Privacy Policy

How do we protect your privacy?

We do everything we can to make you feel safe with us. In this document, you will find all the information you need about how we protect your privacy: what data we collect, how we use it, the measures we take to protect your data, and the rights you have in relation to processing.

Who are we and where can you contact us?
The controller for the processing of your personal data is:
→ Ci investment s.r.o.
→ so sídlom: Levočská 866/10, 05801, Poprad
→ CIN: 52 234 380
→ (hereinafter referred to as the "Company")

The company is registered in the Commercial Register of the District Court of Prešov, Section Sro, Insert No. 37826/P

If you have any questions about this document or the use of your personal information, or if you wish to exercise your rights described in this document, you may contact us by email at [email protected] or in writing at our company address.

When processing personal data of its employees, clients, customers, or business partners (hereinafter referred to as the "data subject"), the Company acts as an information systems (hereinafter referred to as "IS") controller. 

Consent to the processing of personal data for the purpose of accessing the Invest Club.
Týmto ako dotknutá osoba udeľujem spoločnosti Ci investment group, s.r.o. so sídlom Levočská 866/10, 058 01 Poprad, IČO: 52 234 380 (ďalej len ako „spoločnosť“) súhlas so spracúvaním mojich osobných údajov v rozsahu mojej e-mailovej adresy a môjho telefónneho čísla za účelom prístupu do Invest Clubu, v rámci ktorého budem mať k dispozícii ponuky a informácie určené pre registrovaných investorov, prípadne registrovaných potenciálnych investorov spoločnosti. Tento súhlas udeľujem na obdobie 10 rokov od udelenia súhlasu. Zároveň beriem na vedomie, že svoj súhlas môžem kedykoľvek odvolať písomnou formou na vyššie uvedenú adresu sídla spoločnosti, či elektronicky na e-mailovú adresu: [email protected] Súčasne beriem na vedomie, že odvolanie súhlasu nemá vplyv na zákonnosť spracúvania vychádzajúceho zo súhlasu pred jeho odvolaním. (pozn. e-mailový kontakt sa považuje za osobný údaj iba v prípade, ak nie je všeobecný, a teda je možné na jeho základe identifikovať konkrétnu osobu).

Consent to the processing of personal data for the purpose of sending you news about our company's investments.
Týmto ako dotknutá osoba udeľujem spoločnosti Ci investment group, s.r.o. so sídlom Levočská 866/10, 058 01 Poprad, IČO: 52 234 380 (ďalej len ako „spoločnosť“) súhlas so spracúvaním mojich osobných údajov v rozsahu mojej e-mailovej adresy a môjho telefónneho čísla za účelom zasielania všetkých informácií vrátane marketingových ponúk ohľadom aktuálnych produktov a služieb spoločnosti prostredníctvom e-mailu, ktorý som uviedol/uviedla. Tento súhlas udeľujem na obdobie 10 rokov od udelenia súhlasu. Zároveň beriem na vedomie, že svoj súhlas môžem kedykoľvek odvolať odregistrovaním sa z odberu noviniek a ponúk (odkaz na možnosť odregistrovania sa bude súčasťou každého e-mailu, ktorého obsahom bude zaslaná marketingová ponuka). Súčasne beriem na vedomie, že odvolanie súhlasu nemá vplyv na zákonnosť spracúvania vychádzajúceho zo súhlasu pred jeho odvolaním. (pozn. e-mailový kontakt sa považuje za osobný údaj iba v prípade, ak nie je všeobecný, a teda je možné na jeho základe identifikovať konkrétnu osobu).

Consent to the processing of my personal data, including special categories of personal data, for the purpose of identity verification and fraud prevention.
Týmto udeľujem spoločnosti Ci investment group, s.r.o. so sídlom Levočská 866/10, 058 01 Poprad, IČO: 52 234 380 (ďalej ako Prevádzkovateľ“) súhlas s tým, aby spracúvala moje osobné údaje získané nasnímaním dokladu totožnosti, vrátane osobitnej kategórie osobných údajov - konkr. biometrické charakteristiky mojej tváre na základe mnou vyhotoveného obrazovo-zvukového záznamu za účelom zistenia a overenia totožnosti, predchádzania podvodom a plnenia iných povinností podľa zákona č. 297/2008 Z. z. o ochrane pred legalizáciou príjmov z trestnej činnosti a o ochrane pred financovaním terorizmu, v rámci čoho sa budú takto získané osobné údaje porovnávať s mnou nasnímaným dokladom totožnosti, najmä s fotografiou mojej tváre na doklade totožnosti, a to prostredníctvom spoločnosti Veriff OÜ ako sprostredkovateľa. Tento súhlas udeľujem na obdobie trvania zmluvného vzťahu s Prevádzkovateľom a beriem na vedomie, že ak nedôjde k uzavretiu zmluvy s Prevádzkovateľom, údaje budú bezodkladne zlikvidované. Tiež beriem na vedomie, že bez spracovania biometrických údajov na základe tohto súhlasu nie je možné elektronicky vykonať identifikáciu, verifikáciu osoby a tým pádom ani vykonať úkony potrebné na predchádzanie podvodom v zmysle vyššie uvedeného zákona. Zároveň beriem na vedomie, že svoj súhlas so spracovaním osobných údajov môžem kedykoľvek odvolať písomnou formou na vyššie uvedenú adresu sídla spoločnosti, či elektronicky na e-mailovú adresu: [email protected], avšak odvolanie súhlasu nemá vplyv na zákonnosť spracúvania vychádzajúceho zo súhlasu pred jeho odvolaním. Viac informácií o spracovaní osobných údajov v rámci procesu identifikácie a verifikácie osôb prostredníctvom spoločnosti Veriff OÜ nájdete na stránke spoločnosti Veriff OÜ v časti Veriff´s Privacy Policy https://www.veriff.com/privacy-policy).

Legal basis for the processing of personal data of data subjects:
When processing personal data, the company proceeds in accordance with Act No. 18/2018 Coll. on the Protection of Personal Data and on Amendments and Additions to Certain Regulations (hereinafter referred to as the "Personal Data Protection Act"). The legal basis for the processing of personal data is the Personal Data Protection Act, special legal regulations, and consent to the processing of personal data, depending on the purpose of the processing of personal data.

If the purpose of the processing of personal data, the range of data subjects, and the list of personal data is provided for by a directly enforceable act of the European Union, an international treaty to which the Slovak Republic is bound, the Personal Data Protection Act or special law, the company is entitled to process personal data without the consent of the data subject within the meaning of the Personal Data Protection Act.

The Company processes personal data without the consent of the data subject if the purpose of processing personal data, the range of data subjects, and the list of personal data or their scope is provided for by a directly enforceable legally binding act of the European Union, an international treaty to which the Slovak Republic is bound or this Act. If the list or scope of personal data is not established, the company may process personal data only to the extent and in the manner necessary to achieve the established purpose of processing, while complying with the basic obligations under the Personal Data Protection Act.

The company further processes personal data without the consent of the data subject if the purpose of processing personal data, the range of data subjects and the list of personal data is provided for by a special law and only to the extent and in the manner provided for by the special law. The personal data processed may be disclosed, made available or published from the information system only if a special law provides for the purpose of disclosure, disclosure or publication, the list of personal data that may be disclosed, disclosed or published, as well as the third parties to whom the personal data are disclosed or the range of recipients to whom the personal data are disclosed, unless otherwise provided for in the law on the protection of personal data.

The company also processes personal data without the data subject's consent if:

(a) the processing of personal data is necessary for the performance of a contract to which the data subject acts as one of the contracting parties or in pre-contractual relations with the data subject or in negotiations for the amendment of a contract which are carried out at the request of the data subject,
(b) the processing of personal data is necessary to protect the life, health or property of the data subject,
c) the subject of the processing is exclusively the title, name, surname and address of the data subject without the possibility of assigning other personal data to them and their use is intended exclusively for the needs of the controller in the postal contact with the data subject and the registration of these data,
(d) personal data are processed which have already been disclosed in accordance with the law and have been duly identified by the controller as having been disclosed; the person who claims to be processing disclosed personal data shall, on request, demonstrate to the Authority that the personal data being processed have already been lawfully disclosed,
(e) the processing of personal data is necessary for the protection of the rights and legitimate interests of the controller or of a third party, except where such processing of personal data is overridden by the fundamental rights and freedoms of the data subject, which are subject to protection under this Act.

If, in view of the purpose of processing personal data as laid down in a directly enforceable legally binding act of the European Union, an international treaty by which the Slovak Republic is bound, the Personal Data Protection Act and a special act, the individual personal data to be processed cannot be specifically determined in advance, the list of personal data may be replaced by a range of personal data.

The Company is obliged to comply with the Personal Data Protection Act when processing personal data in this way, except for those controllers who process personal data for the purposes of and in connection with legal proceedings.

If the Personal Data Protection Act does not apply to the processing of personal data, the company as the controller is only entitled to process personal data with the consent of the data subject.

The company obtains the data subject's consent without coercion or compulsion, as well as without conditioning it on the threat of refusal of the contractual relationship, the services provided or the obligations arising for the controller from legally binding acts of the European Union, an international treaty to which the Slovak Republic is bound or a law.

In the event of refusal to provide personal data to the company for the purposes necessary for the provision of services or the fulfilment of legal obligations, the company is entitled to warn the data subject of the possible consequences of not providing personal data.

The data subjects consent to the Company entrusting the processing of personal data to an intermediary who processes personal data on behalf of the Company. After the end of the purpose of the processing of personal data, the Company shall dispose of such lawfully obtained personal data of the data subjects within the time limit provided for by applicable law and in accordance with the Company's internal regulations.

Purpose of processing of personal data of data subjects:
The company respects your privacy and considers the personal data you provide to be confidential.
The company needs to know certain personal data of the data subjects for the quality of its services and needs to provide it to other recipients in order to comply with its legal obligations and to provide the highest quality services.

The company processes the personal data provided for several purposes.
Firstly, it deals with personal data of job applicants and personal data of its employees for the purposes of the personnel and payroll agenda and related legal obligations arising from specific legislation.

The Company also processes personal data of its clients, customers and business partners for the purpose of ensuring its business activities taking into account the interests of its clients, customers and business partners.

There is no processing of personal data for any other purpose in the company, which means that the company collects, stores and processes only the personal data of the data subjects that it needs for the purpose of fulfilling its services. The personal data provided is strictly protected against misuse by unauthorised third parties by means documented in the adopted security project and security directive in accordance with the Data Protection Act.

When processing the personal data of data subjects, the company complies with the basic obligations of the controller under the Personal Data Protection Act, which include the following obligations.

The company always uses the personal data provided for a predetermined purpose of processing, which is clear, unambiguous and specific, in accordance with the Constitution of the Slovak Republic, constitutional laws, laws and international treaties to which the Slovak Republic is bound. 

The company always defines the conditions for processing personal data in such a way as not to restrict the rights of the data subject provided for by law.

The company only collects personal data of the data subjects which, in terms of their scope and content, correspond to the purpose of the processing and are necessary for its achievement.

The company ensures that the personal data of the data subjects are processed only in a manner that is consistent with the purpose for which they were previously collected.

The company as a controller is obliged to process only correct, complete and, where necessary, updated personal data in relation to the purpose of processing. Incorrect and incomplete personal data shall be blocked by the controller and rectified or supplemented without undue delay; if they cannot be rectified or supplemented so as to be correct, the company shall clearly mark and destroy the personal data without undue delay.

The Company shall ensure that the personal data of the data subjects are processed in a form which permits the identification of individual data subjects for no longer than is necessary to achieve the purpose of the processing.

The company shall dispose of in the prescribed manner those personal data whose purpose of processing has ended. After the end of the defined purpose, the company is entitled to process the personal data to the extent necessary for research or statistical purposes in their anonymised form. Personal data processed in this way may not be used by the controller to support measures or decisions taken against the data subject to restrict his or her fundamental rights and freedoms.

Intermediaries:
The Company does not disclose your personal data to third parties in violation of the Data Protection Act and for the purpose of collecting it, in violation of your interests or instructions, and it is only disclosed to third parties within the scope of the above-mentioned purpose.

In its business activities, the company cooperates with several intermediaries whose aim is to provide quality services, and these entities process the personal data of data subjects in the performance of their contractual activities for the company.

The company declares on its honour that when selecting individual processors, it has taken care of their professional, technical, organisational and personnel competence and their ability to guarantee the security of the personal data processed by the security measures taken in accordance with the Personal Data Protection Act. 

At the same time, when selecting a suitable intermediary, the company has acted in such a way as not to jeopardise the rights and legitimate interests of the data subjects.

The company as a controller has concluded written contracts with processors under the Personal Data Protection Act to ensure the protection of personal data processed by the processors it has entrusted with the processing of personal data of data subjects only to the extent, under the conditions and for the purpose agreed in the contract and in the manner provided for in the Personal Data Protection Act.

Scope and list of personal data processed:
The company processes personal data of data subjects in its information systems to the extent necessary to achieve the stated purpose. This is the scope of the personal data provided for by specific legislation or to the extent of the data subject's consent to the processing of his or her personal data.

The company only processes personal data that have been provided to it voluntarily and to the extent necessary by the data subject. The provision of personal data to the company beyond the scope of specific laws is voluntary.

Conditions and method of processing of personal data of data subjects:
The company processes personal data of data subjects in its information systems by automated and non-automated means of processing.

The Company does not disclose the personal data processed, except where required by a specific legal regulation or by a decision of a court or other public authority.

The Company will not process your personal data without your explicit consent or other lawful legal basis for any other purpose or to a greater extent than is stated in this information and the registration sheets of the individual information systems of the controller.

The rights of the data subject related to the processing of his or her personal data:
The data subject shall have the right, upon written request from the company, to request:
(a) confirmation of whether or not personal data about him or her are processed,
(b) in a generally comprehensible form, information on the processing of personal data in the information system within the scope of the Personal Data Protection Act; when a decision is issued pursuant to the Personal Data Protection Act, the data subject shall be entitled to acquaint himself with the procedure for processing and evaluating operations,
(c) in a generally comprehensible form, precise information about the source from which he or she obtained his or her personal data for processing,
(d) in a generally comprehensible form, a list of its personal data subject to processing,
(e) the rectification or destruction of their incorrect, incomplete or outdated personal data subject to processing,
(f) the destruction of his or her personal data for which the purpose of processing has ceased; where official documents containing personal data are the subject of the processing, he or she may request their return,
(g) the destruction of his or her personal data subject to processing where there has been a breach of the law,
(h) blocking of his or her personal data due to the withdrawal of consent before the expiry of its validity period, if the company processes personal data on the basis of the data subject's consent.

The aforementioned rights of the data subject under points (e) and (f) may be restricted only if such restriction is based on a specific law or if its application would violate the protection of the data subject or would infringe the rights and freedoms of other persons.

Pursuant to the Personal Data Protection Act, the data subject has the right, upon written request to the company, to object to:
(a) the processing of his or her personal data which he or she believes is or will be processed for direct marketing purposes without his or her consent, and to request its destruction,
(b) the use of personal data referred to in the Data Protection Act for the purposes of direct marketing in the postal sector; or
(c) the provision of personal data referred to in the Data Protection Act for direct marketing purposes.

Pursuant to the Personal Data Protection Act, the data subject shall have the right to object at any time to the processing of personal data in cases under the Personal Data Protection Act by submitting legitimate grounds or by submitting evidence of unjustified interference with his or her rights and legally protected interests which are or may be harmed by such processing of personal data, on the basis of a written request addressed to the company or in person, if the matter cannot be delayed; unless prevented by lawful grounds and the data subject's objection is proven to be justified, the company shall block and delete the personal data whose processing the data subject has objected to without undue delay as soon as the circumstances permit.

Pursuant to the Personal Data Protection Act, the data subject shall have the right at any time, on the basis of a written request addressed to the company or in person if the matter cannot be delayed, to object and not to submit to a decision of the company which would have legal effects or significant impact on him or her, if such decision is made solely on the basis of automated processing operations of his or her personal data. The data subject shall further have the right to request the company to review the decision issued by a method other than automated processing, and the company shall comply with the data subject's request, with the authorised person playing a decisive role in the review of the decision; the controller shall inform the data subject of the method of review and the result of the finding within the time limit provided for in the Personal Data Protection Act. 

The data subject shall not have this right only if a specific law providing for measures to safeguard the data subject's legitimate interests so provides, or if, in the context of a pre-contractual relationship or during the existence of a contractual relationship, the controller has issued a decision granting the data subject's request, or if the controller has taken other appropriate measures on the basis of a contract to safeguard the data subject's legitimate interests.

If the data subject exercises his or her right:
(a) in writing and the content of his or her request indicates that he or she is exercising a right, the request shall be deemed to have been made under the Personal Data Protection Act; a request made by electronic mail or fax shall be delivered in writing by the data subject no later than three days from the date of its dispatch,
b) in person orally in the form of a record, from which it must be clear who has exercised the right, what is claimed and when and who has drawn up the record, his signature and the signature of the person concerned; the company is obliged to give a copy of the record to the person concerned,
(c) in the case of an intermediary referred to in point (a) or (b), the intermediary shall be obliged to hand over the application or the minutes to the company without undue delay.

If the data subject suspects that his or her personal data is being unlawfully processed, he or she may file a petition for initiation of a personal data protection procedure with the Office for Personal Data Protection of the Slovak Republic, located at Hraničná 12, 820 07 Bratislava 27, Slovak Republic or contact the Office via its website http://www.dataprotection.gov.sk.

If the data subject lacks full legal capacity, his or her rights may be exercised by a legal representative.

If the person concerned is deceased, his or her rights under this Act may be exercised by a person close to him or her.

The request of the data subject under the Personal Data Protection Act shall be processed by the company free of charge.

The request of the data subject pursuant to the Personal Data Protection Act shall be processed by the company free of charge, except for the payment of an amount which may not exceed the amount of the reasonable costs of making copies, procuring technical media and sending the information to the data subject, unless a special law provides otherwise.

The company is obliged to deal with the data subject's request in writing in accordance with the Personal Data Protection Act no later than 30 days from the date of receipt of the request.

The company shall notify the data subject and the Office for Personal Data Protection of the Slovak Republic in writing without undue delay of the restriction of the data subject's rights under the Personal Data Protection Act.

The company has hereby informed you as the data subject about the protection of your personal data and has informed you of your rights in relation to the protection of personal data within the scope of this written information obligation.

Updated June 1, 2021.

Investment account free of charge

Create a passive income paid regularly into your account and have your investments under control
Register now
Menu
close
Menu
close
Menu
close
Menu
close
Menu
close
Menu
close
Menu
close
Menu
close
Menu
close
Privacy Policy   |   Terms and conditions   |   +421 910 548 844   |  [email protected]  | Invest in Slovakia is operated by Ci investment, s.r.o, Levočská 10, 058 01 Poprad, Slovakia.
If you would like to learn more about which Invest in Slovakia entity you receive services from, or if you have any other questions, please contact us via chat in the Invest in Slovakia app, or by email at [email protected]. Platform investinslovakia.eu does not provide investment advice and individual investors should make their own decisions or seek independent professional advice if they are unsure about the suitability of any investment for their individual needs. The value of investments can rise or fall depending on market developments and unforeseen circumstances. Bear in mind that when investing in loans your capital is subject to risks and is not subject to any protection mechanism. For more information, see FAQ (the most common questions about their answers).
NBS. On the basis of Regulation (EU) 2020/1503 of the European Parliament and of the Council of 7 October 2020 on European crowdfunding service providers for business and amending Regulation (EU) 2017/1129 and Directive (EU) 2019/1937 (the "Regulation on European crowdfunding service providers for business"), crowdfunding will become a legally regulated activity. From the nature of the Regulation in question, it is expected that the authority authorising and supervising the activities of crowdfunding service providers within the Slovak Republic will be the Ministry of Finance of the Slovak Republic or the National Bank of Slovakia. As a provider of crowdfunding services, we welcome this effort of the European Parliament and we are ready to actively participate in the implementation of the Regulation in order to clarify and set uniform rules for crowdfunding within Slovakia as well as throughout the European Union.
Copyright © 2024, Ci investment, s.r.o.
crossmenu