Embedded Files
As Controller cares about the protection of personal data and privacy of the data subject, he provides the data subjects not only with this comprehensive information about their data protection rights, but also with other information and explanations in order to provide a full transparency to the data processing and deepening mutual trust. Controller is taking regard to the provisions of Article 14 of GDPR.
Controller ensures the data subject that he never sells or otherwise commercially does not use the personal data obtained from the data subject within a business cooperation with any third party and will never disclose personal data without an expressed individually written consent or any similar authorization provided by data subject.
Controller ensures the data subject that he will never provide any personal data that is subject to processing in the Third Party's personal data information system without granting Controller with any specific written consent or sufficient written authorization; this shall not apply if Controller is obliged to provide personal data to the authorized state authorities in the exercise of their legal powers even without the consent of the data subject to applicable special laws, such as Money Laundering Act and other respectable laws, that may be subject to the lawful processing of the personal data.
Controller declares, that he processes the minimum personal data needed to achieve the purpose of processing, which is defined primarily by the need to provide the legal services, taking a special regard on the time lapse of the processing and the extent of the data that is processed. Controller guarantees data subject safe and irreversible erasure of the personal data without delay after the end of the purpose of processing.
Controller declares that in relation to the processing of personal data, there will be no decisions applied which are based solely on automated means of processing personal data, nor any kind of profiling in regards of the Article 22 (1) and Article 22 (4) of GDPR.
Controller as a legal entity providing legal services also proceeds in accordance to the Slovak Act no. 586/2003 Coll. on advocacy (hereinafter both referred to as "Act on advocacy"), which regulates the performance of the advocacy and the provision of individual legal services. Therefore, Controller warrants the data subject with an increased discretion and protection of their privacy by providing a special contractual liability of his employees and other co-workers for breach of confidentiality and unlawful disclosure of information related to the provision of legal services, including the personal data of clients or other physical persons involved in the legal affairs.
Controller declares that he has taken reasonable technical, organizational and personnel measures to ensure the security of the processing of personal data, which are documented in GDPR Compliance project, with both standard and specific protection of personal data under Article 25 of GDPR ("privacy by default and privacy by design" measures)
Controller declares that v any personal data breach that might lead to high risk for rights and freedoms of the data subject shall be communicated to the data subject involved to this data breach, if any occurs.
2. Purpose of processing, scale of the data collected and the legal basis for the processing of personal data
2. Purpose of processing, scale of the data collected and the legal basis for the processing of personal data
Controller processes personal data under the purposes of providing legal services under Act on advocacy, as individual Controller.
The purpose of processing the personal data is the provision of legal services.
Data subject for the purposes of the Document is any physical person whose personal data are processed for the purpose of providing legal services to a lawyer acting under the Act on advocacy irrespective of its procedural or contractual status in relation to Controller.
The legal basis for the processing of personal data for the purpose of Section 2. - Point 2. of this Document is Act on advocacy.
If you have given Controller consent to process your personal data, then the legal basis for their processing is given this consent. It is our interest to stay in touch with each other. Therefore, we could let you know about news and references of our law firm, as well as the professional articles we publish. For this purpose, we hereby give you the opportunity to express your consent to the processing of your personal data for marketing purposes in a form of providing you with a marketing information via Newsletter.
If you give us your consent, it will be in full force and effect until your consent is revoked, you process your personal information in the following scale: email address.
You may withdraw your consent to processing your personal data free of charge through a request to the email address ondrej.bernia@outlook.com , the withdrawal of your consent will not affect the lawfulness of the processing of your personal data made prior to its withdrawal.
3. Processing period of personal data
3. Processing period of personal data
Controller processes the personal data during the duration of the legal services provided by the law firm. Upon termination of the provision of legal services, the entire related agenda, in particular all documents which have been entrusted to Controller by the client or which were given to Controller during the legal representation in the client's name, also personal data whose processing has been terminated and are handed to the new legal representative acting in name of the client on the basis of the transmission protocol.
In the case of the processing of personal data on the basis of consent, personal data will be processed for the entire period from the date of such consent until the moment of its withdrawal.
4. Identification of processors, subcontractors and third parties
4. Identification of processors, subcontractors and third parties
Controller when processing personal data of data subject for the purposes of Section 2. of this Document, uses the following sufficiently well-trusted and professionally competent business partners capable of guaranteeing the security of personal data processing of data subject, who have, within the meaning of Article 28 of the GDPR, the status of processor:
accounting firm for the purpose of providing accounting, billing and payroll accounting services;
business IT management company, for the management and maintenance of IT systems and IT security;
a web hosting company to manage the web site and web components of Controller.
Controller may involve other partners to process the personal data only according to a written authorization. These partners are considered as independent controllers, respectively third parties, which are considered as recipients of personal data of data subjects, in particular:
a company authorized to carry out auctions and commission sales.
According to the nature of the matter, factual state or the legal obligation, Controller might be obliged to provide the personal data without a consent of data subject to third parties, mainly:
to the respective state authorities acting under the “Anti-money laundering Act”;
to the Attorney Association under the conditions established by the Act on advocacy;
to the General Courts regarding to cases regulated by the specific acts (for instance the Criminal Code, the Civil Procedure Code, the Administrative Procedure Code);
to the Constitutional Court and its proceeding and on position of its judges;
to the state authorities acting under the Criminal Procedure Code as amended and under the Criminal Code as amended;
to the European Court of Justice and to the European Court of Human Rights;
to the respective bailiffs and enforcement activities (Enforcement Code) as amended;
to the insolvency administrators;
to the notaries under the Notary Code as amended;
to the Ministry of Justice under the Public sector registers Act as amended;
to the courts’ interpreters and translators in the extent necessary for the proper performance of their activities;
to the courts’ experts in the extent necessary for the proper performance of their activities;
to the banks under the Act on banks as amended;
to the other state authorities under the certain specific acts.
5. Transmission of personal data to a partner law firm
5. Transmission of personal data to a partner law firm
Provided that the data subject requests the Controller to provide legal services in a country other than the Slovak Republic and grants the Controller a power of attorney to represent him/her in proceedings before public authorities or other persons in that country, the Controller shall, if necessary, provide the personal data of the data subject to its partner law firm in that country. The Controller shall inform the data subject in advance of the partner law firm.
Our partner law firm shall always act as an independent data controller for the purposes of providing legal services with authorisation for the relevant territory/country, whereby the provision of personal data shall occur on the basis of our mutual agreement governing the services as referred to in the preceding paragraph.
6. Scope of the processed personal data
6. Scope of the processed personal data
Controller processes personal data of data subjects in accordance to the Act on advocacy to the extent that is necessary to achieve the purpose of personal data processing of data subject; as a rule, it is with regard to all personal data that are necessary and are an integral part of documents constituting the file of a particular legal matter, including related electronic documents, and electronic mail.
Controller also processes particularly sensitive personal data belonging to a specific category of personal data within the meaning of Article 9 of GDPR in the extent necessary to prove, apply or defend legal claims before competent public authorities. Controller within internal processes and measures adopted in order to ensure the security of the personal data processing place increased emphasis on the protection of a specific personal data category.
7 Privacy policy when using a website
7 Privacy policy when using a website
Controller currently on website www.bernia.sk (or on all relevant national domains,which only function as its language mutation with relevant content in an appropriate language) uses file type cookies. A cookie file is a small text file that the web site saves on your computer or mobile device while being browsed. Thanks to this file, the web site retains information about your steps and preferences (such as your login name, language, font size, and other delivery settings) for a certain time, so you do not have to retype it for the next time you visit the web site or browse its individual sub-pages.
Controller uses its own cookies (i.e. first party cookies) in order to optimize the functions of the website and better user comfort of website’s visitors, as well as foreign cookies (i.e. third party cookies) to display so called behavioural advertising.
The website also uses so called short-term cookies which are after the usage of the internet browser is finished automatically erased from computer system of the data subjects or of other program applications’ end users. However, in some cases may also processing so-called long-term cookies occur. Long-term cookies remain in end user’s equipment, while they allow Controller to recognize that the web site is being re-visited by the end-user device, what may be depending on settings made by the user of program application associated with e.g. remembering the default password for the program application.
Controller informs data subjects and all visitors of the website about the fact that all the cookies files which the website can store in the terminal equipment of any visitor of the website can be controlled and deleted. Appropriate setting of the internet browser may ensure effective and complete prevention of cookies file usage. Concrete information and instructions on setting of certain type of internet browsers are available here: About Cookies - How to control cookies and information on erasing cookies from the user’s technical device user can be found here: About Cookies – How to delete cookies. Generally stated, it may be needed to turn on a feature that is commonly referred to as "tracking protection" in an internet browser.
Controller informs data subjects that if the internet browser used by the end-user device to access and brows the content of the website allows the website to use cookies file, then Controller is entitled to deem that as valid legal consent of the end user of technical device into which the cookies file is stored in compliance with the (proposal) Regulation of the European Parliament and EU Council on privacy and data protection in electronic communications and repealing Directive 2002/58/EC (Directive on privacy and electronic communications (hereinafter referred to as the "e-Privacy Regulation") was granted.
Controller informs Data subjects that in case of so-called third-party cookies that are used to display a behavioural advertisement, the website will require an explicit consent from data subject before installing these cookies on the device of end-user of the website.
Controller of the website also uses web analytics service from company Google Inc., however, Controller does not process any personal data, neither any other identifiers usable for indirect identification (e.g., IP address) of data subjects. This does not mean that personal data are not processed by the company Google Inc., which is a provider of services - Google Analytics and Google AdWords.
Google Analytics and Google adWords use cookies type files, which are stored on device of end-user of website (computer, tablet, smartphone) to analyze your behaviour. Google anonymizes the part of the IP address linking to device of end-user of website immediately when it is being acquired what leads to the strengthening the data subject privacy protection. Google Inc. uses the information obtained during the data subject’s usage of the website to evaluate the use of the website by users and to issue reports on activities conducted on the website and to provide Controller with additional services associated with the website and the internet usage. This processing of data by Google Analytics and Google AdWords can be prevented by the adequate settings of the internet browser in which you install the browser plug- in available using the following link: Google Analytics - Opt out.
Controller can use Google Analytics and Google AdWords to generate online advertising through remarketing, i.e. outputs from Controller’s marketing communication may be displayed by different providers of digital service and of internet content including Google Inc., on various internet web sites which in the future, after the end of the Website visit, will be displayed on the device of end-user or data subject.
Controller also uses Google Analytics reports to ensure more effective marketing communication, while it may lead to processing of demographic characteristics and interests concerning data subject (e.g., age, gender, interests) acquired by company Google Inc., which may also be used by Controller. However, Controller will not process personal data of data subject during the data processing by using Google Analytics because Controller will not dispose with adequate identifier, which would enable direct and indirect identification of data subject.
Display of personalized advertisement banners by Google may be rejected by data subjects who use website via the following Google - Ads control.
Any other information on using data by company Google Inc in the context of website usage may the Data subject find here: Google - Privacy - Partners.
Controller indicate to data subjects that if data subject is sign in to internet services provided by company Google Inc during the visit or the usage of website, Google Inc may process personal data of the data subject. Controller does not affect, have impact on or participate on such data processing provided by Google Inc.
Company Google Inc. is in relation to usage of website by data subjects a third person in a position of an independent controller. More information on data privacy policy adopted by Google Inc may by find by data subjects on the following link: Google - Privacy.
Page updated
Google Sites
Report abuse