Privacy protection policy
Personal Data Processing and its Protection
The Ministry of Foreign and European Affairs of the Slovak Republic (MFA SR) processes and protects personal data of the data subjects on the basis of obligations arising from legislation and its specific tasks.
The Ministry of Foreign and European Affairs of the Slovak Republic respects and fulfils its obligations in relation to the protection of personal data, which are set out in the General Data Protection Regulation – GDPR (EU) 2016/679 and in the Personal Data Protection Act no. 18/2018 on personal data protection and amending and supplementing certain Acts.
What personal data does the MFA process?
The scope of the processing of personal data is defined in the relevant legislation or in the purpose of personal data processing. Its extent is part of the specific forms, which are being used for the processing of personal data.
What is the legal basis for personal data processing at the MFA?
MFA processes personal data on the following legal basis:
- Legal obligation: act that imposes an obligation to process personal data, or
- Consent: the consent of the data subject; or
- Contract: the performance of a contract to which the data subject is party
Personal data are processed to the extent and for the time necessary for fulfilling the given purpose. Personal data is stored for the time necessary to achieve the purpose, which is determined by legal requirements, the duration of the consent or until its withdrawal, or for the time necessary to fulfil the contract. If personal data are processed in the framework of a registry record, their deletion shall be governed by the registry rules. If the personal data are not part of the registry record, the MFA deletes it immediately after fulfilling the purpose for which it was provided. The MFA may also store personal data for a longer period of time, eg. for scientific and historical purposes. MFA may provide processed personal data to law enforcement authorities or other state authorities.
What are the rights of the data subjects?
In case, that MFA processes your personal data, you have special rights, such as the right to access your data (including the purpose of the processing and its scope), the right to rectify it (if it is inaccurate or incomplete). You also have the right, under certain circumstances, to block or object to processing. At the same time, if the personal data were provided by the MFA to a third party, you have the right to be informed of any changes. The MFA does not process personal data by an automated process that would be performed exclusively by machines. You have the right to retrieve your personal data in a standardized format in case you want to transfer it to another controller and you have the right to file a complaint if you believe that your privacy rights have been violated. If personal data has been provided by consent, you have the right to withdraw that consent.
How to exercise your rights?
If the MFA processes your personal data and you would like to exercise some of the rights under the GDPR or the Data Protection Act, you can submit a written request addressed to the Data Protection Officer DPO via e-mail firstname.lastname@example.org or you can send it by standard post to the Ministry of Foreign and European Affairs of the Slovak Republic, Hlboká cesta 2, 833 36, Bratislava.
The MFA cannot accept the request made by phone call because of the complex process of identifying the data subject.
When exercising one or more rights, your request should include a detailed and accurate description of the data to which the request relates. Should the MFA have any doubts about the identity of the applicant, the applicant may be asked to resubmit a copy of a document that will help to verify the identity of the data subject.
Who do we provide your personal information to?
We provide your personal data to the third parties solely on a legal basis resulting from the relevant legislation, contractual relationship, or consent to the processing of personal data.
What are the requirements for transferring personal data to a third country (outside the EU)?
Transferring of personal data from MFA to the Slovak Embassy abroad is not considered as a transfer to a third country. Likewise, a transfer within the institutions and bodies of the Member States of the European Union is not considered as a transfer to a third country. Such transmission is neither restricted nor prohibited. The MFA may transfer personal data to another international organization and countries outside the EU only when certain conditions of GDPR are met.
Your personal data and website of the MFA
The MFA website is one of its most important communication tools. It is being used mostly to inform the public about the MFA’s activities.
Some of the services offered on the website require the processing of your personal data, which are processed for the purpose of the user authentication, accessing the website and finding language preferences. The MFA never shares your personal information for the marketing purposes.
The MFA uses social networks to present its activities. The ideas, opinions and information of the MFA expressed through social networks are purely informative and are not legally binding.
Last Update Date: 12.9.2019 Create Date: 10.2.2015