1. General provisions
1.1. HRAVY s. r. o. (hereinafter the “Company”) respects the rights of all their clients (customers) (hereinafter the “Clients”), including visitors of the website https://www.adventica.sk (hereinafter the “Website”), to privacy and obligates to protect their personal data and facilitate the exercise of their rights as the data subjects.
1.2. The present Privacy policy shall regulate the key principles and procedure of collection, processing, and storage of personal data of the Company Clients including the Website visitors.
1.3. When using the Website, you agree to the provisions of the present Privacy policy (except for actions related to data processing that require your additional consent). It shall be considered that the Clients have familiarised with the Privacy policy after checking the box when ordering goods or services or by signing the park waiver. The Privacy policy is at any time available on the Website or in the amusement park for a repeated familiarization.
1.4. Your personal data shall be processed following the provisions of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation – GDPR), the Law on Protection of Personal Data of the Slovak Republic (LPPDSR), Law on Electronic Communications of the Slovak Republic (LECSR) and other applicable laws regulating personal data protection, also instructions of data protection authorities (Office for Personal Data Protection of the Slovak Republic).
2. What definitions we use
2.1. Personal data means any information relating to an identified or identifiable natural person (data subject); an identifiable natural person is an individual that can be identified directly or indirectly, first of all, using an identifier, such as the first and last name, personal ID number, location data and the internet identifier, or based on one or several features of the physical, physiological, genetic, psychic, economic, cultural or social identity.
2.2. Data subject – a natural person – the Company Client (including the Website Visitors) whose personal data are collected by the Company.
2.3. Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
2.4. Data processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
2.5. Data processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the data controller.
2.6. Data controller – HRAVY s. r. o., a company established following laws of the Slovak Republic, ID number 54 726 671, registered office Eurovea Central 1, Pribinova 8, Bratislava 811 09 – municipality Staré Mesto, Slovak Republic, data collected and stored in the Commercial register.
2.7. Direct marketing – the business of selling products or services directly by mail order or telephone selling or any other direct way and (or) asking for an opinion regarding offered services.
3. What personal data we collect and what is the legal basis for the processing your personal data
3.1. The Company collects and further processes the following personal data, provided by you when ordering goods or services on the Website, in its amusement park: a name, surname, email address, phone no., data related to service rendering, such as information on a service and its ordering, account numbers, invoice issuing, payment details, information on a consent regarding personal data processing for the purposes of direct marketing.
3.2. Your personal data mentioned in Point 3.1 are stored within the period of cooperation between you and the Company (the period of service rendering) and for 10 (ten) years after the expiry of this period.
3.3. The Company collects and processes the following personal data provided by you indirectly when ordering goods or services on the Website, i.e. these data are automatically collected from the computers and (or) mobile devices you use, after you visit the Website: IP addresses and connection times, the user’s browser, and its version.
3.4. Your personal data indicated in Point 3.3 are stored within the period of cooperation between you and the Company (the period of service rendering) and depending on the data, up to one year after the expiry of this period. These data can be stored for a longer period where such storage term is based on other legal grounds.
3.5 The Company collects and further processes the following personal data, provided by you when signing the park’s waiver list: a name, surname, email address, phone no., underage customer’s name.
3.6 Your personal data mentioned in Point 3.5 are stored within the period of cooperation between you and the Company (the period of service rendering) and for 6 months after the expiry of this period.
3.7 As for legal basis for processing your data, your personal data are being processed either by (i) your given consent (i.e. marketing purposes or cookies), (ii) it being necessary for the performance of a contract (i.e. processing your order, keeping necessary contact information to a caretaker of underage customer), (iii) it being necessary for compliance with a legal obligations of Data processor (i.e. tax reasons) (iv) it being in legitimate interest of Data processor (i.e. video surveillance).
4. What the purposes for processing of your personal data are
4.1. The Company processes the aforementioned personal data for the following data processing purpose: to process and administrate a purchase (order) of services, to identify the Company Clients in the informational systems of the Company, managing accounting documents related to the service order, to contact you regarding performance of contractual obligations, also for the purposes of direct marketing (with prior consents of data subjects only).
5. How we process your personal data
5.1. We ensure that your personal data will be: processed lawfully, fairly and in a transparent manner, collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes, adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (the principle of data minimisation), accurate and, where necessary, kept up to date (the principle of accuracy), kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed (the storage limitation), processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (the principle of integrity and confidentiality).
6. How we process personal data for direct marketing purposes
6.1. With your prior consent the Company shall send you newsletters by email and (or) make inquiries about the quality of current services furtherer regulated by the provisions of LPPDSR, LECS and Regulation.
6.2. You may withdraw your consent at any time without affecting lawfulness of processing before its withdrawal.
6.3. Your personal data processed for direct marketing purposes will include the first name, the last name and email address.
6.4. Your personal data collected and process for direct marketing purposes are stored until you revoke your consent to receive direct marketing notifications.
7. How we process your personal data by video surveillance of ADVENTICA park
7.1. This processing of your personal data is necessary for the purposes of the following legitimate interests pursued by the Company those being, keeping safety of property and keeping health and safety of persons in ADVENTICA park.
7.2. Video surveillance recordings are not kept longer than 72 hours following their creation.
8. What rights of data subject you have
8.1. You have the rights of data subjects below that we will implement having received your request (by email [email protected]; by mail to the address HRAVY s.r.o. Eurovea Central 1, Pribinova 8, Bratislava, Slovakia) and having properly checked your identity: to obtain the confirmation as to whether or not personal data concerning you are being processed, to obtain the rectification of inaccurate personal data concerning you, also to have incomplete personal data completed, to obtain from the Company the erasure of personal data concerning you where: a. the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed, b. you withdraw your consent and where there is no other legal ground for the processing of your personal data c. the personal data have been unlawfully processed, d. on other grounds established by the Regulation; to obtain from the Company restriction of processing of your personal data, to receive the personal data concerning you, which you have provided to the Company, in a structured, commonly used and machine-readable format and to object to processing of the personal data concerning you (e.g. for direct marketing purposes or etc.).
8.2. It should be noted that in case you consider your rights, as the data subject, are breached, you can lodge a complaint to Office for Personal Data Protection of the Slovak Republic. Please find more information about Office for Personal Data Protection of the Slovak Republic and complaint produces here https://dataprotection.gov.sk/uoou/sk.
9. Who we transfer your personal data to
9.1. The Company’s employees shall be granted an access to your Personal data only under necessity to fulfil their duties and only with the employee’s confidentiality undertaking.
9.2. The Company can transfer your personal data to data processors rendering services to the Company and managing your personal data on the Company’s behalf and for the Company’s or your benefit, to law enforcements authorities where a legal ground for this exists, to other third parties with your consent.
9.3. We shall involve those data processors only who can secure the implementation of appropriate technical or organisational measures in the manner compliant with the requirements set out in the relevant regulation and the protection of your, as the data subject, rights.
9.4. It should be noted that the aforementioned data processors shall have the right to process your personal data based on our instructions only.
9.5. The data processor shall involve another data processor with a prior explicit or common written consent of the Company (the data controller) only.
9.6. Your personal data can also be transferred responding to official request from state institutions and courts, however, after proving legitimacy of such requests only.
10. What cookies we use and how
10.1. When you visit our Website, we store small data files on your device called cookies. Cookies are used for various purposes more closely described in this article bellow. Cookie settings are always available on our Website where you can, provide or revoke your consent etc.
10.2. Technical cookies, for using these we do not need your consent. These cookies allow you to properly use our website and all its functionality i.e. remembering various Website’s settings.
10.3. Analytical cookies, these cookies allow us to analyse traffic to our Website.
10.4. Marketing cookies, these cookies allow us to offer you more relevant goods and services best suited to your preferences.
11. What links are displayed on the Website
11.1. On the Website, there can be displayed links to websites of the third parties, to laws, also to social networks (a possibility to share the Website content in social media Facebook and Instagram). It should be noted that the websites of the third parties that links are displayed on the Website apply the provisions of privacy policies of those websites, and the Company shall be exempted from liability for their content, activities and provisions of their privacy policies.