Privacy Policy

Effective as of: February 24, 2026

ProtonChains s.r.o., registered at Heydukova 2160/18, Bratislava, 811 08, Slovak Republic, ID (IČO): 51 947 293, registered in the Business Register of the City Court Bratislava III, Section: Sro, Insert No.: 139083/B (“we”, “us”, “the Company”, or “Controller”) is the controller of personal data processed through our website www.protonchains.com (the “Website”) and our internal mobile application (the “Application”).

The Application is intended solely for commercial clients under contract with the Company and is not intended for public use. This Privacy Policy explains how we collect, use, store, and protect your personal data in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation, “GDPR”) and Act No. 18/2018 Coll. on Personal Data Protection of the Slovak Republic.

1. What Data We Process

1.1. Website Visitors

When you visit our Website, we may process the following data:

  • Contact form data: name, email address, phone number, company name, and the content of your message — if you voluntarily submit an inquiry;
  • Technical data: IP address, browser type and version, operating system, referring URL, pages visited, date and time of access, and other standard server log information;
  • Cookie data: as described in Section 8 below.

1.2. Commercial Clients (Application Users)

Within the scope of our contractual relationship and the Application, we process:

  • Business data: company name, business ID (IČO), tax ID (DIČ), VAT ID (IČ DPH), contact information, name, surname, degree, nationality, signature specimen, and data necessary for contract negotiation, orders, invoicing, and warranty services;
  • Operational data within the Application: data concerning assets (movable and immovable), inspection reports, item descriptions, photographs, and other data provided or inserted by the client.

2. Purposes of Data Processing

We process personal data for the following purposes:

  • performance of contracts with clients and pre-contractual measures;
  • operation, maintenance, and improvement of the Website and Application;
  • responding to inquiries submitted via the Website;
  • compliance with accounting, tax, and other legal obligations;
  • technical support and complaint handling;
  • protection of the Company’s legal rights and legitimate interests;
  • ensuring the security and proper functioning of our IT systems.

We do not use personal data for marketing, profiling, or automated decision-making purposes. Data is not shared with third parties without a lawful basis.

3. Legal Basis for Processing

We process personal data on the following legal grounds under Article 6(1) GDPR:

Legal Basis Applies To
Art. 6(1)(b) – Contract performance Processing necessary for the performance of a contract with a client, or to take pre-contractual steps at the client’s request
Art. 6(1)(c) – Legal obligation Compliance with accounting, tax, and archival obligations under Slovak law
Art. 6(1)(f) – Legitimate interest Protecting the Company’s rights and property, ensuring IT security, processing website server logs
Art. 6(1)(a) – Consent Where applicable, for non-essential cookies (see Section 8)

4. Data Retention

  • Contractual data: retained for the duration of the contractual relationship and for a period necessary to comply with legal retention obligations thereafter (e.g., accounting records for 10 years under Slovak accounting legislation);
  • Contact form inquiries: retained for up to 12 months after the last communication, unless a contractual relationship is established;
  • Server logs and technical data: retained for up to 12 months;
  • Cookie data: as specified in the cookie descriptions in Section 8.

After the expiration of the applicable retention period, personal data is securely deleted or anonymized.

5. Data Security

We implement appropriate technical and organizational measures to safeguard personal data against loss, misuse, unauthorized access, disclosure, alteration, or destruction. These measures include, but are not limited to:

  • encryption of data in transit (TLS/SSL);
  • access controls and authentication mechanisms;
  • regular security assessments and updates;
  • confidentiality obligations for employees and contractors with access to personal data.

Despite these measures, no method of electronic transmission or storage is 100% secure. The Company cannot guarantee absolute security of your data and shall not be held liable for breaches caused by circumstances beyond its reasonable control, including cyberattacks, force majeure events, or actions of third parties.

6. Disclosure of Data to Third Parties

We may disclose personal data to the following categories of recipients, solely to the extent necessary:

  • Legal authorities: when required by law (e.g., tax authorities, courts, regulatory bodies);
  • Infrastructure and service providers: hosting services, cloud providers, IT maintenance providers — bound by contractual confidentiality obligations and data processing agreements in compliance with GDPR;
  • Professional advisors: accountants, auditors, legal counsel — subject to professional secrecy obligations.

We do not sell, rent, or trade personal data to third parties.

7. International Data Transfers

Your personal data is primarily processed within the European Economic Area (EEA). In the event that data is transferred to a country outside the EEA, we ensure that appropriate safeguards are in place, such as:

  • an adequacy decision by the European Commission (Art. 45 GDPR);
  • Standard Contractual Clauses approved by the European Commission (Art. 46(2)(c) GDPR);
  • other appropriate safeguards as required by applicable law.

8. Cookies and Website Tracking

Our Website may use cookies and similar technologies. Cookies are small text files stored on your device when you visit the Website.

8.1. Types of Cookies

  • Strictly necessary cookies: essential for the Website to function properly. These do not require consent.
  • Analytical/performance cookies: help us understand how visitors interact with the Website (e.g., Google Analytics). These are only placed with your consent.
  • Functional cookies: enable enhanced functionality and personalization. These are only placed with your consent.

8.2. Managing Cookies

You can manage or disable cookies through your browser settings at any time. Please note that disabling certain cookies may affect the functionality of the Website. You may also withdraw your consent for non-essential cookies at any time.

9. Automated Decision-Making and Profiling

We do not engage in automated decision-making or profiling that produces legal effects or similarly significantly affects data subjects, as referred to in Article 22 GDPR.

10. Data Subject Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access (Art. 15 GDPR) – obtain confirmation of whether your data is being processed and access to such data;
  • Right to rectification (Art. 16 GDPR) – request correction of inaccurate or incomplete data;
  • Right to erasure (Art. 17 GDPR) – request deletion of your data where there is no longer a legal basis for processing;
  • Right to restriction of processing (Art. 18 GDPR) – request limitation of processing under certain circumstances;
  • Right to data portability (Art. 20 GDPR) – receive your data in a structured, commonly used, machine-readable format;
  • Right to object (Art. 21 GDPR) – object to processing based on legitimate interest;
  • Right to withdraw consent (Art. 7(3) GDPR) – where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of processing carried out prior to withdrawal.

To exercise any of these rights, please contact us using the details provided in Section 12 below. We will respond to your request within 30 days of receipt.

11. Right to Lodge a Complaint

If you believe that the processing of your personal data infringes the GDPR or applicable Slovak data protection legislation, you have the right to lodge a complaint with the supervisory authority:

Úrad na ochranu osobných údajov Slovenskej republiky
(Office for Personal Data Protection of the Slovak Republic)
Hraniçná 12, 820 07 Bratislava 27
Website: https://dataprotection.gov.sk/
Email: [email protected]

12. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time. Any changes will be posted on this page with an updated effective date. We encourage you to review this Privacy Policy periodically. Continued use of the Website or Application after any changes constitutes acceptance of the revised Privacy Policy.

13. Contact Information

If you have any questions about this Privacy Policy, your personal data, or wish to exercise your data subject rights, you may contact us at:

ProtonChains s.r.o.
Heydukova 2160/18
811 08 Bratislava
Slovak Republic
ID (IČO): 51 947 293
Email: [email protected]
Website: www.protonchains.com

© 2026 ProtonChains s.r.o. All rights reserved.