Online Poradňa

Privacy Policy

Last updated: October 26, 2023

This Privacy Policy describes how Online Poradňa ("we," "us," or "our") collects, uses, and discloses your information when you visit or use our website onlineporadna.live (the "Site") and any related services, features, or content (collectively, the "Services"). We are committed to protecting your privacy and ensuring the security of your personal data. This policy applies to all users of our Services, including those who provide consulting or receive advice through our platform. Please read this Privacy Policy carefully to understand our practices regarding your information.

1. Introduction

Online Poradňa is an online platform operating in the Slovak Republic that connects users seeking advice ("Clients") with qualified professionals ("Consultants") in various fields, including legal, financial, psychological, and career counseling. The Services are provided through the Site and any associated mobile applications. By accessing or using our Services, you agree to the terms of this Privacy Policy. If you do not agree with our policies and practices, please do not use our Services. We may update this Privacy Policy from time to time, and we will notify you of material changes by posting the updated policy on the Site and updating the "Last updated" date. Your continued use of the Services after changes take effect constitutes your acceptance of the revised policy.

2. Information We Collect

We collect several types of information from and about users of our Services, including:

  • Personal Information: Information by which you may be personally identified, such as your name, email address, postal address, phone number, date of birth, and any other information you voluntarily provide when registering an account, filling out a form, or communicating with us.
  • Professional Information: For Consultants, we collect professional credentials, qualifications, experience, licenses, certifications, areas of expertise, and other information relevant to providing consulting services. This may include copies of diplomas, professional memberships, and references.
  • Consultation Content: The content of communications between Clients and Consultants, including chat messages, video transcripts, audio recordings (with consent), documents uploaded, and any advice provided. We treat this content as confidential and subject to enhanced protections.
  • Usage Data: Information about your interaction with our Site, including your IP address, browser type, operating system, referring URLs, pages viewed, time spent on pages, and other browsing behavior. We collect this data automatically through cookies and similar technologies.
  • Payment Information: If you make payments through our Services, we collect payment card details, billing addresses, and transaction histories. We use third-party payment processors to handle payment data securely; we do not store full payment card numbers on our servers.
  • Identity Verification Data: For Consultants, we may collect government-issued identification documents (such as passport or national ID number) to verify identity and conduct background checks, where required by law or our policies.
  • Communication Records: Records of your correspondence with us, including support requests, complaints, feedback, and survey responses.

3. How We Collect Information

We collect information directly from you when you:

  • Register an account as a Client or Consultant
  • Complete a profile or provide professional credentials
  • Submit a consultation request or provide feedback
  • Communicate with us via email, chat, or phone
  • Upload documents or share files through the platform
  • Participate in any interactive features of our Services
  • Complete surveys or provide testimonials

We also collect information automatically through:

  • Cookies and Similar Technologies: We use cookies, web beacons, pixels, and similar tracking technologies to collect usage data, remember your preferences, and improve your experience. You can manage cookie settings through your browser.
  • Log Files: Our servers automatically record information when you access our Services, including your IP address, browser type, and pages visited.
  • Analytics Tools: We use third-party analytics services like Google Analytics to understand how users interact with our Site and to improve our Services.

4. How We Use Your Information

We use the information we collect for the following purposes:

  • To Provide and Maintain the Services: Connecting Clients with Consultants, facilitating consultations, processing transactions, and managing user accounts.
  • To Improve Our Services: Analyzing usage patterns, conducting research, and developing new features to enhance user experience.
  • To Communicate with You: Sending service-related notifications, updates, security alerts, and administrative messages. With your consent, we may also send promotional communications about other services or events.
  • To Ensure Quality and Compliance: Monitoring consultations for quality assurance, verifying Consultant qualifications, and enforcing compliance with our Terms of Service and applicable laws.
  • To Protect Rights and Safety: Investigating and preventing fraud, abuse, illegal activities, or violations of our policies; protecting the rights, property, or safety of our users, ourselves, or others.
  • For Legal and Regulatory Compliance: Complying with applicable laws, regulations, legal processes, or governmental requests, including data protection obligations under Slovak law and GDPR.
  • To Personalize Your Experience: Tailoring content, recommendations, and match suggestions based on your preferences and past interactions.
  • For Payment Processing: Handling billing, invoicing, and financial transactions through secure third-party processors.

5. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), we process your personal data based on the following legal grounds under the General Data Protection Regulation (GDPR):

  • Consent: Where you have given us explicit consent to process your data for specific purposes, such as sending marketing communications or processing sensitive consultation content. You have the right to withdraw consent at any time.
  • Contractual Necessity: Processing is necessary to perform our contract with you, such as providing consultation services or managing your account. This includes verifying Consultant qualifications and facilitating payments.
  • Legal Obligation: Processing is required to comply with legal obligations, such as maintaining records for tax purposes, cooperating with law enforcement, or fulfilling data subject rights requests.
  • Legitimate Interests: Processing is based on our legitimate interests, such as improving our Services, preventing fraud, ensuring network security, and analyzing user behavior. We balance these interests against your rights and freedoms.
  • Vital Interests: In rare circumstances, processing may be necessary to protect your vital interests or those of another person, such as in emergency situations involving health or safety.

6. Information Sharing and Disclosure

We may share your information with third parties in the following circumstances:

  • With Consultants: When you engage a Consultant, we share relevant information necessary for the consultation, such as your name, contact details, consultation topic, and any documents you upload. Consultants are contractually obligated to keep this information confidential.
  • With Service Providers: We engage trusted third-party vendors to perform functions on our behalf, including payment processing (e.g., Stripe, PayPal), hosting (e.g., AWS), analytics (e.g., Google Analytics), email delivery, customer support, and identity verification. These providers are bound by data processing agreements and may only use your data as instructed by us.
  • For Legal Reasons: We may disclose your information if required by law, such as in response to a subpoena, court order, or government request, or to enforce our legal rights, protect our property, or prevent harm.
  • In Case of Business Transfers: If we are involved in a merger, acquisition, restructuring, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and the new entity will continue to be bound by this Privacy Policy.
  • With Your Consent: We may share your information with third parties when you have given us explicit consent to do so, such as for marketing purposes or to connect you with specific service partners.
  • Anonymized or Aggregated Data: We may share anonymized or aggregated data that cannot reasonably identify you for research, analytics, or promotional purposes.

We do not sell your personal information to third parties for their own marketing purposes.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption: Data transmitted between your device and our servers is encrypted using TLS/SSL technology. Sensitive data stored on our servers is encrypted at rest.
  • Access Controls: Only authorized personnel have access to personal data, and access is granted on a need-to-know basis. We enforce strong password policies and use multi-factor authentication where appropriate.
  • Regular Security Audits: We conduct regular security assessments, penetration testing, and vulnerability scans to identify and address potential risks.
  • Data Minimization: We collect only the data necessary for the purposes described in this policy and retain it only as long as needed.
  • Employee Training: Our staff receive training on data protection best practices and confidentiality obligations.

Despite these measures, no method of transmission or storage is 100% secure. We cannot guarantee absolute security, but we strive to protect your data to the best of our ability.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including to provide the Services, comply with legal obligations, resolve disputes, and enforce our agreements. Specific retention periods are as follows:

  • Account Information: Retained for the duration of your account and for a reasonable period thereafter (up to 6 years) to comply with legal and regulatory requirements.
  • Consultation Content: Retained for the duration of the consultation relationship and for 3 years after the last consultation, unless a longer retention is required for legal or quality assurance purposes.
  • Payment Information: Retained as necessary for processing transactions and for tax and accounting purposes (typically 10 years under Slovak law). We do not store full payment card details beyond the transaction.
  • Usage Data: Retained in aggregated form for up to 3 years for analytics purposes.
  • Communication Records: Retained for the duration of the customer relationship and for 2 years after, or longer if required for legal purposes.

When data is no longer needed, we securely delete or anonymize it.

9. Your Rights and Choices

Under applicable data protection laws, including the GDPR, you have the following rights regarding your personal data:

  • Right to Access: You can request a copy of the personal data we hold about you, along with information about how we process it.
  • Right to Rectification: You can request that we correct any inaccurate or incomplete personal data.
  • Right to Erasure (Right to be Forgotten): You can request that we delete your personal data, subject to certain exceptions (e.g., legal obligations, ongoing disputes).
  • Right to Restrict Processing: You can request that we limit the processing of your data in certain circumstances, such as when you contest its accuracy.
  • Right to Data Portability: You can request a copy of your data in a structured, commonly used, machine-readable format, and have it transmitted to another controller, where technically feasible.
  • Right to Object: You can object to processing based on legitimate interests, including profiling, or to processing for direct marketing purposes.
  • Right to Withdraw Consent: Where processing is based on consent, you have the right to withdraw that consent at any time without affecting the lawfulness of prior processing.
  • Right to Lodge a Complaint: If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Slovak Data Protection Authority (Úrad na ochranu osobných údajov Slovenskej republiky) or your local supervisory authority.

To exercise any of these rights, please contact us using the information provided in the "Contact Information" section below. We will respond to your request within one month, unless additional time is needed due to complexity or volume. We may require verification of your identity before processing your request.

10. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA), including countries that may not have the same level of data protection laws. When we transfer your data, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs): We use European Commission-approved contractual clauses to govern transfers to third countries.
  • Binding Corporate Rules: For transfers within our group of companies, where applicable.
  • Adequacy Decisions: Transfers to countries deemed adequate by the European Commission.
  • Privacy Shield: For transfers to the US, we may rely on the EU-US Data Privacy Framework, where certified.

Our primary service providers are based in the European Union or countries with adequate protection. By using our Services, you consent to such transfers subject to the safeguards described.

11. Cookies and Tracking Technologies

Our Site uses cookies and similar technologies to enhance user experience, analyze trends, and administer the Site. A cookie is a small text file stored on your device. We use the following types of cookies:

  • Essential Cookies: Necessary for the basic functioning of the Site, such as maintaining session state and authentication. These cannot be disabled.
  • Functionality Cookies: Remember your preferences, language settings, and customizations to improve your experience.
  • Analytics Cookies: Collect aggregated data about how users interact with our Site, which helps us improve performance and usability. We use Google Analytics and similar tools.
  • Marketing Cookies: Used to deliver relevant advertisements and track the effectiveness of our marketing campaigns. These are only set with your consent.

You can control cookies through your browser settings. You may also opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on. However, disabling certain cookies may affect the functionality of the Site.

12. Third-Party Links and Services

Our Services may contain links to third-party websites, plugins, or services that are not owned or controlled by us. This Privacy Policy does not apply to those third parties. We are not responsible for the privacy practices of such sites, and we encourage you to review their privacy policies before providing any personal information. Examples include links to payment processors, social media platforms, and external resources.

13. Children's Privacy

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that a child under 18 has provided us with personal data without parental consent, we will take steps to delete that information promptly. If you believe we may have collected data from a child, please contact us.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. We will notify you of material changes by posting the updated policy on the Site with a revised "Last updated" date and, where appropriate, by sending an email notification to registered users. We encourage you to review this policy periodically. Your continued use of the Services after changes take effect constitutes your acceptance of the updated policy.

15. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our Data Protection Officer (DPO) at:

  • Email: dpo@onlineporadna.live
  • Postal Address: Online Poradňa, Data Protection Officer, Hlavná ulica 123, 811 01 Bratislava, Slovak Republic
  • Phone: +421 2 123 4567 (Monday to Friday, 9:00 - 17:00 CET)

We will respond to your inquiry within a reasonable timeframe. If you are not satisfied with our response, you have the right to lodge a complaint with the Slovak Data Protection Authority at:

  • Website: https://dataprotection.gov.sk
  • Address: Úrad na ochranu osobných údajov Slovenskej republiky, Hraničná 12, 820 07 Bratislava, Slovak Republic

This Privacy Policy was prepared with care to reflect our commitment to protecting your privacy and complying with applicable laws, including the GDPR and Slovak Act on Protection of Personal Data (Act No. 18/2018 Coll.). Thank you for trusting Online Poradňa with your personal information.

Používame cookies na zlepšenie vašej skúsenosti na našej webovej stránke. Súhlasíte s ich používaním?