Information on the protection of personal data under the GDPR
Cookies are small text files containing the name of the page being visited, their validity, and their default value. They are stored in the site visitor’s browser folder. When the website that created the file is visited again, the cookies may be resent by the browser. Cookies store information related to the use of the site visitor’s browser. This information has nothing to do with the identity of the site visitor. The cookies we use do not harm the site visitor’s computer or other devices used to browse the internet.
Cookies used on www.visitbratislava.com and its subsites
1) technical – necessary: types of cookies without which it would be impossible to use our services – the site visitor’s express consent is not required.
2) marketing – optional: these cookies make it possible, via a user ID (unique identifier), to analyse how site visitors use the website – the site visitor’s consent is required. This information is processed with a view to providing and improving content, personalising content, and ensuring the website’s optimal display and correct functioning. We also provide cookies to third parties.
The legal basis for the use of marketing cookies is the site visitor’s consent. The legal basis for the use of technically necessary cookies is the fact that processing is essential for contractual performance or is absolutely necessary in order for visitors to access the page they have selected.
Personal data is retained until consent is withdrawn.
Data subjects (website visitors whose personal data is processed) have rights under the GDPR, in particular:
1) the right to request the controller to give them access to their personal data (the right to obtain confirmation from the controller as to whether personal data relating to them is being processed, the right of access to such personal data, and the right to further information in accordance with the GDPR);
2) the right to the rectification of personal data (the correction of inaccurate data and the supplementation of incomplete data);
3) the right to erasure of personal data and the right to the restriction of personal data processing;
4) the right to object to the processing of personal data;
5) the right to personal data portability;
6) the right to withdraw consent to the processing of their personal data at any time;
7) the right to bring personal data protection proceedings before the Office for Personal Data Protection of the Slovak Republic.
The controller contractually requires the disclosure of personal data in order to send the controller’s Newsletter and engage in direct marketing with the data subject. If personal data is not provided, direct marketing cannot be carried out in relation to the data subject.
Recipients/categories of recipients: Bratislava Tourist Board processes the personal data collected by cookies via processors, i.e. service providers, mainly in the fields of social media and online marketing.
Transfer to third countries: With the exception of processing via Google Analytics, GTM, and FB Pixel, data about site visitors is not passed on to recipients outside the European Union or the European Economic Area. In order for the services specified above to be used, personal data needs to be transferred to servers in the USA. The standard of personal data protection in the US is comparable to that in the EU. On 12 July 2016, the European Commission decided, in accordance with Article 45 of the GDPR, that an adequate level of data protection exists in the US, subject to the terms and provisions of the EU-US Privacy Shield.