This privacy policy contains information about the processing of personal data of data subjects by Amicalis s.r.o. with its registered office at Chotárna 4 851 10 Bratislava, Company ID: 46476857, registered in the Commercial Register of the Municipal Court Bratislava III, entry no. 78142/B (hereinafter referred to as the “Controller”), on the website amicalis.biz or on the company’s profile on social networks (hereinafter referred to as the “Website”). We process all personal data in accordance with Regulation (EU) No. 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive No. 95/46/EC (General Data Protection Regulation, hereinafter referred to as the “GDPR Regulation”) and in accordance with Act No. 18/2018 Coll. on the Protection of Personal Data and on Amendments to Certain Acts (hereinafter referred to as the „Act“) and other relevant regulations on the protection of personal data.
The aim of these principles is to provide you with answers to the questions for whom your personal data is processed, how it is processed and what your rights and obligations are in relation to the processing of personal data. These Principles also provide you with other relevant information about the processing of your personal data and thus represent the fulfillment of the Operator’s information obligation under Art. 13, as well as Art. 14 of the GDPR Regulation regarding the processing of personal data on the website. The conditions for the processing of personal data that occurs outside the website are regulated in the Operator’s general principles for the protection of personal data and in other internal regulations of the Operator on the protection of personal data.
Your personal data is processed by Amicalis s.r.o. with its registered office at Chotárna 4 851 10 Bratislava, Company ID: 46476857, registered in the Commercial Register of the Municipal Court Bratislava III, entry no. 78142/B.
Name: Martin Juráš
E-mail: juras@amicalis.biz
We process your personal data exclusively for a specified purpose, in a specified manner and by specified means, and only for the period necessary for the purpose of processing. We process your personal data in such a way as to prevent unauthorized access to your personal data, unauthorized transfer, loss, destruction, or other unauthorized processing. When processing your personal data, we comply with technical and organizational measures in order to guarantee the highest level of security with respect to all possible risks. All persons authorized to process your personal data are bound by confidentiality regarding information obtained in connection with the processing of this personal data.
The Operator always processes your personal data in accordance with the principle of minimization in order to meet any contractual and legal requirements, to process personal data in the processing of which it has a legitimate interest or to process your personal data in the event that you grant it consent to their processing, always only to the extent that the specified purpose of the processing is fulfilled. This means that the Operator does not require personal data from you that are not necessary for a specific purpose of the processing.
The Operator processes personal data about you within the scope of common personal data in the following scope: name, surname, mobile phone number, e-mail, contact address, online identifiers (IP address, activity on the website) and other personal data that you provide to it.
We process your personal data in accordance with Art. 6 para. 1 letter b) of the GDPR, i.e. the processing of your personal data is necessary for the performance of a contract or to take steps prior to entering into a contract at the request of the data subject.
We proceed in accordance with the above-mentioned legal basis in the case of receiving and processing orders for the services provided, in the event that you order the services we provide via a message sent via the contact form on our website, a message on a social network, a contact e-mail address or by telephone. The retention period of this personal data is until the full settlement of legal and other claims arising from the contractual relationship, at least 3 years from the date of termination of the contractual relationship.
We process your personal data in accordance with Art. 6 para. 1 letter a) of the GDPR, i.e. the processing of your personal data is based on your consent.
We proceed in accordance with the above-mentioned legal basis if you contact us with your request via a message sent via the contact form located on our website or via a message on a social network. The retention period of this personal data is 3 months from the date of receipt of the request or until it is processed, whichever is earlier.
We also need your consent to measure the traffic to our website and to target advertising using analytical and marketing cookies. The retention period of this personal data is until the data subject withdraws their consent, but for a maximum of 2 years.
We also process your personal data in accordance with Art. 6 (1) (c) of the GDPR, i.e. the processing of your personal data is necessary to comply with legal obligations.
We proceed in accordance with the above-mentioned legal basis if you send us a request or exercise any of the rights of the data subject. The retention period of this personal data is until the request is processed.
In certain cases, the Operator is obliged to provide your personal data to public authorities or other recipients who are authorized to process your personal data. These recipients include courts or law enforcement agencies.
Other recipients of your personal data include social media companies if you contact the Operator via a message on a social network (Facebook Inc) and Google, LLC, which is the provider of the Google Analytics service, which is used to measure traffic to the Operator’s website.
In order to ensure proper operation, the Operator has concluded cooperation agreements with Intermediaries. The Intermediaries who come into contact with your personal data have been selected by the Operator so that your personal data is safe and that these Intermediaries meet the conditions for the protection of personal data required by the GDPR Regulation and the Law. We have concluded agreements with Intermediaries on the processing of personal data, including confidentiality.
Intermediaries are business companies and natural persons – entrepreneurs with whom the Operator cooperates and who supply it with services (web hosting services, accounting processing), a company providing online accounting and invoicing software, a company providing online cloud storage services.
When processing your personal data by the Operator, in some cases your personal data will be transferred to third countries:
if you consent to the storage of analytical cookies, your personal data will be transferred to the USA, to Google LLC, which is the provider of the Google Analytics service, which the Operator uses to measure traffic and activity on the Operator’s website,
if you contact the Operator via a message on a social network, your personal data will be transferred to the USA, to Facebook Inc., which is the operator of the Facebook social network.
In all of the above cases, the transfer of your personal data is ensured through standard contractual clauses, which are part of the agreements on the authorization of the processing of personal data concluded with the entities specified above, in accordance with the terms of use of the above-mentioned services.
The security of your personal data is of paramount importance to us. In order to ensure the protection of your personal data, we have taken the necessary technical and organizational measures. As technology improves, we also improve these security systems, we use virus checks, antivirus programs and firewalls.
If our systems were to be attacked by a hacker, or our system were to be attacked in some other way, or if another security incident occurred and there was even the slightest threat of data leakage and damage to your rights, you will be informed within 72 hours of the measures taken and we will also inform the supervisory authority for personal data protection in the Slovak Republic, which is the Personal Data Protection Office, within the same period.
As a Data Subject whose personal data is processed by the Operator, you have the right to be informed of all of the above-mentioned facts, as well as the fact that you have the following rights:
a) the right to request access to the personal data processed by the Operator about you
If you want to know which personal data the Operator processes about you, we will be happy to provide you with it upon request. Simply send us your request by email: juras@amicalis.biz and we will process it without delay, but no later than 30 days from the receipt of your request.
b) the right to correct your personal data
If the data you have provided to us is out of date, has changed, is incorrect or incomplete, please let us know at our email address juras@amicalis.biz and we will correct it for you without delay. At the same time, we will also inform all our Intermediaries who process your personal data about this change so that they can also correct your personal data, and we will also provide you with feedback that this correction of your personal data has taken place.
c) the right to delete your personal data
If you are not satisfied with how we process your personal data, you also have the right to delete your personal data. You also have the right to be forgotten – the right to delete the personal data provided after the purpose of their provision has been achieved, i.e. after the provision of the performance of the contract, or after the end of the period of their mandatory storage within the meaning of special regulations of the Slovak Republic. The right to delete your personal data is therefore not absolute. If we need your data to fulfill our legal obligations, we will have to continue to process them for this purpose of fulfilling our legal obligations. We do not further process and store personal data that have fulfilled their purpose. We will inform you about the deletion of your personal data.
d) the right to restrict the processing of your personal data
As a data subject, you have the right to request restriction of the processing of your personal data, if you contest the accuracy of the personal data, during the period of verification of the accuracy of the data; or if the processing of personal data is unlawful and instead of erasure of the data you request restriction of its processing; and also if the Controller does not need your personal data for the purpose stated, but you need them to prove or defend your legal claims. When restricting the processing of personal data, your data will remain in our systems, but we will no longer use them for our purposes. We will inform you that we have restricted the processing of your personal data.
e) the right to object to the processing of your personal data
As a data subject, you have the right to object to the processing of your personal data for reasons relating to your specific situation carried out pursuant to Section 13(1)(e) or (f), including profiling based on these provisions. In the event that your data is processed on the basis of a legitimate interest, the Controller is obliged to demonstrate that its legitimate interests in processing personal data override the rights or interests of the data subject, or the grounds for exercising a legal claim, otherwise it may not further process these personal data.
f) right to portability of your personal data
At the same time, you have the right to request the transfer of your personal data to another Controller, whose data you will notify us of in writing. Technically possible, it is possible for us to implement such a transfer in the case of the transfer of an e-mail address, other data, given the difference in the purpose of their processing compared to the processing of an e-mail address (see above), we will provide you with depending on the circumstances of the case. The Controller is entitled to refuse the data subject’s request for data transfer if the requested transfer could have adverse consequences for the rights and freedoms of others and the legal conditions for the exercise of the right to transfer within the meaning of the GDPR Regulation are not met.
If you are not satisfied with how we process your personal data, you can inform us by email at juras@amicalis.biz. You also have the option of filing a complaint or a motion to initiate proceedings with the Office for Personal Data Protection if you believe that we are processing your personal data unlawfully. You can find a sample motion on the website of the Office for Personal Data Protection. The contact details of the Office for Personal Data Protection of the Slovak Republic are as follows: address Hraničná 12, 820 07 Bratislava 27; website: dataprotection.gov.sk, tel. number: 02 3231 3214; e-mail: statny.dozor@pdp.gov.sk.
The operator does not use profiling when processing your personal data and does not process personal data in any form of automated individual decision-making that would involve evaluating your personal aspects.
When providing services to the Operator’s clients (hereinafter referred to as „clients“), the Operator may process personal data of data subjects on behalf of its clients. When processing personal data of data subjects on behalf of clients, the Operator acts as a processor of personal data pursuant to Article 4, point 8. of the GDPR, while the controller who determines the purposes and means of processing personal data when processing personal data by the Operator in the capacity of a processor is always the client.
The Operator concludes a contract with its clients on the authorization of processing personal data, which sets out the conditions for the processing of personal data of data subjects by the Operator as a processor on behalf of its clients, and the obligations relating to ensuring an adequate level of protection of the processed personal data.
The purposes, legal bases, scope and circle of recipients of personal data processed by the Operator as an intermediary on behalf of clients are determined by the clients, while the Operator, in cases where it processes the personal data of the data subjects on behalf of its clients, proceeds exclusively according to the instructions of its clients and relevant legal regulations, fulfills the obligations of the intermediary under the provisions of the GDPR Regulation and the Act and does not perform any other processing operations with personal data except those that result from the concluded agreement on the authorization to process personal data and the purposes of processing specified by the clients.
This updated Privacy Policy is valid and effective from June 16, 2021. Given that the information on the processing of personal data contained in this Privacy Policy may need to be updated in the future, the Operator is entitled to change and update this Privacy Policy at any time. In such a case, the Operator will inform you accordingly.
We connect medical device producers all over the world with trusted distributors in 7 EU countries – and help them discover promising new businesses.
© 2026 Amicalis | All Rights Reserved
