Learn more

Privacy Consent

Privacy Consent

In accordance with Article 6(1)(a) and Article 7 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter referred to as "GDPR"), and/or in accordance with Section 13(1)(a) and Section 14 of Act No. 18/2018 Coll. on Personal Data Protection, as amended (hereinafter referred to as the "Act"), for the purpose of completing the contact and information form on the website www.dalinora.com, operated by w02 s. r. o., Company ID (IČO): 56871350, with its registered office at Beňadická 3019/34, 851 06 Bratislava (hereinafter referred to as the "Controller"). In the processing of personal data by the Controller, the person completing the relevant contact and information form is the data subject, i.e., the person whose personal data are processed by the Controller (hereinafter also referred to as the "Data Subject"). By checking the box "Consent to the processing of personal data," the Data Subject confirms that this consent to the processing of personal data is provided freely, specifically, informedly, and by an unambiguous expression of will, and that prior to granting this consent, they were familiarized with the information provided below.

  1. What categories of personal data do we process?

If the data subject grants this consent, the controller may process their personal contact data to the following extent: first name, last name, email address, telephone or mobile number, and the content of the communication.

  1. What is the purpose of data processing?

The purpose of processing the data subject's personal data is to send information and general marketing communications regarding the products, services, activities, or other information of the controller, including newsletters. The controller may also send marketing communications on behalf of other legal or natural persons, provided that such marketing communications are related to the controller.

  1. What is the legal basis for processing?

The legal basis for the processing of these personal data is the freely given consent of the data subject. Granting consent to the processing of personal data is voluntary; therefore, if the data subject does not wish for their data to be processed, they are under no obligation to grant such consent. The data subject may withdraw this consent to the processing of personal data at any time in accordance with the instructions provided below. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

  1. Does the processing of personal data include automated decision-making or profiling?

The processing of personal data does not include automated decision-making or profiling. However, given the development of technologies and the controller's business strategy, automated decision-making or profiling may be implemented in the future. In such a case, the data subject will be informed of this step in advance.

  1. To which recipients or categories of recipients will personal data be provided?

The controller may provide the personal data of the data subject to other natural or legal persons, public authorities, or international organizations. When providing the personal data of data subjects, the controller ensures the highest possible level of data protection. In the event that personal data are provided to its processors or joint controllers, the controller enters into a contractual relationship with them in accordance with Articles 26 or 28 of the GDPR, or Sections 33 or 34 of the Act.

The controller provides the personal data of data subjects to the following categories of recipients:

  • supervisory or management bodies and other entities within the horizontal or vertical structure of the controller's organization;

  • business partners of the controller;

  • legal, tax, accounting, and IT advisors of the controller.

  1. How does the controller process and manage personal data?

Since protection and care of the data subject's personal data are important to the controller, appropriate security measures have been adopted to protect personal data from destruction, loss, unauthorized disclosure, or other unauthorized processing. Under no circumstances does the controller, either directly or through third parties, transfer personal data outside the territory of the European Union or the European Economic Area. The controller does not transfer personal data to any international organization.

  1. What is the retention period for personal data?

The controller processes the personal data of the data subject only for the duration of the validity of this consent to the processing of personal data. If the storage of certain personal data is not necessary to achieve the purpose of processing, the controller does not store such data and destroys it once the purpose has been fulfilled. The controller may only process personal data for a longer period if it is necessary to fulfill its legal obligations or if required by decisions of public authorities.

  1. What are the data subject's rights regarding the processing of personal data?

When processing personal data, you as the data subject have the right to exercise the rights listed below, which you may exercise at any time through a request addressed to the controller. The controller is obliged to provide information on the measures taken without undue delay, no later than 1 month from the receipt of the request. This period may be extended by another 2 months, and the data subject must be informed of the extension within 1 month of receipt of the request.


Right of access (Article 15 GDPR):

  • The data subject has the right to obtain confirmation as to whether the controller processes their personal data and, if so, to gain access to it.


  • Right to rectification (Article 16 GDPR):

    The data subject has the right to request the rectification of inaccurate or the completion of incomplete personal data without undue delay.


  • Right to erasure / right to be forgotten (Article 17 GDPR):

    The data subject has the right to request the erasure of their personal data if it is no longer necessary for the purposes for which it was processed or if consent has been withdrawn.


  • Right to restriction of processing (Article 18 GDPR):

    The data subject has the right to request the restriction of processing under the conditions set out in Article 18 of the GDPR.


  • Right to data portability (Article 20 GDPR):

    The data subject has the right to receive personal data in a structured, commonly used, and machine-readable format and has the right to transmit those data to another controller.


  • Right to object (Article 21 GDPR):

    The data subject has the right to object to the processing of personal data carried out on the basis of legitimate interest or in the public interest, including profiling.


  • Right related to automated individual decision-making, including profiling (Article 22 GDPR):

    The data subject has the right not to be subject to a decision based solely on automated processing, which has legal effects for them or similarly significantly affects them.


  • Right to lodge a complaint (Section 100 of the Act):

    The data subject has the right to submit a petition to initiate proceedings on personal data protection to the supervisory authority pursuant to Section 100 of the Act if they believe that the controller processes their personal data in violation of the GDPR or the Act.

    The data subject may submit a petition to initiate proceedings to the Office for Personal Data Protection of the Slovak Republic, located at Hraničná 12, 820 07 Bratislava. More information is available on the official website of the Office for Personal Data Protection of the Slovak Republic.

  1. How can the data subject withdraw this consent?

The data subject has the right to withdraw their consent to the processing of personal data at any time during the validity of the consent by sending a written notice to the contact address provided on the controller's website. The withdrawal of consent shall not affect the lawfulness of processing carried out before its withdrawal. The personal data of the data subject are protected by appropriate technical and organizational measures that prevent unauthorized access or misuse. The controller emphasizes the protection of personal data and regularly monitors and improves security measures with regard to the current state of technology to ensure adequate data protection.