Privacy Policy

according to EU Council Regulation No. 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as the “Regulation”), Articles 13 – 14 and Act No. 18/2018 Coll. on the protection of personal data and on the amendment and supplementation of certain acts (hereinafter referred to as the “Act”).

Controller: Kempelenov inštítút intelligentných technologií, interest association of legal entities, abbreviation: KInIT, with registered office: Sky Park Offices, Bottova 7939/2A, 811 09 Bratislava – Staré Mesto, IČO: 53290046, represented by Mária Bielikova, statutory representative and Ing. Marián Šimko, statutory officer, hereinafter referred to in this document as “we”, “us” and other grammatical forms, or as “the operator”.

Data protection officer: dpo@kinit.sk

National supervisory authority: Office for Personal Data Protection of the Slovak Republic, Park One Building, Námestie 1.mája 18, 811 06 Bratislava, https://dataprotection.gov.sk/

We process your personal data in accordance with the principles of lawfulness, transparency, confidentiality and integrity. Below you will find information about the purposes, method of processing, legal bases, deadlines for deletion and your rights. In case of questions, please contact the responsible person at the above e-mail address.

When processing your personal data, we pay maximum attention to their protection. We respect the principles of lawfulness, minimization, transparency, confidentiality and integrity in accordance with the Regulation and the Act.

We most often obtain your personal data directly from you, in particular:

We may also obtain your personal data from third parties, in particular:

The personal data that we may process for this purpose are: your e-mail, first name, last name, employer name and job title if you are contacting us on behalf of the organization you work for, and other contact details.

We process your personal data on the legal basis of Article 6(1)(f) of the Regulation – processing necessary for the purposes of the legitimate interests pursued by us as a controller or a third party. Our legitimate interest is to be available, provide you with information and respond to your inquiries. We build long-term relationships and partnerships, therefore we will process your data for a period of 3 years from the last contact. You have the right to access the information we process about you, you have the right to correction, object to processing or request deletion.

In the event that a business or other contractual relationship develops from the initial contact, we will process your personal data on the basis of Article 6(1)(b) of the Regulation – processing is necessary for the performance of a contract to which the data subject is a party, or in order to take steps at the request of the data subject prior to entering into a contract. We will process your data for a period of 10 years from the termination of the contract. You have the right to access the information we process about you, you have the right to rectify, object to processing or request deletion. The right to deletion may be limited by our legal obligations.

If you participate in one of our studies as a participant, we will process your personal data to the extent necessary for the implementation of the study. The specific scope of data is always stated in the invitation to the given study, and may include in particular first and last name, e-mail, assigned ID, but also demographic and other data necessary for the implementation of the study.

We process personal data on the legal basis of GDPR Art. 6 para. 1, lit. f) – processing is necessary for the purposes of legitimate interests pursued by the controller or a third party. Our legitimate interest, which we pursue as a scientific research institute, is the implementation of a scientific study.

In accordance with Art. 89 GDPR, we inform you that the processing of personal data for the purposes of scientific research is subject to appropriate safeguards for the rights and freedoms of you as the data subject in accordance with this regulation. We have implemented technical and organizational measures, in particular to ensure compliance with the principle of data minimization. Your personal data will be anonymized and archived as research artifacts. The study results will be anonymized before publishing its results.

For a period of 12 months from the study, you have the right to access the personal data we process about you, the right to erasure, the right to object or request restriction of processing.

After 12 months, these rights will no longer be possible due to the anonymization, which is permanent in nature and does not allow individual participants to be identified.

One of our legitimate interests is to promote our work online. For this purpose, we have established this website (www.kinit.sk) as well as other websites for individual projects www.lorai.eu and www.disai.eu.

This privacy policy applies to all our activities. The privacy policy for processing for purposes specific to individual projects is published on the aforementioned websites.

Based on your consent pursuant to GDPR Article 6(1)(f) of the Regulation, we may store analytical, marketing and statistical cookies as well as Facebook pixels on your device.

Based on our legitimate interest pursuant to GDPR Article 6(1)(a)(f) Regulations We may store technical, so-called. Necessary cookies on your device. Our legitimate interest is the flawless functioning of the website. The storage period of cookies is 72 hours.

You can follow our activities on the social networks Facebook, LinkedIn, X, Youtube. Based on our legitimate interest according to GDPR Article 6(1)(f) Regulations, we may process your name, surname, nickname, photo, your opinions and preferences, or on LinkedIn also information about your employer, your job position, and other information about your job title, job search and the like, as well as contact details if you provide them. The processing period is defined by your decision until you stop following our social network profiles, commenting, sharing and otherwise connecting with us.

For the purpose of organizing an event, we process your personal data provided by you in individual questionnaires. Their scope may vary depending on the type of event, but as a rule, it concerns personal data in the scope of name, surname, e-mail, school, employer, research experience, your knowledge, ambitions or motivation in the field of AI research. If the event also includes refreshments/catering, we also process personal data related to possible food intolerances to ensure appropriate food and drinks.

The legal basis for the processing is 6 para. 1 letter b) of the Regulation – the processing is necessary for the performance of a contract to which the data subject is a party, or in order to take measures prior to entering into a contract at the request of the data subject.

In accordance with the principle of minimization, we will process your data necessary for registration for a period of 15 days after the end of the event. If the registration form also includes consent to processing for the purposes of future contact, sending information or newsletters, and you give us your consent, we will process your personal data until you withdraw your consent based on Art. 6, para. 1, letter a) of the Regulation – processing based on your consent.

You have the right to access the information we process about you, you have the right to rectify, object to processing or request deletion. The right to deletion may be limited by our legal obligations.

During the event, we may take photos or video recordings for two purposes – documentary in accordance with our grant agreements and marketing, for the purpose of promoting our work. Photos and videos are taken in a way that captures the atmosphere of the event, with respect for the dignity and personal rights of the participants. These are usually shots from the back, from a distance, from the side, not individual portraits.

The processed personal data is your likeness. The legal basis for the processing is Article 6(1)(f) of the Regulation – processing of personal data is necessary for the purposes of the legitimate interests pursued by the controller. Processing is limited to 10 years. You have the right to object to the processing (in person on site or subsequently by e-mail) or to request deletion.

We publish carefully selected photos and/or videos in our newsletter, on the website and on social networks. The processed personal data is your likeness. The legal basis for the processing is Article 6(1)(f) of the Regulation – processing of personal data is necessary for the purposes of the legitimate interests pursued by the controller. Processing is limited to 10 years. You have the right to request deletion.

On the kinit.sk website, we also publish job offers, which you can respond to directly from this website by filling out a registration form, which will redirect you to the Nalgoo website, which we use to receive CVs and manage the recruitment process. On the website, you will be able to fill in your details, answer a questionnaire and send your CV.

For the purpose of selecting suitable candidates for vacancies, internships, doctoral studies, postgraduate activities and other similar cooperation, we process your data in the form specified in your CV, i.e. at least name, surname, e-mail, telephone number, education and work experience. The legal basis for processing is your consent pursuant to Art. 6 para. 1 letter a) of the Regulation. We process your personal data sent for a given job position for a period of 6 months or less in the event of withdrawal of consent. If you agree, we may process your personal data for a longer period in the event of other open positions than those for which you originally gave your consent. You can withdraw your consent at any time.

Establishing, confirming and defending our rights and legally protected interests is our legitimate interest. In the event of any legal dispute resolved in court or out of court, your personal data in our possession may be processed. The legal basis for processing for this purpose is Article 6(1)(f) of the Regulation and the deletion period is 10 years after the end of the legal dispute. You have the right to access the information we process about you, you have the right to rectification, object to processing, request restriction of processing or deletion. The right to deletion may be limited by our legal obligations.

We use the services of external companies in the areas of accounting, law, marketing, IT, office space management and other services. These entities may be bound by confidentiality and may process your personal data only to the extent and in the manner contractually defined in accordance with Art. 28 of the Regulation.

Recipients may be European Union bodies, the Office of the Government of the Slovak Republic and individual ministries in the case of financing individual programs such as the Recovery Plan, Horizon Europe and others. Specific institutions are always listed for individual activities.

Other recipients may be courts, authorities in criminal proceedings, banks, bailiffs or lawyers, notaries, state authorities, supervisory, inspection and control authorities, municipalities, self-governing regions, natural persons who are parties to proceedings before the relevant entity. These recipients are provided with personal data, for example when consulting a file, etc.

Third parties are considered to be mainly public authorities and institutions to which we are obliged to provide personal data based on a legal provision in the performance of our legal obligations.

We do not transfer personal data to third countries. The USA, with effect from 20. 9. 2023, provides adequate guarantees for the protection of personal data based on Decision EK2023/1795.

KInIT and Innovatrics, with registered office at Pri vinohradoch 82, 831 06 Bratislava, Company ID: 36 280 712, are joint controllers pursuant to Article 26 GDPR and for the purpose of the joint activity of organizing the irregular event “Better AI meetup”, which brings together AI experts and enthusiasts in live and online conferences. The event website is https://betteraimeetup.com.

Information on the processing of personal data is published on the aforementioned websites.

As a data subject, you have the right to:

If you believe that your rights to the processing of personal data have been violated, or that the Personal Data Protection Act 18/2018 or the GDPR has been violated, you may file a complaint to initiate a personal data protection proceeding with the Personal Data Protection Office of the Slovak Republic, Park One Building, Námestie 1. mája 18, 811 06 Bratislava, Slovak Republic; www.dataprotection.gov.sk.

Please send your questions and requests regarding personal data protection by e-mail to dpo@kinit.sk or in writing to our postal address.

We may change this Privacy Policy at any time, in particular with regard to legislative changes in the field of personal data protection that may be adopted in the future.

Updated 28.2.2026