Protection of privacy and security of personal data processing is very important for us. We process the personal data of the affected persons in accordance with applicable legal regulations and ensure their protection to the fullest extent possible.
1. About us
GoodRequest, s.r.o. ("GoodRequest") focuses mainly on the development of mobile applications, web solutions as well as the functional UI / UX design and complete product support once it has been created. We create unique mobile and web applications with emphasis on minimal design and usability. Our goal is to transform your ideas into a successful product.
When processing your personal data, we are governed by the laws of the Slovak Republic, in particular Regulation (EU) 2016/679 of The European Parliament and of The Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation or GDPR), act No. 18/2018 Z.z. on the protection of personal data as well as other legislative regulations.
The operator of the information systems, in which the personal data of our clients, their customers and other entities are processed, is GoodRequest, s.r.o., registered seat Murgašova 2/243, 010 01 Žilina, Identification number: 47 419 971, registered in the Business Register of the District Court Žilina, Section: Sro, Insert No.: 60761 / L.
2. What data do we process about you?
Personal information is considered to be any information based on which it is possible to identify a particular natural person. This means that it's not just known identifiers like name, surname, or date of birth. GDPR defines a personal data as any information that leads to the determination of a natural person. Any natural person to whom the personal data relate is considered to be the person concerned with the relevant personal data rights.
If you are our client, we only process personal information necessary to provide you with professional services and a high-quality product, the scope of which is determined by the content of our contractual relationship or generally binding legal regulations. As a rule, we only process data such as name, surname, phone number, and email address. You also provide us with such information through our contact form at www.goodrequest.com. However, if this is the contact information of the person who facilitates our communication with you, the GDPR does not apply to this data. In the case that your personal data is processed based on the consent, the extent of the data is precisely stated in the consent, to the extent necessary to meet the purpose for which the personal data are processed.
If you are a client of our client for whom we developed a mobile application or a web platform, the scope and type of personal data is determined by our client as the operator of the given product. As a rule, personal information includes your name, surname, address, photo, phone number, perhaps GPS location or age. The scope and purpose of processing these data is defined by our client, who also determines to what extent we will process the data from the position of intermediary.
3. For what purpose do we process your data?
We process your personal data only to the extent necessary for the given purpose. Most of our processing operations are justified by the fact that we need your personal information to provide you with the requested service you order in connection with the implementation of a specific project. We therefore obtain personal data from you to conclude and perform our contractual relationship. It is therefore important that you provide us with complete, correct, up-to-date and true personal data.
At GoodRequest, we process personal data of our clients or potential clients for a variety of purposes, primarily for purposes that fall into the following categories:
- identification and registration of clients
- conclusion and fulfillment of contractual relations (implementation of the project)
- customer registration within the internal CRM system
- compliance with the obligations arising from specific legislation
4. We protect the data of our clients and customers of our clients
There are strict rules at GoodRequest that govern the conditions under which our employees, or other authorized persons, have access to our clients' data or to the data of clients' customers that we have access to in order to implement the projects for our clients.
We process personal data using automated means of processing within our information systems that are secured and protected in accordance with applicable security standards and privacy policies and fully comply with the principles of integrity, availability, confidentiality and security specified by the GDPR.
The right to process personal data on behalf of GoodRequest results for our employees from their employment relationship with us as well as from generally binding legal regulations. Our employees have strictly regulated two-stage access privileges into individual systems that process the personal data of our clients and their customers.
When processing your data, we are required to comply with certain obligations. The most important ones we comply with include:
- We process and collect your personal data only for defined and legitimate purposes, and only for the time until we reach the purpose for which these personal data were obtained.
- We do not knowingly and without authorization interfere in your privacy protection right.
- We protect your personal information from loss, destruction and misuse.
- All our employees and contractors are bound by confidentiality agreement, so that personal data of customers must not be given to third parties.
5. Where do your personal data go? (categories of recipients)
Personal data of our clients is not made available outside of GoodRequest except when such a procedure results from your consent or the applicable law. This means that personal data may be made available or provided to other third parties, or recipients, if this obligation results from a directly binding legal act of the European Union or an international treaty by which the Slovak Republic is bound.
We do not provide unauthorized access to personal information of our clients. However, some personal data must be made available to a predefined range of recipients of personal data. This is the case if we make your information available to the service providers with whom we work, such as our contractors in the position of self-employed person, external accounting and legal services. In addition, we may make your information available in order to secure our IT systems or www.goodrequest.com domain. The reason for this form of availability of our clients' data can therefore be:
- Customer Relationship Records: Atlassian Pty Ltd
- Payroll and Personal Agenda: Google Inc.
In the case that any natural or legal person accesses personal data we have access to and processes it on our behalf as an intermediary, we ensure that compliance with and fulfillment of security requirements for the processing of personal data is respected.
6. What rights do the affected persons have?
At GoodRequest, we do everything we can to adequately reflect the rights of our clients as affected persons. At the same time, we are also prepared to respond to our clients' customers’ requests, which could be addressed to our clients, in full compliance with GDPR.
You have the right to access your data
If you are our client, you have the right to request the confirmation from us that we process your personal information and, if so, you have the right to access this data. Similarly, we are also able to make data available to the customers of our clients. In this case, we are ready to provide the following information:
- identification and contact information of GoodRequest
- processing purposes
- categories of personal data
- categories of recipients of your data
- processing of personal data on the basis of a legitimate interest
- periods of data processing
- information about the source from which we obtained your personal data
- information about the rights to object, delete, limit personal data.
You have the right to correct your data
It may happen that some of the information we have about our clients is not or has ceased to be correct. Without your co-operation, however, we cannot correct it. For this reason, it is important that you promptly inform us of any changes in your personal information. As the affected person, you are responsible for the accuracy, timeliness, completeness and correctness of the personal data you have provided to GoodRequest.
As our client, you have the right to correct your incorrect and outdated personal data in our information systems. In this case, do not hesitate to contact us if you have found that we have incorrect or outdated information about you.
You have the right to object to the processing of your data
In case you do not agree to have your personal data processed in certain cases, you have the right to object to such processing. Your right to object is particularly important in cases where we process your personal information for legitimate interest on our part.
If you do not want us to use your personal data for direct marketing to send you offers of our services, you can change your marketing preferences so that we do not use your data more for that purpose.
You have the right to request a limitation of the processing of your data
Under certain circumstances, your personal data may no longer be necessary to be processed
You have the right for deletion of your data
If you believe that certain data relating to your person is unlawfully processed, you have the right to require us to delete this data. In this situation, you are required as the customer to prove the unlawfulness of the processing based on relevant documents.
You have the right to transfer of your data
You have the right to receive your personal data in electronic format in a structured form. You have the right to require us to transfer your data to another entity that you notify us about via request sent to: email@example.com, including the third-party email address.
How to enforce your rights to access your personal information
All rights for personal data processing can be enforced by our clients at GoodRequest by sending a request to:
E-mail address: firstname.lastname@example.org
010 01 Žilina
Under GDPR, GoodRequest reserves the right to request identification details of the affected persons to ensure sufficient identification of applicants in order to protect their rights.
GoodRequest has a one-month period to process the request from the day it was received. This period may be extended by a further two months if necessary, considering the complexity of the request and the number of received requests. GoodRequest notifies applicant about any such extension within one month of receiving the request together with the reasons for the missed deadline. In such case, the applicant will be notified of the time extension in the form in which he has chosen to send his request.
The information requested by the applicant in the request is provided free of charge. However, if the request is unreasonable or inappropriate, in particular for its recurring nature, GoodRequest has the right to either: (i) request a reasonable fee to take into account the administrative costs for providing the information, for notification or for taking the requested action; or (ii) to refuse to act on request.
Right to file a complaint with the supervisory authority
If you believe that your rights to personal data or the terms of processing your data have been violated, you have the right to complain to the supervisory authority, which is the Office for Personal Data Protection of SR with seat: Hraničná 12, 820 07 Bratislava.
7. For how long do we process your personal data?
We store and protect your personal data for as long as the applicable laws dictates, in the case of personal data processed under your consent, for as long as you have given us your consent. If the legal basis for the processing of your personal data is the fulfilment of a contractual obligation, we process your data at least until the time of implementation of our service. Even after completing the service you have ordered with us, it is necessary to process your personal data because of the need to provide the maintenance of the product after delivery. Storage times vary depending on the specific purpose for which we process personal information.
Expected times of storage of the personal data:
PurposeLegal basisStorage period after fulfillment of purpose / closing of tradeIdentification and evidence of clientsContract fulfilment5 yearsEntering contractual relationships and their fulfilment (project implementation)Contract fulfilment5 yearsRegistration of customers in internal CRM systemContract fulfilment5 yearsTaxes and accountingLaw10 years
8. Processing your personal data based on your consent
Sometimes, we may ask you to give us consent to the processing of your personal information, to present our company. You may, at any time, revoke the consent you have given us to process your personal data at email@example.com.
Sharing your personal data with us is voluntary, we cannot force you to agree to the processing of your personal data in any way, and you are entitled to refuse to provide your personal data.
9. Final provisions
In case of any questions regarding protection of your personal data, which have not been addressed in this document, do not hesitate to contact us at: firstname.lastname@example.org.