GDPR

  1. Accommodation
  2. GDPR

CONTROLLER’S DECLARATION ON THE PROCESSING OF PERSONAL DATA
Controller’s declaration on the processing of personal data pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on informing data subjects (hereinafter referred to as “GDPR”).

I. Personal Data Controller
The personal data controller:
D 3D, s.r.o.
Registered office: Beckov No. 20, 916 38 Beckov
Company ID: 36327531, VAT ID: SK2020179997, Tax ID: 2020179997
Registered in the Commercial Register of the District Court Trenčín, Section Sro, File No. 13662/R
(hereinafter referred to as the “Controller”)
hereby informs data subjects, in accordance with Article 12 et seq. of the GDPR, about the processing of their personal data and their rights.

II. Scope of Personal Data Processing
Personal data are processed to the extent that the relevant data subject has provided them to the Controller in connection with entering into a contractual or other legal relationship with the Controller, or that the Controller has lawfully obtained them from a third party or otherwise lawfully collected them, and processes them in accordance with applicable legal regulations or to fulfill the Controller’s legal obligations.

III. Sources of Personal Data

  • directly from data subjects (in particular when concluding contracts, based on orders, registrations and purchases via e-shop, email, phone, chat, website, contact forms, social media, business cards, consent, audio/video recordings via technical devices, etc.)
  • from third parties (especially contractual partners within the performance of a contractual relationship)
  • from public registers, such as:
    • public registers pursuant to Act No. 304/2013 Coll.
    • other registers pursuant to Act No. 111/2009 Coll.

IV. Categories of Personal Data Processed
The Controller processes (directly or via processors) the following categories of personal data:

  • name and registered office
  • business name (for entrepreneurs)
  • address, delivery address, temporary residence
  • date of birth
  • national identification number
  • email address
  • phone number
  • fax number
  • company ID (IČO)
  • ID card number
  • passport number
  • tax identification number
  • VAT number
  • bank details
  • website
  • data mailbox ID
  • login credentials and passwords
  • photographs
  • video recordings
  • audio recordings
  • IP address
  • location data (GPS, CCS)
  • insurance card number
  • contract number
  • employee number
  • education
  • income (salary, pension)
  • personal data of children or spouse/partner
  • cookies
  • signature

V. Categories of Data Subjects
Data subjects include natural persons such as:

  • employees
  • job applicants
  • agency employees
  • contractual partners
  • clients, customers, buyers, sellers
  • suppliers, carriers, contractors
  • tenants, landlords
  • creditors, debtors
  • users
  • future contractual partners
  • pre-contractual parties
  • participants in proceedings
  • applicants, payers, recipients
  • injured parties

VI. Categories of Processors and Recipients

  • external service providers (e.g. OSH, fire protection, transport, accounting, IT, marketing, education, subsidies)
  • public authorities
  • local authorities
  • banks
  • insurance companies

VII. Purpose and Legal Basis for Processing
Personal data are processed:

  • based on consent
  • for contract performance
  • for pre-contractual measures
  • to fulfill legal obligations
  • for legitimate interests
  • to protect vital interests

VIII. Method of Processing and Protection
Processing is carried out by the Controller at its premises or by authorized employees or processors, using IT systems or manually in paper form, in compliance with all security measures to prevent unauthorized access, loss, misuse, or disclosure.

IX. Retention Period
Personal data are processed only for the period necessary to fulfill contractual, legal, and legitimate interest obligations, in accordance with applicable laws and internal regulations.

X. Information
The Controller processes data with the data subject’s consent unless consent is not required by law. Processing without consent is possible when necessary for contract performance, legal obligations, legitimate interests, or protection of vital interests.

XI. Rights of Data Subjects

  1. The data subject has the right to access personal data and information about:
    • purpose of processing
    • categories of data
    • recipients
    • retention period
    • data sources
    • automated decision-making
  2. The data subject has the right to:
    • request explanation
    • request correction, blocking, or deletion
    • contact the supervisory authority (Data Protection Office)
    • file a complaint
    • request reasonable compensation for information provision

XII. Final Provisions
For questions regarding personal data processing, contact:
D 3D, s.r.o.
Beckov No. 20, 916 38 Beckov
Email: recepcia@kuriabeckov.sk
or the appointed Data Protection Officer.
Last updated: 1 December 2025