Privacy Policy
In accordance with Regulation (EU) No.
2016/679
Your personal data is processed in the course of our business.
For our company Letisko Poprad-Tatry, a.s. the proper processing of your personal data is important and their protection is very important to us, therefore we would like to provide you with information regarding their processing in accordance with Regulation (EU) No.
2016/679 (GDPR) of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as the “Regulation”) and Act no.
18/2018 Coll. on the protection of personal data, as amended (hereinafter referred to as the “Act”).
Responsible person
The controller has appointed a data protection officer to oversee compliance with the legal obligations and principles of data protection.
If, after reading this document, anything is unclear or you are unsure about anything, we will be happy to explain any term or part of this document to you.
Therefore, please feel free to contact us at any time at the email address of the responsible person gdpr@airport-poprad.sk or in writing at the address of the controller.
Who processes your data?
Poprad-Tatry Airport, a.
s. Na letisko 100, 058 98 Poprad ID No.: 35 912 651 Contact to the operator: +421 52 776 3875, airport@airport-poprad.sk Contact to the responsible person: gdpr@airport-poprad.sk (hereinafter referred to as “the operator”)
What personal data do we process?
The information we collect about you and how we use it depends on the specific service you use from us as the operator.
The controller may process the following personal data about you in paper or electronic form that you provide to us: name, surname, title, place of permanent residence or place of temporary residence, date of birth, ID number, email, telephone contact, registration number.
For what purpose and on what legal basis does the controller process your personal data?
a) For the purpose of fulfilling contractual obligations
Identification and contact details: name and surname, address, date of birth, place of business, ID number, VAT number, VAT number, ID number (ID card, passport or other ID card), telephone number, email address, billing address, your function in the organization, if you represent a legal entity.
We process this data on the basis of Act no.
431/2002 Coll. on accounting, as amended, Act no.
250/2007 Coll. on consumer protection as amended, Act no.
513/1991 Coll.
Commercial Code, Act no.
222/2004 Coll. on value added tax, as amended, and others.
The data is processed by the controller for the duration of the contractual relationship and is stored for 10 years after the end of the contractual relationship.
Personal data in the context of bookkeeping are processed by the controller for a period of 10 years. Records of entries into the premises of the operator, ID card – keeping records of persons entering the premises of the operator.
At the request of the data subject when it is a pre-contractual relationship and the processing of your personal data is necessary for the establishment of the contractual relationship.
Your personal data are processed in accordance with Act no.
143/1998 on civil aviation (Aviation Act) and amending certain laws and Commission Implementing Regulation (EU) 2015/1998 of 5.
November 2015 laying down detailed measures for the implementation of the common basic standards on aviation security.
For this purpose, the controller processes routine personal data about you for a period of 5 years. When using parking on the basis of an issued parking card or permitted entry of private vehicles into non-public areas – this is a pre-contractual relationship and the processing of your personal data is necessary for the establishment of the contractual relationship.
The controller processes routine personal data about you for a period of 5 years.
(b) CCTV surveillance
The legitimate interest of the controller for the purposes of protecting the controller’s property and the security of data subjects in the indoor and outdoor areas of the controller.
Data subjects shall be informed of the location of the CCTV system by means of pictograms placed in a prominent position at the entrance to the monitored area.
(c) Passenger registration, Handling services
When providing services to passengers, personal data about you is processed in the carrier’s software in the scope of the identity document, flight number and destination.
If your data is already in the carrier’s software, an employee of the operator is entitled to verify the data on the basis of the presentation of an identity document, a travel document.
On the basis of Regulation (EC) No.
1107/2006 z 5.
July 2006 on the rights of disabled persons and persons with reduced mobility when travelling by air, the operator shall process information about you relating to your disability.
Passengers’ personal data are processed in accordance with Act no.
143/1998 on civil aviation (Aviation Act) and amending certain laws and in accordance with Regulation (EC) No.
300/2008 on common rules in the field of civil aviation security.
Passengers’ personal data are processed by the controller for a period of 5 years.
d) On the basis of a complaint or a claim
Complaints and complaints are handled by the operator in accordance with Act No.
9/2010 Coll. on complaints, as amended, and Act No.
250/2007 Coll. on consumer protection, as amended.
The records of complaints and claims are archived with the operator for a period of 5 years from their handling.
(e) On the basis of the consent of the data subject
For marketing purposes and promotion of the operator, promotion of services and to determine satisfaction with the services provided by the operator, to send offers and address communication with potential customers.
The consent provided for these purposes is entirely voluntary and is, however, necessary in order for you to be contacted with offers of services.
You may withdraw any free consent that you have unambiguously confirmed by your signature at any time in person, in writing sent to the Operator’s registered office, or by email to gdpr@airport-poprad.sk.
However, withdrawal of consent does not affect the lawfulness of processing based on consent prior to its withdrawal.
Will your personal data be disclosed to other recipients?
We also use the services of other processors who process personal data only according to our instructions and for the purpose we set out.
We have also entered into personal data processing agreements with these processors or have ensured that these other processors have committed in writing to process personal data in accordance with the GDPR.
Categories of recipients: – accounting service providers – IT and security technology suppliers, website administrators, mail and consent database administrators, other relevant support and related services – insurance companies – carriers – travel agencies – government and public authorities, courts, law enforcement authorities, bailiffs, notaries – tax advisors, auditors – complainant and other persons affected by the complaint – parties to the proceedings – and other entities to whom the disclosure of personal data is required by law.
Will your personal data be transferred to third countries?
The controller does not intend to transfer your personal data to third countries.
How long will your personal data be processed for this purpose?
Your personal data shall be stored by the controller for the duration of the contractual relationship with the Processor/Customer and after its termination until the settlement of all obligations arising from or related to it, or until the legitimate interest in their processing ceases to exist.
If the Controller processes your personal data on the basis of consent, your personal data will be processed by the Controller for the purpose for as long as the consent is valid or until you withdraw your consent.
When handling personal data, the controller applies the principle of minimisation, which means that as soon as the period for which it is obliged to keep personal data has expired, it immediately anonymises your personal data from databases and information systems.
What are your rights in relation to this processing?
Na základe písomnej žiadosti, ktorá je umiestnená tu:
• Žiadosť dotknutej osoby na uplatnenie jej práv – zamestnanec >>>
• Žiadosť dotknutej osoby na uplatnenie jej práv – cestujúci, zmluvný partner, návšteva >>>
ste oprávnený si u prevádzkovateľa uplatniť nasledovné:
• Odvolať súhlas – v prípadoch, kedy Vaše osobné údaje spracúvame na základe Vášho súhlasu, máte právo tento súhlas kedykoľvek odvolať. Súhlas môžete odvolať elektronicky na adrese zodpovednej osoby, písomne na adrese prevádzkovateľa. Odvolanie súhlasu nemá vplyv na zákonnosť spracúvania osobných údajov, ktoré sme na jeho základe o Vás spracúvali.
• Právo na prístup – máte právo na poskytnutie kópie osobných údajov, ktoré o Vás máme k dispozícii, ako aj na informácie o tom, ako Vaše osobné údaje používame. Vo väčšine prípadov Vám budú Vaše osobné údaje poskytnuté v písomnej listinnej forme, pokiaľ nepožadujete iný spôsob ich poskytnutia. Ak ste o poskytnutie týchto informácií požiadali elektronickými prostriedkami, budú Vám poskytnuté elektronicky, ak to bude technicky možné.
• Právo na opravu – prijímame primerané opatrenia, aby sme zabezpečili presnosť, úplnosť a aktuálnosť informácií, ktoré o Vás máme k dispozícii. Ak si myslíte, že údaje, ktorými disponujeme sú nepresné, neúplné alebo neaktuálne, prosím, neváhajte nás požiadať, aby sme tieto informácie upravili, aktualizovali alebo doplnili.
• Právo na výmaz (na zabudnutie) – máte právo nás požiadať o vymazanie Vašich osobných údajov, napríklad v prípade, ak osobné údaje, ktoré sme o Vás získali, už viac nie sú potrebné na naplnenie pôvodného účelu spracúvania. Vaše právo je však potrebné posúdiť z pohľadu všetkých relevantných okolností. Napríklad, môžeme mať určité právne a regulačné povinnosti, čo znamená, že nebudeme môcť Vašej žiadosti vyhovieť.
• Právo na obmedzenie spracúvania – za určitých okolností ste oprávnený nás požiadať, aby sme prestali používať Vaše osobné údaje. Ide napríklad o prípady, keď si myslíte, že osobné údaje, ktoré o Vás máme, môžu byť nepresné alebo keď si myslíte, že už Vaše osobné údaje nepotrebujeme využívať.
• Právo na prenosnosť údajov – za určitých okolností máte právo požiadať nás o prenos osobných údajov, ktoré ste nám poskytli, na inú tretiu stranu podľa Vášho výberu. Právo na prenosnosť sa však týka len osobných údajov, ktoré sme od Vás získali na základe súhlasu alebo na základe zmluvy, ktorej ste jednou zo zmluvných strán.
• Právo namietať – máte právo namietať voči spracúvaniu údajov, ktoré je založené na našich legitímnych oprávnených záujmoch. V prípade, ak nemáme presvedčivý legitímny oprávnený dôvod na spracúvanie a Vy podáte námietku, nebudeme Vaše osobné údaje ďalej spracúvať.
• Právo podať návrh na začatie konania o ochrane osobných údajov – ak sa domnievate, že Vaše osobné údaje spracúvame nespravodlivo alebo nezákonne, môžete podať sťažnosť na dozorný orgán, ktorým je Úrad na ochranu osobných údajov Slovenskej republiky, Hraničná 12, 820 07 Bratislava 27; tel. číslo: +421 /2/ 3231 3214; mail: statny.dozor@pdp.gov.sk, https://dataprotection.gov.sk. V prípade podania návrhu elektronickou formou je potrebné, aby spĺňal náležitosti podľa § 19 ods. 1 zákona č. 71/1967 Zb. o správnom konaní (správny poriadok).
Prevádzkovateľ poskytne dotknutej osobe informácie o opatreniach, ktoré sa prijali na základe jej žiadosti do jedného mesiaca od doručenia žiadosti.
Does the processing of your personal data involve automated decision-making, including profiling?
Pri spracúvaní Vašich osobných údajov nedochádza k automatizovanému rozhodovaniu vrátane profilovania.