Privacy Policy - GDPR

Your privacy is our priority

1. Data Controller Identification

Controller:

SynapseCore s.r.o.
Trnavská cesta 106
821 01 Bratislava 27
Slovak Republic

2. Data Protection Officer

Email: info@synapsecore.cloud
Telefón: +421 910 140 070

3. Purposes of Personal Data Processing

For B2B clients:

  • Contract Fulfillment - providing SynapseCore services, solution implementation, technical support
  • Pre-contractual Relations - processing inquiries, preparing offers, demo presentations
  • Invoicing and Accounting - issuing invoices, accounting management
  • Communication - sending service information, technical support
  • Marketing - sending newsletters (only with consent)
  • Legal Claims - establishing and defending legal claims

For website visitors:

  • Analytics - improving our services and website
  • Cookies - ensuring website functionality
  • Contact Form - processing your request

4. Legal Basis for Processing

We process personal data based on:

  • Contract Fulfillment (Art. 6(1)(b) GDPR) - necessary for providing our services
  • Consent (Art. 6(1)(a) GDPR) - for marketing purposes
  • Legitimate Interest (Art. 6(1)(f) GDPR) - for ensuring service quality
  • Legal Obligation (Art. 6(1)(c) GDPR) - accounting, tax obligations

5. Categories of Personal Data Processed

B2B Client Contact Persons:

  • Identification data (name, surname, title, job position)
  • Contact data (email, phone)
  • Company data (name, ID number, tax ID, address)
  • Communication history
  • Payment data (account number, billing information)

Website Visitors:

  • IP address
  • Cookies identifiers
  • Browser and device data
  • Data provided in contact form

6. Recipients of Personal Data

We may share your personal data with:

  • Accounting software - for invoicing and accounting
  • Google Analytics - for web analytics (anonymized)
  • Email provider - for sending emails
  • Cloud services (AWS/Google Cloud) - for data storage
  • Legal and tax advisors - when necessary
  • State authorities - when required by law

7. Transfer to Third Countries

Some tools (Google Analytics, AWS) may transfer data to the USA. These transfers are secured by:

  • EU Standard Contractual Clauses
  • Additional security measures

8. Data Retention Period

  • Contracts and invoices: 10 years (accounting legislation)
  • Email communication: 3 years after cooperation ends
  • Marketing data: until consent withdrawal
  • Cookies: depending on type (session to 2 years)
  • Logs and records: 6 months

9. Your Rights under GDPR

Right to Access

You have the right to obtain confirmation whether we process your personal data and access to them.

Right to Rectification

You have the right to correct inaccurate and complete incomplete data.

Right to Erasure

You have the right to delete data ("right to be forgotten").

Right to Restriction

You have the right to restrict the processing of your data.

Right to Portability

You have the right to obtain data in a structured format and transfer them.

Right to Object

You have the right to object to processing for marketing purposes.

Right to Withdraw Consent

If processing is based on consent, you can withdraw it at any time.

Automated Decision-Making

You have the right not to be subject to automated decision-making.

Right to Lodge a Complaint

You have the right to lodge a complaint with the supervisory authority:

Office for Personal Data Protection of the Slovak Republic
Hraničná 12, 820 07 Bratislava 27
Email: statny.dozor@pdp.gov.sk
Web: dataprotection.gov.sk

10. How to Exercise Your Rights

You can exercise your rights:

We will respond to your request within 30 days. In complex cases, we may extend the deadline by another 2 months (we will inform you).

Exercising rights is free of charge. For repeated or manifestly unfounded requests, we may charge a reasonable fee.

11. Automated Decision-Making and Profiling

We do not perform automated decision-making or profiling that would have legal effects or similarly significant impact on data subjects.

12. Personal Data Security

We have implemented appropriate technical and organizational measures:

  • Data encryption in transit (SSL/TLS)
  • Sensitive data encryption at rest
  • Regular backups
  • Access based on "need to know" principle
  • Regular security audits
  • Employee training

13. Cookies

Detailed information about cookie usage can be found in our Cookie Policy.

14. Changes to These Terms

We may occasionally update these terms. We will inform you about significant changes via email or website notification.

15. Obligation to Provide Data

For B2B clients: Providing data necessary for contract fulfillment is a contractual requirement. Without this data, we cannot provide our services.

For marketing purposes: Providing data is voluntary.

16. Source of Personal Data

We obtain personal data:

  • Directly from you (contact form, email, phone)
  • From your company (B2B client contact persons)
  • From public sources (business register, company websites)

Effective Date: 1.1.2025
Last Update: 1.1.2025

If you have any questions, please do not hesitate to contact us at info@synapsecore.cloud