PRIVACY POLICY
Controller Identification Details
We are NotionIQ s. r. o., a company established and operating under the laws of the Slovak Republic. Our company is registered in the Commercial Register maintained by the District Court Nitra, in Section Sro, Insert No. 65434/N. Our registered office is located at 878 Veľký Lapáš, 951 04, Slovak Republic. We are identified by the company registration number 56 813 376.
As the data controller, we are responsible for determining the purposes and means of processing your personal data. If you have any questions or concerns about how your personal data is handled, you can contact us at privacy@notioniq.dev.
(hereinafter referred to as the “Controller”).
When your personal data is processed by the Controller, you are considered a data subject, i.e., a person whose personal data is being processed. Your personal data will be processed securely and in accordance with the Controller’s security policy.
What Rights Do You Have as a Data Subject?
- Right of Access – You have the right to obtain a copy of the personal data we hold about you, as well as information on how we use your personal data.
- Right to Rectification – If you believe the data we hold is inaccurate, incomplete, or outdated, please contact us to amend, update, or complete the data.
- Right to Erasure – You have the right to request the deletion of your personal data.
- Right to Withdraw Consent – If we process your personal data based on your consent, you may withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.
- Right to Restrict Processing – Under certain circumstances, you may request that we stop using your personal data.
- Right to Data Portability – Under certain circumstances, you have the right to request the transfer of your personal data to another third party of your choice.
- Right to Object – You may object to the processing of your personal data when it is based on our legitimate interests.
- Right Not to Be Subject to Automated Decision-Making Including Profiling.
- Right to Lodge a Complaint with a Supervisory Authority – If you believe your personal data is being processed unfairly or unlawfully, you may lodge a complaint with the supervisory authority, which in Slovakia is the Office for Personal Data Protection of the Slovak Republic.
If providing personal data is a legal or contractual requirement, you as the data subject are obligated to provide such data. Failure to provide personal data necessary to enter into a contract may result in the inability to establish a contractual relationship.
In case of an objection related to the processing of your personal data, you may submit a complaint or request in writing to the address 878 Veľký Lapáš 951 04 or by email to privacy@notioniq.dev.
The Controller will not use your personal data for automated individual decision-making, including profiling. The Controller does not transfer personal data to third countries or international organizations.
DETAILED INFORMATION ON PERSONAL DATA PROCESSING
CONTACT FORM
Purpose of Processing:
Facilitating communication via the website’s contact form; handling requests.
Legal Basis:
Legitimate interest pursuant to Article 6(1)(f) of the GDPR. The primary legitimate interest is to ensure effective communication via the website.
Category of Data Subjects:
Individuals seeking information.
Category of Personal Data:
Name, email, and data provided in the message.
Categories of Recipients:
Authorized persons under a contractual relationship with the Controller, entities to whom the Controller is legally obligated to disclose personal data.
Data Retention Period:
10 days after the end of the month in which the inquiry was received.
COMMENTS
Purpose of Processing:
Publication of user comments and ensuring communication with users via the discussion section of the website; maintaining an interactive space and controlling the integrity of public discussion.
Legal Basis:
Legitimate interest pursuant to Article 6(1)(f) of the GDPR. The primary interest is enabling user communication via discussion, ensuring the security and integrity of the discussion area (e.g., preventing abuse, spam, or illegal content), and maintaining the functionality and interactive character of the blog.
Category of Data Subjects:
Website visitors participating in the discussion.
Category of Personal Data:
Name, email, and data provided in the comment.
Categories of Recipients:
Authorized persons under a contractual relationship with the Controller, entities to whom the Controller is legally obligated to disclose personal data.
Data Retention Period:
For as long as the website on which the comment was posted is operational, or until the commenter requests deletion of the comment.
EXERCISING DATA SUBJECT RIGHTS – PERSONAL DATA PROTECTION
Purpose of Processing:
Recording of exercised data subject rights and personal data protection breaches under Act No. 18/2018 Coll. on Personal Data Protection and on Amendments and Supplements to Certain Acts; recording of exercised rights pursuant to Chapter III and notifications under Articles 33 and 34 of Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
Legal Basis:
Legitimate interest pursuant to Article 6(1)(f) of the GDPR. The main legitimate interest is maintaining a record of exercised rights and breach notifications related to personal data protection.
Category of Data Subjects:
Data subjects who submitted requests to exercise their rights; data subjects affected by a personal data protection breach.
Category of Personal Data:
Data relating to the exercised right, and data provided by the notifier when reporting a breach.
Categories of Recipients:
Authorized persons under a contractual relationship with the Controller, entities to whom the Controller is legally obligated to disclose personal data.
Data Retention Period:
Up to 6 months after the end of the 5-year period from the date the right was exercised or the breach occurred.