Privacy Policy

1. Data controller

The controller of personal data is:

Rbinnary s.r.o.
Registered office: Sputniková 3253, Bratislava 821 02, Slovakia
Company ID: 35716282 | Tax ID: 2020986396
E-mail: groot@groot.sk
Phone: +421 940 503 338

2. General information

This document describes how we process the personal data of visitors to our website, what rights you have in relation to this processing, and what technical and organisational measures we take to protect your data.

The processing of personal data is governed by Regulation (EU) 2016/679 ("GDPR") and Act No. 18/2018 Coll. on the Protection of Personal Data of the Slovak Republic.

3. Principles of personal data processing

Personal data processing is carried out in accordance with the following principles:

• Lawfulness, fairness and transparency
• Purpose limitation: we collect data for specific, explicit and legitimate purposes and do not further process it in a manner incompatible with those purposes
• Data minimisation: we only process personal data that is necessary to achieve the purpose
• Accuracy: data must be correct and updated where necessary
• Storage limitation: we keep data in a form that permits identification of data subjects only for as long as is necessary for the purpose of processing
• Integrity and confidentiality: we ensure appropriate technical and organisational measures to protect data against unauthorised or unlawful processing and against loss, destruction or damage

4. Legal basis for processing

Under the GDPR and Slovak law, we may process personal data if one of the following bases applies:

• Consent of the data subject (e.g. for newsletter, remarketing purposes)
• Performance of a contract (e.g. processing an order)
• Compliance with a legal obligation (e.g. accounting)
• Legitimate interest of the controller or third parties (provided the rights and freedoms of the data subject are not compromised)
• Other lawful grounds (e.g. protection of vital interests)

5. Categories of personal data

On our website, we may process the following categories of data:

• Identification data (first name, surname)
• Contact data (e-mail, phone, address)
• Technical data (IP address, website visit data, cookies)
• Marketing data (newsletter consent, preferences)
• Other data you provide voluntarily (e.g. ratings, reviews)

6. Purposes of processing

We process personal data primarily for the following purposes:

• Ensuring the proper operation of the website
• Communication with the customer (enquiry confirmation, support)
• Marketing: sending newsletters, offers (only with your consent)
• Website traffic analysis, optimisation and service improvement (e.g. analytics tools)
• Compliance with legal obligations (accounting, archiving)

7. Sharing data with third parties

Personal data may be shared with third parties to the extent necessary to achieve the purpose, for example:

• IT services, hosting and website management
• Marketing tools (e.g. newsletter distribution)
• If required by law — government authorities

When transferring personal data outside the EU/EEA, we use appropriate safeguards in accordance with Chapter V of the GDPR.

8. Storage and retention period

We retain personal data for the period necessary to fulfil the purpose of processing. After this period, we securely delete or anonymise the data. For example:

• Accounting documents: according to statutory deadlines
• Marketing consent data: as long as consent is active or until the customer withdraws consent
• Technical website data and logs: to the extent necessary for security and operations

9. Rights of the data subject

As a data subject, you have the right to:

• Access your personal data (find out whether it is being processed and, if so, obtain a copy)
• Rectification (if the data is inaccurate)
• Erasure ("right to be forgotten") — if there is no reason for further processing
• Restriction of processing
• Data portability (where technically feasible and processing is based on consent or contract)
• Object to processing — particularly where processing is based on legitimate interest
• Withdraw consent at any time (where processing is based on consent)
• Lodge a complaint with the Office for Personal Data Protection of the Slovak Republic (ÚOOÚ) as the supervisory authority

10. Cookies and tracking tools

Our website uses cookies and similar technologies (e.g. analytics tools).

• Some cookies are essential for the website to function (technically necessary) — these may be applied without consent
• For others — e.g. marketing or statistical cookies — we obtain your consent, which can be withdrawn at any time

11. Data security

We ensure appropriate technical and organisational measures to protect personal data against unauthorised access, loss, damage, destruction or disclosure. These measures include: encryption, access controls, regular backups, vulnerability testing and staff training.

12. Personal data breach notification

If a personal data breach occurs that may pose a risk to the rights and freedoms of individuals, we will notify the ÚOOÚ without undue delay (generally within 72 hours) and, where necessary, inform the affected individuals.

13. Changes to the privacy policy

We reserve the right to amend this Policy at any time. We will inform you of any significant changes in an appropriate manner (e.g. by e-mail or by notice on the website).

14. Contact

Controller:
Rbinnary s.r.o.
Sputniková 3253, Bratislava 821 02, Slovakia
E-mail: groot@groot.sk
Phone: +421 940 503 338

Supervisory authority:
Office for Personal Data Protection of the Slovak Republic
Hraničná 12, 820 07 Bratislava 27
Slovak Republic