CONTACT
 

Legal

INFORMATION ABOUT COMPANIES (WELLBENS GROUP)

Wellbens Group is a group of consulting companies operating in Slovak republic and Czech Republic in various areas of consulting services and economic advice. Following companies are members of Wellbens group (all the companies listed below are jointly and at the same time each individually referred to as “WELLBENS“):

1. Wellbens s.r.o. is limited liability company (LLC) established under the laws of the Slovak Republic with its registered seat at Ružinovská 42, 821 03 Bratislava, Slovak Republic. Company is registered in the Commercial Registry of the Municipal Court Bratislava III, Section: Sro, Insert No.: 134640/B, ID No.: 52 073 815 (hereinafter referred to as the “WB“). Company is a VAT payer. Company VAT number is: SK2120924256.

2. Wellbens tax & accounting s.r.o. is a limited liability company (LLC) established under the laws of the Slovak Republic with its registered seat at Ružinovská 42, 821 03 Bratislava, Slovak Republic. Company is registered in the Commercial Registry of the Municipal Court Bratislava III, Section: Sro, Insert No: 138540/B, ID No.: 52 455 748 (hereinafter refer to as the “WBTA“). Company is not a VAT payer.

3. Wellbens finance s.r.o. is a limited liability company (LLC) established under the laws of the Slovak Republic with its registered seat at Ružinovská 42, 821 03 Bratislava, Slovak Republic. Company is registered in the Commercial Registry of the Municipal Court Bratislava III, Section: Sro, Insert No: 135460/B, ID No.: 52 237 630 (hereinafter refer to as the “WBFI“). Company is not a VAT payer.

The following companies are part of the WELLBENS group in the Czech Republic (all the companies listed below are jointly and at the same time each individually referred to as “WELLBENS“):

1. Wellbens s.r.o. is limited liability company (LLC) established under the laws of the Czech Republic with its registered seat at Kaprova 42/14, Staré Město, 110 00 Prague, Czech Republic. Company is registered at City Court of Prague, File No.: C 369128, ID No.: 172 65 312 (hereinafter referred to as “WBCZ“). Company is not a VAT payer.

2. Wellbens tax & accounting s.r.o. is a limited liability company (LLC) established under the laws of the Czech Republic with its registered seat at Kaprova 42/14, Staré Město, 110 00 Prague, Czech Republic. Company is registered at City Court of Prague, File No.: C 266045, ID No.: 055 70 093 (hereinafter referred to as “WBTACZ“). Company is not a VAT payer.

3.Eriboll s.r.o. is a limited liability company (LLC) established under the laws of the Czech Republic with its registered seat at Anny Rybníčkové 2796/17, Stodůlky, 155 00 Prague, Czech Republic. Company is registered at City Court of Prague, File No.: C 241898, ID No.: 040 65 506 (hereinafter referred to as “EB“). Company is a VAT payer. Company VAT number is:

4. Eriboll-daňový servis s.r.o. is a limited liability company (LLC) established under the laws of the Czech Republic with its registered seat at Pod Hájovnou 330, 267 05 Nižbor, Czech Republic. Company is registered at City Court of Prague, File No.: C 327206, ID No.: 088 97 450 (hereinafter referred to as “EBDS“). Company is not a VAT payer.

WELLBENS does not provide legal & tax advising services directly on the basis of a license, but at the provision of legal & tax advising services WELLBENS cooperates with the following entities, which are considered as members of WELLBENS group based on cooperation agreements:

1. For the area of the Slovak Republic:

Law office STEINIGER | law firm, s.r.o. is a limited liability company (LLC) established under the laws of the Slovak Republic with its registered seat at Jasovská 17, 851 07 Bratislava, Slovak Republic. Company is registered in the Commercial Registry of the Municipal Court Bratislava III, Section: Sro, Insert No.: 80481/B, ID No.: 47 238 135 (hereinafter referred to as “STEINIGER“). Company is a VAT payer. Company VAT number is: SK2023484177.

2. For the area of the Czech Republic:

Law office STEINIGER law firm, s.r.o. is a limited liability company (LLC) established under the laws of the Czech Republic with its registered seat at Národní 416/37, Staré Město, 110 00 Praha 1, Czech Republic. Company is registered at City Court of Prague, File No.: C 276050, ID No.: 060 96 476 (hereinafter referred to as “STEINIGER CZ“). Company is a VAT payer. Company VAT number is: CZ06096476.

Consistency and quality of cooperation is ensured by the personnel linking of all companies and by a cooperation agreement providing a guarantee of quality and liability insurance.

WELLBENS provides services for remuneration (fee). The amount and form of contract with WELLBENS and its member is agreed before provision of services in accordance with prior agreement between the contractual parties.

TERMS OF USE, IPR, Disclaimer

The internet domain wellbens.com and wellbens.sk (hereinafter referred to as “Website”) are operated by Wellbens s.r.o.</strong> is a limited liability company registered with Commercial register of the Municipal Court Bratislava III, Section: Sro, Insert No: 134640/B, ID Nr.: 52 073 815, Tax ID: 2120924256, VAT ID: SK2120924256, registered seat: Ružinovská 42, Bratislava 821 03, Slovak Republic (hereinafter referred to as “Company” or “Wellbens”). Each user of the Website is required to read these terms and conditions before using the Website. By using this Website, the user fully accepts these terms of use, agrees to respect the Company’s exclusive rights as well as the respective exclusion of liability as listed below. If you do not agree with these terms and conditions, policies, reservations or any of their parts, you must not use the Website.

  1. WEBSITE CONTENT

The information on this Web site is intended to provide users with the most important information about the Company and the Company’s services as well as other companies within the Group. All legal information about companies in the Wellbens group can be found here: Information about companies.

While we always make every effort to provide up-to-date and accurate information, we may encounter technical or informational errors on the Website. The content of this Website is provided on an “as is” basis, without guarantee of completeness, accuracy or timeliness, and without expressing, implying or impersonating any express terms, warranties or other contractual terms of any kind.

Company strives to enable constant and flawless access to the Website. However, Company does not hold any responsibility if for some reason Website does not function properly for any period of time. Access to Website may be suspended at any time without prior notice. We reserve the right to restrict access only to certain parts of Website, or even to the entire Website, at our sole discretion. In this context, it is forbidden to circumvent or attempt to circumvent any access restrictions on Website.

Materials listed on Website do not constitute legal or other expert advice. Before relying on information on Website, consult your professional advisor; in this regard you should not act upon or in connection with any information on Website without prior consultation with your legal and/or professional advisor.

 

  1. INTELLECTUAL PROPERTY RIGHTS

Website user accepts that Website, including, but not limited to, products, graphics, user interface, text content, logos, designs, databases and some parts of the source code, contains protected information and materials, the owner or the authorized user of which is Company or third party that has granted the Company the appropriate rights of use and which are protected by applicable intellectual property laws and other laws, including but not limited to, copyright. Website user agrees to use such proprietary information or materials solely for the purpose of using Website. Website user undertakes not to copy, reproduce, modify, rent, lease, re-publish, sell, distribute, download or create derivative works of Website, and agrees not to use Website in any unauthorized manner, including, but not limited to, unauthorized entry to any part of Website or overloading of network capacity. For any use of any protected information and materials, with the exception of the use of the Website in accordance with these Terms of Use, a prior written consent of Company must be obtained.

USER OF WEBSITE DOES NOT HAVE ANY LICENSING RIGHTS, NOR ANY OTHER INTELLECTUAL PROPERTY RIGHTS TO WEBSITE OR ANY OF ITS PARTS.

 

  1. RISKS ASSOCIATED WITH THE USE OF WEBSITE AND THE RESPONSIBILITY OF USER

Website user agrees to use Website solely at his/her own risk. User agrees that he/she is fully responsible for any damage to computer systems and/or any loss of data, even if such loss or damage is reasonably foreseeable. The user may not misuse the Website by knowingly introducing viruses, trojan horses, worms, logical bombs or other material that is harmful or can cause technological and/or other damage. User must not attempt to gain unauthorized access to Website, server on which Website is stored, or to any server, computer, or database connected to Website. User must not attack the Website through a denial-of-service attack, distributed denial-of-service attack, or any other attack threatening the functionality, security, or protection of Website, data or information, including Website user data. With respect to any such attack, Company is not liable for any loss or damage caused to user of Website or to any third party, as Company ensured that all reasonably possible (technical, organizational and legal) measures to prevent such attacks had been implemented.

 

  1. DISCLAIMER

USER UNDERSTANDS AND AGREES THAT THE COMPANY DOES NOT CARRY ANY LIABILITY FOR ANY ERRORS OR RESTRICTIONS WITH RESPECT TO THE CONTENT OF WEBSITE. COMPANY ALSO DISCLAIMS ANY LIABILITY FOR ANY DIRECT, INDIRECT OR CONSEQUENTIAL LOSS OR DAMAGE CAUSED TO ANY USER OF WEBSITE AS A RESULT OF USER USING OR ACTING UPON ANY MATERIAL AND/OR INFORMATION PUBLISHED ON WEBSITE. AS FAR AS PERMISSIBLE BY LAW, COMPANY EXCLUDES ANY LIABILITY TO USER AND TO ANY THIRD PARTIES IN RELATION TO THE WEBSITE CONTENT, BASED ON ANY LAW, CONTRACT, WARRANTY, LIABILITY FOR DAMAGE (EVEN IF CAUSED BY NEGLIGENCE) AS WELL AS IN CASE OF DIRECT, INDIRECT, CONSEQUENTIAL, SPECIAL, OR OTHER DAMAGE, EVEN IF THE COMPANY HAD BEEN ADVISED, SHALL OR SHOULD HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE OCCURING.

If the above statements are deemed to be invalid under the applicable laws, user of Website agrees that the total damage that (i) is causally attributable to the use of Website; or (ii) may arise solely as a result of errors or omissions in Website content, shall be fully compensated with the payment of a fine not exceeding the amount of the actual damage caused. Website User agrees that Company is not responsible for any direct, indirect, consequential, special or any other damages or lost profits exceeding the above mentioned fine.

 

  1. FINAL PROVISIONS

Company reserves the right to revise these Terms of Use at any time and undertakes to always inform user about the coming into force of the new terms of use directly on Website. Some provisions contained in these terms of use may also be replaced by provisions or notices posted elsewhere on Website.

These terms of use are governed and construed in accordance with the laws of the Slovak Republic, regardless of any conflicting principles. Any disputes or claims arising therefrom will always be decided by the relevant Slovak general courts.

Privacy policy and personal data protection policy

Privacy policy and personal data protection policy of Wellbens group (hereinafter referred to as the “Document”):

 

  1. CONTROLLER, DECLARATIONS AND GUARANTEES

Company WELLBENS (each hereinafter referred to as “Controller”) processes personal data of the data subjects in its systems of personal data. Controller is responsible for the protection of personal data processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter referred to as “GDPR”). Contact email address is info@wellbens.com.

As Controller cares about the protection of personal data and privacy of the data subject, it provides the data subjects not only with this comprehensive information about their data protection rights, but also with other information and explanations in order to provide a full transparency to the data processing and deepening mutual trust, in accordance with the provisions of Article 14 of GDPR.

Controller assures the data subject that it never sells or otherwise commercially does uses the personal data obtained from the data subject within a business cooperation with any third party and never discloses personal data without an expressed individual’s written consent or a similar authorization provided by data subject.

Controller assures the data subject that it will never provide any personal data that is subject to processing in a Third Party’s personal data information system without the Controller first obtaining a specific written consent or sufficient written authorization; this shall not apply if Controller is obliged to provide personal data to the authorized state authorities in the exercise of their legal powers even without the consent of the data subject to applicable special laws, such as Money Laundering Act and other respectable laws, that may be subject to the lawful processing of the personal data.

Controller declares, that it processes the minimum personal data necessary to achieve the purpose of processing, which is defined primarily by the need to provide the legal services, taking into account the time period of the processing as well as the extent of the data that is subject of processing. Controller guarantees data subject safe and irreversible erasure of the personal data without delay after the end of the purpose of processing.

Controller declares that in relation to the processing of personal data, there will be no decisions based solely on automated means of processing personal data, nor any kind of profiling in regards of the Article 22 (1) and Article 22 (4) of GDPR.

Controller warrants the data subject with an increased discretion and protection of their privacy by providing a special contractual liability of his employees and other co-workers for breach of confidentiality and unlawful disclosure of information related to the provision of its services, including the personal data of clients or other physical persons involved in the business affairs.

Controller declares that he has taken reasonable technical, organizational and personnel measures to ensure the security of the processing of personal data, which are documented in GDPR Compliance project, whereby both standard and specific protection of personal data under Article 25 of GDPR are ensured (“privacy by default and privacy by design” measures).

Controller declares that v any personal data breach that might lead to high risk for rights and freedoms of the data subject shall be communicated to the data subject involved to this data breach, if any occurs, as required by Article 34 of GDPR.

 

  1. PURPOSE OF PROCESSING, SCALE OF THE DATA COLLECTED AND THE LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA

Controller processes personal data under the purposes of providing services under Act on trading Coll. No. 455/1991 as individual Controller.
The purpose of processing the personal data is the provision of services.

Data subject for the purposes of the Document is any physical person whose personal data are processed for the purpose of providing services irrespective of its procedural or contractual status in relation to Controller.

The legal basis for the processing of personal data for the purpose of Section 2. – Point 2. of this Document is Act on advocacy.

If you have given Controller consent to process your personal data, then the legal basis for their processing is given this consent. It is our interest to stay in touch with each other. This way, we can keep you informed about news and updates concerning our firm, as well as send you professional articles we publish. For this purpose, we hereby give you the opportunity to express your consent to the processing of your personal data for marketing purposes via Newsletter subscription.

If you grant your consent, it will be in full force and effect until your consent is revoked. We process your personal information in the following scale: email address.

You may withdraw your consent to the processing your personal data free of charge by sending a request to the email address info@wellbens.com, the withdrawal of your consent will not affect the lawfulness of the processing of your personal data made prior to its withdrawal.

 

  1. DURATION OF PERSONAL DATA PROCESSING

Controller processes the personal data during the duration of the legal services provided by the firm. Upon termination of the provision of services, the entire database, in particular all documents which have been entrusted to Controller by the client or which were given to Controller, are handed over to the client on the basis of the transmission protocol.

In the case of the processing of personal data on the basis of consent, personal data will be processed from the date of such consent until the moment of its withdrawal.

 

  1. IDENTIFICATION OF CONTROLLERS, SUBCONTRACTORS AND THIRD PARTIES

Controller when processing personal data of data subject for the purposes of Section 2. of this Document, uses the following trusted and professionally competent business partners capable of guaranteeing the security of personal data processing of data subject, who have, within the meaning of Article 28 of the GDPR, the status of processor:

  • accounting firm for the purpose of providing accounting, billing and payroll accounting services;
  • business IT management company, for the management and maintenance of IT systems and IT security;
  • a web hosting company to manage the web site and web components of Controller.

Controller may involve other partners in process the personal data only after obtaining a prior written consent from the data subject. These partners are considered as independent controllers:

  • a company authorized to carry out auctions and commission sales.

According to the nature of the matter, factual state or the legal obligation, Controller might be obliged to provide the personal data without a prior written consent from data subject to third parties, mainly:

  • to the state authorities acting under the “Anti-money laundering Act”;
  • to the Attorney Association under the conditions established by the Act on advocacy;
  • to the General Courts regarding to cases regulated by the specific acts (for instance the Criminal Code, the Civil Procedure Code, the Administrative Procedure Code);
  • to the Constitutional Court and its proceeding and on position of its judges;
  • to the state authorities acting under the Criminal Procedure Code as amended and under the Criminal Code as amended;
  • to the European Court of Justice and to the European Court of Human Rights;
  • to the respective law officers and enforcement agents under Execution Code as amended;
  • to the insolvency administrators;
  • to the notaries under the Notary Code as amended;
  • to the Ministry of Justice under the Public sector registers Act as amended;
  • to the courts’ interpreters and translators in the extent necessary for the proper performance of their activities;
  • to the courts’ experts in the extent necessary for the proper performance of their activities;
  • to the banks under the Act on banks as amended;
  • to any other state authorities as may be required by the respective legislation.

 

  1. TRANSMISSION OF PERSONAL DATA TO A PARTNER LAW FIRM

In case the data subject requests Controller to provide legal services in the Slovak Republic, the data subject grants Controller a power of attorney to represent the data subject in proceedings conducted before public authorities or other authorities acting in the Slovak Republic, the Controller shall provide the personal data of the data subject to its partner law firm – STEINIGER | law firm, s. r. o., registered seat: Jasovská 17, 851 07 Bratislava, Slovak Republic, ID No.: 47 238 135, registered in the Commercial Register of the District Court Bratislava I, section: Sro, insert no.: 80481/B, as the recipient of personal data.

Our partner law firm act as independent data controller of personal data for the purpose of providing legal services. The provision of personal data is based on a specific contractual agreement as stipulated above.

 

  1. THE SCOPE OF THE PROCESSED PERSONAL DATA

Controller processes personal data of data subjects in the extent that is necessary to achieve the purpose for which the personal data is being processed. In general, we process all personal data that are necessary and are an integral part of documents constituting the file of a particular client, including related electronic documents, and electronic mail.

Controller also processes particularly sensitive personal data belonging to a specific category of personal data within the meaning of Article 9 of GDPR in the extent necessary to prove, apply or defend any claims before competent public authorities. Internal processes and measures adopted by Controller are meant to ensure the security of the personal data being processed with an increased emphasis on the protection of this specific category of personal data.

 

  1. PRIVACY POLICY WHEN USING A WEBSITE

Controller currently on website www.wellbens.com or on relevant national domains, such as www.wellbens.sk which only functions as its language mutation with relevant content in an appropriate language uses cookies. A cookie file is a small text file that the web site saves on your computer or mobile device while being browsed. Thanks to this file, the web site retains information about your steps and preferences (such as your login name, language, font size, and other delivery settings) for a certain time, so you do not have to retype it for the next time you visit the web site or browse its individual sub-pages.

Controller uses its own cookies (i.e. first party cookies) in order to optimize the functions of the website and better user comfort of website’s visitors, as well as foreign cookies (i.e. third party cookies) to display so called behavioral advertising.

The website also uses so called short-term cookies which are after the usage of the internet browser is finished automatically erased from computer system of the data subjects or of other program applications’ end users. However, in some cases processing of the so-called long-term cookies may occur. Long-term cookies remain in end user’s equipment, while they allow Controller to recognize that the web site is being re-visited by the end-user device, this however  depends on the settings made by the user of program application associated with e.g. remembering the default password for the program application.

Controller informs data subjects and all visitors of the website about the fact that all the cookie files which the website can store in the terminal equipment of any visitor of the website can be controlled and deleted. Appropriate setting of the internet browser may ensure effective and complete prevention of cookie file usage. Concrete information and instructions on setting of certain type of internet browsers are available here: About Cookies (How to control cookies) and information on erasing cookies from the user’s technical device user can be found here: About Cookies (How to delete cookies). In some cases, you may wish to turn on a feature that is commonly referred to as “tracking protection” in an internet browser.

Controller informs data subjects that if the internet browser used by the end-user device to access and browse the content of the website allows the website to use cookies file, then Controller is entitled to deem that as valid legal consent of the end user of technical device into which the cookies file is stored in compliance with the (proposal) Regulation of the European Parliament and EU Council on privacy and data protection in electronic communications and repealing Directive 2002/58/EC (Directive on privacy and electronic communications (hereinafter referred to as the “e-Privacy Regulation“) was granted.

Controller informs Data subjects that in case of so-called third-party cookies that are used to display a behavioural advertisement, the website will require an explicit consent from data subject before installing these cookies on the device of end-user of the website.

Controller of the website also uses web analytics service from company Google Inc., however, Controller does not process any personal data, neither any other identifiers usable for indirect identification (e.g., IP address) of data subjects. This does not mean that personal data are not processed by the company Google Inc., which is a provider of services – Google Analytics and Google AdWords.

Google Analytics and Google adWords use cookies type files, which are stored on device of end-user of website (computer, tablet, smartphone) to analyse your behaviour. Google anonymizes the part of the IP address linking to device of end-user of website immediately when it is being acquired what leads to the strengthening the data subject privacy protection. Google Inc. uses the information obtained during the data subject’s usage of the website to evaluate the use of the website by users and to issue reports on activities conducted on the website and to provide Controller with additional services associated with the website and the internet usage. This processing of data by Google Analytics and Google AdWords can be prevented by the adequate settings of the internet browser in which you install the browser plug- in available using the following link: Google Analytics – Opt out.

Controller can use Google Analytics and Google AdWords to generate online advertising through remarketing, i.e. outputs from Controller’s marketing communication may be displayed by different providers of digital service and of internet content including Google Inc., on various internet web sites which in the future, after the end of the Website visit, will be displayed on the device of end-user or data subject.

Controller also uses Google Analytics reports to ensure more effective marketing communication, which may lead to processing of demographic characteristics and interests concerning data subject (e.g., age, gender, interests) acquired by company Google Inc., which may also be used by Controller. Controller will hereby not process personal data of data subject during the data processing by using Google Analytics because Controller will not dispose with adequate identifier, which would enable direct and indirect identification of data subject.

Display of personalized advertisement banners by Google may be rejected by data subjects who use website via the following Google Ads control.

Any other information on the use of data by company Google Inc in the context of this website usage may be found here: Google – Privacy – Partners.

Controller indicate to data subjects that if data subject is signed into internet services provided by company Google Inc during the visit or the usage of website, Google Inc may process personal data of the data subject. Controller does not affect, have impact on or participate on such data processing provided by Google Inc.

Company Google Inc. is in relation to usage of website by data subjects a third person in a position of an independent controller. More information on data privacy policy adopted by Google Inc can be found here: Google – Privacy.

 

  1. SOCIAL NETWORKS

The official web site of Controller is: www.wellbens.com (and the relevant national domains, such as www.wellbens.sk, which only functions as its language mutation with relevant content in appropriate language). Controller’s official web site contains a number of additional modules (plugins) referring to the official Controller profiles set up on social networks websites operated by independent operators in position of a third party controller. These modules (plugins) can be activated via interaction initiated by the data subject (click on a pictogram belonging to social network Facebook, Twitter, LinkedIn, Google+). If the data subject does not interact by clicking on pictogram, the plugins will not by activated and any data will not be processed. In case of initiating any of the listed plugins referring to Controller’s profiles created on the social networks, the data of the data subject may be processed by relevant controller of the social network. Controller does not affect, have impact on such data processing except the part within which Controller is capable of processing the content of Controller’s site created on the relevant social network under the terms of usage of the certain social network. Information about processing of the personal and other data of data subjects by social network operators can be found here:

Facebook – Privacy

Twitter – Privacy

Linkedin – Privacy

Google – Privacy

Controller respects and comply with privacy policies adopted by the social network controllers specified in this Section of this Document. Controller manages its official profiles on the social networks specified in this Section and ensures the prompt and immediate removal of any offensive, abusive, hateful, vulgar, sexual, or extremist manifestations of other social network users that cannot be considered compatible with the exercise of the constitutionally enshrined freedom of expression in democratic society.

The Controller does not use the social networks to obtain any other information and personal information about registered members of the social network, such as information and personal data provided or provided by the operator and/or published by the data subject within the data subject’s profile on the social network specified in this Section. The operator does not in any way use (in particular, does not acquire, disclose, store, share, disclose) any information or personal data that the person concerned states on his / her own

Controller does not use social networks specified in this Section to facilitate marketing communication, but exclusively for informational and educational purposes about its activities and about the daily functioning of its team and professional focus.

 

  1. CCTV

Controller monitors by cameras premises located in the interior of Controller’s office located at Ružinovská 42, 821 03 Bratislava, Slovak Republic (hereinafter referred to as “Office”) under the provisions of Article 6 (1) letter (f) of GDPR for the purposes of asset protection, crime prevention as well as support for the internal security measures of Controller.

 

  1. ACCESS OF CONTROLLER TO CLOUD SERVICES

Controller currently uses services of cloud computing service providers, primarily in the area of cloud infrastructure as a services (IaaS), cloud-based software as a service (SaaS), while data storage, including personal data on remote virtual servers of cloud services provider or other processing operations of personal data of data subjects are being carried out. When using cloud computing services, Controller eliminates risks associated with potential leak of personal and confidential information in the greatest possible extent. For this purpose, Controller uses only verified providers of such services, who use advanced security solutions and comply with the strictest safety standards.

Controller currently also uses its own data storage and own modern IT infrastructure, which provides clients with sufficient user comfort and the security of their data, including personal data.

In the case of cloud services usage, Controller is committed to:

  • use cloud computing services only in justified cases, which with regard to the purpose of achieving the work objectives, costs, competitiveness and innovation cannot be equally effectively achieved by other means;
  • using only verified cloud service providers capable of providing real and legal guarantees in order to achieve a sufficient level of security;
  • to review cloud service providers under the internal rules set by the internal safety directive;
  • conclude an agreement on guarantees of services availability (i.e. SLA – Service Level Agreement) and on confidentiality compliance with the cloud services providers and contracts which are in compliance with the requirements of personal data protection under Article 28 (3) of GDPR;
  • not to use cloud computing services that may lead to the cross-border transmission of personal data to third countries not guaranteeing an adequate level of personal data protection except for the entities with their registered seat in the USA, which are certified in the system “Privacy Shield”.

 

  1. CROSS-BORDER TRANSMISSION OF PERSONAL DATA

Controller will not perform any cross-border transmission of personal data obtained from the data subjects to a third countries which does not provide an adequate level of personal data protection.

None of the personal data that will be processed by Controller’s business partners listed in Section 4. of this Document shall be transmitted from the territory of the Member States of the European Union to third countries.

 

  1. SOURCE OF PERSONAL DATA

The source of personal data, which are the subject of Controller’s data processing for the purpose of Section 2 of this Document, is primarily always the data subject or other natural or legal person authorized to act on behalf of data subject based on written power of attorney or agreement, who is in position of a client in relation to Controller.

Personal data which are the subject of data processing for the purposes of Section 2 of this Document may also come from:

  • publicly available resources or from information sources of third parties if Controller has legal entitlement to obtain them when providing services;
  • procedural acts and documents of third parties that are being executed within various legal proceedings in which Controller participates;
  • procedural acts and documents of an advocate presuming that the advocate was in a certain legal matter awarded a substitute power of attorney by Controller, to execute legal services acts.

 

  1. INFORMATION AND GUIDANCE ON RIGHTS OF A DATA SUBJECT

Controller cares for protection of your personal data, therefore, Controller seeks to ensure strong security through individual, modern, technical and organizational security measures, as well as through the ability to enforce rights of data subject under GDPR, any time using a written, signed application from which your identity and the right you are applying for are clearly stated. The application for the exercise of the data subject´s rights may be addressed to Controller’s address of its registered seat. In case of any questions relating to the exercise of your rights as a data subject, please, do not hesitate to contact us. The contact details are listed in Section 1 of this Document.

Since May 25, 2018, you are entitled to new rights that should provide you with more effective control and overview on your personal data processed by our company in a position of Controller. Specifically, it is the right to data access (GDPR, Article 15), the right to rectification (GDPR, Article 16), the right of deletion (GDPR, Article 17), the right to limit the processing (GDPR, Article 18), the right for accuracy of data (GDPR, Article 20). As a data subject you also have the right to file a complaint at any time to the supervisory authority – more information can be found at www.dataprotection.gov.sk

With regard to the terms of personal data processing adopted by Controller, we would like to inform you that you are not entitled to object individual decisions based on automated processing (GDPR, Article 21 and Article 22) because we do not execute any such processing operations with your personal data. The purpose of the information mentioned above does not deter you from exercising your rights, but to provide you some guidance for the purpose of a more efficient handling of this agenda.

Every request for the exercise of the data subject rights of the under GDPR can be done using a written and signed application letter sent on the address of Controller’s registered seat. Please note that when processing your request, we may ask you for a trusted verification of your identity in case you request us to exercise your right in any other way than by a written letter with your own signature (e.g. by e-mail application) or personally at Controller’s headquarters.

Enforcement of your rights as a data subject stated in Section 13 of this Document may also be done at Controller’s premises, however, personal verification of your identity by submitting your Identification Card is always required.

In case, we process your personal data based on your consent to personal data processing, you always have the option to withdraw this consent at any time, even by e-mail sent from the e-mail address which is being processed with your other personal data and information.

Every application for the exercise of the data subject’s rights delivered to us will be individually and competently assessed, while we will inform you about the results of your application within one month of receipt of your application at the latest. Processing your application associated with the exercise of your data subject’s rights under GDPR is free of charge. If the response to your application is not in line with your opinion, you are, pursuant to GDPR, entitled to file a complaint to the supervisory authority (www.dataprotection.gov.sk) or reach for judicial protection directly at the adequate court.

In case you have any questions regarding your personal data protection and exercise of your rights, please do not hesitate to contact us through the contact details posted at our website www.wellbens.com.

Controller is entitled to limit the exercise of the data subject’s right under certain legally set conditions, mainly if requested personal data (information) must remain confidential under the obligation of professional secrecy pursuant to individual agreements.

 

  1. CONTACT INFORMATION OF A RESPONSIBLE PERSON

Controller has entitled the supervision of the personal data protection to its employee, who is a Controller’s contact person for the personal data protection.

If you have any questions regarding the issue of personal data protection and the privacy protection or regarding the application for exercise of the data subject’s rights, you may directly contact Controller’s responsible person via following e-mail: info@wellbens.com.

 

Contact information on the supervisor authorities are as follows:
For Slovak Controller:

Úrad na ochranu osobných údajov Slovenskej republiky
Hraničná 12
820 07 Bratislava
+421 /2/ 3231 3214
statny.dozor@pdp.gov.sk

Approved in Bratislava, Slovak Republic, on February 2, 2019
Mgr. Lukas Steiniger
Managing director of Wellbens s. r. o. and Wellbens tax & accounting s.r.o.

COMPLIANCE AND REGULATION

We comply with all legal obligations and standards without exception, but we also always apply a standard of reasonableness. We make sure that our clients comply with all regulations in such a way that we do not endanger our, nor our client’s activities in any way. We always make sure that we provide our clients with a reasonable degree of protection in order to protect their interests.

For that matter we always keep track of the latest obligations and trends in compliance and regulation.
NON-DISCLOSURE AND CONFIDENTIALITY

Security of the entrusted information of our clients is crucial to us. We treat confidentially all sensitive information we obtain from our clients during the course of our dealings as well as after them if applicable. We do not disclose any confidential information unless we obtain a permission from our client to do so. In certain cases defined by law, however, there are exceptions to the obligation to maintain confidentiality. Such an exception, for example, is a situation where we are obliged to prevent a client from committing a criminal offense.

 

MONEY LAUNDERING / LEGALIZATION OF INCOME FROM CRIME

We specialize in the field of legislation on prevention of money laundering and terrorist financing and therefore we are well aware of our responsibilities. In certain very limited cases defined by law we have the responsibility to verify the identity of our clients, their corporate structure, end-users of benefits, and other required information for the purpose of preventing money laundering and terrorist financing. If circumstances and national legislation requires, we may be obliged to report suspicious transactions to the appropriate local authorities. At the same time, however we strive to observe the confidentiality of the information provided by our clients as much as legally possible. The confidentiality of our clients’ information is our primary goal.

In order to comply with our obligations to prevent money laundering and terrorist financing, we have developed our own standards and projects (programs) that have been incorporated into our internal client contracting processes.

 

ANTI-CORRUPTION LEGISLATION

Corruption, bribery, and other similar acts are considered criminal in all democratic and rule of law-abiding states. At Steiniger, we care about honest behavior when providing our legal services, at every stage and in every action we take. This attitude is integral to every member of our team. Without exception we condemn any behavior contrary to our policies and rules. In the same way, we approach our clients and we reserve the right to immediately resign from our attorney mandate if we are to be subjected to criminal charges as a result of our legal services being provided to a client who violates criminal law provisions.

 

DATA PROTECTION AND IT SECURITY

When it comes to protecting data, managing IT security and communication with our clients, we use state-of-the-art technology to make sure that we meet the highest present day standards. To this end, we are constantly training in IT security and have an advanced IT support team at or disposal. We have a strict policy on upgrading our hardware and software, and we always make sure that the same standards are applied by all our employees and partners.

For more details on data protection, please read our Privacy Policy.

If you are or would like to become our client, we are happy to discuss our compliance standards in a greater detail with you.