Privacy Policy
for Business Partners
(GDPR)
Date of last update: 25.05.2026
This Privacy Policy explains how medinklud s. r. o. hereinafter referred to as the “Company,” “we,” or “our,” collects, uses, transfers, and protects the personal data of representatives of our corporate clients, partners, contractors, and potential partners hereinafter referred to as “Business Partners,” who use this web resource hereinafter referred to as the “Platform.”
We process personal data in strict compliance with the General Data Protection Regulation GDPR (EU) 2016/679, as well as the applicable legislation of the Slovak Republic in the field of personal data protection.
1. Who is the data controller?
1. Who is the data controller?
The controller of the personal data collected on this Platform is:
medinklud s. r. o.
Address: Vajnorská 100/A 831 04 Bratislava - mestská časť Nové Mesto
IČO (Company ID): 53097947
Registration: Commercial Register of the District Court Bratislava III, Section: Sro, Insert No.: 158493/B
Person responsible for processing: Oleh Verhulenko — Director
Contact email: gdpr-b2b@medinklud.eu
2. Whose data do we process and what information do we collect?
2. Whose data do we process and what information do we collect?
This Platform is intended for interaction in the B2B, Business-to-Business, sector. We process the data of natural persons acting on behalf of our current or potential Business Partners, including employees, authorized managers, contact persons, and sole traders.
We collect data that you voluntarily provide to us through interactive forms on the Platform, including when submitting cooperation requests, requesting contract templates for download, submitting vacancies for publication on our resources, and similar actions.
Professional contact details:
Full name, corporate email address, work phone number, position, and the name of the organization you represent.
Vacancy publication data:
Information about vacancies of the partner company, including the contact details of the responsible HR manager or representative.
Technical data collected automatically:
IP address, browser type, operating system, date and time of visit, as well as the history of interaction with Platform elements, exclusively to ensure the security of the resource and analyze its performance.
3. Purposes and legal bases for data processing
3. Purposes and legal bases for data processing
In accordance with the GDPR, the processing of personal data of representatives of Business Partners is carried out on the following legal bases:
Pre-contractual measures and performance of a contract (Art. 6 (1)(b) GDPR):
Processing is necessary to take steps at your request prior to entering into a contract, for example, when you submit a cooperation request or download a sample contract for review, as well as for the subsequent performance of agreements with sole traders.
Legitimate interest of the Company (Art. 6 (1)(f) GDPR):
If you act as an employee or representative of a legal entity, we process your work contact details on the basis of our legitimate business interest. This is necessary for conducting negotiations, evaluating cooperation requests, publishing vacancies provided by you on our resources, and promptly notifying our team of new requests.
B2B marketing (Art. 6 (1)(f) GDPR):
We may use your work email address to send information about medinklud s. r. o. products, updates, team news, and analytical materials. Our legitimate interest lies in developing our partner network. You have the unconditional right to opt out of these mailings at any time by clicking the “Unsubscribe” link in the email.
Compliance with legal obligations (Art. 6 (1)(c) GDPR):
If transactions are concluded, data may be processed to comply with EU tax and accounting legislation requirements.
4. To whom is your data transferred and where is it stored?
4. To whom is your data transferred and where is it stored?
We do not sell or transfer personal data to third parties for commercial purposes. To ensure business processes, automate tasks, and process your requests efficiently, data may be transferred to the following categories of service providers, processors:
Data organization and CRM tools:
Data from web forms is collected in cloud storage systems and spreadsheets.
Project and task management systems:
Cooperation requests and vacancy processing tasks may be imported into the Trello project management system, Atlassian, for use by our employees.
Internal operational notification channels:
To respond quickly to your requests, notifications are forwarded to our team’s internal closed work channel in the Telegram messenger. Access to this channel is strictly limited to authorized employees of the Company.
Email marketing platforms:
For sending business correspondence and B2B newsletters, your work contact details are imported into the SendPulse service.
5. Cross-border data transfer, transfer outside the EU
5. Cross-border data transfer, transfer outside the EU
The European Commission adequacy decision, the EU-U.S. Data Privacy Framework, in which the specified international services participate.
Or the Standard Contractual Clauses, SCC, approved by the European Commission and integrated into our agreements with these providers.
6. Data retention periods
6. Data retention periods
We store the data of representatives of Business Partners for the period necessary to achieve the purposes for which it was collected.
Cooperation requests and contract requests:
Stored for the duration of business negotiations. If negotiations do not lead to the conclusion of a contract, the data is deleted or archived, unless there are other legal grounds, as soon as it becomes clear that cooperation will not take place.
Vacancy data:
Stored for the period during which the vacancy publication remains relevant on our resources and deleted at the partner’s request or after the position is closed.
Marketing contacts:
Stored in SendPulse until you withdraw your consent or exercise your right to opt out of mailings.
Accounting / contractual data:
If an official contract is concluded, data contained in primary financial documents is stored in accordance with Slovak legislation, for up to 10 years.
7. Your rights as a data subject
7. Your rights as a data subject
Since you are located in the EU, you, as well as employees of your company whose data is transferred, have the following rights guaranteed by the GDPR:
Right of access:
You may request confirmation as to whether we process your data and obtain a copy of it.
Right to rectification:
You have the right to request correction of inaccurate or outdated work-related data.
Right to erasure, “right to be forgotten”:
You may request deletion of data if it is no longer needed for the purposes for which it was collected, or if we have no overriding legal grounds for continuing to store it.
Right to restriction of processing and right to object:
You may object to the processing of data based on “legitimate interest,” including the use of your email address for B2B marketing.
Right to lodge a complaint:
You have the right to contact the supervisory authority for personal data protection.
In Slovakia, this is: Úrad na ochranu osobných údajov Slovenskej republiky (Hraničná 12, 820 07 Bratislava 27).
To exercise any of these rights, simply send us a request to the dedicated work email address: gdpr-b2b@medinklud.eu.
We will review your request within the legally established period of 30 days.