Privacy Policy
Company PZ AESTHETICS s.r.o. (hereinafter referred to as the “Company“) hereby provides data subjects, including visitors to its website www.peterziak.com (hereinafter referred to as the “Website“) with information for data subjects within the meaning of Articles 13-15 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as the “Regulation” or the “GDPR“).
1. Contact via Website
If you have filled in the web form on our website or contacted us by phone or e-mail and asked for information about the intended procedure, you consent to the processing of your personal data at the same time as submitting the form and/or contacting us by phone or e-mail.
The purpose of the processing of personal data in such a case is “to provide basic information about the desired procedure” – this purpose includes informing the potential client about the location of the aesthetic procedure and the conditions of its performance, as well as providing other related information to the potential client.
The legal basis for processing in both cases is your consent. Should you also provide health-related data in the form, consent to the processing is explicit, as required by Article 9(1)(a) of the GDPR.
The processing period is the period for which the consent was given, if not specified therein, until the consent is withdrawn.
The categories of personal data processed for this purpose are: data from the form, photograph (if sent), data sent by email or provided by telephone.
Withdrawal of consent: the consent given may be withdrawn at any time by sending an email to info@peterziak.com with the first name, surname and the text: “I withdraw the consent given for the purpose of “providing basic information about the desired procedure” or by sending a letter with the same text to the Company’s address. Withdrawal of consent does not affect the lawfulness of the processing of personal data prior to its withdrawal.
Your other rights: You also have other rights as a data subject which are set out in section 9 of this information.
2. Healthcare clients
| A If you are a healthcare client of our Company, the following information applies to you: | |
| Data processed, legal basis, purposes and periods of processing | |
| Medical documentation data | For consultations, examinations and procedures, our Company collects and processes personal data for the purpose of keeping medical documentation on the legal basis of the law – in particular the provisions of §18 (1) of Act No. 576/2004 Coll. on health care, to the extent pursuant to § 19 of the aforementioned Act and its other provisions. This processing is covered by the exemption under Article 9(2)(h) of the Regulation. Their provision is mandatory. We keep this data for the period specified by law, currently 20 years from the last treatment. |
| Contract data | On the legal basis of the contract and for the purposes of preparing and executing the contract and providing the services and interventions agreed in the contract, we process the personal data specified in the contract, i.e. name, surname, title, residential address, date of birth, contact details (email and telephone) and details of the agreed services. We process the data for the above purpose for the duration of the contract or until the end of the contract negotiations if the contract is not concluded. After the end of the contract, we will only process the data if this is necessary for the purposes and on the legal basis of the legitimate interest of proving and defending the legal claims of the controller, and for a maximum period of 4 years from the first possibility of exercising the right, usually 4 years from the last claim. You have the right to object to the processing of personal data on the legal basis of legitimate interest. |
| Management of appointment services | For the purposes of managing services, ordering treatments and ensuring the availability of the Company’s employee at the agreed time, we process personal data in the scope of name, surname, contact details, time of the appointment, services ordered and the attending physician or other employee through the service management system. The legal basis for the above processing is the contract or the legitimate interest of the controller and the client in booking the client for a specific appointment and ensuring the availability of the appointment. We process personal data for this purpose in our Company’s information system. |
| Accounting and taxes | For the purposes of tax records and accounting, on the legal basis of a legal obligation (in particular on the basis of Act 431/2002 Coll. on Accounting), we process the personal data specified in contracts and payment documents for the period specified by the regulations, generally 10 years. |
| Statistics, research, archiving | Statistics, research, archiving For archiving, scientific research or statistical purposes, we may process personal data to the extent necessary on the basis of a legal obligation, in particular personal data contained in contracts and payment documents. For these purposes, we process for the period specified by the regulations, for internal archiving purposes for a maximum of 20 years. |
| Marketing | For marketing purposes, we process personal data in the range of first name, last name, address, email address and, where applicable, other contact data on the legal basis of consent, until its revocation. The provision of consent is voluntary. If you are already a client of ours, we may also use your contact personal data for marketing on the legal basis of legitimate interest. On the legal basis of legitimate interest, we process data for a maximum of 5 years from your last visit and this processing is subject to the right to object. We process personal data for marketing purposes in our Company’s information system. |
| Data sources: In addition to the data provided by the client, we process personal data obtained from providers of laboratory services or specialist examinations (laboratory results and analyses), other doctors (diagnoses, medical reports, including health data), health insurance companies or commercial insurance companies (insurance data) or booking agencies (identification data, contact data). We also process data that we discover ourselves in the course of providing healthcare or fulfilling our contract. |
|
| Categories of intermediaries or other recipients of data: in the provision of services and administration of the Company, we occasionally turn to associates and professionals and they may also have access to your personal data. In particular, these services and these collaborators are: |
|
| External collaborators | Outside Healthcare Professionals (in particular, data needed for treatment, examinations), Outside Client Care Coordinators and Assistants (in particular, identification data, appointment bookings, information about appointments and treating healthcare professionals). |
| Receipt of payments | Receipt of payments by payment terminal administrator, fiscal cashier service provider (especially payment card details, payer identification and fee). |
| Internal administration | Healthcare software and/or booking calendar operator, data storage provider, external accounting company, external booking agencies (data stored in electronic storage and software, data from agency contract). |
| Legal claims | companies, debt recovery companies, tax and financial advisors, legal advisors (identification data, data on rights and obligations, data on claims, data necessary to prove, exercise or defend legal claims). |
| In addition, we provide or disclose your data to public authorities if we are required to do so by law or to other healthcare providers if this is necessary to provide our services. | |
| Transfers We do not transfer personal data outside the European Union member states or to an international organisation. |
|
| Withdrawal of consent If we process data on the basis of consent, you have the right to withdraw that consent at any time. You may withdraw your consent by email to info@peterziak.com or by sending a notice by post to the Company’s address. Withdrawal of consent does not affect the lawfulness of the processing of personal data prior to its withdrawal. |
|
| Objection With regard to data that we process on the basis of legitimate interest, you have the right to object to processing at any time on grounds relating to your particular situation. You can exercise your rights by emailing info@peterziak.com or by sending a notification by post to the Company’s address. |
|
| Your other rights You also have other data subject rights which are set out in section 9 of this information. |
|
3. Marketing
In order to receive marketing communications from the Company, a person who is not a client of the Company must first consent to be included in a separate marketing register.
The purpose is to send advertising and marketing communications and important announcements about the Company’s activities. Clients may also be sent these communications without explicit consent, but we only use this for important communications.
The processing period is the period for which consent was given, unless specified in the consent until the consent is withdrawn. In the case of sending important notices, they will be processed on the basis of legitimate interest for a period of 2 years from the last visit to the clinic or until an objection is lodged.
The legal basis for sending advertising and marketing communications is the consent of the data subject and for sending important information to clients is legitimate interest.
The categories of personal data provided by the data subject are: name and surname, e-mail, telephone number and address.
Recipients. These are in particular the web domain provider, the website supplier, the accounting processor, etc.
Withdrawal of consent: you can withdraw the consent you have given at any time by sending an email to info@peterziak.com with your first name, last name and the text “I withdraw the consent given for marketing purposes.” Withdrawal of consent does not affect the lawfulness of the processing of personal data prior to its withdrawal.
Objection With regard to data that we process on the basis of legitimate interest, you have the right to object to processing at any time. You can exercise your rights by emailing info@peterziak.com.
Your other rights. You also have other data subject rights which are set out in section 9 of this information.
4. Cookies
We use common website management technologies called cookies and similar technologies that have different functions.
A cookie is a small data file, often containing a unique but unidentifiable code, that is sent to your browser from the website’s computers and stored on your computer’s hard drive. Cookies allow you to be recognized as the same user on all pages of a website. Cookies also allow us to remember your choices – for example, the language you prefer, the menu you use, and your search criteria. We ask for your consent to use cookies, except where cookies are necessary for the proper functioning of our websites (essential cookies), in which case there is a legitimate interest in their use. You can allow or refuse non-essential cookies through the cookie banner, which also contains information about specific cookies, their purpose, retention period and setting options.
We work with third-party companies that are authorized to place third-party cookies or similar information storage technologies on our website with our consent. These third-party companies may use these technologies to help us compile anonymous website metrics and analytics. For more detailed information about third-party cookies, please see the cookie banner.
You can manage cookies through the cookie settings on our website or through your browser settings.
Withdrawal of consent: you can withdraw the consent you have given at any time by changing your internet access settings.
Objection With regard to data that we process on the basis of legitimate interest, you have the right to object to the processing at any time. You can exercise your rights by emailing info@peterziak.com.
Your other rights. You also have other data subject rights which are set out in section 9 of this information.
5. Contractual partners – physical persons or contact persons of legal entities
Purpose: If our contractual partners, such as suppliers or service providers, are natural persons, we must process their personal data for the purposes of contract performance and compliance with legal obligations (in particular under the Accountancy Act, Income Tax Act and the Archives Act and other legislation). We must also process the personal data of individuals who act on behalf of our contractual partners (statutory officers, senior employees) or are their contact persons under the contract for the purposes of fulfilling our contractual obligations under our contracts, contacting contractual partners and registering documents on which their data is included in accordance with the law. Where necessary for the exercise, proof or defence of the Company’s legal claims, we also process personal data for this purpose.
The legal basis is the contract for contractual partners – natural persons, for all data subjects under this point then the law, if it imposes an obligation to record or report documents on which their personal data are listed and the legitimate interest of the Company in the performance of contractual and legal obligations or to contact contractual partners through a contact person and the legitimate interest of the Company – the exercise, proof and defence of legal claims.
Categories of personal data: We process personal data in the scope of title, first name, surname, function (position), telephone, email or other contact information.
Processing period: We process personal data for the duration of the contract in which they are included or for the performance of which they are used. After termination of the contract, we still process the personal data during the limitation period for claims (generally 4 years) for the purpose of defending, proving and pursuing legal claims or, if during such period proceedings have been commenced or are threatened in respect of claims or obligations of the Company, until such proceedings have been concluded and all claims have been fully resolved. Personal data on documents and papers subject to mandatory filing or archiving shall continue to be retained for the duration of the filing or archiving period.
Objection: With regard to data that we process on the basis of legitimate interest, you have the right to object to the processing at any time. You can exercise your rights by emailing info@peterziak.com.
Your other rights: You also have other data subject rights which are set out in section 9 of this information.
6. Others
If you do not fall into any of the categories, or if you are not sure which category you fall into and you believe that we are processing your personal data, please contact us by email at info@peterziak.com.
7. Right to object
With regard to data that we process on the basis of legitimate interest, you have the right to object to the processing of this personal data at any time on grounds relating to your particular situation. You can exercise your rights by emailing info@peterziak.com or by sending a notification by post to our address.
For the purpose of defending a legitimate interest, we have drawn up a legitimate interest test, the so-called proportionality test of legitimate interest, which we can make available on request by email to info@peterziak.com or by letter sent by post to our address.
8. Right to withdraw consent
If we process data on the basis of consent, you have the right to withdraw your consent at any time. You can withdraw your consent by email to info@peterziak.com or by sending a notice by post to our address. Withdrawal of consent does not affect the lawfulness of the processing of personal data prior to its withdrawal.
9. Your other rights
Right of access
You have the right to know what data we process about you, for what purposes and to whom we disclose it, as well as other information (right of access). If you would like this information or would like to obtain a copy of the personal data we hold about you, please contact us at the address below. We may ask you to verify your identity and provide further information about your request before responding to your request. We will endeavour to respond within a reasonable period of time and in any event within the time limits set by law.
Right to correction, update
When you provide data, it is your responsibility to ensure that you provide true, accurate and complete information and that you keep it up to date. You can also update your personal information by contacting us using the contact details below. You have the right to request that we correct your information if it is incorrect or complete it if it is incomplete. Please remember to include your name, username (if it is an account) and postcode, or first name, last name and date of birth if it is data we process for the purposes of providing services, in your initial correspondence for such a case; this will help us to protect the details and preferences relating to your data from unauthorised access.
Right to restriction of processing
You have the right to restrict processing in cases determined by regulations, for example pending rectification or during an objection procedure, or in cases where our company no longer needs the personal data but you need it to exercise your rights.
Right to erasure and right to be forgotten
You have the right to have your data erased in cases determined by law, in particular where the period or purpose for which we processed it has expired or the processing is unlawful, or you have successfully objected to the processing, unless this right is restricted by law.
Right to portability
Where we process data by automated means on the basis of consent or contract, you have the right to data portability (the right to obtain the data in a structured, commonly used, machine-readable format and the right to transfer it to another controller). If technically feasible, you can request that we transfer the data directly to the new controller.
Right to lodge a complaint
If you are dissatisfied with the way we have responded to the exercise of your rights or if you believe that we are processing your data in breach of the regulations, you have the right to lodge a complaint with the Office for Personal Data Protection of the Slovak Republic or with the competent authority of your usual place of residence or work.
Exercise of rights
You can exercise your rights at any time by emailing us at info@peterziak.com or by sending a notice by post to our address.
10. Use of the Website by Minors
If you are under 16 years of age, please obtain your parent/guardian’s permission before providing information to us through our Site. Users without this permission are not authorised to provide information to us and if they do, we will stop processing their information as soon as we become aware of it.
11. Final provisions
The current version of the Privacy Policy is always listed on the Site, and we will inform you of the new version in the “Last Updated” section. This Privacy Policy was issued on 1 August 2025.
Last update: Rev0 1.8.2025
Contact details:
PZ AESTHETICS s.r.o.
Belániková 2, 841 04 Bratislava
Id.No.: 52 729 893
Commercial registry of the City court Bratislava III, Section: Sro, file No. 141940/B
Address of the outpatient clinic: the Skypark (2nd tower), Továrenská 12a, 811 09 Bratislava
Address of the day surgery facility: Bezručova 3, 811 09 Bratislava
e-mail: info@peterziak.com
mobil: +421 907 033 333