top of page
Gemini_Generated_Image_qi8jznqi8jznqi8j-processed(lightpdf_edited.jpg

Protecting our customers’ personal data is a matter of course for us.

1) Who is the Controller

The controller who determines the purposes and means of processing personal data is:

Eco Auto s.r.o.
Registered office: Nová Ves 86, 962 12 Detva, Slovak Republic
Company ID: 50 918 176, Tax ID: 2120541709, VAT ID: SK2120541709
Registered in the Commercial Register of the District Court Banská Bystrica, Section Sro, File No. 32254/S

Contact:
Phone: +421 911 010 761
E-mail: info@ecoauto.sk

Postal address: Nová Ves 86, 962 12 Detva

 

2) Data Protection Officer (DPO)

The Controller has not appointed a Data Protection Officer (DPO). For personal data protection matters, please contact us using the details above.

3) What personal data we process (scope)

We process the following categories of personal data depending on which service you use:

Identification and contact data

  • first name, last name

  • e-mail, phone number

  • address (billing/delivery), or business premises address (if applicable)

B2B data

  • company name, Company ID (IČO), VAT ID, contact person (if you are a legal entity or self-employed)

Contractual and transaction data

  • data related to orders, enquiries, deliveries, complaints

  • payment data to the necessary extent (e.g., payment confirmation, variable symbol, bank account details for bank transfer)

Communication data

  • content of e-mail, web form or other communication, including the history of handling requests

Website usage data (online identifiers)

  • device and browser data, approximate location, IP address or part of it, cookie identifiers and similar technologies
    We process these data mainly for security, basic website functionality, statistics and marketing—depending on the cookie settings you choose.

4) Purposes and legal bases for processing

We process personal data only where we have a lawful basis under the GDPR.

 

4.1 Performance of a contract and pre-contractual measures (Article 6(1)(b) GDPR)

  • receiving and processing an order/enquiry

  • communication prior to concluding a contract (offers, technical consultations)

  • delivery of goods/services, logistics arrangements, service operations

  • issuing documents related to performance (e.g., confirmations, delivery documents)

 

4.2 Compliance with legal obligations (Article 6(1)(c) GDPR)

  • accounting, tax obligations, document archiving

  • handling complaints in accordance with applicable legislation

  • complying with obligations towards public authorities where required by law

 

4.3 Legitimate interests (Article 6(1)(f) GDPR)

  • protection of legal claims and dispute resolution (evidence, defence and enforcement of claims)

  • website security and prevention of misuse (logs, basic protection)

  • service improvement and internal record-keeping of communication

  • direct marketing communication to existing customers (e.g., information about related products/services), with an option to easily opt out/object at any time

Our legitimate interest is to provide and develop our services, protect our business from misuse, and reasonably inform existing customers about related products/services. We always assess proportionality and impact and enable you to exercise your right to object.

 

4.4 Consent (Article 6(1)(a) GDPR)

We rely on consent mainly where this concerns:

  • newsletters (if you use them) for individuals who are not existing customers, or if you prefer to handle marketing strictly on consent

  • analytical and marketing cookies and similar technologies (see Cookies section)

You may withdraw your consent at any time. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.

 

5) Who we may disclose data to (recipients)

We disclose your data only to the necessary extent and only to parties who help us deliver our services, or where required by law.

Typical categories of recipients include:

  • courier and transport companies

  • contractual partners/suppliers (e.g., vehicle importers) where necessary for delivery or service

  • IT service providers (hosting, website administration, e-mail, cloud services)

  • providers of analytics/marketing tools (only if you grant consent via cookies)

  • accounting firms, auditors and tax advisors

  • law firms, experts/court experts

  • debt collection agencies and bailiffs (where necessary for debt recovery)

  • public authorities, courts and law enforcement authorities (where required by law)

 

6) Transfers to third countries (outside the EEA)

Some of our providers (especially analytics and marketing tools) may process data outside the European Economic Area, most commonly in the USA. We carry out such transfers only where the GDPR conditions are met, in particular:

  • based on an adequacy decision (where the provider is certified under a relevant framework), or

  • based on Standard Contractual Clauses (SCCs) and appropriate supplementary measures.

 

7) Retention periods

We retain personal data only for as long as necessary for the purposes for which they were collected:

  • Contractual and order data: during the contractual relationship and thereafter for the period necessary to assert legal claims (typically 3–5 years depending on the nature of performance and limitation periods).

  • Accounting and tax documents: as required by applicable legislation (often 10 years).

  • Complaints and service data: during the warranty period and for the period necessary to handle related claims.

  • Marketing based on legitimate interest (existing customers): proportionately, typically up to 3 years from the last purchase/communication, or until you object.

  • Marketing based on consent (newsletter, remarketing cookies): until consent is withdrawn, but no longer than 24 months (or another period you choose).

 

8) Cookies and similar technologies

We use cookies and similar technologies to ensure proper website operation, measure traffic and improve content, and—if you give consent—for marketing.

 

8.1 Types of cookies we use

  • Essential (technical) cookies: necessary for website operation and security. These do not require consent.

  • Analytics cookies: help us understand traffic and improve the website. We use them only with your consent.

  • Marketing cookies: used for ad personalisation and campaign measurement. We use them only with your consent.

  • Preference cookies: store your choices (if used); depending on their nature, they may require consent.

 

8.2 How you give and withdraw consent

On your first visit, we display a cookie banner where you can:

  • set consent by category,

  • change or withdraw consent at any time via the “Cookie settings” link (recommended to place in the website footer).

We do not deploy analytics and marketing cookies before consent is given.

 

8.3 Third-party tools (choose what you actually use)

Option A – we use Google Analytics only (analytics):
To measure website traffic, we may use an analytics tool (e.g., Google Analytics). We process the data on the basis of consent. The cookie banner provides information on cookie duration and the provider.

 

9) Your rights

As a data subject, you have in particular the right to:

  • access your personal data,

  • rectification,

  • erasure (subject to conditions),

  • restriction of processing,

  • data portability (where applicable),

  • withdraw consent (where processing is based on consent),

  • object to processing based on legitimate interests, and always object to direct marketing,

  • lodge a complaint with the supervisory authority.

 

The supervisory authority is the Office for Personal Data Protection of the Slovak Republic, Hraničná 12, 820 07 Bratislava 27, Slovak Republic, tel.: +421 2 3231 3220.

 

10) How to exercise your rights

You may exercise your rights:

  • by e-mail: info@ecoauto.sk

  • by phone: +421 911 010 761

  • in writing to: Nová Ves 86, 962 12 Detva

 

We will respond without undue delay, typically within one month. In justified cases (complexity/number of requests), the period may be extended by a further two months; we will inform you of the extension and the reasons. For manifestly unfounded or excessive/repeated requests, we may charge a reasonable fee or refuse the request in accordance with the GDPR.

 

11) Obligation to provide data

Providing certain data is:

  • a contractual requirement (e.g., for an order we need contact and delivery/billing data), and/or

  • a legal requirement (e.g., data for accounting and tax documents).

If you do not provide these data, we may not be able to process an order, enquiry, complaint, or provide the service.

 

12) Automated decision-making and profiling

We do not carry out automated individual decision-making, including profiling, that would produce legal effects concerning you or similarly significantly affect you.

13) Social media

We operate profiles on social networks (e.g., Facebook/Instagram/YouTube) for communication, presentation and marketing purposes. Processing on these platforms is also governed by the rules of the respective platform operators. If you send us a message or interact with content, we process your data to the extent necessary to handle the communication and for our records.

14) Changes to this document

We may update this document from time to time. The current version is always published on our website.

Gemini_Generated_Image_yl0n9jyl0n9jyl0n_edited.jpg
EcoAuto_logo

Services

Quick links

Contact

Reliable solutions for cities and businesses

Consulting

About us

+421 911 010 761

Solutions

Blog

info@ecoauto.sk

Delivery

Contact

Service

Operation - PPS Group area
48° 33 - 30.6 N; 19° 21 ‚ 46.60 E

Billing address
Nova Ves 86, 962 12 Detva

© 2017 by EcoAuto

General terms and conditions

Personal data protection

Withdrawal form

Complaints procedure

bottom of page