Intersnack Slovensko, a.s.

Rules for the Processing of Personal Data

1. Introduction

Our company, Intersnack Slovensko, a.s., operates its websites in order to inform you about our company and our products. These are the company website www.intersnack.sk and the websites of our products www.pombar.sk and www.chiochips.sk.

In connection with your use of our websites, we process your personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), and in accordance with the related applicable legal regulations.

These rules explain how our company handles your personal data and how it processes it. The following information applies exclusively to websites operated by our company. These rules do not apply to third-party websites to which our websites may link.

2. Personal Data Controller

Personal data controller: Intersnack Slovensko, a.s.

Identification details: Intersnack Slovensko, a.s., with its registered office at Bratislavská 852, 911 05 Trenčín, Company ID No.: 31 450 211, registered in the Commercial Register maintained by the District Court Trenčín, Section Sa, File No. 131/R (hereinafter also the “Controller”).

Contact e-mail: info@intersnack.cz.

Data Protection Officer: The Controller has not appointed a data protection officer.

3. Purpose and Legal Basis for the Processing of Personal Data

The Controller processes your personal data for the purpose of operating its websites.

The Controller may also process personal data for the purposes of and on the grounds of fulfilling the Controller’s legal obligations under applicable legal regulations or decisions of competent public authorities, as well as for the purposes of and on the grounds of the Controller’s legitimate interests, in particular for the purpose of verifying compliance with the terms of use of the websites, potential enforcement of rights and legal claims, and possible legal defence in disputes related to the use of the websites or in proceedings conducted by public authorities in connection with the websites.

On the basis of your consent, the Controller may also process personal data for other purposes to which you give your consent, such as sending commercial, informational, educational or other communications.

4. Personal Data Processed by the Controller

Personal data processed in connection with visits to our websites:

Personal data processed in connection with visits to our website www.intersnack.sk:

Whenever you visit our website, your browser automatically transmits to us your IP address, the date and time of access to the server, the URLs of the individual websites visited, or the URL of the website from which you accessed the given website, the name of the requested file, the page from which the file was requested, the access status of the web server (file transferred, file not found, command not executed, etc.), the type and version of your browser, the operating system of the end device used and the volume of data transferred (collectively referred to as “access data”). We need this access data in order to display the websites to you and to ensure system security. Without this data, the websites cannot be operated or accessed.

We use only technical cookies and do not use any analytical or tracking tools.

Personal data processed in connection with visits to our website www.pombar.sk:

When visiting our website, the only personal data that may be technically processed comes from server logs. These may contain the IP address and the date and time of access to the server. No profiling or any other tracking of users takes place. Data such as browser type, device, session ID, language settings, etc. is not processed.

We use only technical cookies and do not use any analytics or tracking tools.

Personal data processed in connection with visits to our website www.chiochips.sk:

We use technical cookies and, for analytical purposes, the Matomo tool, which helps us collect anonymised data on traffic and visitor behaviour.

When visiting our website, we process the visitor’s anonymised IP address (the last part is hidden, so it is not possible to clearly identify a person), basic technical information about the device and browser (type, version, operating system, screen resolution), information about how the visitor arrived at the website (referral link, search engine, direct entry), pages visited and time spent on the website, and, where applicable, actions performed by the visitor on the website (clicks, file downloads, form submissions).

For the purposes of possible commercial, informational, educational or other communications, we may process in particular: first name, surname, place of residence, contact address, telephone number and e-mail address. We may process this data on the basis of your consent. The provision of such data is therefore voluntary and is based on the user’s consent to such processing. You may withdraw your consent at any time by e-mail to info@intersnack.cz or by another method stated in the consent.

For the purposes of handling your submissions, complaints, etc., which you send to our information lines in connection with the use of our websites, we may process in particular: first name, surname, business name, address, telephone number, e-mail address, information about the products to which the submission or complaint relates (e.g. EAN code, batch number and production time), the subject and content of the message and other data that the visitor voluntarily provides, or other data necessary to handle your submissions or complaints.

Furthermore, this may include data that the Controller processes for the purposes of and on the grounds of fulfilling the Controller’s legal obligations under applicable legal regulations or decisions of competent public authorities, or for the purposes of and on the grounds of the Controller’s above-mentioned legitimate interests.

5. Sources of Personal Data

The Controller obtains personal data directly from users as part of their use of the websites and in connection with the websites.

6. Recipients

The data you have provided may be processed only by entities authorised by the Controller, in accordance with its instructions and for the same purpose as the Controller. These may include, for example, operators of consumer information lines, tax advisers or legal advisers.

Personal data may be provided to competent public authorities for the purpose of fulfilling the Controller’s legal obligations under applicable legal regulations or decisions of competent public authorities, or for the purposes of and on the grounds of the Controller’s above-mentioned legitimate interests.

No personal data processed in connection with visits to our websites is shared with any third party.

We process personal data exclusively within the EU. No personal data is transferred outside the EU.

7. Period of Processing of Personal Data

Personal data processed in connection with visits to our website www.intersnack.sk:

  • Access data will be processed only for the necessary period and will be automatically deleted no later than after four weeks.

Personal data processed in connection with visits to our website www.pombar.sk:

  • Server logs are automatically stored for 7 days, after which they are overwritten and older records are automatically deleted.

Personal data processed in connection with visits to our website www.chiochips.sk:

  • We store the visitor’s anonymised IP address (the last part is hidden, so it is not possible to clearly identify a person) for 6 months, after which the records are automatically anonymised or deleted.
  • We store basic technical information about the device and browser (type, version, operating system, screen resolution) for 13 months.
  • We store information about how the visitor arrived at the website (referral link, search engine, direct entry) for 6 months.
  • We store information about the pages visited and time spent on the website, and, where applicable, actions performed by the visitor on the website (clicks, file downloads, form submissions), for 13 months.

Personal data processed in connection with the operation of the information line is processed for the period strictly necessary to handle your complaint or submission, for a maximum period of three years.

Your other personal data provided on the basis of separate consent may be processed for the period stated in the consent.

The Controller may process your personal data for a longer period only if such longer retention is justified on the basis of applicable legal regulations or decisions of competent public authorities, or by the Controller’s legitimate interest.

8. Technical Security of Data

For the purpose of protecting your personal data against unauthorised or accidental disclosure, the Controller applies appropriate and suitable technical and organisational measures, which are continuously updated. Technical measures consist of the deployment of technologies that prevent unauthorised access by third parties to personal data. Organisational measures consist of a set of rules of conduct for the Controller’s employees. The Controller ensures that the necessary technical and organisational measures are also implemented by external suppliers.

9. Automated Individual Decision-Making

The Controller does not carry out automated individual decision-making or profiling.

10. Users’ Rights

In connection with the use of our websites, you have rights under the applicable legal regulations, in particular the following rights:

  1. the right of access to personal data and the right to obtain confirmation from the Controller as to whether or not personal data concerning you is being processed, and relevant information about such processing;
  2. the right to rectification of personal data, or completion of incomplete personal data;
  3. the right to withdraw consent to the processing of personal data where the Controller processes some of the personal data on the basis of consent, by contacting info@intersnack.cz;
  4. the right to object to processing based on the Controller’s legitimate interest, unless there are compelling legitimate grounds for the processing;
  5. the right to restriction of the processing of personal data in cases where the user contests the accuracy of the personal data, for the period necessary for the Controller to verify the accuracy of the personal data; furthermore, where the processing of personal data is unlawful and the user opposes the erasure of the personal data and requests instead the restriction of its use; or where the Controller no longer needs the personal data for the purposes of processing, but the user requires it for the establishment, exercise or defence of legal claims; or where the user has objected to the processing of personal data for the purposes of the Controller’s legitimate interests, pending verification of whether the Controller’s legitimate grounds override the user’s legitimate grounds;
  6. the right to erasure of personal data where the personal data is no longer necessary for the purposes for which it was collected or otherwise processed; or where the personal data was processed on the basis of the user’s consent and the user withdraws such consent and there is no other legal ground for processing; or where the user has objected to the processing of personal data based on the Controller’s legitimate interests and there are no overriding legitimate grounds for the processing; or where the personal data has been processed unlawfully; or where the personal data must be erased in order to comply with a legal obligation;
  7. the right to data portability where the processing is based on consent or contract and is carried out by automated means;
  8. the right to lodge a complaint with a supervisory authority if the data subject believes that the Controller does not process their personal data lawfully. The supervisory authority is the Office for Personal Data Protection of the Slovak Republic, with its registered office at Galvaniho Business Centrum II, Galvaniho 7/B, 821 04 Bratislava, e-mail: statny.dozor@pdp.gov.sk, tel. secretariat and registry: +421 2 32 31 32 14, +421 2 32 31 32 49;
  9. the right to be informed in the event of a personal data breach, if such personal data breach is likely to result in a high risk to the rights and freedoms of the user.

11. Final Provisions

We may update these rules if necessary. We recommend that you review the rules for the processing of personal data on an ongoing basis.