Dear client, customer, business partner. This information on the protection of personal data and privacy applies to you and your personal data, because you are our client, customer or business partner. Our company acts as a controller in the processing of your personal data. We want to explain to you how we will use the personal data that we obtain from you or from third parties during the duration of our contractual relationship or after its termination. With this document, we also want to fulfill our obligation to provide information pursuant to Article 13 of Regulation (EU) No. 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (General Data Protection Regulation) and Act No. 18/2018 Coll. of 29 November 2017 on the protection of personal data and on the amendment and supplementation of certain acts.   The operator has concluded a contract with joint operators pursuant to the provisions of Section 33 of the Personal Data Protection Act and Article 26 of the GDPR Regulation containing the requirements defined by the Personal Data Protection Act and the GDPR Regulation. The joint operators have also designated a contact point where the data subject can exercise their rights. Either at the email address of the DPO (person responsible for supervising the processing of personal data) ppgad@pucrs.br, or in writing to any of the operators. Note. The person concerned is understood to be the person whose personal data is processed by the joint operators. Contacts and methods of communication with the person with whom you can communicate regarding the protection of personal data:

• in writing to the operator's address
• electronically at: ppgad@pucrs.br
• in person at the reception

  Who are you? Person concerned: any natural person to whom personal data relate. For the purposes of this document, in particular a person entering into a contractual relationship with the operator, a contact and/or authorized person acting on behalf of the contracting party concluding a contract with the operator, a person using the services provided by the operator, a person moving in the monitored area, etc. (hereinafter referred to as "person concerned"). In the event that data about the data subject is provided to the controller by another person (or e.g. a contracting party), the provider of the data subject's personal data is authorized to do so only if he has a legitimate legal basis for the provision under the relevant provisions of the GDPR or the Personal Data Protection Act and is obliged to be able to prove it upon the controller's request.   Why does the operator process your personal data, what Types of personal data and what they are We process the following data:

1. For the purpose of concluding a contractual relationship between the data subject and the controller

in particular to the extent of contact details, identification details, payment details and other specific data necessary for the performance of the contract. The processing is carried out in accordance with Art. 6 para. 1 letter b) GDPR and is necessary for the performance of the contractto which the data subject is a party, or to take measures prior to entering into a contract, including the submission of offers and calculations, at the request of the data subject. The provision of personal data by the data subject is a contractual requirement. Failure to provide the required personal data will make it impossible to enter into a contractual relationship with the data subject.  

2. For the purposes of communication in connection with the conclusion of contractual and binding relations between a contracting party who is not the data subject and the controller

in particular to the extent of identification data and contact data and other specific data necessary for the performance of the contract. The processing is carried out in accordance with Article 6(1)(f) GDPR (e.g. communication with contact, authorized and authorised persons of the contracting party or persons authorised by the contracting party for the purposes of establishing pre-contractual relations, including submitting offers and calculations, fulfilling the subject of the contract or obligation, recovering the receivable, etc.).  

3. For the purposes of keeping records and reporting the residence of residents of the Slovak Republic and processing reports and notifications.

The processing is carried out in accordance with Art. 6 para. 1 letter c) GDPR and is necessary for the fulfillment of the legal obligation of the controller pursuant to Act No. 500/2004 Coll., the full text of Act No. 253/1998 Coll., on reporting the residence of citizens of the Slovak Republic and the register of residents of the Slovak Republic. The data subject is obliged to provide personal data. Failure to provide personal data will make it impossible to provide accommodation to the person concerned.  

4. For the purposes of keeping records and reporting the residence of foreigners and issuing related confirmations, reports and notifications.

The processing is carried out in accordance with Art. 6 para. 1 letter c) GDPR and is necessary to fulfill the legal obligation of the controller pursuant to Act No. 404/2011 Coll. on the residence of foreigners. The data subject is obliged to provide personal data. Failure to provide personal data will not allow the data subject to be provided with accommodation.  

5. For the purpose of collecting accommodation taxes

in accordance with the General Binding Regulation of the City, which was issued in accordance with Act No. 582/2004 Coll. on local taxes and local fees for municipal waste and small construction waste, as amended. The scope of the processed data is set out in Section 7 of the aforementioned generally binding regulation of the City. The processing is carried out in accordance with with Art. 6 para. 1 letter c) GDPR and is necessary for the fulfillment of the legal obligation of the controller and/or the data subject (primarily for the purpose of fulfilling the obligations arising from the aforementioned generally binding regulation, recording the accommodated persons in the form of an annex to the book of accommodated persons and proving the correctness of the collection of the accommodation tax). Failure to provide personal data will make it impossible to calculate the tax for the data subject and collect the fee in question from him, which will result in the data subject having to personally notify the municipality of the obligation to pay the tax.    

6. For the purposes of ensuring the exercise of the rights of data subjects in accordance with the GDPR and maintaining relevant records

The processing is carried out in accordance with Art. 6 para. 1 letter f) GDPR and is necessary to protect the legally protected interests of the controller and the data subject arising from the provisions of the GDPR. The data subject is obliged to provide personal data, in particular to the extent of identification data necessary for their precise identification in the controller's systems and contact data for the purpose of informing them about the processing of their request (if the data subject requests a statement). Failure to provide personal data will make it impossible to process the data subject's request. The calculation of the data subject's rights arising from the GDPR is provided at the end of this information.  

7. For the purposes of recovering incurred damages and claims, handling complaints, storing documentation and records, and based on other legitimate interests of the operator.

The processing is carried out in accordance with Art. 6 para. 1 letter f) GDPR and is necessary to protect the legally protected interests of the controller consisting in the ability to defend the legally protected interests of the operator.  

8. Monitoring premises for the purpose of property protection

Purpose of processing personal data that arises when using a camera system is the monitoring of premises with the aim of protecting property, health and detecting crime through a camera system. Legal basis monitoring: Art. 6 para. 1 letter f) of the Regulation, Legitimate interest of the Operator  

9. Processing accounting documents

The processing is necessary for compliance with a legal obligation of the controller pursuant to Article 6(1)(c) of the Regulation. Subsequently, the personal data are stored in accordance with Act No. 395/2002 Coll. on archives and registries.  

10. Marketing purposes, Newsletter

Personal data will only be processed to send newsletters to the email address you have provided. We process personal data pursuant to Article 6(1)(f) of the Regulation. Your email address will be processed until you unsubscribe. You can unsubscribe by clicking on the "unsubscribe" link in each newsletter you receive from us. After you unsubscribe, you will no longer receive any newsletters. Scope of personal data processed: email address.  

11. Website user identification, cookies.

If we are able to identify the person of the visitor to the web environment during the recording, this will be the processing of personal data. We must have a legal basis for such processing. One legal basis may be your consent as the data subject and the other, especially when monitoring and evaluating activities, will be the legitimate interest of the operator, i.e. us, to offer you the best possible specific service settings or support for your activities in a contractual relationship with our company, including direct advertising.