LEGAL INFORMATION

Privacy Policy

Valid from 1 May 2026. Information about how we process your personal data in accordance with GDPR.

This is an informal translation for reference purposes only. The Slovak version is the legally binding document.

1. Controller

1.1. The controller of personal data is the company EDENcars, s.r.o., registered office Ivánska cesta 83, 821 04 Bratislava, Company ID: 44923848, registered in the Commercial Register of the City Court Bratislava III (hereinafter "Controller").

1.2. Contact details for personal data protection queries:

Email: info@edenparking.sk
Website: www.EDENparking.sk

2. Personal data we collect

The Controller processes the following categories of personal data:

2.1. Booking form data

Name and surname — customer identification, contract fulfilment
Email address — booking confirmation, communication
Phone number — transfer coordination, delay contact
Vehicle type and registration — vehicle identification at the parking lot
Number of persons — transfer provision (max. 4 persons capacity)
Arrival and departure dates — parking service provision

2.2. Payment data

Payment data (card number, expiry date) is processed exclusively through the payment gateway integrated in the reservation system. The Controller does not directly store or process this data. Payment data processing is governed by the PCI DSS standard.

2.3. Newsletter and marketing communication

Email address — sending news, offers and discounts. This data is processed exclusively based on the customer's voluntary consent (opt-in).

2.4. Website visit data (cookies)

IP address (anonymised) — web analytics (Google Analytics 4). Cookies — website functionality, analytics, marketing purposes. Details about cookie usage are provided in section 9 of this document.

2.5. CCTV recordings

Image recordings of persons and vehicles — protection of customer and Controller property. Details about the CCTV system are provided in section 10 of this document.

3. Purposes of personal data processing

The Controller processes personal data for the following purposes:

Contract fulfilment — booking processing, parking service provision, airport transfer, customer communication
Payment processing — online payment through the payment gateway
Legal obligations — accounting, tax obligations, document archiving
Marketing communication — newsletter and offers (with consent only)
Web analytics — website traffic and behaviour analysis
Property protection — parking lot CCTV monitoring

4. Legal basis for processing

Personal data processing is based on the following legal grounds under Art. 6(1) GDPR:

Contract performance (booking, transfer, communication, payment) — Art. 6(1)(b) GDPR
Legal obligation (accounting and tax obligations) — Art. 6(1)(c) GDPR
Consent (newsletter, marketing, cookies, web analytics) — Art. 6(1)(a) GDPR
Legitimate interest (CCTV system) — Art. 6(1)(f) GDPR

5. Recipients of personal data

The Controller may provide personal data to the following third parties:

Payment gateway provider — online payment processing (processor)
Google LLC — Google Analytics 4 — web analytics (processor)
Hosting provider — website operation (processor)
State authorities — based on legal obligation, e.g. tax office, SOI (legal recipient)

The Controller does not sell personal data to third parties for marketing purposes.

6. Data transfers to third countries

6.1. In connection with the use of Google Analytics 4, personal data (anonymised IP address, cookies) may be transferred to the United States of America.

6.2. Data transfer to the USA is based on the EU-US Data Privacy Framework (European Commission adequacy decision of 10 July 2023) and Standard Contractual Clauses (SCC).

6.3. Other personal data is processed exclusively within the European Economic Area (EEA).

7. Personal data retention period

Personal data is retained for the period necessary to fulfil the processing purpose:

Accounting and tax documents (invoices, payment records) — 10 years from the end of the accounting period
Contract data (booking, contact details) — 5 years from service termination
Newsletter (email) — until consent is withdrawn by the customer
Cookies and analytics data — 26 months (GA4 default setting)
CCTV recordings — 30 days from recording creation

After the retention period expires, personal data is securely deleted or anonymised.

8. Data subject rights

The customer has the following rights regarding the processing of their personal data:

Right of access (Art. 15 GDPR) — the right to obtain confirmation whether personal data is being processed and, if so, to access it.
Right to rectification (Art. 16 GDPR) — the right to correct inaccurate or incomplete personal data.
Right to erasure (Art. 17 GDPR) — the right to request deletion of personal data when the processing purpose has ceased or consent has been withdrawn.
Right to restriction of processing (Art. 18 GDPR) — the right to request restriction of personal data processing.
Right to data portability (Art. 20 GDPR) — the right to receive personal data in a structured, commonly used and machine-readable format.
Right to object (Art. 21 GDPR) — the right to object to processing based on legitimate interest (including CCTV).
Right to withdraw consent — consent to processing (newsletter, cookies) can be withdrawn at any time.

Newsletter withdrawal: by clicking "Unsubscribe" in each email, or by emailing info@edenparking.sk. For cookies: by adjusting cookie settings on the website.

Right to lodge a complaint — the customer has the right to lodge a complaint with the supervisory authority: Office for Personal Data Protection of the Slovak Republic, Hraničná 12, 820 07 Bratislava 27, Tel.: +421 2 3231 3214, Web: dataprotection.gov.sk, Email: statny.dozor@pdp.gov.sk.

To exercise your rights, contact the Controller by email at info@edenparking.sk. The Controller will respond to requests within 30 days of receipt.

9. Cookies

9.1. What are cookies

Cookies are small text files stored in the visitor's browser. They are used to ensure website functionality, analyse traffic and personalise content.

9.2. Types of cookies we use

Essential — session cookies (website functionality, security) — until browser closes — no consent required
Essential — cookie consent (storing cookie preferences) — 12 months — no consent required
Analytics — Google Analytics 4 (traffic analysis, anonymised IP) — 26 months — consent required
Functional — reservation form (booking functionality) — session — no consent required (part of service)

9.3. Cookie management

On the first visit, a cookie banner is displayed where the visitor can: accept all cookies, reject optional cookies (analytics, marketing), or customise settings by category.

Cookie settings can be changed at any time via the link in the website footer.

9.4. Analytics cookies — Google Analytics 4

The website uses Google Analytics 4 for traffic analysis. Google Analytics uses cookies to collect anonymised data about visitor behaviour (pages visited, visit duration, traffic source). IP addresses are anonymised. Data is processed by Google LLC. More information: policies.google.com/privacy.

10. CCTV system

10.1. Purpose: The parking premises are monitored by a CCTV system for the protection of customer property (vehicles) and Controller property, and for the prevention and investigation of security incidents.

10.2. Legal basis: Legitimate interest of the Controller under Art. 6(1)(f) GDPR — property protection. The legitimate interest outweighs the interests of data subjects, as monitoring covers only the outdoor parking areas and is necessary given that customers leave vehicles unattended for up to 31 days.

10.3. Recording scope: The CCTV system records video footage of outdoor parking areas. No audio recordings are collected.

10.4. Retention period: CCTV recordings are retained for 30 days from creation. After this period, recordings are automatically deleted unless needed for resolving a security incident, complaint, or legal dispute.

10.5. Information: Entry to the monitored parking area is marked with an information sign in accordance with §60 of Act No. 18/2018 Coll. on Personal Data Protection.

10.6. Data subject rights: Data subjects have the right to object to monitoring under Art. 21 GDPR. Requests can be submitted by email to info@edenparking.sk.

11. Final provisions

11.1. This Privacy Policy takes effect on 1 May 2026.

11.2. The Controller reserves the right to amend this Policy. The current version will always be published on the website www.EDENparking.sk.

11.3. This Policy is drawn up in the Slovak language. In case of language versions (EN, DE, HU), the Slovak version shall prevail.

11.4. Related documents: Terms & Conditions

Last updated: 1 May 2026. For questions please contact us at info@edenparking.sk.

Ready to travel?

Book your parking today and travel without worries.

Book now