The Company is dedicated to preserving the confidentiality and security of personal and sensitive data provided by its users (hereinafter referred to as "Users") while accessing and using the services offered by the Company (hereinafter referred to as "Services"). This Policy details the Company's approach to collecting, utilizing, and disclosing such data in compliance with the relevant European Union regulations, including the General Data Protection Regulation (GDPR).
1. Data Collection and Usage
1.1 The Company may gather and process Users' personal information, such as names, email addresses, payment details, and photographs uploaded for utilizing the Services. Additionally, the Company may collect non-personal information, including IP addresses, browser types, operating systems, and other usage data.
1.2 The Company employs this information to offer the Services, communicate with Users, process payments, enhance user experience, and improve the overall quality and functionality of the Services.
2. Data Protection Principles
2.1 The Company adheres to the following data protection principles:
a) Legality, fairness, and transparency: Personal data processing shall be lawful, fair, and transparent.
b) Purpose limitation: Personal data shall be collected for specified, explicit, and legitimate purposes, and not further processed in a manner incompatible with those purposes.
c) Data minimization: Personal data shall be adequate, relevant, and limited to what is necessary for the purposes for which it is processed.
d) Accuracy: Personal data shall be accurate and, where necessary, kept up to date.
e) Storage limitation: Personal data shall be stored in a form which permits identification of Users for no longer than is necessary for the purposes for which the personal data is processed.
f) Integrity and confidentiality: Personal data processing shall be conducted in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing, accidental loss, destruction, or damage.
3. Information Disclosure
3.1 The Company may disclose Users' personal information to third parties under the following circumstances:
a) To comply with a legal obligation or court order;
b) To protect the rights, property, or safety of the Company, its Users, or others;
c) To process payments or provide the Services, as necessary;
d) In the event that the Company is involved in a merger, acquisition, or sale of all or a portion of its assets, subject to the same confidentiality obligations as stated in this Policy.
4. Security Measures
4.1 The Company has implemented suitable technical and organizational measures to safeguard Users' personal information against unauthorized access, modification, disclosure, or destruction. These measures include, but are not limited to, data encryption, access control, and secure data storage.
5. User Rights
5.1 Under the GDPR, Users have the following rights regarding their personal data:
a) The right to be informed about the collection and use of their personal data;
b) The right to access their personal data;
c) The right to rectify inaccurate or incomplete personal data;
d) The right to erasure, also known as the 'right to be forgotten';
e) The right to restrict processing of their personal data;
f) The right to data portability;
g) The right to object to the processing of their personal data;
h) The right to not be subject to automated decision-making, including profiling.
6. Policy Modifications
6.1 The Company reserves the right to modify this Policy at any time. Users are encouraged to review this Policy
periodically to stay informed about the Company's data protection practices. Any changes to the Policy will be posted on the Company's website, and the "Last Updated" date at the top of the Policy will be revised accordingly. Continued use of the Services after any such modifications shall constitute Users' acceptance of the updated Policy.
7. Contact Information
7.1 If Users have any questions, concerns, or requests regarding this Policy or their personal data, they may contact the Company's Data Protection Officer (DPO) at:
8. Governing Law
8.1 This Policy shall be governed by and construed in accordance with the laws of the European Union.
9.1 Users have the right to lodge a complaint with a supervisory authority if they believe that the Company's processing of their personal data violates applicable laws, particularly the GDPR. Users may do so in the Member State of their habitual residence, place of work, or the place of the alleged infringement.
10. International Data Transfers
10.1 In case the Company transfers Users' personal data outside the European Union, the Company will ensure that the data is transferred according to the GDPR requirements, providing an adequate level of protection to the transferred data. This may include the use of Standard Contractual Clauses approved by the European Commission, or transferring data to countries that have been recognized by the European Commission as providing an adequate level of data protection.
11. Data Retention
11.1 The Company will retain Users' personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by applicable laws. The Company will take appropriate measures to securely destroy or anonymize personal data when it is no longer needed for the stated purposes.
12. Children's Privacy
12.1 The Services are not intended for use by individuals under the age of 16. The Company does not knowingly collect personal data from children under the age of 16. If the Company becomes aware that it has collected personal data from a child under the age of 16, it will take appropriate measures to promptly delete such data.
13. Third-Party Links
13.1 The Company's website may contain links to other websites that are not operated by the Company. Users should be aware that the Company is not responsible for the content, privacy policies, or practices of such third-party websites. Users are advised to review the privacy policies of any third-party websites they visit.
14. Cookies and Similar Technologies
Name bank: Československá obchodná banka, a.s.
Address: Bankov 7, 040 01, Košice, SK