EN
▼
EN
SK
Company HELI COMPANY s.r.o., registered at Vranovská 72, 080 01 Prešov, Slovak Republic, Company ID: 36492124, Tax ID: 2021817831 (hereinafter the “Controller”), processes personal data of website users in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data (General Data Protection Regulation – GDPR) and in accordance with the Act No. 18/2018 Coll. on the protection of personal data and related regulations applicable in the Slovak Republic. These privacy terms explain what data we collect about you, for what purposes we use it, how long we retain it, to whom we may disclose it, how we protect it, and what rights you have in connection with the processing of your personal data.
The Controller (i.e., the entity that determines the purposes and means of personal data processing) is the above-mentioned company HELI COMPANY s.r.o. The Controller’s postal contact address is Vranovská 72, 080 01 Prešov, Slovakia. The Controller is not legally required to appoint a Data Protection Officer (DPO); however, for any questions regarding personal data processing, you can contact us in writing at the address provided or via the contact form on our website.
We process only such personal data that is necessary to fulfill the purposes listed below. The data we process includes in particular:
Identification and contact details: first and last name, email address, phone number (if you provide them to us via the contact form).
Data you include in your message: any additional personal data you voluntarily write in the text of your message or inquiry submitted through the contact form.
Technical data about the website visit: IP address, cookies, data about your activity on the website (e.g., pages visited, time spent on the site, browser and operating system type). This data is obtained automatically during your visit via analytical and functional tools (see the Cookies and analytics section below).
We do not operate an e-shop and we do not require the entry of sensitive personal data such as national identification number, ID card number, health data, or other special categories of data. Our website serves informational purposes and contact communication.
We process your personal data solely for specifically defined purposes and on the basis of the relevant legal grounds under Article 6 of the GDPR. Specifically, we process data for these purposes:
Communication and handling inquiries: We use the data you provide via the contact form (e.g., name, email, phone) to contact you and respond to your questions, requests, or inquiries. The legal basis is your consent to the processing of personal data granted by submitting the form (Article 6(1)(a) GDPR). Providing this data is voluntary; however, without it we cannot reply to you or resolve your inquiry.
Traffic analysis and statistics: To improve our website and services, we monitor how visitors use the site. We use Google Analytics to collect anonymized statistical information about traffic (e.g., number of visitors, popular pages, source of visit) through cookies. We process these analytical data only with your consent (Article 6(1)(a) GDPR), which you express through cookie settings (cookie banner). If you do not consent to statistical cookies, Google Analytics will not be active on our site and your data will not be collected for this purpose.
Website functionality and security: Some technical data (e.g., strictly necessary cookies) are processed to ensure the correct functioning of the website, its display, and basic functionalities (e.g., remembering your language choice or cookie consent). The legal basis for such processing is the Controller’s legitimate interest in operating a secure and functional website (Article 6(1)(f) GDPR), or the performance of a contract for the provision of an information society service at your request (providing the website you requested under Article 6(1)(b) GDPR). Necessary cookies are stored automatically as they are required for the operation of the site—you can block their use in your browser settings, but this may affect the site’s functionality.
We do not use your data for any other purposes than those listed above. We do not carry out automated individual decision-making or profiling based on your personal data that would have legal effects on you or similarly significantly affect you.
Our website uses cookies—small text files stored on your device—to ensure the site’s functionality and for analytical purposes. Under applicable law, we may store necessary cookies without your consent (as they are required for the site to function), but for all other types of cookies (such as statistical/analytical) we require your consent.
We use the Cookiebot service to manage cookie consents, which displays a banner on your first visit allowing you to enable or disable individual categories of cookies. Your cookie preferences are stored by Cookiebot and respected on subsequent visits. You can withdraw your consent or change your cookie settings at any time—either by clicking the “Cookie settings” link on our site (if available) or by adjusting your browser settings directly (where you can delete existing cookies or block new ones).
Google Analytics. As noted, we use Google Analytics for analytical purposes, a service provided by Google. Google Analytics sets statistical cookies in your browser (e.g., _ga and others) to recognize repeat visits and collect usage data. These data are subsequently evaluated in aggregate form (e.g., traffic, demographic overviews). To enhance your privacy, IP anonymization is enabled on our site, so Google Analytics shortens/anonymizes your IP address within EU member states before further processing. We can access Google Analytics data only in a form that does not identify an individual person. Please note that analytical cookies are stored only if you allow them via our cookie banner. If you do not consent to the use of these cookies, we do not send any of your data to Google Analytics.
Cookie retention period. Necessary (technical) cookies usually remain valid only for a single session (they are deleted after closing the browser) or for a short period required for their function. Preference cookies (e.g., remembering consent) and analytical cookies may have longer validity (several months to years) depending on the service settings. For example, a cookie stored by Cookiebot to remember your consent is retained for 12 months, and some Google Analytics cookies may remain active for up to 24 months, unless you delete them earlier. A specific list of cookies used on our site, along with their description and validity, can be found in the Cookie declaration available via the Cookiebot tool on our website.
We retain your personal data only for as long as necessary in relation to the purposes for which we process it, and in accordance with the principle of minimization. Specifically:
Data from the contact form (name, contact details, message content) are retained for a maximum of 5 years from the handling of your request or from the last communication with you. This extended retention period serves our internal need to keep records of communication and to retrieve information if you contact us again in the future, or for the protection of our legal claims. After this period expires, we securely delete or anonymize the data, unless we are legally required to keep it longer (e.g., under a specific legal regulation).
Analytical traffic data obtained from cookies (Google Analytics) are retained in accordance with the Google Analytics settings, typically for 14 months to 26 months in anonymized form. These statistics do not contain your identification data and serve for long-term trend analysis. We may retain aggregated reports for a longer period; however, such reports do not contain any personal data of individuals.
After the above periods expire, or if the purpose of processing ceases, we delete your personal data or irreversibly anonymize it. We may retain data for a longer period if necessary to fulfill our legal obligations or to establish/defend our legal claims—in such cases, the data will be stored only for that purpose and for the necessary time in accordance with applicable regulations.
Your personal data are accessed primarily by the Controller and its authorized internal staff who process the data as part of their job duties. All such persons are bound by confidentiality and have been instructed on proper handling of personal data.
In addition, your personal data may be provided or made accessible to external processors (service providers) to the necessary extent, with whom we have concluded data processing agreements in accordance with Article 28 of the GDPR. These include in particular the following categories of recipients:
Web hosting provider: Our website is hosted on the servers of an external hosting provider. This provider ensures the technical operation of the site and stores data on the server. It has access to data stored on the server only for the purpose of resolving technical issues and maintenance, and is bound by confidentiality.
Google Analytics provider: As the website operator, we use traffic analysis provided by Google. Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) provides Google Analytics for us. As part of this service, anonymized data about your visit (including shortened IP address and cookie identifiers) may be processed on Google’s servers. Google acts as a processor, processing data solely for the purposes we define. We have appropriate data processing terms in place with Google.
Cookiebot provider: Cookie consent management is provided by Cookiebot (operated by Cybot A/S, Denmark). Cookiebot stores your cookie preferences and records consent withdrawal/grant in accordance with the GDPR. In doing so, it may process data about your browser (e.g., shortened IP address to geo-target the correct language and banner content). The Cookiebot provider handles this data as a processor, following our instructions.
We do not provide your personal data to any other third parties for their own marketing or business purposes. The Controller does not sell personal data and does not otherwise commercially use it beyond the purposes stated above. Exceptions are situations where there is a legal obligation to provide data to public authorities (e.g., courts, police, tax office) under applicable law—in such cases, we provide the data to the necessary extent to fulfill our legal duty.
The Controller does not transfer and does not intend to transfer your personal data to countries outside the European Union or the European Economic Area. Personal data processing takes place primarily within the territory of the Slovak Republic and other EU member states. All our principal service providers are based within the EU (e.g., web hosting in the SR/EU, Cookiebot in Denmark, Google Analytics used via Google’s European subsidiary in Ireland). Therefore, there is typically no situation in which we would need to send your data to third countries.
(Should any processing or storage of certain data outside the EU/EEA occur in the future—for example, due to using global providers—the Controller will ensure the adoption of adequate safeguards to protect your data in accordance with Chapter V of the GDPR, such as the EU Standard Contractual Clauses, to guarantee an appropriate level of personal data protection.)
We devote maximum attention to protecting your personal data and have implemented technical and organizational measures to ensure their security. We use modern security technologies and procedures to prevent unauthorized access to or misuse of the data. The website is operated on a secure server and the communication between your device and our website is encrypted via HTTPS (SSL certificate), ensuring secure transmission of data you enter in the contact form. The Controller’s internal systems are protected by a firewall and antivirus programs and are regularly updated. Access to personal data is granted only to authorized persons bound by confidentiality.
In the event of any security incident that would pose a risk to your rights (e.g., leakage or theft of personal data), we will promptly take the necessary corrective measures. If a serious incident occurs that meets the notification conditions under the GDPR, we will notify the Slovak Office for Personal Data Protection within 72 hours of discovering the incident and, in the case of a high risk to you as the data subject, we will also inform you directly about the measures taken.
In connection with the processing of your personal data, you as the data subject have numerous rights guaranteed by legislation. You can exercise your rights by contacting the Controller (see contact details above). These rights include:
Right of access: You have the right to obtain confirmation from us as to whether we process personal data about you, and if so, the right to obtain a copy of such data, as well as information about the purposes of processing, categories of data, recipients, retention period, and your other rights.
Right to rectification: If you find that we process personal data about you that is outdated, incomplete, or inaccurate, you have the right to request its rectification or completion. Upon receiving your request, we will correct or update inaccurate data without undue delay.
Right to erasure (“right to be forgotten”): Under certain circumstances, you have the right to request that we erase your personal data. You may exercise this right, for example, if the data are no longer necessary for the purposes for which they were collected, or if you withdraw your consent and no other legal basis for processing exists. Note that this right is not absolute—we cannot erase data that we must retain under a legal obligation (e.g., accounting documents) or if they are necessary to establish or defend our legal claims. In any case, we will stop using your data for other purposes if you request their erasure.
Right to restriction of processing: In certain situations, you have the right to request that we temporarily restrict the processing of your data (e.g., if you contest its accuracy or if processing is unlawful and you request restriction rather than erasure). During the restriction period, we will only store the affected data and will not actively process it (except where necessary, e.g., for legal claims).
Right to data portability: Where we process your personal data based on consent or contract and by automated means, you have the right to receive such data in a structured, commonly used, machine-readable format (e.g., XML or CSV) and the right to transmit those data directly to another controller, where technically feasible.
Right to object: If we process your personal data on the basis of our legitimate interest, you have the right to object to such processing at any time. In that case, we will assess whether our legitimate grounds override your interests and rights. If the objection concerns processing for direct marketing purposes (which we do not conduct), we would stop using the data for marketing immediately.
Right to withdraw consent: If the processing of certain personal data is based on your consent (e.g., analytical cookies or data provided via the form where you have given consent), you have the right to withdraw this consent at any time. Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal. You can withdraw consent in the same way as you granted it—for example, by changing cookie settings via our banner or by sending a request to our contact. After withdrawal, we will stop using the affected data for the given purpose.
Right to lodge a complaint with a supervisory authority: You have the right to contact the supervisory authority for personal data protection at any time with your suggestion or complaint. In Slovakia, this is the Office for Personal Data Protection of the Slovak Republic, Hraničná 12, 820 07 Bratislava 27, website: dataprotection.gov.sk. For example, you may lodge a complaint if you believe that our processing of your personal data is contrary to the GDPR or the Personal Data Protection Act. However, we would appreciate it if you discuss any concerns with us first—your privacy matters to us and we will strive to remedy any issues.
Exercising your rights is free of charge. We will respond to your request without undue delay, and no later than 30 days from its receipt, unless the law allows this period to be extended (in which case we will inform you). You can submit requests to exercise your rights in writing to our postal address or by email (or via the contact form), following the instructions in the Controller’s contact information.
We may amend or update these privacy terms in the future to reflect changes in our processing activities or legal requirements. The current version will always be published on this website and, in the case of material changes, we will notify you in an appropriate manner.
These terms are effective from 26 September 2025.
