GDPR

On May 25, 2018, the Regulation of the European Parliament and of the Council (EU) of April 27, 2016, on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as "GDPR"), entered into force. Along with the GDPR, Act No. 18/2018 Coll. on the protection of personal data (hereinafter referred to as the "Act") also came into effect. In accordance with Article 13 of the GDPR and Section 20 of the Act, we would like to provide you with detailed information on why and for what purposes we process your personal data, as well as the rights you have in connection with their processing. In the following points, we will provide you with information on the processing of your personal data:

Name: Kopf Solutions, s. r. o., with registered office at Hlaváčiková 14, 841 05 Bratislava, ID: 52 899 136, contact: master@kopfsolutions.com.

It was not established, as this obligation does not arise from the GDPR.

We process your personal data mainly for the following purposes:

• Delivery of services and goods to the customer,
• Fulfillment of obligations arising from various tax regulations and accounting regulations,
• Management of fan pages on social networks - specifically on Facebook and Instagram,
• Handling of complaints,
• Deduction of income, fulfilling other tax obligations.

The legal basis for processing part of your personal data, especially for the purpose of fulfilling obligations arising from various tax regulations and accounting regulations, is special regulations (such as Act No. 431/2002 Coll. on accounting as amended, Act No. 222/2004 Coll. on value added tax as amended, Act No. 595/2003 Coll. on income tax as amended, etc.).

The legal basis for processing your personal data, especially for the purpose of managing fan pages:

• https://verlagkopf.com,
• https://militiatshirts.com,
• https://cloosigns.sk,
• https://kopfsolutions.com

On social networks, the legitimate interest of the operators is justified (according to Article 6(1)(f) of the GDPR, § 13(1)(f) of the Act). The legitimate interest of the operators lies in compiling statistics of the visitation of the fan page on Facebook in order to support the management and activities of page parameters. Setting filters and criteria for statistics with the aim of increasing the popularity and visitation of the fan page. The legal basis for processing your personal data, especially for the purpose of delivering the service to the client, is the contract, of which the contracting party is the person concerned as the buyer and possibly also the potential seller.

• Interested parties for purchasing goods and services.
• Visitors who visit the websites https://verlagkopf.com, https://militiatshirts.com, https://cloosigns.sk, or https://kopfsolutions.com on Facebook.
• Employees of the operator, employees of suppliers/customers, other natural persons according to special regulations.

Common personal data (§ 2 of the Act, Article 4(1) of the Regulation)

In accordance with the GDPR and Act No. 18/2018 Coll., the controller may authorize another person, called a processor, to process personal data. Such entities process personal data on our behalf based on a contract and according to our instructions. They must also take measures to ensure the security of your personal data. In compliance with the GDPR and Act No. 18/2018 Coll., the controller has contractually authorized the following processors to process personal data:
Payment gateway: Stripe, Inc., headquartered at 354 Oyster Point Boulevard, South San Francisco, California, 94080, USA,
Accounting services: MYFOX s.r.o., headquartered at Sv. Cyrila a Metoda 1, 900 29 Nová Dedinka, ID number: 47859776,
Invoicing: SuperFaktura, s.r.o., headquartered at Pri Suchom mlyne 6, Bratislava-Mestská časť Staré Mesto 811 04, ID number: 46655034,
Social networks: Facebook Ireland Ltd., 4 GRAND CANAL SQUARE, GRAND CANAL HARBOUR, D2 Dublin, Ireland.
Your personal data may be disclosed to the following categories of recipients:

• Public administration authorities and state bodies in accordance with special regulations, such as the Slovak Trade Inspection,
• Third parties involved in ongoing or potential judicial, criminal, or administrative proceedings, or such third parties that assist us in enforcing or defending legal rights. We may share information, for example, with our legal or other professional advisors.

The transfer of personal data is carried out to the USA. During visits to social networks, the transfer of certain personal data takes place to countries where Facebook transfers them.

For the duration of the contractual relationship, but for the following 10 years from the payment of the price, or 2 years from visiting the website.

If you feel that your rights have been infringed upon, you have the right to submit a proposal for action to protect personal data to the Office for Personal Data Protection according to § 100 et seq. of the Act.
a) Right of access to personal data
You have the right to access your personal data and to obtain a copy of them. If you request a copy electronically, we will provide the information in a commonly used electronic format, unless you request otherwise.

b) Right to rectification of personal data
If data are incorrect, you have the right to rectify them. If they are incomplete, you have the right to supplement them.

c) Right to erasure (right to be forgotten) of personal data
You have the right to erase data in cases determined by regulations, unless this right is limited by legal provisions. The right to erasure applies, for example, if your personal data are no longer needed for the purposes for which they were obtained, or if you withdraw your consent on which the processing is based.

d) Right to restriction of personal data processing
Under certain circumstances, you are entitled to ask us to stop using your personal data. This includes cases where you believe that the personal data we hold about you may be inaccurate or when you believe that we no longer need to use your personal data.

e) Right to object
You have the right to object to the processing of data based on our legitimate interests. If we do not have compelling legitimate grounds for processing and you object, we will not further process your personal data.

f) Right to data portability
If we process data based on consent and the processing of personal data is carried out by automated means, you have the right to data portability (the right to receive the data in a structured, commonly used, machine-readable format and the right to transmit them to another controller).

You can exercise the rights listed above (if you meet the conditions):
a) in writing to the company's address, or
b) by email to gdpr@kopfsolutions.com
If you are not satisfied with how we have responded to your exercise of rights or if you believe that your data are being processed in violation of regulations, you have the right to contact the Office for Personal Data Protection of the Slovak Republic.

In cases where we process your personal data based on your consent, you have the right to withdraw this consent at any time. You can withdraw your consent as follows:
a) in writing to the company's address,
b) by email to gdpr@kopfsolutions.com

However, in this case, your data are not processed based on consent but based on a contract.

Personal data will not be used for automated individual decision-making, including profiling. The possibility of such processing during visits to social networks depends on the terms of the options defined by the Facebook Insight feature (https://www.facebook.com/business/news/audience-insights).

We protect your personal data to the fullest extent possible using modern technologies. In accordance with the GDPR and the Act, we have implemented many technical and organizational measures to protect your personal data. These measures are regularly reviewed and updated.