Controller – PROXIUSS s.r.o. company is responsible for processing personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC, (hereinafter referred to as GDPR). Our data protection rules comply with the applicable law on the protection of personal data. This privacy policy explains information in a transparent and comprehensible manner in accordance with Articles 13 and 14 of the GDPR.
1. Data Controller – the data controller is a company that determines the purpose and means of processing personal data:
Company Name: PROXIUSS s.r.o
Address: Stare Grunty 7A, 841 04 Bratislava, Slovakia
Company ID: 54174244
Tax ID: 2121613252
VAT ID: SK2121613252
2. Data Subjects – Individuals, employees of customers and suppliers, and individuals visiting the data controller’s website.
3. Categories of personal data that the data controller may process during your use of its services and products: common personal data – name, surname, title, residential address – street, house number, postal code, city, signature, ID number, phone number, job position, email address, IP address, country, information about a bank account for payment for products or services.
We can obtain your personal data:
– directly from you – for example, from forms you fill out on our website, preferences you express or provide through our website, or from your purchases on our website,
– indirectly from you – for example, by observing your activity on our website,
– automatically from you – for example, through cookies that we or our service providers set on your device when you browse our website,
– from service providers – for example, third-party vendors for monitoring and analyzing the use of our website.
4. Purposes of personal data processing (personal data must not be further processed in a manner that is incompatible with these purposes) and the legal basis for providing this data:
| Purposes of personal data processing | Legal Basis |
| Agenda of Company Bodies Members (Ltd.) – Record of Agenda of Company Bodies Members | Fulfillment of legal obligations (Article 6(1)(c) GDPR) |
| Supplier Register – Business Purposes – Record Keeping and Processing of Business Cases, Contracts, and Related Information | Legitimate interest (Article 6(1)(f) of the GDPR) |
| Clients’ Agenda – business purpose, the full version of the application – sale of the full version of the application – recording, and processing of business cases, contracts, and related information | Legitimate interest (Article 6(1)(f) of the GDPR) Fulfillment of legal obligations (Article 6(1)(c) of the GDPR) Fulfillment of a contract (Article 6(1)(b) of the GDPR) |
| Clients’ Agenda – Business Purpose, Trial Version – Sale of Trial Version of the Application – Recording and Processing of Business Cases, Contracts, and Related Information | Legitimate interest (Article 6(1)(f) of the GDPR) Fulfillment of legal obligations (Article 6(1)(c) of the GDPR) Fulfillment of a contract (Article 6(1)(b) of the GDPR) |
| Clients’ Agenda – Business Purpose, Demo Version – Sale of the demo version of the application – Recording and processing of business cases, contracts, and related information | Legitimate interest (Article 6(1)(f) of the GDPR) Fulfillment of legal obligations (Article 6(1)(c) of the GDPR) Fulfillment of a contract (Article 6(1)(b) of the GDPR) |
| Clients’ Agenda – Recording and Processing, Delivery of Materials/ Goods | Legitimate interest (Article 6(1)(f) of the GDPR) Fulfillment of legal obligations (Article 6(1)(c) of the GDPR) Fulfillment of a contract (Article 6(1)(b) of the GDPR) |
| Complaint Records – Management of Complaint Records | Fulfillment of legal obligations (Article 6(1)(c) of the GDPR) |
| Marketing – sending newsletters to clients, presenting the organization’s products | Legitimate interest (Article 6(1)(f) of the GDPR) |
| Legal Agenda – recording and securing the legal agenda, handling civil, commercial, and labor law matters, representing in legal disputes before courts, preparing documentation for proceedings, drafting, and evaluating contracts, providing legal opinions | Fulfillment of legal obligations (Article 6(1)(c) of the GDPR) |
| Accounting – Recording and Processing of Accounting Documents | Fulfillment of legal obligations (Article 6(1)(c) of the GDPR) |
| Supplier Employees – Record of Illegal Work and Illegal Employment, and Amendments to Certain Provisions in the Text of Subsequent Regulations | Fulfillment of legal obligations (Article 6(1)(c) of the GDPR) |
| Personal Data Protection – Processing the Rights/Requests of Data Subjects, Compliance Checks, and Other Matters in Accordance with the Personal Data Protection Act | Fulfillment of legal obligations (Article 6(1)(c) of the GDPR) |
| Cookies – tracking user activities on the website, creating statistics | Legitimate interest (Article 6(1)(f) of the GDPR) |
| Contact Form – for the purpose of registration on the website | Legitimate interest (Article 6(1)(f) of the GDPR) |
5. Duration of Personal Data Storage – Your personal data is processed for as long as necessary for the purposes for which personal data is processed. We most commonly cease processing your personal data upon:
a) fulfilling our legal obligations (for example, if we are obligated to retain your data in accordance with applicable laws), resolving disputes, and enforcing our legal agreements and policies
b) Expiry of the maximum retention period of your personal data processed for a specific purpose, as defined in our internal policy governing the retention of your personal data processed for specific purposes
c) Complete settlement of our mutual contractual obligations.
More specific retention periods for personal data arise from our data retention policy (specified in the records of processing activities). Any incidentally obtained personal data will not be further processed systematically for any purpose defined by the Controller and/or prescribed by law to the Controller. If possible, we will inform the data subject to whom the incidentally obtained personal data belongs about their incidental acquisition and, depending on the nature of the case, provide them with the necessary cooperation leading to the restoration of control over their personal data. Immediately after these necessary actions aimed at resolving the situation, all incidentally obtained personal data will be securely destroyed without delay. The company will retain usage data for internal analysis purposes. Usage data is mostly stored for a shorter period, except in cases where this data is used to enhance security or improve our product, or when we are required by law to retain this data for longer periods.
6. Intermediaries – our business partners who may have access to your personal data, also adhere to the rules of personal data protection, and we have entered into a data processing agreement with them.
The recipients of personal data of data subjects are various categories of entities to whom we provide your personal data, most commonly in the fulfillment of our legal obligations, and/or they are our own employees with whom you come into contact as data subjects. Public institutions such as administrative authorities, courts, or authorities conducting criminal proceedings will only be provided with personal data to the extent permitted by law. Below you will find a list of categories of recipients of personal data:
a) Software equipment and technical support suppliers (e.g., Salesforce…)
b) Financial services (e.g., Stripe…)
c) Consulting and advisory firms
d) Lawyers, executors, notaries
e) Accountants, payroll companies, and auditors
f) Provision of web hosting services
g) Complainant and other individuals filing a complaint.
When using our service to make payment for a product or service via bank transfer (Stripe payment gateway), we may request information from you to facilitate this transaction and verify your identity. Personal data provided by you may be used for statistical purposes; otherwise, they are directly provided to our third-party payment processors, whose use of your personal data is governed by their Privacy Policies. You can view the Privacy Policies of the Stripe payment gateway at https://stripe.com/us/privacy.
Our application runs and is backed up in the Salesforce company’s cloud. In case of data damage in our application, it is possible to restore all data in the application after re-registration. All data is protected, and you can view Salesforce’s data protection policies on their Privacy Policy page – Salesforce.com.
7. Data protection at the controller: We implement technical and organizational security measures to protect your data from unauthorized access to the fullest extent possible. Only authorized personnel of the controller who are informed about the processing and protection of this personal data have access to the relevant personal data. We may use your personal data to contact you through newsletters, marketing or promotional materials, and other information that may be of interest to you. You can subscribe to receive promotional materials via the link on the website or unsubscribe from receiving any or all of this communication from us using the unsubscribe link.
8. The processing of personal data is carried out within the member states of the European Union and the European Economic Area. The processing of personal data in third countries may only take place with the consent of the controller and is subject to the special conditions set out in the GDPR regulation.
Some parts of our website and our emails may collect data that allows companies, for example, to count users who have visited these pages or opened an email, and other related website statistics (such as tracking the popularity of a specific section). This data will be used for marketing and statistical purposes, as well as for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns, and evaluating and improving our website, products, services, marketing, and your experiences. It may be processed by an external company, but only for the needs of our company. These pieces of information may be transferred and stored on computers located outside your state, country, or other legal jurisdiction, where data protection laws may differ from those in your legal jurisdiction. The company will take all reasonably necessary steps to ensure that your data is handled securely and in accordance with these Data Protection Principles and that no transfer of your personal data to an organization or country will be made unless there are adequate controls in place, including the security of your personal data.
9. Personal data will not be used for automated individual decision-making, including profiling.
10. Proper processing of your personal data is important for PROXIUSS s. r. o., and their protection is a matter of course. When processing personal data, you can exercise the following rights:
a) Withdraw consent – in cases where we process your personal data based on your consent, you have the right to withdraw this consent at any time. You can withdraw consent electronically, at the address of the responsible person, in writing, by notifying us of the withdrawal of consent, or in person at the office. Withdrawal of consent does not affect the legality of the processing of personal data that we have carried out based on it.
b) Right to Access Personal Data: You have the right to confirm whether personal data is being processed or not and, if so, you have access to information about the processing, categories of personal data concerned, recipients or categories of recipients, the retention period of personal data, as well as the right to information about your rights, the right to lodge a complaint with the Office for Personal Data Protection, information about the source of personal data, information about whether automated decision-making and profiling are taking place, information and guarantees in the case of transferring personal data to a third country or international organization. You have the right to receive copies of processed personal data unless this would adversely affect the rights of other individuals.
c) Right to Rectification: You have the right for your incorrect personal data to be rectified without undue delay.
d) Right to Erasure: You are entitled to request the erasure of your personal data without undue delay, provided that the conditions specified in the GDPR are met (you have the right to erasure especially when your personal data are no longer necessary for the purposes for which they were processed, or when personal data have been processed unlawfully. The right to erasure does not apply particularly when the processing of personal data is necessary for the establishment, exercise, or defense of legal claims by the data controller or third parties).
e) Right to Restriction of Processing: In cases stipulated by the GDPR (for example, if you dispute the accuracy of personal data, or if the processing is not in compliance with legal regulations, or if we no longer need personal data for the specified purposes, but you require them for the establishment, exercise, or defense of legal claims), you have the right to request that we restrict their processing.
f) Right to Data Portability: Under certain circumstances, you have the right to request us to transfer personal data that you have provided to us to another third party of your choice. However, the right to data portability only applies to personal data that we have obtained from you based on consent or as part of a contract to which you are one of the contracting parties.
11. Right to Object: If the processing of personal data is carried out on a legal basis of legitimate interest under GDPR, you have the right to object to such processing. We may not further process these data unless we demonstrate compelling legitimate reasons for processing that outweigh your interests, rights, and freedoms, or for the establishment, exercise, or defense of legal claims on our part or of third parties.
12. Usage of Cookies: We utilize cookies and similar tracking technologies to monitor activities on our website and store specific information for the improvement and analysis of our site. Cookies are small files that are stored on your device while you browse our website. These data files contain information that enables our website to remember essential details, making your usage of the website more efficient and beneficial. Our site uses cookies for various purposes. We employ cookie technology to collect non-personal information from online visitors. Usage data may include information such as your device’s internet protocol address (e.g., IP address), the parts of our site you visit, the time and date of your visit, time spent on these pages, unique device identifiers, and other diagnostic data. When you access the page via a mobile device, we may automatically collect certain information, including but not limited to the type of mobile device you are using, the unique ID of your mobile device, the IP address of your mobile device, operating system, the type of mobile internet browser you are using, unique device identifiers, and other diagnostic data. If you do not wish to receive cookies from us, you can instruct your browser to reject all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use certain parts of our website. Unless you have adjusted your browser setting to refuse cookies, our website may use cookies.
Contact for the exercise of affected rights: In the event that you contact us by email at the address sales(at)proxiuss.com or by mail at the address Stare Grunty 7A, 841 04 Bratislava, Slovakia, we will store the information you provide (your email address or your name, surname, and your telephone number) to respond to your inquiries or to process your request. The data will be deleted when they are no longer necessary for processing purposes, or we will restrict their processing if there are legal obligations to retain them. We will provide statements and any information on the actions taken as soon as possible, but no later than within one month. If necessary and taking into account the complexity and number of requests, we may extend this period to two months. We will inform you of any extension, including the reasons for it.