Summary: OneCompliant s.r.o. collects minimal personal data, uses it only to respond to enquiries and provide services, never sells it, and handles it in accordance with GDPR and applicable Slovak and EU data protection law.
1. Data Controller
The data controller responsible for personal data collected through this website is:
2. What Personal Data We Collect
We collect personal data only when you actively provide it to us. This may include:
- Name and email address — when you contact us or subscribe to our newsletter
- Professional details — when you request a briefing or assessment
- Communication content — messages sent through contact forms or email
- Usage data — pages visited, time spent, browser type, via analytics cookies (where consented)
We do not collect sensitive personal data (health, financial, political, or biometric data) through this website.
3. Legal Basis for Processing
We process personal data on the following legal bases under GDPR Article 6:
- Legitimate interests — to respond to business enquiries and provide requested information
- Consent — for newsletter subscriptions and non-essential cookies
- Contract performance — where data is necessary to deliver agreed services
- Legal obligation — where processing is required by applicable law
4. How We Use Your Data
Personal data collected through this website is used to:
- Respond to enquiries and service requests
- Send newsletters and article notifications (where subscribed)
- Deliver agreed professional services
- Improve website performance and user experience
- Comply with legal and regulatory obligations
We do not sell, rent, or trade personal data to third parties for marketing purposes.
5. Data Sharing
We may share personal data with:
- Service providers — email delivery, website hosting, and analytics platforms used to operate this website, under appropriate data processing agreements
- Legal authorities — where required by applicable law, court order, or regulatory obligation
Any third-party processors are required to handle personal data in accordance with GDPR and applicable data protection standards.
6. Data Retention
We retain personal data only for as long as necessary for the purposes for which it was collected, or as required by applicable law. Contact enquiry data is typically retained for up to 3 years. Newsletter subscriber data is retained until unsubscription. Website usage data collected via analytics is retained in accordance with the relevant platform's retention settings.
7. International Data Transfers
Where personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place in accordance with GDPR Chapter V, including Standard Contractual Clauses or adequacy decisions where applicable.
8. Your Rights Under GDPR
As a data subject under GDPR, you have the following rights:
To exercise any of these rights, contact us at kevin@onecompliant.net. We will respond within 30 days in accordance with GDPR Article 12.
9. Cookies
This website uses cookies as described in our Cookie Settings page. You can manage your cookie preferences at any time through your browser settings or the cookie consent banner.
10. Website Security
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, disclosure, alteration, or destruction. However, no method of transmission over the internet is completely secure and we cannot guarantee absolute security.
11. Changes to This Policy
We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. Updated versions will be posted on this page with a revised effective date. We encourage you to review this policy periodically.
12. Contact
For any privacy-related questions, requests, or concerns:
OneCompliant s.r.o.
Bratislava, Slovak Republic
Supervisory Authority: Office for Personal Data Protection of the Slovak Republic (UOOU SR) — dataprotection.gov.sk