Privacy policy

(hereinafter referred to as "the Directive")

This Privacy Policy Directive, which you have accessed on our website, governs the rules and principles for the processing of your personal data by TRIAD s.r.o., ID No.: 35931141, with registered office at

Brigádnická 27, 841 10 , Bratislava, Slovakia

(hereinafter also referred to as the "Data Controller" or "Triad"). In the following, the term Triad refers to the employee and the cooperating contractor.

This Directive describes the treatment of your personal data and is therefore the general basis and information source for the processing of your personal data, including the determination of the purpose of the processing, the legal title of the processing or storage limitation and other important issues.

You will read here in particular about:

the personal data we process,
the purposes of the processing and the legal title of the processing, the storage period,
your rights, namely:

- the right of access to personal data
- the right to withdraw consent to the processing of personal data
- the right to rectification of inaccurate or incorrect data
- the right to erasure of personal data
- the right to restrict the processing of personal data
- the right to have personal data extracted in a structured and machine-readable format for themselves or for another controller (right to data portability)
- the right to object to the processing of personal data
- the right not to be subject to automated individual decision-making, including profiling.

If you need to contact us at any time in connection with your personal data, you can contact us at osobneudaje@triad.sk.

If you do not like the way we process your personal data in any way, you also have the right to lodge a complaint with the enforcement authority, which is the Data Protection Authority ( https://dataprotection.gov.sk/uoou/ ).

You can continue below for the full text of the policy, but let's first clarify some of the basic terms we will use in the Directive:

GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data,
personal data - any information about an identified or identifiable natural person, i.e. information that can be used to identify you, e.g. name and surname, email address, IP address, photographs, etc,
special categories of personal data - more commonly known as sensitive data. This category includes personal data relating to racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data and biometric data insofar as they are processed for the purpose of uniquely identifying a natural person, and data relating to a natural person's health or sex life or sexual orientation,
data subject - that is, you, the natural person who is identifiable on the basis of the personal data provided and whose data is protected under the GDPR (hereinafter we refer to the data subject as "you", "you", ...),
processing of personal data - any operation or set of operations with personal data or sets of personal data, where processing includes, for example, obtaining, recording, organising, structuring, storing, adapting or altering, retrieving, consulting, using, destroying, anonymising and erasing,
the controller - this is usually us - the trading company TRIAD, s.r.o., ID No.: 35931141 , with its registered office at Brigádnická 27, 841 10, Bratislava, Slovakia, where the controller determines the purpose and means of processing of personal data. It is also responsible for the compliance of the processing of personal data with the GDPR,
Processor - is any third party with whom we have entered into a contract to process your personal data for us, but in some cases we are also in the position of a processor if we have entered into a contract for the processing of personal data with the controller (our client) for whom we process personal data,
the purpose of the processing and the legal title - the purpose of the processing explains why we process the data, where we must always have a so-called legal title for each purpose of the processing at the same time. The GDPR lists the legal titles under which personal data can be processed.

We'll go through it in turn now:

1. who are we, what personal data do we process and how do we collect it?
2. for what purpose do we process personal data?
3. who processes the personal data, to whom do we transfer the personal data?
4. on what legal basis do we process personal data?
5. for how long do we process personal data?
6. what rights do you have?
7. exercising your rights against TRIAD ,
8. cookies ,
9. direct marketing and profiling,
10. links to third party websites,
11. security,
12. conclusion.

Who are we, what personal data do we process and how do we collect it?

First of all, let us assure you that we process personal data for a predetermined legitimate purpose and on the basis of a legal title in accordance with the requirements of the GDPR.
We are an advertising agency and our job is to promote our clients' products and services as well as ourselves. We create advertising, communicate with you via emails, Facebook, apps, etc. (hereinafter also referred to as "business activity").

We collect your personal data in various ways:

by you yourself sharing/transmitting it to TRIAD - if you communicate via email, Facebook or other social networks, apps, by phone, by filling in contact forms or orders, by filling in data on the website, or by submitting personal data to us in person, etc,
by sharing/transmitting it yourself to other data controllers/processors who transmit personal data to us in connection with our business activities, i.e. for the purpose of carrying out advertising campaigns for our clients (hereinafter also referred to as "external sources"),
data that we process and that we have obtained ourselves or from external sources without you sharing/transmitting it to us yourself - we obtain this data by your use of websites, apps or through social networks, etc.

Specifically, what personal data we may process:

1. General data about your person

first name, last name,
your job title and company/employer, including address,
email address,
telephone number,
gender
date of birth,
photograph,
the data provided in correspondence,
updates to the information provided to us; and
if you visit our premises, CCTV footage.

2. If you visit a website ("Website") or use apps:

If you visit the Site, we may process technical data, including the IP address used to connect your computer to the Internet, the domain name and country that send data requests, the files requested, and the type and version of browser and browser plug-ins, operating system and platform,
we may monitor behavior on the Site (for example, pages you click on) or in applications, including URLs that lead to, through, or from the Site (including date and time), the time and length of visits to certain pages, site interaction data (for example, browsing, clicks, and mouse pointer placement), how you leave the Site, traffic data, location data, blogging and other communication data, and data provided when you request additional services or downloads,
we may process your location data to help you find products and services and, if you are a service provider, to monitor the efficiency and cost-effectiveness of the services you provide to us.

3. If we provide goods or services to you, we may process:

data necessary to provide the goods or services (including form data, order details, order history, payment details, delivery address, delivery restriction request, trade references and tax information);
customer service data; and
data for customer relationship management and marketing.

4. If you use social media to engage with us or find out about our/client products or services, we may process data from your profile (including your preferences and communications on Facebook, Instagram and Twitter), data you post on bulletin boards related to our/client business, and data collected through your interaction with us or information about our/client products and services.

5. If you attend events, we may process photographs and video footage of the event (we will also inform you of this during the event).

6. If you are a jobseeker, you will complete a questionnaire on the website for us. The personal data we process for job applicants are mainly:

first and last name,
e-mail address,
your telephone number,
identity - education and experience and their level,
photographs (included in your CV).

7. If you are a participant in a casting, the purpose of which is to conclude an artistic performance contract or similar contract, we will collect in particular the following data:

name and surname
e-mail address
your telephone number
identity - education and experience and their level
photographs (parts of the submitted works, photographs, video recordings related to the casting).

8. There are CCTV cameras at TRIAD's headquarters at 27 Brigádnická Street, 841 10, Bratislava, Slovakia, which capture your likeness. You will be informed of the location of the CCTV footage by an information sign and pictograms at the entrance to the area being monitored.

TRIAD as a controller generally does not process special categories of personal data and if this does occur, we will always inform you and the processing itself will not take place unless we have a legal basis to do so.

2. For what purpose do we process personal data?

We only process personal data at TRIAD on the basis of pre-formulated legitimate purposes.

One of the main reasons for processing your personal data is our business activities - we want to keep in touch with you, to keep you informed, to offer you services, to involve you in marketing activities and competitions, to introduce products or services to you.

At the same time, we want to improve and develop ourselves, for this we also need to process your personal data.

Another equally important reason is to protect TRIAD and you.

For the sake of clarity, we detail below why we process personal data (purpose of processing) for individual activities:

1. If you visit the website or use one of the applications:

to provide you with the information and services you require from us,
to ensure the security of the Services, the Site and the Application,
to store information about your preferences, and to tailor the Site and App to your individual interests,
to get to know you when you return to the site,
if you are a user of the App, to recognise your location so that we can offer you the nearest possible services,
to enable you to participate in competitions and promotions,
to process your orders for goods or services,
where you have given us your consent to do so or where it is in our legitimate interests to do so, for business development and marketing purposes, to pass on information to you about products and services that we think may be of interest to you or your employer as our client (including newsletters),
to improve and maintain the website and app and to prepare reports or compile statistics to improve goods and services. This information will be anonymised to the extent reasonably possible and your person will not be identifiable from the data collected.

2. If you provide goods or services to us:

so that we can receive services from you and administer them,
to verify reference information to assess whether you or your employer are suitable candidates to work with our company; and
to monitor direct opportunities.

3. If we provide goods or services to you:

To provide you or your employer with the relevant goods or service (including to enable us to confirm and process orders, to manage your account, for billing purposes),
to deal with any comments or problems you have with the goods or services, including any queries you may have about how we obtain, store and use your personal data or requests to provide you with copies of the data we hold about you. Unless we have a contract with you, we may process your personal data for those purposes that are in our legitimate interests in the provision of customer service,
to enable you to participate in events or competitions and to send you photographs of yourself which we take with your permission,
where you have given us your consent to do so or where it is in our legitimate interests to do so, for business development and marketing purposes, so that we can pass on information to you about products and services that you have requested or that we believe may be of interest to you or your employer as our client (including newsletters),
if you contact us on social media - to monitor your online interactions and, where it is in our legitimate interests to do so, also for market research purposes and to plan future marketing campaigns.
Where we use your photograph or video footage of an event - to disseminate information about the event to a wider audience and for internal presentation purposes, and where it is in our legitimate interests to do so, also for business development and marketing purposes or where we have your consent to do so,
if you are a journalist, blogger or influencer and where it is in our legitimate interests to do so, to contact you to invite you to write articles about products and services, to invite you to events, to send you promotional material and to send you press releases,
for internal corporate reporting purposes, business administration, to ensure adequate insurance coverage for our business, to ensure the security of our facilities, for research and development purposes, and to identify and implement opportunities to improve the efficiency of the business,
for jobseekers - recruiting new employees and cooperating suppliers. And if you haven't become one of our employees, we want to stay in touch with you because we may find a job for you in the future,
CCTV footage to ensure the safety of people and property when visiting our premises.
Other purposes for processing personal data include:
- To comply with legal obligations in accordance with the law that we must comply with, whether in the interests of TRIAD or others,
- Establishing, exercising and defending legal claims against TRIAD.
- In connection with the Website and App, we may also process anonymised, aggregated reports and statistics about users of the Website and App or goods and services and from interactions with brands on social media for the purposes of producing internal reports or messages for our Group or another third party and further for our marketing and promotional purposes. The anonymised, aggregated reports or statistics do not allow for personal identification.

3. Who processes the personal data, to whom do we transfer the personal data?

Within TRIAD, personal data is handled by Triad employees who are trained to handle personal data and are bound by confidentiality. Specific personal data is handled only by selected TRIAD employees, i.e. those who are responsible for the specific purpose of processing within their assignment at TRIAD, and no one else has access to the personal data.

We do not sell or rent your personal data to any third party without your consent.

Personal data may be transmitted:

to companies of the TRIAD group which are parent, subsidiary or sister companies of the controller, which includes in particular our subsidiary based in the Czech Republic. The transfer occurs insofar as it is in our legitimate interest to do so for internal administrative purposes (e.g. to ensure consistent and coherent service delivery to our customers, for corporate strategy, in the context of compliance, auditing and monitoring, for research and development, and for quality assurance). We may also share your personal data with our Group where its companies provide products and services to us, such as information technology systems,
suppliers and service providers: including online services we use for marketing purposes (e.g. analytics engines, CRM systems, tools providing email marketing capabilities, advertising systems, etc. ), suppliers of technical services and support, insurers, logistics service providers and cloud service providers, suppliers of CCTV systems located on TRIAD premises, providers of analytics and search modules that help us improve and optimise the website and applications, persons handling corporate reporting, accounting and the overall business administration of TRIAD,
other third parties who provide or receive services in connection with the performance of TRIAD's contractual or legal obligations,
public institutions: courts, law enforcement authorities, administrative authorities, etc,
your employer or employment agency.

To summarize the above, the transfer of personal data occurs if:

It is in the legitimate interest of the administration, growth and development of the business,
we are under a duty to transfer or share your personal data in order to comply with a legal obligation, lawful requests by government or police authorities, and in order to comply with national security or law enforcement laws or to prevent illegal activity,
to protect our interests and rights, to establish, exercise and defend legal claims, or to prevent illegal activities, protect the rights, property or safety of TRIAD, Triad, clients or others. This may include exchanging personal information with other organizations for the purposes of protecting against fraud and limiting credit risk.

4. On what legal basis do we process personal data?

The legal basis for the use of your personal data varies from purpose to purpose, where each purpose of processing must be based on a legal title. We most often process personal data on the basis of the following legal titles:

I. You have entered into a contract with TRIAD or with a data controller who has transferred personal data to us to further process it in our capacity as a processor, including to comply with the terms of use of the website or app that you have agreed to by visiting the website or downloading the app and/or to comply with our service contract or to enable us to obtain services from you or your employer. Without processing your personal data, we cannot fulfil our obligations and commitments under the contract entered into.

II. By processing personal data, we comply with the legal obligations to which TRIAD is subject under the law.

III. The processing of personal data is carried out on the basis of the legitimate interests of TRIAD or the interests of a third party and these interests take precedence over your interests. In particular, we consider the following to be legitimate interests:

the exercise, determination and defence of TRIAD's rights,
the safety and security of persons and property,
the development of TRIAD's business activities and the related management of the website, mobile application, Facebook pages, Instagram and Twitter accounts,
the development of TRIAD's business activities and the related processing of personal data for marketing purposes.

IV. You have given your free, voluntary, unambiguous, unconditional and informed consent when:

you may withdraw or change the scope of your consent at any time, in the same way as you gave it,
we do not make the provision of the service or goods conditional on your consent.

V. We have collected personal data from you for our client who is the data controller and we are in the role of processor.

5. How long do we process personal data?

We only process personal data for as long as necessary to fulfil the purpose and for as long as we have the legal title to process the personal data.

Please note that we may still lawfully process your data after you have withdrawn your consent, on the basis of the legal title under Article 4, point I, II or III and V.

In the event that there is no longer any reason (purpose) for TRAID to process the personal data and we no longer have any legal title to process it, we will delete the personal data.

For convenience, we indicate that the erasure occurs at the latest:

for job applicants: 3 years from the date of consent to the processing of personal data,
CCTV footage: 1 month,
for casting: 3 months,
establishing, exercising or defending legal claims: within 1 year until the expiry of the limitation period.

6. What rights do you have?

The GDPR gives the data subject the following rights:

the right to be provided with basic information regarding processing – we are obliged to inform you when we obtain the personal data if we have it directly from you and, if it has not been obtained directly from you, no later than one month after obtaining the personal data, or at the moment when the communication occurs, if the personal data is used for the purposes of this communication, or no later than after the first disclosure, if we disclose it to a third party,
the right of access to personal data – upon your request, we are obliged to confirm to you whether we are processing your personal data and to inform you according to the GDPR, e.g. about the purpose, the duration of the processing, the erasure rights, etc. We will also provide you with a copy of the processed personal data, provided that there is no adverse interference with the rights and freedoms of other persons,
the right to rectification – if we hold inaccurate personal data, we are obliged to rectify or supplement it at your request,
the right to erasure – at your request, we are obliged to erase personal data without undue delay, in particular if:

you have withdrawn your consent and we have no further legal basis for processing,
we no longer need the personal data for any of the purposes for which it was processed and there is no other purpose and no other legal title,
we have processed the personal data unlawfully,
we will comply with a legal obligation under the law,
you object to the processing of personal data on the basis of legitimate interests and there are no overriding legitimate grounds,
you object to the processing of personal data for direct marketing purposes, including profiling.

Even if you request erasure, we are not obliged to erase the personal data, in particular on the following grounds:

the establishment, exercise or defence of legal claims,
to comply with a legal obligation under the law,
exercising the right to freedom of expression and the right to information.

5. the right to limit processing – we are obliged to limit the processing of your personal data if:

you deny the accuracy of personal data,
TRIAD processes personal data illegally, but at the same time you do not want TRIAD to delete them,
personal data is no longer needed by TRIAD for any of the reserved purposes, but you require TRIAD to retain them for the determination, exercise or defence of legal claims,
objected to processing based on legitimate interest according to Art. 4 point III. and we are waiting to verify whether the interests outweigh the THREE legitimate reasons.

At the time when the processing of personal data is affected, TRIAD can process this data only for its storage, if you want to give us your consent or for the purpose of designation, exercise or right of persons, for the protection of another natural or legal person or legal entity for reasons of important public interest of the Union or a member state. TRIAD will notify you in advance regarding the situation when the restriction of processing will be lifted.

6. the right to data portability – if we process personal data based on consent or based on a concluded contract and the processing is fully automated, you can ask TRIAD for:

provision of personal data in a structured, commonly used and machine-readable format,
transferring such data directly to another controller, if technically possible.

7. the right to object – if we process your personal data based on a legitimate interest, or profile (which is profiling - Article 9), you can object to such processing at any time. We will then limit the processing, unless everything is clarified, and unless we subsequently demonstrate serious legitimate reasons for processing, we will not process the data further. If we use the data for direct marketing, we will immediately stop processing your personal data after raising your objection.

8. the right to protection by state authorities – you have the right to contact the supervisory authority for the protection of personal data - the Office for the Protection of Personal Data, with headquarters at Hraničná 12, 820 07 Bratislava, website: https://dataprotection.gov.sk/uoou/, phone: +421 /2/ 3231 3214, by filing a complaint. In addition, you have the right to the provision of judicial protection. You can file a complaint with the supervisory authority as well as a lawsuit in court if you believe that your rights protected by the GDPR have been violated because of processing by TRIAD.

7. Exercise of rights against TRIAD

You can exercise your rights against TRIAD primarily electronically, by sending an e-mail to the address: osobneudaje@triad.sk, by post to the address Brigádnická 27, 841 10, Bratislava, Slovakia. If you contact us electronically, TRIAD will also respond electronically, because we are saving forests. However, you can ask us for another method of communication.

We will process your requests and respond to them as quickly as possible according to capacity and our capabilities, when according to the GDPR we must respond no later than 1 month after receiving the request. If necessary, we can extend this deadline by another two months, considering the complexity and number of requests. However, we will inform you about each extension within one month of receiving the request, together with the stated reason for the delay.

If we have doubts about your identity, we will ask you to provide us with additional information necessary to confirm your identity. The reason is the protection of your data, i.e. to prevent personal data from being passed on to a person who is not the person they claim to be.

We handle requests free of charge, but there are some exceptions:

Your request is unreasonable,
Your request is disproportionate,

when TRIAD concludes that one of the stated reasons has occurred, we will refuse to comply with the request or charge you a reasonable fee to cover the administrative costs associated with processing the request.

8. Cookie files

We use "cookies" files on our website to provide visitors with greater comfort when viewing them. "Cookies" are small text files that websites create on your device when you access them.

Our website uses the so-called "session cookies", as well as the so-called "persistent cookies".

Session cookies allow you to scroll through the individual tabs of our pages and remember any information you enter here. The session cookie is automatically deleted when you close your browser or shortly thereafter.

Persistent cookies enable these websites to remember your preferences and settings for your future visit and thanks to them, e.g. you don't have to log in all the time. Persistent cookies expire automatically after a certain set time.

Our website uses cookies that:

improve the performance of websites by collecting information about the way visitors use them (e.g. which bookmarks are most visited),
they increase the functionality of websites and bring them closer to you by allowing us to remember your previous choices. However, this information is not used to identify you or to remember where you have been on the Internet.
allow some tools to work, provide anti-spam measures and access to age-restricted content,
and enable some of our suppliers to provide services that they provide on our behalf in relation to the Websites.

„Cookies“ are not viruses. They are just text files that do not contain any program and therefore cannot be run as a program. The "cookies" file cannot be copied and distributed over the Internet. However, your internet browser sends them to the website they belong to every time you visit, and it is then displayed in your settings in the internet browser.

With the help of "cookies" files, we can also record general statistical data about the behaviour of visitors to these websites. Thanks to this, we can tailor them to your interests and requirements.

"Cookies" help us to identify a particularly popular or problematic part of the website, but it is not possible to link them to a specific user.

We also use "cookies" files for the purposes of your authentication, i.e. to eliminate the need to enter your personal identification data every time you access the website. At the same time, we also use them for the purpose of adapting the website according to your needs, i.e. e.g. for the website to continue to be displayed to you in the language of your choice or in a certain graphic design.

Of course, you can view these websites without cookies, but it is possible that some of their functions will be limited, and the comfort of use will be reduced. Most browsers accept these files automatically, but it is possible to prevent their storage by selecting the "do not accept cookies" option in the browser settings. You can also delete cookies that have already been saved on your device at any time. You can find out the exact setting of this function using the "help" of your browser.

By using the website, you agree to the use of "cookies" files in the above-mentioned manner.

9. Marketing and profiling

Marketing in TRIAD means sending newsletters that contain news from TRIAD, currently open positions in TRIAD, case studies, news from our blog and other information. The same applies if we perform this activity for our clients.

Profiling means when we automatically process your personal data and subsequently use them to evaluate some of your aspects, for example for the purpose of analysis or estimation, or analysing or predicting aspects related to her work performance, economic situation, health status, personal preferences, interests, reliability, behaviour, location or movement.

As an operator, TRIAD does not process personal data through profiling. Based on legitimate interest, TRIAD processes personal data for the purpose of marketing.

If you are not interested in sending marketing content, you can contact us at any time by e-mail at the address: osobneudaje@triad.sk .

You can also object to direct marketing based on our legitimate interest at any time.

10. Links to third-party websites

Websites, mobile applications and social media pages may occasionally contain links to websites operated by third parties, including partner networks and our group companies.

Please note that this policy only applies to and applies to personal data that we collect through our website, apps and social media pages or that we collect from external sources and that we cannot be held responsible for your personal data that is collected and stored by third parties.

Third-party websites have their own terms and privacy policies, which you should familiarize yourself with before submitting your personal data to these websites or applications.

We do not accept any responsibility for the content of these websites or the terms and conditions of these third parties.

11. Security

We pay great attention to the protection of personal data against loss, misuse, disclosure, alteration, unauthorized access, unavailability and destruction.

We have taken all reasonable preventive measures to protect the confidentiality of personal data, including appropriate organizational and technical measures, when

organizational measures include control mechanisms limiting physical access to our premises, employee training and locking of physical files in filing cabinets,
technical measures include the use of encryption, passwords to access our systems and the use of anti-virus software. Profiling and marketing are governed by the Terms and Conditions of the respective websites.

In TRIAD, only Triadians or contractual partners who need to know this data have access to personal data to be able to process it for us or if they provide the administrative background for us. Contractual partners are contractually bound by strict obligations to maintain confidentiality and secrecy.

12. Conclusion

In connection with changes in legislation and practice requirements, we may update and change this guideline in the future. Please return to this page regularly to check for updates or changes to our privacy policy.

The current directive is always accessible on the website https://meettriad.com/privacy-policy. In the event that, from our point of view, or from the point of view of the legislation, it is a fundamental change, we will explicitly inform you about it - by e-mail, or an icon will pop up alerting you to the change in the directive, which will be intrusive for you as long as you are not familiar with its content.

In case of questions regarding the protection of personal data, you can contact us at any time by e-mail: osobneudaje@triad.sk.

If you have any doubts about how we handle your personal data, we will be happy if you contact us so that we can eliminate your doubts and find a joint solution to your satisfaction, ours and the GDPR. If, despite this, you feel that we are violating your rights, you can proceed in accordance with Art. 6 point VIII.

Thank you for taking the time to read our privacy policy.