Privacy Policy

The original text is here: 

​

Identification data of the operator:
ERP TWIG LLC, 995 Terrace BLVD. EWING, NEW JERSEY 086 18, EIN 83-3788774 (hereinafter referred to as the "Company") acts as an information systems operator (hereinafter referred to as "IS") when processing the personal data of its clients, customers or business partners (hereinafter referred to as the "data subject").  

Legal basis for processing personal data of the persons concerned:
When processing personal data, the company proceeds in accordance with Act No. 18/2018 Coll. on the Protection of Personal Data and on Amendments and Supplements to Certain Regulations (hereinafter referred to as the "Act on the Protection of Personal Data"). The legal basis for personal data processing is the Personal Data Protection Act, special legal regulations and consent to the processing of personal data, depending on the purpose of personal data processing. 
In the event that the purpose of processing personal data, the scope of the affected persons and the list of personal data is established by a directly enforceable act of the European Union, an international treaty to which the Slovak Republic is bound, the Act on the Protection of Personal Data or a special law, the company is entitled under the Act on the Protection of Personal Data process personal data without the consent of the person concerned. 

The company processes personal data without the consent of the person concerned, and the purpose of processing personal data, the range of persons concerned and the list of personal data or their scope is established by a directly enforceable legally binding act of the European Union, an international treaty to which the Slovak Republic is bound, or this law. If the list or scope of personal data is not established, the company may process personal data only to the extent and in a manner that is necessary to achieve the established purpose of processing while complying with basic obligations under the Personal Data Protection Act. 

The company further processes personal data without the consent of the person concerned, and for the purpose of processing personal data, the range of persons concerned and the list of personal data is established by a special law and only to the extent and in the manner established by a special law. Processed personal data can be provided, made available or published from the information system only if a special law establishes the purpose of providing, making available or publishing, a list of personal data that can be provided, made available or published, as well as third parties to whom personal data is provided, or the range of recipients to whom personal data is made available, unless the Personal Data Protection Act provides otherwise. 

The company processes personal data without the consent of the person concerned even if:
a) the processing of personal data is necessary for the performance of a contract in which the person concerned acts as one of the parties to the contract, or in pre-contractual relations with the person concerned or during negotiations to change the contract, which take place at the request of the person concerned,_cc781905-5cde-3194- bb3b-136bad5cf58d_
b) the processing of personal data is necessary to protect the life, health or property of the person concerned, 
c) the subject of processing is exclusively the title, first name, surname and address of the person concerned without the possibility of assigning any other personal data to them, and their use is intended exclusively for the needs of the operator in postal relations with the person concerned and the records of this data,_cc781905-5cde-3194- bb3b-136bad5cf58d_
d) personal data are processed that have already been published in accordance with the law and the operator has properly marked them as published; the person who claims to process published personal data shall, upon request, prove to the office that the processed personal data has already been legally published, 
e) the processing of personal data is necessary to protect the rights and legally protected interests of the operator or a third party, while this does not apply if the fundamental rights and freedoms of the data subject prevail during such processing of personal data, which are subject to protection according to this law._cc781905-5cde-3194- bb3b-136bad5cf58d_

If, due to the purpose of personal data processing established in a directly enforceable legally binding act of the European Union, an international treaty to which the Slovak Republic is bound, in the Personal Data Protection Act and a special law, it is not possible to specify in advance the individual personal data to be the subject of processing, the list of personal data can be replaced by the range of personal data. 

In such processing of personal data, the company is obliged to proceed in accordance with the Personal Data Protection Act, except for those operators who process personal data for the purposes of and in connection with legal proceedings. In the event that the Personal Data Protection Act does not apply to the processing of personal data, the company as an operator is authorized to process personal data only with the consent of the person concerned. The company obtains the consent of the person concerned without coercion or coercion, as well as without conditioning by the threat of rejection of the contractual relationship, services provided or obligations arising for the operator from legally binding acts of the European Union, international agreements to which the Slovak Republic is bound or the law. In case of refusal to provide personal data to the company for the purposes necessary for the provision of services or the fulfillment of legal obligations, the company is entitled to warn the affected person of the possible consequences of not providing personal data. 

The affected persons agree that the company, when processing personal data, entrusts such processing to an intermediary who processes personal data on behalf of the company. After the end of the purpose of personal data processing, the company disposes of these lawfully obtained personal data of the persons concerned within the period established by applicable legal regulations and in accordance with the company's internal regulations. 
 

The purpose of processing the personal data of the persons concerned:
The company respects your privacy and considers the provided personal data confidential. For the quality provision of its services, the company needs to know some personal data of the affected persons and needs to provide them to other recipients in order to fulfill legal obligations and ensure the highest quality services. 

The company processes the provided personal data for several purposes. 
On the one hand, it concerns the personal data of job applicants and the personal data of their employees for the purposes of the personnel and payroll agenda, as well as related legal obligations resulting from special legal regulations. The company also processes the personal data of its clients, customers and business partners for the purpose of securing its business activities, taking into account the interests of its clients, customers and business partners. The company does not process personal data for any other purpose, which means that the company only collects, stores and processes the personal data of the affected persons that it needs in order to fulfill its provided services. The personal data provided are strictly protected against misuse by unauthorized third parties, by means documented in the adopted security project and security directive in accordance with the Personal Data Protection Act. When processing the personal data of the affected persons, the company complies with the basic obligations of the operator arising from the Personal Data Protection Act, which include the following obligations. 

The company always uses the provided personal data for a predetermined purpose of processing, which is clear, defined unambiguously and concretely, while being in accordance with the Constitution of the Slovak Republic, constitutional laws, laws and international treaties to which the Slovak Republic is bound._cc781905-5cde-3194- bb3b-136bad5cf58d_

The company always defines the terms of personal data processing in such a way that the rights of the data subject established by law are not restricted. The company only acquires the personal data of the affected persons whose scope and content correspond to the purpose of the processing and are necessary to achieve it. The company ensures that the personal data of the persons concerned is processed exclusively in a manner that corresponds to the purpose for which it was collected in advance. The company as an operator is obliged to process only correct, complete and as necessary updated personal data in relation to the purpose of processing. The operator is obliged to block incorrect and incomplete personal data and correct or supplement them without undue delay, if they cannot be corrected or supplemented in such a way that they are correct, the company will clearly mark this personal data and dispose of it without undue delay. The company ensures that the personal data of the affected persons are processed in a form that enables the identification of individual affected persons for a period of time no longer than is necessary to achieve the purpose of the processing. The company disposes of personal data for which the purpose of processing has ended in the prescribed manner. After the end of the defined purpose, the company is entitled to process personal data to the extent necessary for research or statistical purposes in their anonymized form. The operator cannot use the personal data processed in this way to support measures or decisions taken against the person concerned to limit his fundamental rights and freedoms. 

Intermediaries:
the company does not provide your personal data to third parties in violation of the Personal Data Protection Act and for the purpose of their collection, contrary to your interests or instructions, and they are provided to third parties only within the scope of the above-mentioned purpose._cc781905-5cde-3194-bb3b- 136bad5cf58d_

In its business activities, the company cooperates with several intermediaries whose goal is to provide high-quality services, while these entities process the personal data of the affected persons in the performance of their contractual activities for the company. The company honestly declares that, when selecting individual intermediaries, it paid attention to their professional, technical, organizational and personnel competence and their ability to guarantee the security of processed personal data through security measures adopted in accordance with the Personal Data Protection Act. At the same time, when choosing a suitable intermediary, the company proceeded in such a way as not to endanger the rights and legally protected interests of the persons concerned. As an operator, the company has entered into written contracts with intermediaries in accordance with the Personal Data Protection Act on the protection of personal data processed by the intermediaries, whom it has entrusted with processing the personal data of the affected persons only to the extent, under the conditions and for the purpose agreed in the contract and in the manner according to the Personal Data Protection Act . 

Scope and list of processed personal data:
The company processes in its information systems the personal data of the persons concerned to the extent necessary to achieve the specified purpose. This is the extent of personal data determined by special legal regulations or to the extent of the consent of the person concerned to the processing of his personal data. The company only processes personal data that was provided to it voluntarily and to the extent necessary by the person concerned. The provision of personal data to the company beyond the scope of special laws is voluntary. 

Conditions and method of processing personal data of the persons concerned:
The company processes the personal data of the affected persons in its information systems by automated and non-automated means of processing. The company does not disclose processed personal data, except when required by a special legal regulation or a decision of a court or other state authority. The company will not process your personal data without your express consent or other lawful legal basis for another purpose, even to a greater extent than is stated in this information and the registration sheets of individual information systems of the operator. 

The rights of the person concerned in connection with the processing of his personal data:
The person concerned has the right to demand from the company, based on a written request:
a) confirmation of whether or not personal data about her are processed, 
b) in a generally comprehensible form, information on the processing of personal data in the information system to the extent pursuant to the Personal Data Protection Act; when issuing a decision according to the Personal Data Protection Act, the person concerned is entitled to become familiar with the procedure for processing and evaluating operations, 
c) in a generally comprehensible form, precise information about the source from which he obtained his personal data for processing, 
d) in a generally comprehensible form, a list of personal data that is the subject of processing, 
e) correction or disposal of your incorrect, incomplete or out-of-date personal data that is the subject of processing, 
f) liquidation of his personal data, the purpose of processing of which has ended; if the subject of processing is official documents containing personal data, he can request their return, 
g) liquidation of his personal data that is the subject of processing, if there has been a violation of the law, 
h) blocking of his personal data due to withdrawal of consent before the expiry of its validity, if the company processes personal data based on the consent of the person concerned. 

The above-mentioned rights of the affected person according to letters e) and f) can be restricted only if such a restriction results from a special law or its application would violate the protection of the affected person, or the rights and freedoms of other persons would be violated._cc781905-5cde-3194-bb3b- 136bad5cf58d_

According to the Personal Data Protection Act, the data subject has the right to object to:

a) processing his personal data, which he assumes are or will be processed for direct marketing purposes without his consent, and request their liquidation, 
b) the use of personal data specified in the Personal Data Protection Act for the purposes of direct marketing in postal communication, or 
c) provision of personal data specified in the Personal Data Protection Act for direct marketing purposes. 

According to the Personal Data Protection Act, the person concerned has the right, based on a written request addressed to the company or in person, if the matter cannot be delayed, to object at any time to the processing of personal data in cases according to the Personal Data Protection Act by stating legitimate reasons or by presenting evidence of unauthorized interference with his rights and interests protected by law, which are or may be damaged in a specific case by such processing of personal data; if legal reasons do not prevent this and it is proven that the objection of the person concerned is justified, the company is obliged to block and dispose of personal data, the processing of which the person concerned has objected to, without undue delay, as soon as the circumstances permit. 

​

According to the Personal Data Protection Act, the data subject has, based on a written request addressed to the company or in person, if the matter cannot be delayed, the right to object at any time and not to submit to the company's decision that would have legal effects or significant impact for him, if the decision is also issued exclusively on based on automated processing of his personal data. The affected person further has the right to request the company to review the issued decision by a method different from the automated form of processing, while the company is obliged to comply with the affected person's request, in such a way that the authorized person will have a decisive role in reviewing the decision; the operator informs the affected person about the method of examination and the result of the finding within the deadline according to the Personal Data Protection Act. The affected person does not have this right only if this is established by a special law in which measures to ensure the legitimate interests of the affected person are regulated, or if, within the framework of pre-contractual relations or during the existence of contractual relations, the operator issued a decision complying with the request of the affected person, or if based on the contract, the operator has taken other appropriate measures to ensure the legitimate interests of the person concerned. 

If the data subject exercises his right:
a) in writing and from the content of the request, it follows that he is exercising his right, the request is considered to have been submitted in accordance with the Personal Data Protection Act; a request submitted by e-mail or fax shall be delivered by the person concerned in writing no later than three days from the date of sending it, 
b) in person orally in the minutes, from which it must be clear who exercised the right, what is claimed and when and who made the minutes, his signature and the signature of the person concerned; the company is obliged to hand over a copy of the minutes to the person concerned, 
c) in the case of an intermediary according to letter a) or letter b), he is obliged to hand over this application or minutes to the company without unnecessary delay. 
If the person concerned suspects that his personal data is being processed unlawfully, he can submit a proposal to initiate proceedings on the protection of personal data to the Office for the Protection of Personal Data of the Slovak Republic, with registered office at Hraničná 12, 820 07 Bratislava 27, Slovak Republic, or contact the office via its website headquarters http://www.dataprotection.gov.sk. If the person concerned does not have full legal capacity, the legal representative can exercise his rights. If the person concerned is not alive, the rights that he had under this law can be exercised by a close person. The company handles the request of the affected person free of charge according to the Personal Data Protection Act. According to the Personal Data Protection Act, the company will process the request of the person concerned free of charge, except for payment in an amount that cannot exceed the amount of material costs incurred for the purpose of making copies, supplying technical media and sending information to the person concerned, unless a special law provides otherwise. The company is obliged to process the request of the affected person in writing according to the Personal Data Protection Act no later than 30 days from the date of delivery of the request. The company shall notify the affected person and the Office for the Protection of Personal Data of the Slovak Republic in writing without undue delay of the restriction of the rights of the data subject pursuant to the Personal Data Protection Act. 

The company hereby informs you, as the person concerned, about the protection of your personal data and instructs you about your rights in relation to the protection of personal data within the scope of this written information obligation. 

ERP TWIG LLC, 995 Terrace BLVD. EWING, NEW JERSEY 086 18, 7/8/2018.