about usContacts

Privacy Policy

RISE 15/11 s.r.o., registered office: Grösslingova 4, Bratislava, 811 09, Slovak Republic, Company Registration Number (IČO): 55271766 (hereinafter referred to as the "Controller" or "Company"), as a controller of personal data, hereby provides this Privacy Policy in order to ensure fairness and transparency towards data subjects in accordance with:

 

  • Article 13 and Article 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as "GDPR" or "the Regulation");
  • Act of the National Council of the Slovak Republic No. 18/2018 Coll. on the protection of personal data and on amendments to certain acts (hereinafter referred to as "the Act").

 

1. IDENTITY AND CONTACT DETAILS OF THE CONTROLLER

Company name: RISE 15/11 s.r.o.

Registered address: Grösslingova 4, Bratislava, 811 09, Slovak Republic

Company Registration Number (IČO): 55271766

Website: https://www.rise15-11.com

E-mail: info@rise15-11.com

 

The Company has not designated a Data Protection Officer (DPO) as it does not meet the criteria under Article 37 of the GDPR. All queries and requests relating to the processing of personal data may be directed to the contact details set out above.

 

2. SCOPE AND PURPOSE OF THIS PRIVACY POLICY

This Privacy Policy applies to all personal data processed by the Company in connection with its business activities, including data collected through the Company's website at https://www.rise15-11.com, via the contact form, by e-mail, and in the course of providing services to clients. It describes the categories of personal data collected, the purposes and legal bases for their processing, the retention periods, the rights of data subjects, and the procedures for exercising those rights.

 

3. PROCESSING ACTIVITIES AND LEGAL BASES

3.1  Website Contact Form and General Enquiries

When you submit an enquiry via the contact form on the Company's website (https://www.rise15-11.com) or send an e-mail to the Company, the following personal data are processed:

  • Identification data: first name, last name;
  • Contact data: telephone number, e-mail address;
  • Content of the message and any information voluntarily provided by you.

 

Purpose of processing: Handling and responding to enquiries submitted by the data subject.

Legal basis: Consent of the data subject (Article 6(1)(a) GDPR) or the legitimate interest of the Controller in responding to enquiries (Article 6(1)(f) GDPR).

Category of data subjects: Natural persons — potential clients, business partners, or other persons initiating contact.

Retention period: Maximum 6 months from the date of receipt of the enquiry, unless a longer retention period is required by applicable law or is necessary for the establishment, exercise, or defense of legal claims.

Transfer to third countries: Not implemented.

Automated decision-making: None.

 

3.2  Client Records and Contractual Relationships

In connection with the conclusion and performance of contracts with clients, the Company processes the following personal data of natural persons (clients or contact persons of corporate clients):

  • Identification data: first name, last name, date of birth (if applicable);
  • Contact data: address, telephone number, e-mail address;
  • Contractual and transaction data: subject of the contract, financial data related to invoicing and payments.

 

Purpose of processing: Conclusion, performance, and administration of contracts; invoicing; fulfilment of statutory obligations.

Legal basis: Performance of a contract to which the data subject is party, or in order to take steps at the request of the data subject prior to entering into a contract (Article 6(1)(b) GDPR); compliance with a legal obligation (Article 6(1)(c) GDPR).

Category of data subjects: Natural persons — clients and their authorised representatives.

Retention period: For the duration of the contractual relationship and thereafter for the period required by applicable statutory provisions (in particular, accounting and tax legislation — generally up to 10 years from the end of the relevant tax period).

Transfer to third countries: Not implemented.

Automated decision-making: None.

 

3.3  Processing Based on Legal Obligations

The Company processes personal data to the extent necessary for compliance with statutory obligations imposed by applicable Slovak and EU law, including obligations under accounting, tax, and archiving legislation.

Legal basis: Compliance with a legal obligation to which the Controller is subject (Article 6(1)(c) GDPR).

Retention period: As required by the applicable statutory provisions, typically up to 10 years.

 

4. CATEGORIES OF RECIPIENTS OF PERSONAL DATA

Personal data may be disclosed to the following categories of recipients where necessary and in accordance with applicable law:

  • Public authorities and bodies empowered by specific legal regulations to make decisions on the rights and obligations of natural persons (e.g., courts, tax authorities, law enforcement authorities);
  • Accounting, legal, or IT service providers acting as processors on the basis of a data processing agreement concluded in accordance with Article 28 GDPR;
  • Other recipients, if the data subject has given their consent or if disclosure is required by law.

 

The Company does not sell, rent, or otherwise transfer personal data to third parties for commercial purposes without the prior consent of the data subject.

 

5. TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES

The Company does not transfer personal data to countries outside the European Economic Area (EEA). Should such transfer become necessary in the future, the Company will ensure that adequate safeguards are in place in accordance with Chapter V of the GDPR (e.g., standard contractual clauses, adequacy decisions) and will update this Privacy Policy accordingly.

 

6. SECURITY OF PERSONAL DATA

The Company has implemented appropriate technical and organisational measures to protect personal data against unauthorised access, disclosure, alteration, loss, or destruction, taking into account the nature, scope, context, and purposes of processing, as well as the risks of varying likelihood and severity to the rights and freedoms of natural persons.

 

In the event of a personal data breach that is likely to result in a high risk to the rights and freedoms of natural persons, the Company will notify the affected data subjects without undue delay, in accordance with Article 34 of the GDPR.

 

7. RIGHTS OF DATA SUBJECTS

Data subjects whose personal data are processed by the Company are entitled to exercise the following rights in accordance with Articles 15–21 of the GDPR and the relevant provisions of the Act:

 

Right of access (Art. 15 GDPR): The data subject has the right to obtain confirmation as to whether personal data concerning him or her are being processed, and, where this is the case, to obtain access to the personal data and related information.

 

Right to rectification (Art. 16 GDPR): The data subject has the right to obtain from the Controller the rectification of inaccurate personal data and the completion of incomplete personal data.

 

Right to erasure / 'right to be forgotten' (Art. 17 GDPR): The data subject has the right to obtain the erasure of personal data where one of the grounds listed in Article 17(1) applies and no exception under Article 17(3) is applicable.

 

Right to restriction of processing (Art. 18 GDPR): The data subject has the right to obtain restriction of processing in the circumstances set out in Article 18(1) of the GDPR.

 

Right to data portability (Art. 20 GDPR): Where processing is based on consent or on a contract and is carried out by automated means, the data subject has the right to receive the personal data in a structured, commonly used and machine-readable format and to transmit those data to another controller.

 

Right to object (Art. 21 GDPR): The data subject has the right to object, on grounds relating to his or her particular situation, to the processing of personal data based on legitimate interests (Article 6(1)(f) GDPR). The Controller shall no longer process the personal data unless it demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject.

 

Right to withdraw consent (Art. 7(3) GDPR): Where processing is based on the data subject's consent, the data subject has the right to withdraw consent at any time. Withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. The data subject shall be informed thereof prior to giving consent and may withdraw consent in the same manner as it was given.

 

Right to lodge a complaint (Art. 77 GDPR): The data subject has the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work, or place of the alleged infringement, if the data subject considers that the processing of personal data relating to him or her infringes the GDPR.

 

8. PROCEDURE FOR EXERCISING RIGHTS

Data subjects may exercise the rights listed in Section 7 of this Privacy Policy by submitting a written request to the Company by:

  • E-mail: info@rise15-11.com
  • Post: RISE 15/11 s.r.o., Grösslingova 4, Bratislava, 811 09, Slovak Republic

 

The Company will respond to such requests without undue delay and, in any event, within one (1) month of receipt of the request. That period may be extended by a further two months where necessary, taking into account the complexity and number of the requests. The Company shall inform the data subject of any such extension within one month of receipt of the request, together with the reasons for the delay.

 

The Company may request additional information necessary to verify the identity of the data subject before fulfilling any request. Where a request is manifestly unfounded or excessive, the Company may charge a reasonable fee or refuse to act on the request.

Where the data subject makes a request by oral means, the information may be provided orally only if the identity of the data subject has been verified.

 

9. SUPERVISORY AUTHORITY

The supervisory authority responsible for the supervision of compliance with the obligations arising from the GDPR and the Act in the Slovak Republic is:

 

Name: Office for Personal Data Protection of the Slovak Republic

Address: Hraničná 12, 820 07 Bratislava 27, Slovak Republic

Website: https://dataprotection.gov.sk

Telephone: +421 2 3231 3214

E-mail: statny.dozor@pdp.gov.sk

 

Data subjects have the right to lodge a complaint with the above supervisory authority if they consider that the processing of their personal data infringes applicable data protection law.

 

10. COOKIES AND WEBSITE ANALYTICS

The Company's website at https://www.rise15-11.com uses cookies and similar tracking technologies. This section explains what cookies are, which categories the Company uses, and how you can manage your preferences.

 

10.1  What Are Cookies

Cookies are small text files placed on your device (computer, tablet, or mobile phone) when you visit a website. They allow the website to recognise your device on subsequent visits and to remember certain information about your preferences or actions.

 

10.2  Categories of Cookies Used

  • Strictly necessary cookies: These cookies are essential for the website to function properly. They enable core features such as page navigation, access to secure areas, and form submission. These cookies do not require your consent and cannot be disabled.
  • Analytical / performance cookies: These cookies collect information about how visitors use the website — for example, which pages are visited most often and whether any error messages are received. All information collected is aggregated and anonymous. The Company may use tools such as Google Analytics or similar services for this purpose. These cookies are only placed with your prior consent.
  • Functional cookies: These cookies allow the website to remember choices you make (such as your language preference) and provide enhanced, personalised features. These cookies are only placed with your prior consent.
  • Marketing / targeting cookies (if applicable): These cookies may be used to deliver content relevant to your interests. They are only placed with your prior consent.

 

10.3  Third-Party Cookies

Some cookies on the Company's website may be set by third-party service providers (such as analytics platforms or embedded content providers). The Company does not control these third-party cookies. Please refer to the respective third party's privacy policy for further information.

 

10.4  Cookie Consent and Management

When you first visit https://www.rise15-11.com, you will be presented with a cookie consent banner allowing you to accept or decline non-essential cookies. You may withdraw or change your consent at any time by accessing the cookie settings on the website.

 

In addition, you may disable or delete cookies at any time through your browser settings. Please note that disabling certain cookies may affect the functionality of the website. For guidance on managing cookies in your browser, please refer to your browser's help documentation.

 

10.5  Retention of Cookie Data

Session cookies are deleted automatically when you close your browser. Persistent cookies remain on your device for the period specified in the cookie settings or until you delete them manually.

 

11. UPDATES TO THIS PRIVACY POLICY

The Company reserves the right to update or amend this Privacy Policy at any time in response to changes in applicable legislation, regulatory guidance, or the Company's processing activities. The updated version will be published on the Company's website and/or communicated to data subjects through appropriate channels.

 

Data subjects are encouraged to review this Privacy Policy periodically to stay informed about how the Company protects their personal data.