What’s On

Privacy policy

Hogo Fogo Jazz & Art Club, Námestie Š. Moysesa 7, Banská Bystrica, Slovakia

Hogo Fogo Jazz & Art Club (hereinafter referred to as the “Controller”), in accordance with Regulation 2016/679 GDPR on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as the “Regulation”) and Act No. 18/2018 Coll. on the protection of personal data and on the amendment and supplementation of certain acts (hereinafter referred to as the “Act”), has developed security measures that are regularly updated. They define the scope and method of security measures necessary to eliminate and minimize threats and risks affecting the information system in order to ensure:

  • availability, integrity and reliability of management systems using the most modern information technologies
  • protect personal data from loss, damage, theft, modification, destruction and maintain their confidentiality
  • identify potential problems and sources of disruption and prevent them.

Contact person in charge: Atila Béreš – klub@hogofogo.sk

Privacy Policy

Your personal data will be stored securely, in accordance with the operator’s security policy and only for the period necessary to fulfill the purpose of the processing. Access to your personal data will be limited to persons authorized by the operator to process personal data, who process them on the basis of the operator’s instructions, in accordance with the operator’s security policy. Your personal data will be backed up, in accordance with the operator’s retention rules. Your personal data will be completely deleted from backup storage as soon as possible in accordance with the backup rules. Personal data stored in backup storage serves to prevent security incidents, in particular disruption of data availability due to a security incident.

Definitions

“personal data” means any information relating to an identified or identifiable natural person (hereinafter referred to as the “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person

“processing” means an operation or set of operations which is performed on personal data or on sets of personal data, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction, whether or not by automated means

“restriction of processing” means the marking of stored personal data with the aim of limiting their processing in the future;

‘profiling’ means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning the natural person concerned concerning his/her performance at work, financial situation, health, personal preferences, interests, reliability, behaviour, location or movements;

‘information system’ means any structured set of personal data which is accessible according to specified criteria, whether centralised, decentralised or distributed on a functional or geographical basis;

‘controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are laid down in Union or Member State law, the controller or the specific criteria for its determination may be determined in Union or Member State law;

‘processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;

‘recipient’ means a natural or legal person, public authority, agency or other body to which personal data are disclosed, whether or not it is a third party. However, public authorities which may receive personal data in the context of a specific investigation in accordance with Union or Member State law shall not be considered recipients; the processing of those data by those public authorities shall be carried out in accordance with the applicable data protection rules, depending on the purposes of the processing;

‘third party’ means a natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and persons who, under the direct authority of the controller or the processor, are entrusted with the processing of personal data;

“consent of the data subject” means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her; “personal data breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data which are transmitted, stored or otherwise processed; “supervisory authority” means an independent public authority established by a Member State in accordance with Article;

Legal basis for processing your personal data:

Your personal data will be processed on the basis of specific legal regulations and purposes determined by the controller. These are individually listed in the Information on the purposes of processing.
The provision of personal data is a legal requirement for the purpose of fulfilling the obligations of the Controller as an employer under specific legal regulations and therefore it will not be possible to fulfill the legal obligation without providing this personal data.

Provision of your data outside the European Union:

The transfer of personal data to a third country or international organization will not take place.

Use of your data used for automated individual decision-making:

Personal data will not be used for automated individual decision-making, including profiling.

Retention period of your personal data:

The storage of personal data that we process about you is subject to Act No. 395/2002 Coll. on archives and registries in conjunction with the Registry Plan of the Controller.
For more detailed information about the purposes of processing your personal data, legal basis and retention period, please contact the designated person.
We store the personal data that we process about you based on the “Consent” granted for the period for which you have granted us your consent.

What are your rights?

  • Withdraw consent – ​​in cases where we process your personal data based on your consent, you have the right to withdraw this consent at any time. You can withdraw your consent electronically, at the address of the responsible person, in writing, by notification of withdrawal of consent or in person at the office. Withdrawal of consent does not affect the lawfulness of the processing of personal data that we have processed about you on the basis of it.
  • Right of access – you have the right to be provided with a copy of the personal data that we have available to you, as well as information about how we use your personal data. In most cases, your personal data will be provided to you in written, documentary form, unless you request another method of provision. If you have requested the provision of this information by electronic means, it will be provided to you electronically, if technically possible.
  • Right to rectification – we take reasonable steps to ensure the accuracy, completeness and timeliness of the information that we have available to you about you. If you believe that the data we hold about you is inaccurate, incomplete or out of date, please do not hesitate to ask us to correct, update or supplement this information.
  • Right to erasure (to be forgotten) – you have the right to ask us to erase your personal data, for example if the personal data we have collected about you is no longer necessary for the purposes for which it was originally processed. However, your right needs to be assessed in the light of all relevant circumstances. For example, we may have certain legal and regulatory obligations which mean that we will not be able to comply with your request.
  • Right to restriction of processing – in certain circumstances you are entitled to ask us to stop using your personal data. This includes cases where you believe that the personal data we hold about you may be inaccurate or where you believe that we no longer need to use your personal data.
  • Right to data portability – under certain circumstances, you have the right to ask us to transfer the personal data you have provided to us to another third party of your choice. However, the right to portability only applies to personal data that we have obtained from you based on your consent or on the basis of a contract to which you are a party.
  • Right to object – you have the right to object to data processing that is based on our legitimate interests. If we do not have a compelling legitimate reason for the processing and you object, we will no longer process your personal data.
  • Right to file a complaint with the supervisory authority, which is the Office for the Protection of Personal Data of the Slovak Republic, Hraničná 12, 820 07 Bratislava 27; tel. number: +421 /2/ 3231 3214; e-mail: statny.dozor@pdp.gov.sk, https://dataprotection.gov.sk. In the case of submitting a proposal electronically, it is necessary that it meets the requirements under Section 19, paragraph 1 of Act No. 71/1967 Coll. on Administrative Procedure (Administrative Procedure Code).