Data Processing Information

If you are our customer, newsletter subscriber, or website visitor, you entrust us with your personal data. We are responsible for their protection and security. Please familiarize yourself with the personal data protection, principles, and rights you have under the GDPR (General Data Protection Regulation).

 

Who is the controller?

We are the company webz s.r.o., located at Pod Párovcami 165, 92101 Piešťany, Slovak Republic, ID: 46 805 265, which operates the website www.annavila.sk. We process your personal data as a controller, meaning we determine how personal data will be processed and for what purpose, how long, and select any additional processors who will assist us with processing.

 

Contact information

If you wish to contact us during the processing, you can reach us via email:

 

Declaration

We declare that as the controller of your personal data, we fulfill all legal obligations required by the applicable legislation, particularly the Personal Data Protection Act and GDPR, namely that:

- we will process your personal data only on the basis of a valid legal reason, primarily legitimate interest, contract performance, legal obligation, or granted consent,

- we fulfill the information obligation according to Article 13 of the GDPR even before the start of processing personal data,

- we will enable you and support you in exercising and fulfilling your rights under the Personal Data Protection Act and GDPR.

 

Scope of personal data and processing purposes

We process personal data that you provide to us for the following reasons (to fulfill these purposes):

- providing services, contract performance

- Your personal data to the extent: email, we need it to fulfill the contract (e.g., sending price lists, sending product catalogs, etc., delivering goods).

- accounting

If you are customers, we necessarily need your personal data (billing information) to comply with the legal obligation for issuing and recording tax documents.

 

Marketing – newsletter sending

We use your personal data (email and name), gender, what you click on in the email, and when you most often open them for the purpose of direct marketing – sending commercial notifications. If you are our customer, we do this out of legitimate interest, as we reasonably assume that you are interested in our news, until you unsubscribe.

If you are not our customer, we only send you newsletters with your consent, until you unsubscribe. In both cases, you can revoke this consent by using the unsubscribe link in each email sent.

We retain your personal data for the duration of the limitation periods, unless the law establishes a longer period for their retention or we have indicated otherwise in specific cases.

 

Cookies

When browsing our websites, we record your IP address, how long you stay on the site, and from which page you come. We consider the use of cookies to measure website traffic and customize the display of web pages as our legitimate interest as a controller because we believe that this allows us to offer you even better services.

Cookies for targeting advertising will only be processed with your consent.

You can also browse our websites in a mode that does not allow the collection of personal data. You can disable the use of cookies on your computer.

 

Security and protection of personal data

We protect personal data to the maximum extent possible using modern technologies that correspond to the level of technical development. We protect them as if they were our own. We have adopted and maintain all possible (currently known) technical and organizational measures to prevent misuse, damage, or destruction of your personal data.

 

Disclosure of personal data to third parties

Our employees and collaborators have access to your personal data. To ensure specific processing operations that we cannot provide on our own, we use the services and applications of processors who can protect data even better than us and specialize in such processing. These are the following providers:

 

Accounting processing

It is possible that in the future, we may decide to use additional applications or processors to facilitate and improve processing. However, we promise you that in such a case, when selecting, we will impose on the processor at least the same requirements for security and processing quality as on ourselves.

 

Transfer of data outside the European Union

We process data exclusively in the European Union or in countries that provide a level of protection based on a decision of the European Commission.

 

Your rights in connection with personal data protection

You have several rights in connection with the protection of personal data. If you wish to exercise any of these rights, please contact us via email:

You have the right to information, which is fulfilled by this information page with the principles of personal data processing.

Thanks to the right of access, you can request at any time, and we will provide you within 14 days with what personal data we process and why.

If something changes for you or any of your personal data becomes inaccurate or incomplete, you have the right to complete and change personal data.

You can use the right to restrict processing if you believe that we process your inaccurate data, you think we are processing unlawfully, but you do not want to delete all the data, or if you have objected to processing.

You can limit the scope of personal data or processing purposes. (E.g., By unsubscribing from the newsletter, you limit the processing purpose for sending commercial notifications.)

 

Right to data portability

If you would like to take your personal data and transfer it to someone else, we will proceed as if you were exercising the right of access – only with the difference that we will provide the information to you in machine-readable form. We need at least 30 days for this.

Right to erasure (to be forgotten)

Your other right is the right to erasure (to be forgotten). We don't want to forget you, but if you wish, you have that right. In that case, we will delete all your personal data from our system and from the system of all partial processors and backups. We need 30 days to ensure the right to erasure.

In some cases, we are bound by legal obligation, e.g., we must record issued tax documents for a period determined by law. In this case, we will delete all such personal data that are not bound by other laws. We will inform you by email when the deletion is complete.

Complaint to the Office for Personal Data Protection

If you feel that we are not handling your data in accordance with the law, you have the right to submit a complaint to the Office for Personal Data Protection at any time. We would be very grateful if you first inform us about this suspicion so that we can do something about it and rectify any errors if necessary.

 

Confidentiality

We assure you that our employees and collaborators who will process your personal data are obliged to maintain confidentiality about personal data and security measures, the disclosure of which could jeopardize the security of your personal data. This confidentiality continues even after the end of contractual relationships with us. Without your consent, your personal data will not be disclosed to any other third party.

 

Thank you for taking the time to read the principles of personal data processing.