Privacy Policy

INFORMATION ON THE PROCESSING OF PERSONAL DATA OF THE DATA SUBJECT

pursuant to Article 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR)

1. Introduction

The controller considers compliance with the legal conditions for processing the personal data of data subjects to be one of its priorities.

• Controller details

• Company name: Emerson s. r. o.
• Sídlo: Račianska 88 B, 831 02 Bratislava – mestská časť Nové Mesto
• Company ID: 53870212
• Contact details of the designated person:
  • e-mail: emersonstksk@gmail.com
  • Correspondence address: registered office of the company

This information is effective from 16 January 2026. The controller is entitled to update it in accordance with changes in legislation or internal procedures.

• Definitions

• GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
• Data subject
• Personal data – any information relating to an identified or identifiable natural person.
• Controller – a natural or legal person that has determined the purposes and means of processing personal data.

• Job applications

Osobné údaje uchádzačov o zamestnanie spracúva prevádzkovateľ na účely obsadenia voľných pracovných miest alebo na účely ich evidencie aj bez konkrétneho výberového konania. Poskytnutie týchto údajov je nevyhnutné na zaradenie do výberového konania, bez nich to nie je možné. Právnym základom spracúvania je súhlas uchádzača podľa článku 6 ods. 1 písm. a) GDPR. Údaje sa uchovávajú najviac jeden rok od doručenia životopisu a potom sa zlikvidujú. Uchádzač môže kedykoľvek odvolať svoj súhlas jednoduchým zaslaním e-mailu na adresu [doplní sa kontakt], pričom odvolanie nemá vplyv na spracúvanie, ktoré prebehlo pred jeho odvolaním.

• Principles of personal data processing

In processing personal data, we follow the principles set out in Article 5 of the GDPR:

• Lawfulness of processing – every processing activity is carried out only on a legal basis established by law.
• Data minimisation – we process only the data that is necessary to achieve the purpose.
• Storage limitation – data is retained only for as long as necessary for the given purpose, after which it is securely deleted.
• Integrity and confidentiality – we have implemented technical, organisational and personnel measures to protect data from unauthorised access, loss or damage.

• Necessity of providing personal data

Providing personal data is a necessary condition for carrying out a technical and emissions inspection of your vehicle and for fulfilling our statutory obligations.

Without providing the required personal data, it is not possible to:

• carry out a technical or emissions inspection of the vehicle,
• issue an inspection report,
• submit data to the technical and emissions inspection information system,
• fulfil statutory obligations towards state administration bodies (Ministry of Transport SR, Slovak Police).

In cases where we process personal data on the basis of a contractual relationship (e.g. online appointment booking), providing personal data is a contractual obligation necessary for the performance of the contract.

• How we collect your personal data

We collect personal data directly from you – our clients – or from persons who order and arrange vehicle inspections on your behalf.

Personal data from business clients (e.g. carriers, companies with their own vehicle fleets, leasing companies) is collected:

• when placing an order for a technical or emissions inspection,
• when the vehicle is delivered in person for the technical/emissions inspection,
• from authorisations or powers of attorney granted by company representatives,
• from data contained in vehicle documents (technical certificate, certificate of registration, emissions report).

Personal data from private individuals is collected:

• directly during registration or the performance of a technical or emissions inspection,
• via online form or email (e.g. when booking an appointment),
• during communication with our authorised employees (in person, by phone or electronically).

We collect only the personal data that is necessary for fulfilling our statutory obligations, issuing inspection documents and maintaining records in accordance with applicable legislation.

• Purpose of processing, legal basis and retention period

The controller processes your personal data for pre-determined purposes, always on a legal basis and for the duration stipulated by law or determined by the purpose of processing.

• Legal regulations on the basis of which we process personal data

Where we process your personal data on the legal basis of fulfilling our statutory obligation (Art. 6(1)(c) GDPR), the relevant legislation is as follows:

• Act No. 725/2004 Coll. on conditions of vehicle operation on public roads and on amendments to certain acts, as amended.
• Act No. 106/2018 Coll. on the operation of vehicles on public roads,
  – governs the process of registration and categorisation of vehicles, technical and emissions inspections.
• Act No. 18/2018 Coll. on the protection of personal data and on amendments to certain acts,
  – governs the rights of data subjects and the obligations of controllers.
• Decree of the Ministry of Transport and Construction of the Slovak Republic No. 137/2018 Coll.
  – sets out details on inspection procedures and the content of technical and emissions inspections.
• Act No. 71/1967 Coll. on administrative proceedings (Administrative Procedure Code)
  – applies in cases of administrative inspections and related administrative decisions.

1. Purpose of operating the CCTV system

a) Recording the course and transparent result of the emissions inspection (EK) and technical inspection (TK) in the national information system.

b) Protection of the life, health, property and financial interests of the controller, as well as the life, health and property of natural persons present on the premises.

Legal basis for processing personal data

• For purpose a): Act No. 106/2018 Coll. on the operation of vehicles on public roads and related acts.
• For purpose b): Art. 6(1)(f) of Regulation (EU) 2016/679 – legitimate interest of the controller in protecting persons and property on the premises.

Retention period for recordings

• For purpose a): CCTV recordings are retained for 2 years from the date of recording within the national information system.
• For purpose b): CCTV recordings are retained for a maximum of 3 days, unless retention is required for a longer period due to an incident, complaint or legal proceedings.

Transfer of personal data

Transfer of personal data to third countries or international organisations does not take place. Recordings may be shared with the Slovak Chamber of STK, the Ministry of Transport SR, state supervisory bodies and the IT provider of the recording system, strictly within the scope necessary.

1. Photographs – evidence of TK, EK

In the course of performing technical, emissions and originality inspections (TK, EK), photographs are taken during the process to document the inspection.

The personal data processed includes primarily the vehicle registration number, vehicle identification data (VIN, make, type), and any personal data visible in photographs (e.g. faces of persons present).

The legal basis for processing is the fulfilment of the controller’s statutory obligation pursuant to Article 6(1)(c) of the GDPR.

Photographs are retained for 2 years from the date of the inspection and are stored securely in the national information system.

Personal data may be provided to the Slovak Chamber of STK, the Ministry of Transport SR, state supervisory bodies and the IT provider of the recording system, strictly within the necessary scope.

1. Disclosure of personal data

The personal data we process will not be made public and will be accessible only to authorised entities in accordance with applicable legislation.

1. Confidentiality

We assure you that all our employees and collaborators who process personal data are obliged to maintain confidentiality, both during and after their employment or cooperation.

1. Security of personal data

In accordance with Articles 24, 25 and 32 of the GDPR, we implement appropriate technical and organisational measures to ensure an adequate level of security for personal data.

Our measures include in particular:

• protection of the confidentiality, integrity and availability of data,
• control of physical and electronic access to data,
• rules for entering, sharing and retaining data,
• procedures for exercising the rights of data subjects,
• ensuring data erasure and responding to personal data breaches.

We take personal data protection into account when selecting technologies, software and procedures, in accordance with the “privacy by design” principle.

1. Cookies on our website

We are entitled to collect and process data about visitors and users of our website through cookies and similar technologies.

A cookie is a small amount of data sent as a file to your device (computer, tablet or mobile phone) when you visit a website.

Most websites, including ours, use cookies. Their purpose is to make your use of our site easier and more pleasant.

Through cookies we store data that does not serve to identify you directly, and we do not link it independently to a specific individual.

Legal basis:

• Section 109(8) of Act No. 452/2021 Coll. (technically necessary cookies),
• Art. 6(1)(a) GDPR (statistical/marketing cookies – require consent).

Cookie settings:
You can manage cookies in your browser (accept/reject, notifications, delete existing cookies). Disabling cookies may affect the functionality of the website.

• Chrome: https://support.google.com/accounts/answer/61416
• Firefox: https://support.mozilla.org/kb/enable-and-disable-cookies-website-preferences
• Microsoft Edge: https://support.microsoft.com/help/4468242
• Safari: https://support.apple.com/safari
• Opera: https://help.opera.com/latest/

1. Data subject

A data subject is any natural person whose personal data we process. This includes primarily our customers, business partners, employees and other persons who contact us.

1. Rights of data subjects under the GDPR and the Personal Data Protection Act

Your personal data is your data. In connection with its processing, you have the following rights:

• Right of access

(Art. 15 GDPR, § 21 of the Act)

The data subject has the right to know whether their personal data is being processed and, if so, to obtain a copy of that data along with related information.

• Right to rectification

(Art. 16 GDPR, § 22 of the Act)

If the data is inaccurate or incomplete, the data subject has the right to have it corrected or completed.

• Právo na vymazanie („právo byť zabudnutý“)

(Art. 17 GDPR, § 23 of the Act)

In certain cases, the data subject may request erasure of their data (e.g. if it is no longer necessary for the purpose for which it was collected).

• Right to restriction of processing

(Art. 18 GDPR, § 24 of the Act)

The data subject may request a temporary restriction on the use of data, e.g. if they dispute its accuracy or the lawfulness of processing.

• Right to data portability

(Art. 20 GDPR, § 26 of the Act)

The data subject may request the transfer of personal data they provided on the basis of a contract or consent to another controller in a structured, commonly used and machine-readable format.

• Right to object

(Art. 21 GDPR, § 27 of the Act)

The data subject may object to processing based on the controller’s legitimate interest. In such a case, the controller must stop processing unless it demonstrates compelling legitimate grounds that override the interests of the data subject.

• Rights regarding automated decision-making and profiling

(Art. 22 GDPR, § 28 of the Act)

The data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them.

• Right to withdraw consent

(Art. 7(3) GDPR, § 14 of the Act)

Where the controller processes data on the basis of consent (e.g. a photograph on the website), the data subject may withdraw their consent at any time without affecting the lawfulness of processing prior to withdrawal.

• Right to lodge a complaint – if you believe that we are processing your data unlawfully or unfairly, you may lodge a complaint:

• directly with us as the controller, or
• to the Office for Personal Data Protection of the Slovak Republic, Park One Building, Námestie slobody 6, 820 08 Bratislava 28, tel.: +421 2 3231 3214, email: statny.dozor@pdp.gov.sk, web: www.dataprotection.gov.sk

👉 We would, however, appreciate it if you contact us first in the event of any questions or concerns – we will do our best to resolve the matter promptly and to your satisfaction.

1. How to exercise your rights

You exercise your rights directly with the controller processing your personal data. If the controller has a designated responsible person, you may contact them.

To enable us to identify you and provide you with the data relating to you, please have your basic identification details ready.

We will respond to your request free of charge within 30 days. In the case of complex or numerous requests, we may extend this period by a further two months, of which we will inform you.

The processing we carry out does not involve automated decision-making or profiling, therefore the right to object to such processing does not apply in our case.

1. Conclusion

If you have any questions about personal data protection, you may contact the controller at any time by email or in writing at the registered office address.