Mazars Slovakia Privacy Statement
Mazars in Slovakia takes the security of and our legal responsibilities around your personal data very seriously. This privacy statement sets out which personal data we collect from you through our interaction with you, how we process that personal data and provides information about your rights in relation to the processing of your personal data.
The data controller is each of Mazars companies in Slovakia:
- Mazars Slovensko s.r.o., Europeum Business Center, Suché mýto 1, 811 03 Bratislava, Slovak republic; Registration No.: 35793813; registered in the Commercial Registry of the District Court of Bratislava I, Section: Sro, Insert No.: 22257/B;
- Mazars Accounting, s.r.o., Europeum Business Center, Suché mýto 1, 811 03 Bratislava, Slovak republic; Registration No.: 35947373; registered in the Commercial Registry of the District Court of Bratislava I, Section: Sro, Inset No.: 36954/B;
- Mazars Tax k. s., Europeum Business Center, Suché mýto 1, 811 03 Bratislava, Slovak republic; Registration No.: 35951010; registered in the Commercial Registry of the District Court of Bratislava I, Section: Sr, Insert No.: 586/B;
each of which is a separate and independent legal entity (for more information about Slovak Mazars companies click https://www.mazars.sk/Home/Contact-us/Our-entities). This privacy statement refers to them as “Mazars”, “we”, “our”, “us”. This privacy statement applies to each of them separately.
We may collect and process personal data from:
- our clients, suppliers, business contacts and potential clients and potential suppliers (and/or from individuals associated with them);
- individuals whose personal data we obtain in connection with providing professional services to our clients (e.g. our client's employees, customers and suppliers, our clients' and employees' family members, government agency contact persons, data subjects´ representatives, or other advisors to the data subject);
- recipients of marketing communication (e.g. newsletters, events invitations)
- job applicants and candidates;
- individuals who contact us personally, in writing or through our website and social media tools.
What personal data do we process?
Depending on the nature of the services we provide, the legal obligations to which we are subject, the precontractual or contractual obligations according to contracts to which we are a party, our legitimate interests or the specific consent you grant us to that end, we may collect or obtain general personal data, e.g. identification, contact, education, employment. For certain services or activities, and when required by law or with an individual's explicit consent, we may also collect special categories of personal data - physical or mental health.
How do we collect personal data?
We may collect or obtain personal data because you give it to us, because other people give that data to us (e.g. our clients about their employees, customers, clients and other data subjects whose personal data they collect; our suppliers about their employees, data subjects´ representatives; other advisors to the data subject; government agencies; or third party service providers that we use to help operate our business), through your connection to our Wi-Fi network, through our website and social media tools, or because it is publicly available.
Use of personal data
Except for situations where we process your personal data based on your (explicit) consent, we may process your personal data for the purposes outlined below, because processing is necessary for (1) compliance with our legal and regulatory obligations, (2) the performance of a contract to which you are a party or to take steps at your request prior to entering into a contract, and/or (3) the purposes of our legitimate interests related to the delivery of our services or the operation of our business.
We use personal data for the following purposes:
- Contract entry and continuance: In order to commence and continue working with our clients, we are legally required to take certain steps (AML/CTF Act). We will have to process personal data about our clients, their ultimate beneficial owners and the client representatives.
- Providing professional services to our (potential) clients: We provide a diverse range of professional services (for information on our services, click on the following link ). We process personal data in order to propose or deliver those services to our (potential) clients, which could be the data subject himself, the data subject’s employer or the data subject’s contracting party.
- Administering, managing and developing our businesses and services: We process personal data in order to run our business, including managing our relationship with our clients and prospects (potential client), meeting our own administrative, accounting and corporate obligations, maintaining and using our IT systems, developing our businesses and services, hosting events, managing our systems and applications.
- We also process personal data about our suppliers, subcontractors and individuals associated with our suppliers and subcontractors in order to manage the relationship, contract, to receive services from our suppliers and, where relevant, to provide professional services to our clients.
- Recruitment and personnel administration: We collect personal data from job applicants and candidates in order to recruit new employees. We also collect personal data concerning our own personnel as part of the administration, management and promotion of our business activities.
- Security and personal and property protection: Personal data may be processed in the context of protecting our own and our client’s information and within the scope of protection of persons and of our own, as well your property.
- Direct marketing: we may process personal data for direct marketing purposes, in order to promote and develop our services, to provide you with information that we think will be of interest to you, to send you invitations to our events. In all those cases we will give you the opportunity to opt-out of our direct-marketing activities. Opt-out can be achieved by responding using the unsubscribe options contained within the information you have received or by e-mailing us at email@example.com .
- Complying with any requirement of law, regulation or a professional body of which we are a member of: As with any provider of professional services, we are subject to legal, regulatory and professional obligations. We need to keep certain records to demonstrate that our services are provided in compliance with those obligations and those records may contain personal data.
- Protecting our rights and those of our clients.
Who do we disclose personal data to?
We may from time to time transfer or disclose your personal data to other entities of Mazars or to third parties for any of the purposes listed above, including to governmental and professional agencies and subjects who perform services on our behalf, such as web hosting providers, IT service providers, payment providers, customer relationship management providers, marketing agencies, delivery service providers.
When we disclose your personal data to subjects who perform services on our behalf, we ensure that such service providers use your data only in accordance with our instructions, and we do not authorize them to use or disclose personal data except as necessary to perform services on our behalf or to comply with applicable legal obligations.
We may also disclose your personal data to third parties where it is required to do so by law, a regulator or for the purposes of, or in connection with, any legal proceedings, or otherwise for the purpose of establishing, exercising or defending our legal rights.
We may share personal data with other Mazars member firms where necessary for administrative purposes and to provide professional services to our clients (e.g. when providing services involving Mazars member firms in different countries). Our business contacts are visible to Mazars member firms.
Due to the global nature of our operations, we may transfer your personal data outside the European Economic Area (EEA) to countries whose data protection laws may not be as extensive as those in the EU.
When we transfer data outside the EEA, we will only transfer such personal data (i) to a country which the European Commission considers having adequate data protections laws; or (ii) where we have put in place an appropriate data transfer mechanism, such as EU Standard Contractual Clauses, to ensure that your personal data is adequately protected.
Should you make an enquiry through our website which concerns one of the Mazars member firms we will forward the request to them on your behalf.
We do not sell or rent your personal data for any purpose.
Data Subject Rights
Where we act as a Data Controller for your personal data, you may exercise a number of rights over your data including:
- Accessing the personal data we hold about you
- Asking us to correct any of your personal data we hold which are inaccurate
- Request to have your personal data deleted
- Withdraw consent to our processing of your personal data (if we process your personal data based on consent)
- Put in place restrictions on our processing of your personal data
- Objecting to our processing of your personal data
- Asking us to transfer your data to another controller (data portability)
We will handle all exercise of your data subject rights in accordance with the requirements of the applicable privacy regulation. Should you wish to exercise any of your data subject rights please contact us at firstname.lastname@example.org .
In order to prevent any unauthorized disclosure of your personal data, we must verify your identity. In case of doubt or ambiguity, we will ask you for additional information first.
Should we receive a request from you to exercise data subjects´ rights but we are only acting as a Data Processor within our relationship with our client, we will inform you accordingly and you should address your requests to our client.
We do not make decisions based solely on automated processing, including profiling, within activities related to your personal data.
Questions and complaints
Should you have any questions or complaints in relation to this privacy statement or the way we collect and process your personal data, please contact us at our addresses listed above or at e-mail address email@example.com .
If you are dissatisfied with the way we have handled your personal data and we are unable to resolve the issue for you, you may take the matter to the Slovak Data Protection Authority: Úrad na ochranu osobných údajov Slovenskej republiky.
Duration of Processing
We will hold your personal data on our systems for the longest of the following periods: (i) as long as is necessary for the purpose of which it was collected; (ii) any retention period that is required by law; or (iii) the end of the liability period in which litigation or investigations might arise in respect of our services (iv) during period for which consent was given or until its withdrawal.
After the applicable retention period(s) has expired, personal data will be deleted or anonymized.
We ensure that appropriate technological and organisational measures are in place to protect your personal data from loss, misuse, alteration or unintentional destruction, such as the use of anti-virus, firewalls, web-filtering and malware protection, secure servers, hard disk encryption software, password protection, technical controls, physical access controls, procedural controls.
Our personnel who have access to your personal data have been trained to maintain the confidentiality of such data. They will only be granted access to your personal data to the extent that they need this information to perform their duties properly. The persons who can consult your data are also bound by strict professional discretion.
Conditions to protect data to at least the same standard as we do are cascaded to all our contractors, (sub) processors and suppliers.
Regular monitoring and testing of our security defences is carried out to ensure they continue to be effective against the latest threats.
Data transferred over the internet by us and through this website are protected using encryption technologies to ensure they remain secure.
Children and our website
Mazars in Slovakia understands the importance of protecting children's privacy, especially in an online environment. Our sites are not intentionally designed for or directed at children. It is our policy never to knowingly collect or maintain information about anyone under the age of 16 through our websites. If you are under 16 years of age you must obtain the consent of a parent or guardian to submit information via our website. Please ask them to review this information before you communicate with us.
Navigation on our website may result in cookies being sent to your computer. Cookies are small text files that are placed on your computer by the websites that you visit.
For further details, please consult our Cookies information .
Changes to this privacy statement
This privacy statement is applicable as from May 2018. We may amend it from time to time. Any changes will be published on this page and we recommend you check here regularly to ensure you remain in agreement with our data processing activities.