Privacy Policy

SmartZmluva s.r.o. ("we", "us", "our") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our platform and services.

This policy complies with the General Data Protection Regulation (GDPR — Regulation (EU) 2016/679) and Slovak Act No. 18/2018 Coll. on the Protection of Personal Data.

The data controller is SmartZmluva s.r.o., with registered office at Mlynské nivy 5, 821 09 Bratislava, Slovak Republic, IČO: 12345678.

Data Protection Officer: privacy@smartzmluva.sk

We collect the following categories of personal data:

Account Data: Name, email address, phone number (optional), and password hash when you register.

Document Data: Information you provide when creating documents (names, addresses, contract terms). This data is used solely to generate your documents.

Usage Data: IP address, browser type, pages visited, and feature usage to improve our Service.

Payment Data: Processed by our payment provider (Stripe). We do not store full credit card numbers.

Communication Data: Messages you send through our contact form or customer support.

We process your personal data for the following purposes:

• Service delivery: To create your Account, generate documents, and provide our core Service. • Communication: To send you service-related notifications, respond to inquiries, and provide customer support. • Improvement: To analyze usage patterns and improve our platform, templates, and AI models (using anonymized data only). • Legal compliance: To comply with applicable laws, regulations, and legal processes. • Security: To detect, prevent, and address fraud, abuse, and security issues.

We process your data based on the following legal grounds:

• Contract performance (Article 6(1)(b) GDPR): Processing necessary to provide our Service. • Legitimate interest (Article 6(1)(f) GDPR): Analytics, security, and service improvement. • Consent (Article 6(1)(a) GDPR): Marketing communications (you can opt out at any time). • Legal obligation (Article 6(1)(c) GDPR): Tax and accounting requirements.

We retain your personal data for as long as your Account is active, plus 30 days following deletion. Document data is stored for the duration of your subscription.

We retain billing records for 10 years as required by Slovak accounting legislation. Anonymized usage data may be retained indefinitely for analytical purposes.

Under GDPR and Slovak law, you have the right to:

• Access: Request a copy of your personal data. • Rectification: Correct inaccurate or incomplete data. • Erasure: Request deletion of your data ("right to be forgotten"). • Restriction: Request limitation of data processing. • Portability: Receive your data in a structured, machine-readable format. • Objection: Object to processing based on legitimate interest. • Withdraw consent: Withdraw previously given consent at any time.

To exercise these rights, contact us at privacy@smartzmluva.sk. We will respond within 30 days.

We implement industry-standard security measures including:

• 256-bit AES encryption for data at rest • TLS 1.3 encryption for data in transit • Regular security audits and penetration testing • Access controls with role-based permissions • Data storage in EU-based data centers (Germany) • Daily encrypted backups with geographic redundancy

We do not sell your personal data. We share data only with:

• Payment processor (Stripe) for payment processing • Cloud infrastructure (AWS EU) for hosting • Email service provider for transactional emails

All third-party providers are GDPR-compliant and bound by data processing agreements.

We use essential cookies required for the Service to function (session management, authentication). We use analytics cookies only with your consent. You can manage cookie preferences through your browser settings.

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through a prominent notice on our platform.

For privacy-related questions or to exercise your data rights:

SmartZmluva s.r.o. Mlynské nivy 5, 821 09 Bratislava Email: privacy@smartzmluva.sk

You also have the right to file a complaint with the Slovak Data Protection Authority (Úrad na ochranu osobných údajov SR).