NOTICE ON THE PROCESSING OF PERSONAL DATA

In the Notice, we provide information about how Highgate Group collects, processes and protects your personal data, what your rights are in relation to the processing of your personal data and how you can exercise those rights.

The processing of personal data is carried out in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27. April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC(GDPR) and Act No. 18/2018 Coll. on the protection of personal data and on amendment and supplementation of certain laws(the Act).

I. TO WHOM THIS NOTICE IS ADDRESSED

The information in the Notice relates to:

• • website visitors;
  • clients to whom Highgate Group provides legal, tax or accounting services;
  • jobseekers or other forms of professional cooperation;
  • suppliers of goods or services;
  • persons who have ordered products or services through the e-shop;
  • contact persons or other persons authorised to act for or on behalf of the aforementioned entities.
    

II. WHO WE ARE AND HOW TO CONTACT US

(the above companies are hereinafter referred to as the Highgate Group)
If you enter into a contract (including a pre-contractual relationship) with any of the Highgate Group companies or if you provide your personal data to any of the Highgate Group companies, the controller of your personal data will be the Highgate Group company with which you enter into the contract or to which you have provided your personal data. For example, for the provision of legal services, the operator will be Highgate Law & Tax s. r. o.
Companies belonging to the Highgate Group are joint operators in the operation of the www.highgate.sk web portal(the Portal). The data subject may contact any company of his or her preference in all matters relating to the processing of his or her personal data.

If you have any questions about the processing of your personal data, please contact Highgate Group:

info@highgate.sk
+421 907 768 793
+421 918 953 897

III. PURPOSE, LEGAL BASIS, CATEGORIES OF PERSONAL DATA AND RETENTION PERIOD

IV. WHAT LEGITIMATE INTERESTS DOES THE HIGHGATE GROUP HAVE?

Highgate Law & Tax, s.r.o. relies on legitimate interests in the event of litigation or out-of-court disputes or in proceedings with public authorities in which Highgate Law & Tax, s.r.o. does not represent its clients, but asserts and proves its legal claims, and in the processing of personal data of contact persons or other persons authorized to act for legal entities with which Highgate Group cooperates.
The Highgate Group also sends marketing communications on the basis of legitimate interest for which consent is not required under applicable law, in particular to clients of the Highgate Group or other persons with whom the Highgate Group already has a relevant relationship.
The legitimate interest is also used by the Highgate Group for the processing of personal data of data subjects for the conclusion and performance of contractual relations, if the data subjects are not a party to the contract, and also for the presentation of companies externally.
The Highgate Group may take photographs or video footage of attendees and highlights at conferences, training sessions or other professional events it organises, which may then be used to promote the Highgate Group’s activities. If you do not wish to be captured on the above footage, please inform the Highgate Group prior to the event by emailing info@highgate.sk.

V. INTRA-GROUP TRANSFERS

Disclosures of personal information within Highgate Group companies may be necessary to effectively provide services to customers, and disclosures of personal information will be made only to the extent necessary.

VI. DISCLOSURE OF PERSONAL DATA

VII. TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES OR INTERNATIONAL ORGANISATIONS

When processing personal data at Highgate Group, we aim to minimise any transfer of personal data outside the European Economic Area (EEA). However, the Highgate Group also uses global service providers in the conduct of its business activities who may transfer personal data outside the EEA (listed in Article VI). In these cases, the Highgate Group will ensure that the GDPR conditions for such processing are met and will only make the transfer on the basis of the existence of a European Commission adequacy decision pursuant to Article 45 GDPR or on the basis of standard data protection clauses pursuant to Article 46(1) GDPR. 2 GDPR (e.g. transfers to the US).

VIII. DATA PROTECTION

The Highgate Group continuously evaluates and upgrades the technical and organisational measures in place to ensure the secure processing of personal data. The following are the basic technical and organisational measures:

1. • Identification, authentication and authorization of authorized persons when using the information system.
   • Recording of entries of authorised persons in the information system.
   • Detection of the presence of malicious code in incoming electronic mail and other files received from a publicly accessible computer network or from data storage media.
   • Protection against unsolicited e-mail.
   • Creating backups with a pre-selected periodicity.
   • Secure deletion of personal data from data carriers.
   • Regular updating of the operating system and application software.
   • Written instructions to authorised persons on the rights and obligations arising from the GDPR and the Act.
   • Assigning access rights and access levels (roles) to authorised persons.
   • Password management.
   • Encrypted protection of the contents of data media and encrypted protection of data moved over computer networks.
   • Protecting the external and internal environment with a network security tool (e.g. firewall).
   • Login to computers and user accounts only with assigned passwords.
   • Regular training of authorised persons on security and protection of personal data.
   • Ensured physical access control to premises 24×7.
   • Monitoring and management of access cards to the premises.

If you would like more information about the security of your personal data, please contact us at info@highgate.sk.

IX. AUTOMATED INDIVIDUAL DECISION-MAKING

In the normal course of the business activities of the companies in the Highgate Group, there is no automated individual decision-making within the meaning of Article 22 of the GDPR.

X. COLLECTION OF PERSONAL DATA

The Highgate Group mainly processes personal data obtained directly from data subjects. However, the Highgate Group may also obtain personal data from publicly available sources or from persons with whom it cooperates in the conduct of its business.

XI. RIGHTS OF DATA SUBJECTS

If Highgate Group processes personal data on the basis of your consent, you have the right to withdraw your consent at any time by sending an email to: info@highgate.sk.

Withdrawal of consent shall not affect the lawfulness of processing based on consent prior to its withdrawal.

Notwithstanding this, you have the right to object at any time to the processing of your personal data on the grounds of legitimate or public interest, as well as for direct marketing purposes, including profiling.

In addition to the above rights, you have the right under the conditions set out in the GDPR:

• • request access to personal data concerning you;
  • request the rectification of incorrect personal data concerning you;
  • to delete your personal data;
  • to restrict the processing of your personal data;
  • to the portability of your personal data;
  • file a complaint with the Office for Personal Data Protection of the Slovak Republic, Hraničná 12, Bratislava, email: dozor@pdp.gov.sk.
  • CHANGES TO THE NOTIFICATION
    

XII. CHANGES TO THE NOTIFICATION

Highgate Group reserves the right to modify and amend the Notice. In the event of a material change to the Notice, Highgate Group will notify you of the change e.g. by a general notice on this Portal.