privacy policy
Privacy Policy
This website (hereinafter: “Website”) collects certain personal data from its users, including natural persons browsing the Website, contacting the Website operator or making bookings through the Website (hereinafter: “User” or “Users”). The present privacy policy (hereinafter: “Policy”) specifies the terms and circumstances in accordance which the personal data collection is carried out, in accordance with the relevant rules of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27th April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter: “GDPR”).
The Website is operated by Peter Svätojánsky (tax number: 42077605; e-mail address: everydayinthemountains@gmail.com), as the data controller of the personal data that is collected through the Website and in relation to the provision of Services that are available via the Website (hereinafter: “Data Controller”). The Data Controller may amend the Policy unilaterally, from time to time, by updating this page.
I. The data collection activities
The Owner carries out the following data protection activities, according to the following legal bases and for the following purposes and retention periods:
1. Sending message via the Website
For the purpose of using the contact form on the Website, and for communication purposes between the user and the Data Controller, the Website collects the following personal data: Name of the User, E-mail address and phone number of the User, any personal data that might be provided by the User in the message.
The legal basis of this data collection is the consent of the data subject (user), as set forth in point a) of Article 6(1) of the GDPR and the collected data will be stored for 1 month.
2. Booking through the Website
For arranging a booking with the Tatraleader, the following personal data will be collected through the Website’s booking forms: email address, name, phone number and personal data given through the communication. When you book a program with us, either through the website or through other channels, in our correspondence, for the provision of services, we may ask further data from you.
The legal basis of this data collection is that the provided data is necessary for the performance of the contract to which the User is party and their provision is in order to take steps at the request of the User prior to entering into a contract, as set forth in point b) of Article 6(1) of the GDPR. We will store these data during performance of the contract and for 5 years after the performance for taxation purposes, in the event the agreement was concluded.
3. Photos
Our services include that we make photos of the persons who are attending our programs and sending those to our clients as a memory. We ask those permission who will appear on these photos and respect their rights in case of they prefer not to and object against it (in which case, they will not appear on any photos). Unless otherwise agreed, these photos are for the personal use of the private individuals and we assume that all the persons who gave their consent to be on these photos agrees to the sending of these photos to the email addresses provided to us. The legal basis of this data collection is the fulfilment of the the contract to which the User is party in case of the User and the legitimate interest of us and the User to have artistic memories of the event organised with us. We store these data for 1 month after sending out our client, after that, we delete those. For sending out the photos, we use the Picture sharing services of Google LLC.
4. Greetings
We may provide our clients with greetings at holidays, for the email addresses and names they provide us. The legal basis of this data processing is the legitimate interest to keeping in touch with our former and future clients. We use the personal data for 2 years after the performance of services, or in case of any objection, we delete the personal data immediately.
5. Complaints
We are handling the User’s personal data provided to us in case of any complaints submitted to us. We process though only the personal data that is necessary to handle and resolve the complaint. We store the relevant personal data for 1 year after receipt of a complaint.
6. Analytics
We monitor and analyze the traffic on the Website and keep track of User behavior in order to improve the content on the Website. We use Google Analytics cookies for this purpose. Collected data: User’s access to and use of the Website. The collected data cannot be tracked back to the User. For further information on Google’s privacy policy, click here.
The legal basis for the data processing is the legitimate interest of the Data Collector as set forth in point f) of Article 6(1) of the GDPR, for the purpose of the data collection, i.e. the monitoring of the traffic on the Website. You may Opt Out.
Google Analytics Cookies are created as soon as the User visits a Website on which a valid Google Analytics tracking code is installed. The Cookies will be held on the User’s device for a maximum period of 2 years from the above date. For further information, please click here .
Personal data may be freely provided by the User, or, in case of analytics purposes, collected automatically when starting to browse the Website. As marked at the specific fields, the personal data requested on the Website is mandatory and failure to provide the correct personal data will make it impossible to provide the Services. Users must provide their own personal data and shall be responsible for any third person’s personal data sharing or publishing on this Website, in relation to which, the Data Controller assumes that they have the third person’s consent to provide their data to the Data Controller.
The Data Controller took appropriate security measures to prevent unauthorized access, disclosure, modification or destructions or any other incidents of the personal data. The Data Controller carries out the data collection activities using computers and IT enabled tools. In addition to the Data Controller, the personal data, in some cases, will be accessible to third parties involved in the provision of the Services and the operation of the Website, including administration, sales, marketing, legal, IT maintenance.
Beside the scope of the above mentioned legal bases, in some cases, when statutory legal obligations apply, the Data Controller process the personal data in order to comply with a legal obligation to which the Data Controller is subject, including data retention in order to comply with accounting and taxation laws, provision of data for complying with request of authorities, courts.
The data processing is carried out at the Data Controller’s operating office and in any other places where the third parties involved in the processing are located. The Data Controller uses Google Analytics, Gmail and Google Pictures that is operated by Google LLC (registered seat: 1600 Amphitheatre Parkway, Mountain View, California 94043, USA). Google LLC is located outside of the EEA, therefore their data processing may mean the transfer of certain data to the USA. Google LLC Google complies with the EU-US Privacy Shield Framework.
II. User’s rights in relation to data processing
Users have several rights regarding the personal data processing carried out by the Data Controller. In particular, Users have the right to do the following:
· Withdraw their consent at any time. Users have the right to withdraw their consent where they have previously given it to the processing of their personal data.
· Object to processing of their personal data. Users have the right to object to the processing of their data if the processing is carried out on a legal basis other than consent. In such case, the Data Controller may no longer process the personal data unless the he demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the User or for the establishment, exercise or defence of legal claims.
· Access their Data. Users have the right to learn if personal data is being processed by the Data Collector, obtain disclosure regarding the aspects of the processing and obtain a copy of the data undergoing processing: (i) the identity and the contact details of the Data Controller and, where applicable, of the controller’s representative; the contact details of the data protection officer, where applicable; (ii) the purposes of the processing for which the personal data are intended as well as the legal basis for the processing (iv) where the processing is based on point (f) of Article 6(1) of the GDPR, the legitimate interests pursued by the Data Controller or by a third party; (v) the recipients or categories of recipients of the personal data, if any; (vi) where applicable, the fact that the controller intends to transfer personal data to a third country or international organisation and the existence or absence of an adequacy decision by the Commission.
· Verify and seek rectification. Users have the right to verify the accuracy of their data and ask for it to be updated or corrected.
· Restrict the processing of their Data. Users have the right, under certain circumstances, to restrict the processing of their data. In this case, the Data Collector will not process their data for any purpose other than storing it.
· Have their personal data deleted or otherwise removed. Users have the right, under certain circumstances, to obtain the erasure of their data from the Data Controller.
· Receive their data and have it transferred to another controller. Users have the right to receive their data in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that the Data is processed by automated means and that the processing is based on the User’s consent, on a contract which the User is part of or on pre-contractual obligations thereof.
· Lodge a complaint. Users have the right to bring a claim before their competent data protection authority.
Any requests to exercise User rights can be sent to the Data Controller through the contact details provided in this document, but only in writing. These requests can be exercised free of charge and will be addressed by the Data Controller as early as possible and always within one month.
The User’s personal data can be used for legal purposes of the Data Controller in court or in the stages leading to possible legal action arising from improper use of this Website or the related Services.
Ever day in the mountais!