Privacy Policy
1. Identification of Controller, Circle of Data Subjects and Initial Information
1.1 Glocco s. r. o., with its registered office at Zámocká 36, 811 01 Bratislava, Slovak Republic, Identification No.: 47588292, registered in the Commercial Register of the District Court Bratislava I, section: Sro, insert No.: 125182/B (the “Controller”), is the controller of personal data pursuant to Article 24 of Regulation (EU) 2016/679 (GDPR). Throughout this document, “we”, “our”, and similar terms refer to the Controller.
1.2 Data Subjects include natural persons who express interest in our services or enter into a service agreement, including representatives of our business partners. The terms “you”, “your”, and similar refer to the Data Subjects.
1.3 This Privacy Policy (the “Document”) is created to ensure transparency and provide you with basic rules regarding the protection of your personal data, in line with Articles 13 and 14 of the GDPR.
1.4 We process personal data lawfully, fairly, and transparently. We prioritize data security and apply the principle of data minimisation.
1.5 By placing an order for our services in accordance with our General Terms and Conditions, you confirm that you have read and agreed to this Document.
2. List of Personal Data, Purpose of Processing, and Legal Basis
Conclusion of the Agreement
2.1 During the ordering process, we process your personal data based on Article 6(1)(b) of the GDPR:
-
Name
-
Surname
-
Telephone number
-
Email address
-
Information on the purchased service
-
Payment-related information
Note: Data may vary depending on how you contact us. If data is not provided, a binding order and subsequent agreement cannot be completed.
2.2 Upon order confirmation and contract conclusion, the same data is processed. Processing continues until all rights and obligations from the contract are fulfilled, including legal claims (e.g. warranty periods).
Post-Contractual Obligations
2.3 We process your data after the contract is fulfilled to manage:
-
Complaints
-
Withdrawal from the contract
-
Legal claims
Based on Article 6(1)(c) of the GDPR, data includes:
-
Data under section 2.1
-
Complaint-related data
2.4 We also process data based on legitimate interest (Article 6(1)(f)) to exercise legal claims, such as recovering receivables or compensating for damages.
2.5 Cookies and Use of the Website
2.5 Our website uses cookies to ensure functionality and improve user experience. These cookies include:
-
Essential cookies (do not require consent)
-
Functional cookies (require your consent)
2.6 Upon your first visit, we request your consent for non-essential cookies.
2.7 If cookies become part of personal data, we process them under:
-
Article 6(1)(a) – Consent
-
Article 6(1)(f) – Legitimate interest (e.g. site security, business performance)
2.8 You can manage cookies through your browser settings. Look for options like “Privacy Mode” or “Tracking Protection”.
3. Your Rights as a Data Subject
3.1 You may exercise your rights by sending a signed written request to: compliance@glocco.com
3.2 If you’ve provided consent, you can withdraw it anytime. Withdrawal does not affect the legality of prior processing.
3.3 If data is processed under legitimate interest, you may object to the processing. We will then assess whether our reasons override your rights.
3.4 You have the right to:
-
Access your data (Article 15)
-
Rectify inaccurate data (Article 16)
-
Request deletion (Article 17)
-
Restrict processing (Article 18)
-
Data portability (Article 20)
-
Object to processing (Article 21)
-
Not be subject to automated decisions (Article 22)
3.5 We may request identity verification if your request is not submitted in a verified manner (e.g. qualified e-signature).
3.6 We respond to all valid requests within 30 days.
4. Controller’s Policy and Guarantees
4.1 We do not transfer your data outside the EU. All data is stored in Slovakia.
4.2 Data is only published based on your explicit consent or voluntary action (e.g. reviews).
4.3 We regularly review and improve data security practices and may work with a Data Protection Officer.
4.4 Data transferred over public networks is encrypted.
4.5 Consent is never a condition for using our services.
4.6 If the purpose of data processing no longer applies, data processing and storage are stopped.
4.7 Identified recipients of your data include:
-
Legal service providers
-
Accounting firms
-
IT service providers
4.8 All data recipients are authorized and legally bound to confidentiality.
4.9 We do not disclose private communication unless legally required.
4.10 We do not sell your personal data. Payment processing is handled by third-party operators independently, governed by their own policies.
4.11 Our processors are carefully selected for their ability to ensure data protection.
4.12 We only provide necessary data to fulfill the specific purpose (e.g. invoicing).
4.13 We use phone, email, and website communication for service-related matters.
4.14 We only process children’s data when provided by a legal guardian, and with valid legal grounds.
4.15 Please avoid sharing sensitive or unnecessary personal information with us that is not relevant to the provision of services.
5. Final Provisions
5.1 If any part of this document is unclear, please contact us for clarification.
5.2 This document is regularly updated. The current version is always available on our website.
5.3 If you wish to file a complaint, contact the supervisory authority:
Úrad na ochranu osobných údajov Slovenskej republiky
Hraničná 12, 820 07 Bratislava
📞 +421 2 3231 3214
✉️ statny.dozor@pdp.gov.sk
