Personal Data Protection
Rights of data subjects and where to apply them
GDPR has enforced existing rights of data subjects, whose data are being processed, and has presented new rights as well. The data subject has the following rights:
- Right to be informed
- Right of access by the data subject
- Right to rectification
-
Right to erasure ("right to be forgotten")
-
Right of restriction of processing
-
Right of data accuracy
-
Right to raise objection
-
Rights related to automated decision making including profiling
A responsible person - Data Protection Officer (hereinafter only DPO) shall deal with requests on exercising rights of data subjects in cooperation with respective specialized units of USSK, except for reporting changes of personal data of the employees by means of Annex No. 7 to Guideline 0203 (USM/0203) - Announcement of changes in personal data of an employee, which fall under competences of unit Director HR. It is also possible to hand in the form at the Employee Center.
DPO answers the requests of data subjects in the same way, as the request has been filed by data subject (orally, in writing, electronically - if the request contains qualified electronic signature), unless the data subject asks otherwise. Oral information providing may be conditioned by proving identity of the data subject. If DPO has any reasonable doubts about the identity of a natural person filing the request, DPO may ask for additional information for purposes of identity confirmation and they must deal with the request in a way, that no other person has access to protected data.
DPO is obliged to deal with the requests of data subjects immediately, one month from receipt of the request at the latest. If needed, this term may be prolonged (even repeatedly) by 2 additional months, and the complexity and number of requests shall be taken into consideration. DPO informs the data subject about each prolongation of the term, at the latest in one month since the receipt of the request, together with reasons of term default.
If the controller doesn't take measures based on data subject's request, DPO shall immediately, one month from the delivery of the request at the latest, inform data subject about reasons of non-acting and about the possibility to file a complaint with The Office and to claim damages.
DPO may refuse to act based on the request of data subject, when exercising their rights, if and only if, DPO gives proof of not being able to identify the data subject.
DPO leads a register of filed and arranged requests of data subjects. Changes in personal data, which are executed by the unit Director HR based on Annex. No. 7 to Guideline 0203 (USM/0203) - Announcement of changes in personal data of an employee, are not recorded in the register.
If exercise of the rights of data subject has impact on processing of personal data, both by controller or processor, DPO is obliged to inform both controller and processor about exercising this right.
More information in Guideline 0192 (USM/0192) personal data protection.
CONTACT
Data protection officer:
Personal Data Protection Manager - tel. +421 55 673 4660
Law Department:
Manager Compliance and Special Projects - tel. +421 55 673 9589
Cybersecurity:
Team Manager Cybersecurity - tel. +421 55 673 4020
E-mail: dataprotection@sk.uss.com
POSTAL ADDRESS:
U. S. Steel Košice, s.r.o.
Vstupný areál U. S. Steel
044 54 Košice
Slovak Republic
BILLING INFORMATION:
ID No.: 36 199 222
VAT ID: SK7020000119
Commercial Register: District Court Kosice I, Sec.: Sro, File No.: 11711/V
CONTACTS:
>> Commercial Team
>> Subsidiaries
>> Customer Technical Service
>> Research & Development
>> Suppliers
>> Public Relations & Media
>> Editorial Office - Oceľ východu
>> Visitors Center
>> Foundation
>> U. S. Steel Ethics Line
>> Training and Testing of Contractors, Entry Permits
>> Fire Department
VISITING US:
Click here to get Google maps driving direction for visitors and suppliers
GPS coordinates:
48.624314 N, 21.188045 E –
You can also visit the website of our parent company United States Steel Corporation.