processed?

Your personal data are processed exclusively in the territory of the Slovak Republic or the European Union in compliance with the legal regulations applicable in this territory. Your personal data are stored exclusively using the technical equipment of our company, whereby the data are stored in an encrypted form so as to be protected from unauthorised access.

VI. Who do we provide your personal data to?

If necessary, your personal data may be provided or made available to certain supervisory bodies, other public administration bodies or public authorities authorised to request such data from FinStat pursuant to the respective legal regulations (in particular, to courts of justice and law enforcement authorities), and to entities providing legal or other professional services to FinStat.

Furthermore, to the extent necessary, your personal data may be provided or otherwise made available to our sales representatives, legal counsel, IT service provider and also to the company providing accounting and bookkeeping services for the Controller.

VII. How long will your personal data be processed?

Your personal data will be stored for the term of the service agreement and for the next 10 years from the termination of such an agreement, due to the obligation to archive all of our accounting documentation.

For the purposes of sending marketing communications, your personal data will be processed for the duration of our mutual business relationship and for another 5 years after its termination.

In order to maintain our customer database (CRM application) your personal data will be processed for the duration of our business relationship, and for the next 5 years following its termination.

VIII. Is your personal data used for automated decision-making?

Your personal data is not used for profiling or for other forms of automated decision-making.

IX. Where did we acquire your personal data?

We acquired your personal data directly from you.

X. Are you obliged to provide your personal data?

Yes, you are obliged to provide your data under the law or your contract, whereas it is not possible to conclude a contract and to provide our services without them.

XI. What rights do you have as a data subject?

As a data subject whose personal data are being processed, you have the following rights against FinStat:

• the right of access to personal data – you have the right to obtain from FinStat confirmation as to whether or not your personal data are being processed, and, where that is the case, access to the personal data and the information concerning the processing;
• the right to rectification of personal data – you have the right to obtain from FinStat without undue delay the rectification or completion of inaccurate or incomplete personal data concerning you;
• the right to restriction of the processing of personal data – you have the right to obtain from FinStat in certain cases restriction of the processing of your personal data so that they are only stored or processed for the establishment, exercise or defence of legal claims or for the protection of the rights of another person or for reasons of important public interest; you may request restriction of processing, in particular if you have doubts as to the accuracy of your personal data, for a period that allows FinStat to verify the accuracy of such data.;
• the right to erasure (right to be forgotten) – you have the right to obtain the erasure of your personal data from all paper or electronic FinStat databases, in particular if the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed, or if the data subject objects to the processing of personal data and there are no overriding legitimate grounds for the processing of personal data in case of the Controller’s marketing activities;
• the right to data portability – you have the right to transmit your personal data to another controller, except for personal data processed on the basis of the legitimate interests of the controller, and thus for the purposes under letter b) or letter d) of Article 3 of this Information;
• the right to object – you have the right to object, on grounds relating to your particular situation, at any time to processing of personal data, except for the processing of personal data for the purpose under letter a) and letter c) of Article 3 of this Information, and thus for the performance of contracts concluded with you as customers;
• in addition, you have the right to lodge a complaint with a supervisory authority, such authority being the Office for Personal Data Protection of the Slovak Republic. You can reach our office at the following address/numbers: Hraničná 12, 820 07 Bratislava 27, the Slovak Republic, or via email at: statny.dozor@pdp.gov.sk, or by sending a fax to: +421 2 3231 3234, or by phone on the following number: +421 2 3231 3214.

XII. Who supervises the correct processing of your personal data?

The compliance of the personal data processing with the respective legal regulations pertaining to personal data protection is supervised by the Controller’s Data Protection Officer, namely Data Protection Services s.r.o., which you can reach via email at: dpo_finstat@dpservices.sk. The Controller has also appointed an internal data protection coordinator who is competent to answer your questions and inquiries.

XIII. How can you contact us?

Should you have any concerns or questions, or should you wish to exercise your rights pertaining to the processing or protection of your personal data, you can contact FinStat s. r. o. in writing using the following address: FinStat s. r. o., Plynárenská 7/B, Bratislava 821 09, the Slovak Republic, or by email to ask@hithorizons.com.

XIV. Changes or updates to this document

This Information can be changed, amended or updated from time to time, in order to reflect changes in the legislation or the terms of our personal data processing.