Privacy Policy

Last Updated: June 30, 2025

1. Introduction

This Privacy Policy explains how SETO Corp. ("we", "us", or "our") collects, uses, and protects your personal data when you use the Kdo Dnes Platí? application (the "Service"). We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR).

This policy applies to all visitors and registered users of the Service. By using the Service, you also agree to our Terms of Service.

2. Data Controller

The data controller responsible for your personal data is:

SETO Corp.
Contact Email for Privacy Matters: se.to.zaridi@gmail.com

3. What Personal Data We Collect and Why

We collect only the necessary personal data for the following purposes:

• Account Information:
  • Data: Email address, chosen name/nickname, hashed password.
  • Purpose: To create and manage your user account, allow you to log in, and communicate essential service information (e.g., password resets).
  • Legal Basis (GDPR Art. 6(1)(b)): Necessary for the performance of the service contract you agree to when you register.
• Google Login Information (if used):
  • Data: Email address, name, and profile picture URL as provided by Google upon your authorization.
  • Purpose: To authenticate you via your Google account for a simplified login process.
  • Legal Basis (GDPR Art. 6(1)(b)): Necessary for the performance of the service contract.
• Technical Information (Server Logs):
  • Data: IP address, browser type, and access times.
  • Purpose: To ensure the security and stability of the Service, diagnose technical problems, and prevent abuse.
  • Legal Basis (GDPR Art. 6(1)(f)): Necessary for our legitimate interest in maintaining a secure and functional service.
• Cookies:
  • We use only essential session cookies required for the basic function of the service, such as keeping you logged in. We do not use third-party analytics or advertising cookies.
  • Legal Basis (GDPR Art. 6(1)(f)): Necessary for our legitimate interest in providing a functional website.

4. Data Sharing and Third Parties

We do not sell your personal data. We may share your data only with essential third parties:

• Google LLC: If you use Google Login, information is exchanged with Google for authentication as per their privacy policy.
• Hosting Provider: Our Service is hosted by a reputable third-party provider on servers located within the European Union to ensure GDPR compliance.
• Legal Requirements: We may disclose your information if required by law or in response to valid requests by public authorities.

5. Data Retention

We retain your personal data only for as long as necessary:

• Account Information: Retained for as long as your account is active. If you delete your account, we will permanently delete your data within 30 days.
• Server Logs: Retained for a limited period, typically 14-30 days, for security and diagnostic purposes before being deleted.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including password hashing and the use of HTTPS (SSL/TLS). However, no method of transmission over the Internet is 100% secure.

7. Your Rights Under GDPR

You have the right to access, rectify, erase, restrict processing of, and port your personal data. You also have the right to object to processing and to lodge a complaint with a supervisory authority. The supervisory authority in the Czech Republic is the Úřad pro ochranu osobních údajů (www.uoou.cz).

8. How to Exercise Your Rights

To exercise any of your rights, please contact us at our dedicated privacy email: se.to.zaridi@gmail.com. We may need to verify your identity before processing your request.

9. Changes to This Privacy Policy

We may update this policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

10. Contact Us

If you have any questions about this Privacy Policy, please contact us at: se.to.zaridi@gmail.com