Privacy Policy

This data protection policy applies to the collection and processing of personal data during the central operation of this website.

Controller for the operation of the website: Sophotech s.r.o., Karpatské námestie 7770/10A, 831 06 Bratislava, Slovenska respublika, contact@sopho.tech.

1. Purposes for Which We Process Customer and User Data

We collect and process personal data for various purposes, including:

• to provide our websites and social media pages;
• to display personalized advertising and content;
• to manage event registration and attendance;
• to send communications;
• to respond to contact and user support requests;
• to provide our Services and to improve and optimize their performance;
• to bill you for our services and manage our accounts;
• to ensure the security of Sophotech and its services; and
• to comply with our legal obligations.

We collect and process your personal data only where it is necessary to fulfill these purposes and we have a legal basis to do so. Where required, we will ask for your consent prior to the processing.

Our website, services and events are not directed at children. We do not knowingly collect personal information from children under the age of 16.

2. Data Sharing

We share your personal data with various parties, including:

• contracted service providers who process data on our behalf for IT and system administration, hosting, analytics, marketing and customer support;
• sponsors of events and webinars for which you register;
• third-party networks and websites so that we can display advertisements on their platforms;
• consultants providing consulting, banking, legal, insurance, tax and accounting services; and
• public and government authorities where we are required to disclose personal information to comply with our legal obligations.

3. What Usage Data Do We Process?

Every time you visit our website, our system automatically collects data and information from the computer system of the visiting computer.

This information may include identifiers, commercial information and information about Internet activities such as:

• the IP address (or proxy server information)
• device and application information
• identification numbers and characteristics
• location, browser type, plug-ins
• Internet Service Provider, mobile carrier
• the pages and files viewed, searches conducted, referring website
• operating system, system configuration information, language preferences
• date and time stamps relating to your use and frequency of visits to the websites

In addition, we collect certain information in connection with your use of our services ('usage data'). This information may include: (i) identifiers such as user ID, company ID, user name, email address, and user type; (ii) commercial information; and (iii) Internet activity information such as IP address (or proxy server), mobile device number, device and application identification numbers, location, language, browser type, internet service provider or mobile carrier, user interactions such as the pages and files viewed, interactions with websites and webpages such as searches and other actions taken by you, operating system type and version, system configuration information, date and time stamps associated with your use and details of which of our products and product versions you are using.

In addition, we may use aggregated and anonymised usage data for other internal business purposes, such as identifying additional customer opportunities and ensuring that we meet the needs of our customers and their users.

4. Google reCAPTCHA

We use the reCAPTCHA service. The provider of this service is Google LLC, 600 Amphitheatre Parkway Mountain View, CA 94043, USA (hereinafter: Google). We use this service to ensure adequate data security when submitting forms. This service is used to recognise whether the input is being made by a person or by automated machine processing. The following data is used for this purpose: the IP address of the website visitor, the duration, date and time of the request, the identification data of the browser and operating system type you are using, the data about your Google account (if you are logged in), mouse movements on the reCAPTCHA surfaces and the tasks for which you have to identify images. This data is transmitted to a Google LLC. server and stored there.

The different data protection regulations of Google LLC. apply. You can find more information about this here: https://policies.google.com/privacy?hl=en-US

We store the data entry for five months.

5. Social Media Features

Our websites may use social media features, such as sharing widgets ('social media features'). Social media features can enable you to publish information about your activities on our website on external platforms and social networks. Through social media features, you may also be able to link or highlight information that we have published on our website or on our social media platforms. The social media functions and, if you access them via links from our websites, the platform may receive information that shows that you have visited our websites. If you are logged into your social media account, the social media network can link your visit to our websites to your social media profile.

Your interactions with social media functions are subject to the data protection policies of the companies that provide them.

We use:

• LinkedIn - Provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. Data protection policy: https://www.linkedin.com/legal/privacy-policy
• GitHub - Service provider: GitHub Inc., 88 Colin P Kelle Jr St, San Francisco, CA 94107, USA. Data protection policy: https://docs.github.com/en/site-policy/privacy-policies/github-general-privacy-statement

6. Contact Form and E-mail Contact

Description and scope of data processing

Our website includes a contact form that can be used to contact us electronically. If a user makes use of this option, the data entered in the input mask will be transmitted to us and stored. These data are:

• Reason for contacting us
• First and last name
• Email address
• Job title (optional)
• Company
• Telephone number (optional)
• Contact details (optional) and Information for further contact (optional)
• User's IP address
• Date and time of registration

During the sending process, your consent to the processing of the data is obtained and reference is made to this data protection policy.

Alternatively, it is possible to make contact via the email address provided. In this case, the user's personal data transmitted by email will be stored.

In this context, the data will not be passed on to third parties. The data will be used exclusively for processing the request and for establishing contact.

Duration of storage

The data will be deleted as soon as it is no longer required for the purpose for which it was collected. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended unless there is a business, compliance or legal needs to store the data longer. The conversation is ended when it can be inferred from the circumstances that the data subject has been conclusively clarified.

The additional personal data collected from the email header during the sending process will be stored in our log server up to 90 days.

Right of objection and removal

The user has the right to revoke his consent to the processing of personal data at any time. If the user contacts us by email, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.

The user can address a revocation of consent or an objection to the storage to the contact data. In this case, all personal data stored in the course of establishing contact will be deleted.

7. International Transfer of Personal Data

We may collect your personal data and it may be transferred to and stored by us in other countries, including countries in which we do not have a presence or in which we provide the services. Your personal data may therefore be processed outside your country or jurisdiction and in locations that may not provide the same standard of data protection.

A data transfer or disclosure of your data will only take place to the extent necessary for this purpose and in compliance with the relevant data protection regulations.

8. Data Retention

We retain your information for a period consistent with the original purpose of collection or as long as needed to satisfy any legal obligations. We determine the appropriate retention period for personal data based on the amount, nature, and sensitivity of the personal data processed, the potential risk of harm from unauthorised use or disclosure of the personal data, whether we can achieve the purposes of processing through other means, and the applicable legal requirements (such as applicable statutes of limitation).

After the applicable retention period has expired, your personal data will be deleted. If there is data that we cannot completely delete from our systems for technical reasons, this data will be anonymised.

9. Your Rights

To the extent Sophotech is subject to data protection requirements in the EU, the European Economic Area ('EEA') or other countries whose national laws correspond to the GDPR, you have certain rights in relation to your personal data, as provided by local data protection laws. Depending on the applicable laws, these rights may include the right to:

• Request access to your personal data stored by us;
• Find out more about how we process your personal data;
• Request the correction of incorrect personal data, taking into account the purpose of the processing of the personal data, and ensure that it is complete;
• Request the deletion of your personal data;
• Request the restriction of the processing of your personal data;
• Transmit your personal data to another Controller (data portability), where this is possible;
• Object to the processing of your personal data;
• Opt out of certain disclosures of your personal data to third parties;
• Have the right not to be discriminated against for exercising your rights as described above;
• Have the right not to be subject to a decision based solely on automated processing (including profiling) that has legal effect; and
• Revoke your consent at any time for the future, insofar as the processing of your personal data is based on consent.

10. Amendments to Our Data Protection Policy

We ask you to regularly review the content of our data protection policy. We will amend the data protection policy as soon as changes to the data processing we carry out make this necessary. We will inform you as soon as the changes require an act of cooperation on your part (e.g. consent) or any other individual notification.

Please note that addresses and contact information for companies and organisations may change over time. Please check the information provided before contacting us.

11. Contact

To exercise your rights regarding your personal data or if you have questions about our privacy practices, please email us at contact@sopho.tech or per Post to Sophotech s.r.o., Karpatské námestie 7770/10A, 831 06 Bratislava, Slovenska respublika.

When you contact us, please indicate the country and/or state of your residence.

If you are located in the EEA or the United Kingdom and you believe that we have not been able to assist with your complaint or request, you have the right to file a complaint with the appropriate regulatory authority. If you work or live in a country that is a member of the European Union or in the EEA, you can find the contact details for your local data protection authority at the following https://www.edpb.europa.eu/about-edpb/about-edpb/members_en