Privacy Policy for Data Subjects Who Have Filled Out a Contact Form (and Who May Have Given Consent for Marketing Purposes)

This Privacy Policy applies to your consent to the processing of personal data that you have provided to FUERGY Industries j.s.a., with its registered office at Pribinova 34, 811 09 Bratislava – Staré Mesto, Slovak Republic, Company ID (IČO): 52083799, registered in the Business Register of the City Court Bratislava III, Section Sja, Insert No.: 65/B (hereinafter referred to as “FUERGY,” “we” in the appropriate grammatical form and number), for the purposes of FUERGY being able to contact you and send you marketing communications, in particular, but not exclusively, in the form of informational, educational, and promotional marketing materials, newsletters, and e-mails from FUERGY.

By completing the contact form on the website www.infimeo.com, operated by FUERGY, through which you provided us with your personal data, and by checking the box with the text: “I agree to receive marketing communications, in particular, but not exclusively, in the form of informational, educational, and promotional marketing materials, newsletters, and e-mails from FUERGY Industries j.s.a., Pribinova 34, 811 09 Bratislava – Staré Mesto, IČO: 52 083 799, registered in the Business Register of the City Court Bratislava III, Section Sja, Insert No. 65/B, e-mail: info@infimeo.com either personally, by post, by phone (including SMS and MMS), or electronically (e.g., by e-mail),” and/or the box “I agree to the processing of my personal data by FUERGY Industries j.s.a., Pribinova 34, 811 09 Bratislava, IČO: 52 083 799,” through which you granted consent to the processing of personal data, you confirm that you have read, understood, and agreed to these policies and undertake to comply with them. If you have not given consent to receive FUERGY marketing communications, this Privacy Policy applies to you accordingly, for the purpose of FUERGY being able to contact you as necessary to process your request or interest in Infimeo products and services.

These policies apply to both natural persons and legal entities – companies and others. This Privacy Policy takes into account Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (General Data Protection Regulation, “GDPR”), as well as Slovak Act No. 18/2018 Coll. on the Protection of Personal Data and on Amendments to Certain Acts, as amended (hereinafter the “Act”). If this Privacy Policy does not regulate certain rights and obligations or regulates them differently from the provisions of the GDPR and/or the Act, the relevant provisions of the GDPR and/or the Act shall apply regardless of whether they are included in this Policy.

Please note that granting consent to the processing of your personal data as described in this Policy is a necessary condition for us to communicate with you (i.e., to send you marketing materials, e-mails, newsletters, and other communications).

This Policy applies to the sending of marketing communications. If you do not agree with this Policy (or cannot comply with it), we will not be able to send you marketing communications. If we make any changes to this Policy, we will notify you by updating the “Last Updated” date and posting a notice on the website.

The protection of personal data of natural persons (hereinafter referred to as “data subjects”) is our highest priority. It is very important that you understand how and why we collect, use, and share data about data subjects to whom we send marketing communications or with whom we engage in other interactions. We have implemented reasonable technical and operational measures to protect the personal data we hold against unauthorized access and misuse. Our security practices are regularly reviewed and adapted to technological advancements.

Information About Individuals That We Collect

Based on the checked box granting consent for receiving Infimeo marketing communications on www.infimeo.com and the corresponding consent for processing your personal data, we collect the following information: full name, phone number, whether it is a household or company, e-mail addresses of data subjects, and any additional information you provide to enable us to communicate with you about products, services, offers, promotions, events, and other news and information that we believe may be of interest to you; specifically, to send marketing communications, in particular, but not exclusively, informational, educational, and promotional marketing materials, newsletters, and e-mails from FUERGY.

Through the “Contact” form and/or other forms available on www.infimeo.com, we collect personal data, including first name, last name, e-mail address, and telephone number of the data subjects, as well as any additional information provided in the “Contact” form and/or other forms published on the website, in order to send marketing communications to such data subjects, including, but not limited to, informational, educational, and promotional marketing materials, newsletters, and e-mails from FUERGY.

You may also choose to provide us with additional information, e.g., in connection with promotional events and related services, your requests and notifications, customer support, or other communication with us.

We will process the information we collect about you for the period necessary for the purposes for which it is processed. The consent you provide for processing your personal data is valid from the date it is given for a period of up to 10 years, unless you withdraw it earlier, in accordance with this Privacy Policy and legal authorizations. We do not intend to process special categories of data such as personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, nor process genetic data, biometric data for uniquely identifying a person, health-related data, or data concerning sexual life or sexual orientation of a natural person, unless the individual has explicitly consented to the processing of such data.

We take reasonable measures to help protect information about data subjects against loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction.

How We Process Your Personal Data

We process your personal data for various purposes depending on how we communicate with you, including the following:

• Providing and facilitating services to users: We may process your data to provide the requested service.

• Responding to user questions/support: We may process your data to respond to questions and resolve any issues related to the requested service.

• Sending administrative information: We may process your data to send details about our products and services, changes to our terms and policies, and other similar information.

• Requesting feedback: We may process your data to request feedback and contact you regarding your use of our website.

• Sending marketing and promotional communications: We may process personal data for marketing purposes in accordance with your preferences. You can unsubscribe from our marketing emails at any time.

• Protecting our website: We may process data to enhance website security, including monitoring and fraud prevention.

• Identifying usage trends: We may process data to understand how users interact with our website and improve it.

• Protecting vital interests: We may process data to protect vital interests of natural persons, e.g., to prevent harm.

• Fulfillment of our archival and statistical obligations under the applicable generally binding legal regulations. We may process your data if it is necessary to fulfill obligations that are binding on our company and that are established by the relevant laws regarding corporate and related archiving and the preparation of statistical data.

Legal Basis for Processing Your Information

The GDPR Regulation and the applicable law require us to explain the legal bases on which we rely when processing your personal data. Accordingly, the processing of your personal data may be based on the following legal grounds:

• Consent: We may process your data if you have given permission for a specific purpose. You can withdraw consent at any time.

• Legitimate Interests. We may process your data if we consider it necessary for the purposes of our legitimate business interests, provided that such interests do not override your interests, fundamental rights, and freedoms. Your personal data may be processed for any of the purposes described below, including, for example:
  a) sending users information about special offers and discounts on our products and services;
  b) analyzing how our websites are used in order to improve them and enhance user engagement and retention;
  c) diagnosing issues and/or preventing fraudulent activities;
  d) understanding how our users interact with our products and services in order to improve their user experience.

• Compliance with Legal Obligations. We may process your information if we believe it is necessary to fulfill our legal obligations, for example, to cooperate with law enforcement or regulatory authorities, to assert or defend our legal rights, or to disclose your data as evidence in legal proceedings in which we are a party.

• Vital Interests. We may process your information if we believe it is necessary to protect your vital interests or the vital interests of another person, for example, in situations involving a potential threat to the safety of any individual.

How We Share Information

We do not share or otherwise disclose your personal data to third parties unless one of the following circumstances applies:

a) We may share information in response to a request for information if we believe that disclosure is in accordance with applicable law, regulations, legal processes, or requirements of public authorities (while we will attempt to inform you in advance to the extent legally permissible).

b) We may share information between us and our current and future parent companies, affiliates, subsidiaries, and other companies under common control or ownership.

c) We may share information with your consent or at your direction.

d) We may share aggregated or anonymized information that cannot reasonably be used to identify you.

Recipients of your personal data may include: entities to which Fuergy is legally required to provide your personal data, entities collaborating with Fuergy for administrative and technical support, entities collaborating with Fuergy for the support, management, and development of our information systems, entities collaborating with Fuergy for external audits, Microsoft Office 365 providers including Outlook, and professional consultants and advisors bound by legal and/or contractual confidentiality obligations.

Personal data may also be processed for other purposes, such as exercising data subject rights under GDPR, in litigation or non-litigation proceedings, when requested by public authorities, in cases of suspected or actual data protection violations and their investigation, for senders and recipients of correspondence, and other persons mentioned in the correspondence.

Transfer to Other Countries

Your personal data is transferred, processed, and stored on servers located in the Slovak Republic. We may engage third parties located in countries other than your home country to process your data or share it with them. By accessing our website (if applicable), you acknowledge that your personal data may be processed, transferred, and stored in countries where you may not have the same rights as under local laws.

Your personal data will not be transferred to countries that do not ensure an adequate level of protection (“third countries”).

A transfer may occur in the case of Microsoft (the provider of Office 365 cloud services), with which the controller has concluded a Data Processing Addendum: https://www.microsoft.com/licensing/docs/view/Microsoft-Products-and-Services-Data-Protection-AddendumDPA?lang=29. Microsoft primarily processes all personal data within the EEA, but some of its subcontractors are located in a third country, such as the USA (https://www.dataprivacyframework.gov/). Microsoft uses standard contractual clauses or European Commission adequacy decisions as transfer mechanisms. For more information on Microsoft’s personal data protection, see https://learn.microsoft.com/en-us/compliance/regulatory/gdpr

How We Keep Your Data Secure

We have implemented appropriate and reasonable technical and organizational measures to protect the security of all personal data we process. Despite these measures, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure. Therefore, we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not bypass our security measures and unlawfully collect, access, steal, or modify your data. Although we do our best to protect your personal data, the transmission of personal data to and from our services is at your own risk. Access to the website should be done only in a secure environment.

Data Subject Rights

As a data subject, you have the right to request access to your personal data and to correct or erase it, restrict its processing, object to processing, and the right to data portability (where technically feasible). You also have the right to lodge a complaint with the competent supervisory authority, the Office for Personal Data Protection of the Slovak Republic: https://dataprotection.gov.sk/sk.

Right to Rectification: You have the right to obtain the correction of inaccurate personal data concerning you without undue delay.

Right to Erasure: You have the right to have your personal data erased without undue delay if:

1. The data is no longer necessary for the purposes it was collected or processed;

2. You withdraw consent on which processing is based, and no other legal basis exists;

3. You object to processing and there are no overriding legal grounds;

4. The personal data was unlawfully processed;

5. Erasure is necessary to comply with a legal obligation;

6. Data was collected in connection with the offer of information services.

The exercise of the right to erasure is subject to applicable legal limitations.

The data subject has the right to restrict processing if:

1. the data subject contests the accuracy of the personal data, for the period necessary for us to verify the accuracy of the data;

2. the processing is unlawful and the data subject opposes the erasure of the personal data and instead requests the restriction of their use;

3. the personal data are no longer necessary for the purposes of processing, but the data subject requires them for the establishment, exercise, or defense of legal claims;

4. the data subject has objected to the processing, pending verification of whether our legitimate grounds override the legitimate grounds of the data subject.

The data subject has the right to obtain the personal data concerning them that they have provided to us and the right to transmit such data to another controller, where technically feasible, if the processing is based on consent or a contract and the processing is carried out by automated means.

The data subject has the right to object at any time, on grounds relating to their particular situation, to the processing of personal data concerning them that is based on the relevant provisions of the law, including profiling conducted on the basis of such provisions.

If personal data is processed for the purposes of direct marketing, the data subject has the right to object at any time to the processing of personal data concerning them for such marketing purposes, including profiling to the extent that it is related to such direct marketing.

Subject to the applicable legal limitations established by law, the data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them.

Withdrawal of Consent

If we process your personal data based on the consent you have provided, you have the right to withdraw it at any time. You may withdraw your consent at any time by contacting us using the contact details provided in these policies.

Please note, however, that this will not affect the lawfulness of processing carried out prior to the withdrawal, nor will it affect the processing of your personal data carried out on other legal grounds besides consent.

Furthermore, you have the right to submit a request to initiate proceedings regarding the protection of personal data with the Office for Personal Data Protection of the Slovak Republic under § 100 et seq. of the Act.

The address of the Office is: Office for Personal Data Protection, Nám. 1. mája 18, 811 06 Bratislava, 1. website: https://dataprotection.gov.sk/, e-mail: statny.dozor@pdp.gov.sk.

You may withdraw your consent by:

1. Sending a withdrawal request to legal@infimeo.com,

2. Sending a registered letter or courier to the operator’s registered office: FUERGY Industries j. s. a., Pribinova 34, 811 09 Bratislava,

3. In person at the operator’s registered office listed in Section 2.

All other rights and obligations of FUERGY regarding the processing of your personal data, even if not explicitly stated in these policies, are governed by law and the GDPR, which FUERGY strictly complies with.

ENQUIRIES AND CONTACT INFORMATION

Questions or comments regarding this Policy or the Website may be sent to legal@fuergy.com or in writing or in person to the registered office of FUERGY Industries j. s. a., Pribinova 34, 811 09 Bratislava – Staré Mesto.

Responses to the data subject or measures taken based on their request are provided free of charge. If the data subject’s request is manifestly unfounded or excessive, in particular because of its repetitive nature (repeated request), FUERGY has the right to charge a fee taking into account its administrative costs of providing the information or a reasonable fee taking into account its administrative costs of notification or of carrying out the requested action, or it has the right to refuse to act on such a request.

The data you provide to us is provided for the purpose of handling your request and interest in Infimeo products and services to the company Stredoslovenská energetika, a.s., Pri Rajčianke 8591/4B, 010 47 Žilina, Company ID: 51 865 467, registered in the Business Register of the District Court Žilina, Section Sa, Insert No. 10956/L (hereinafter referred to as “SSE”), and without providing your data to SSE it is not possible to further process your request, inquiry, or interest in Infimeo products and services. For this purpose, we inform you that the SSE Privacy Policy can be found at the following link: https://www.sse.sk/buxus/docs/dokumenty/gdpr/IP-nekomodita.pdf

These Privacy Policy terms are available on the website www.infimeo.com and in printed form at the Data Controller’s registered office at the above address.

Effective Version Date: May 6, 2025