top of page
logo bez pozadia.png

Data Protection

 
lanterns3.png
lanterns3.png
ORGANIZATIONAL DIRECTIVE FOR THE PROCESSING AND PROTECTION OF PERSONAL DATA IN THE ORGANIZATION

AI Kauthar Academy, o.z., sídlo: Sládkovičova 1176/18, 900 28 Ivanka pri Dunaji, IČO: 56238380, číslo registri v registri mimovládnych organizácii: VVS/1-900/90-69895.

 

  1. Legal Framework

The protection of personal data at the civic association AI Kauthar Academy, o.z., registered office: Sládkovičova 1176/18, 900 28 Ivanka pri Dunaji, Company ID (IČO): 56238380, registration number in the Registry of Non-Governmental Organizations: VVS/1-900/90-69895 (hereinafter referred to as the “Association”) is ensured in accordance with the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter also referred to as the “Regulation”), and Act No. 18/2018 Coll. on the Protection of Personal Data and on the Amendment and Supplementation of Certain Acts (hereinafter also referred to as the “Act”).

  1. Data Controller

2.1. The data controller of personal data is the Association (hereinafter referred to as the “Controller”).

2.2. The Association is a civic association established pursuant to Act No. 83/1990 Coll. on Association of Citizens, as amended. The Association was founded with the primary goal of developing and supporting the personalities and moral awareness of young people and supporting the older generation.

2.3. For the purpose of fulfilling its mission, the Association creates educational clubs and activities, through which it engages interested parties from the general public. Members of the public participate in these activities by registering and being physically present at the location of the activity or by registering online and participating online on the Association’s website, according to the conditions set by the Association for participation in these courses and events (hereinafter also referred to as the “Association’s Activities”).

  1. Purpose of Processing Personal Data

3.1. The purposes of processing personal data by the Controller are:

  • Precise determination and identification of the natural person whose data are being processed (hereinafter referred to as the “Data Subject”) who participates in the Association’s Activities and benefits associated with it;

  • Addressed provision of services that the Association provides to individuals in connection with the Association’s Activities;

  • Obtaining non-personalized statistics about persons who use the Association’s Activities, for the purpose of improving these activities in the future;

  • In the case of courses for youth, providing feedback to parents about their children’s activities in the course of participation in the Association’s Activities;

  • Other obligations arising for the Controller from applicable legal regulations of the Slovak Republic and the EU.

  1. Rights and Obligations of the Data Subject

4.1. The Data Subject has the following rights:

  • The Data Subject has the right to withdraw consent to the processing of personal data concerning them at any time when consent was given. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal; before giving consent, the Data Subject must be informed of this fact. The Data Subject may withdraw consent in the same manner as it was given.

  • The Data Subject has the right to request from the Controller access to personal data concerning the Data Subject, the right to rectification of personal data, the right to erasure of personal data, the right to restriction of processing, the right to object to processing, as well as the right to data portability.

  • The Data Subject has the right to have the Controller erase personal data concerning them without undue delay. The Controller is obligated to erase personal data without undue delay if the Data Subject exercises the right to erasure under letter (a), if: a) the processed personal data are no longer necessary for the purpose for which they were collected or otherwise processed; b) the Data Subject withdraws consent under § 13(1)(a) of the Act or § 16(2)(a) of the Act, on the basis of which the processing of personal data has been carried out, and there is no other legal basis for processing; c) the personal data are processed unlawfully; d) erasure is required to fulfill an obligation under the Act, a special regulation, or an international treaty binding on the Slovak Republic; or e) the personal data were collected in connection with the offering of information society services under § 15(1) of the Act.

  • The Data Subject has the right to have the Controller restrict the processing of personal data if: a) the Data Subject contests the accuracy of personal data, for as long as it allows the Controller to verify the accuracy of personal data; b) processing is unlawful and the Data Subject contests erasure of the personal data and instead requests restriction of their use; c) the Controller no longer needs the personal data for the purpose of processing, but the Data Subject needs them for the establishment, exercise, or defense of legal claims; or d) the Data Subject objects to processing under § 27(1) of the Act, until it is verified whether the Controller’s legitimate grounds override those of the Data Subject. The Controller must inform the Data Subject before lifting the restriction on processing personal data.

  • The provisions of point 4.1 do not apply if processing of personal data by the Controller is necessary to fulfill an obligation under the Act, a special regulation, or an international treaty binding on the Slovak Republic, or to perform a task carried out in the public interest or in the exercise of official authority vested in the Controller.

4.2. The Data Subject has the following obligations:

  • Provide the Controller with truthful and up-to-date personal data.

  • In the event of changes to personal data, promptly notify the Controller of the change.

  • Upon request by the Controller, provide verification of the authenticity of the Data Subject’s identity or the authenticity of the personal data provided.

  1. Rights and Obligations of the Controller

5.1. The Controller has the following rights:

  • To verify the authenticity of the Data Subject and the authenticity of the personal data provided at any time if there is suspicion regarding their authenticity.

  • At any time, in case of any suspicion of the Data Subject’s identity falsification, falsification of personal data, or misuse of another individual’s personal data, to terminate processing of personal data. In such a case, the Controller will consider all circumstances of the suspicion and, if it arrives at an indisputable conclusion that there has been misuse of another individual’s personal data, will report this fact to the public authorities.

5.2. The Controller has the following obligations:

  • To process personal data in a manner that ensures appropriate security of personal data, including protection against unauthorized processing, unlawful processing, accidental loss, erasure, or damage, by means of appropriate technical and organizational measures.

  • To process the personal data of the Data Subject only for the purposes for which they were requested by the Controller and for which the Data Subject granted consent, or that are required by applicable legal regulations of the EU and the Slovak Republic.

  • Upon request of the Data Subject, to erase the processed data of the Data Subject.

  • To retain the personal data of the Data Subject only for the period necessary to achieve the purpose of processing the personal data and for as long as the Data Subject has given consent to the processing of personal data.

  • To maintain confidentiality regarding personal data being processed. The obligation of confidentiality continues even after processing of personal data has ended.

  • To retain personal data for the period necessary to fulfill obligations under the Act, a special regulation, or an international treaty to which the Slovak Republic is bound, or to fulfill a task carried out in the public interest or in the exercise of official authority vested in the Controller.

  1. Retention Period of Personal Data

Personal data will be retained for the duration of the purpose for which they were requested by the Controller and for which the Data Subject gave consent, or as required by applicable legal regulations of the EU and the Slovak Republic; at most for 12 months after the reason for which they were requested by the Controller or the obligation imposed by applicable legal regulations has ended.

  1. Specific Rules for Protection of Personal Data of Registered Users of the Association’s Website www.alkautharacademy.sk

7.1. Purpose of Providing Personal Data

The purpose of providing personal data by the Data Subject registered as a user on the website www.alkautharacademy.sk (hereinafter also referred to as the “Website”) is to utilize the benefits that the Website offers to registered users, and to fulfill obligations imposed by law on the Website and its operators.

7.2. Registered User

A registered user (hereinafter also referred to as the “Registered User”) is any natural person (Data Subject) who registers on the Website by filling out a registration or other form permitting them to use the benefits provided by the Website beyond those freely available (without registration). By registering on the Website, each Registered User voluntarily consents to the processing of their personal data to the extent stated in these specific rules (hereinafter also referred to as the “Rules”). In the event of disagreement with the processing of personal data, it is not possible to register on the Website and use the benefits provided to Registered Users; however, access to areas of the Website not reserved exclusively for Registered Users remains available.

7.3. Age of the Registered User

Persons younger than 18 years may also register, but only on the condition that a parent or legal guardian (a person with parental rights and obligations) concurrently gives consent for registration and processing of personal data in the registration form. By giving consent, the parent also consents to the processing of their own personal data and the personal data of the minor whose registration they confirm.

7.4. What Data Are Required for Registration on the Website

Every user who wishes to register must complete the registration form. The registration form may contain mandatory data and optional data. Mandatory data are those personal or other data without which registration on the Website is not possible. Optional data are those personal or other data that are not a condition for registration, and the user who wishes to register may choose whether or not to provide them.

7.5. When Processing of Personal Data Begins

Processing of personal data begins at the moment the user completes the registration form and submits it to the Website (depending on whether the Website allows the form to be submitted to the Website or only filled out electronically on the Website).

7.6. For What Purposes the Processed Personal Data of a Registered User Will Be Used

7.6.1. The personal data of the Data Subject as a Registered User, in addition to the purposes indicated in point 3 of these Rules, will be used for administrative and other purposes related to website operation and the provision of benefits associated with registered membership. For this purpose, the Website is entitled to provide third parties with the personal data of Registered Users to the necessary extent, primarily to data processors or providers of software and IT services related to operating the Website.

7.6.2. For statistical insights related to the free offerings of the Website or the benefits associated with registered membership.

7.6.3. For certain benefits of the Registered User connected mainly with the direct participation of the Registered User in a benefit, and for written, audio, audiovisual, or other input, personal data, including written, audio, audiovisual, or other depictions and recordings, may be created. Therefore, if a Registered User does not want such recordings related to their person and personal data for a given benefit to be used or created, they must not use that specific benefit. By using it, the Registered User confirms their consent to the processing of the data specified in this point in relation to such specific benefit that the Registered User begins to use.

7.6.4. For other purposes connected with a particular one-time or recurring event or benefit available to registered or unregistered users, such as lectures, discussions, competitions, etc.

7.7. Validity and Effectiveness

These personal data protection rules were adopted on 20 July 2021 and come into effect on 20 July 2021.

 
Learn with us!

About us

  • Facebook
  • Instagram

Courses

Contact

FAQ

Blog

Become a volunteer

Protection of personal data

Cookies

Contact us

Thanks for writing!

tea drinking.png

Disclaimer: The views, findings and conclusions expressed in these articles and articles are strictly those of the authors. Al Kauthar further does not endorse any personal opinions of the authors on any platform. Our team is diverse on all fronts and enables a constant enriching dialogue that helps us create only the best research.

© 2021 AlKauthar Academy

bottom of page