Privacy Policy
Last update: November 7, 2025 | Version: 1.0
1. Data controller
Trade name: Habitable s.r.o.
Head office: Zochova 5, 811 03 Bratislava, Slovakia
ICO: 44913168
VAT number: 2022868320
VAT ID: SK2022868320
Registered: in the Commercial Register of the District Court Bratislava I
Contact for data protection: gdpr@habitable.co
Phone: +421 2 5441 8888
2. Legal basis for processing
Your personal data is processed in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data (GDPR) and Act No. 18/2018 on the Protection of Personal Data.
Personal data is processed on the basis of:
Consent of the data subject (Article 6(1)(a) GDPR) - for marketing purposes
Performance of a contract (Article 6(1)(b) GDPR) - for providing our services
Compliance with legal obligations (Article 6(1)(c) GDPR) - accounting and tax obligations
Legitimate interests (Article 6(1)(f) GDPR) - improving services, security
3. Categories of processed personal data
Contact information
Name and surname, email address, phone number, job position, company name
Billing information
Trade name, Company ID, Tax ID, VAT ID, billing address, bank connection
Technical specifications
IP address, cookies, browser data, operating system, access time
Communication data
History of communication, preference settings, feedback, complaints
4. Purposes of processing and retention period
We process data for multiple purposes. For providing AI automation services, we process data based on the fulfillment of a contract, during the duration of the contractual relationship and for an additional 3 years after its termination. For billing and accounting purposes, we process data due to a legal obligation for 10 years. For marketing activities and sending newsletters, we only use data based on your consent, until it is revoked. Data processed for technical support is used based on legitimate interest for a period of 24 months. We process cookies and analytical data based on consent or legitimate interest, for a maximum of 12 months.
5. Your rights
According to GDPR, you have the following rights:
The right to access data
You have the right to obtain confirmation of whether we process your personal data and a copy of this data.
Right to repair
You can request a correction of incorrect or incomplete information.
Right to erasure ("right to be forgotten")
Under certain conditions, you may request the deletion of your data.
The right to restrict processing
You can request a temporary suspension of the processing of your data.
The right to data portability
You have the right to obtain your data in a structured, machine-readable format.
The right to object
You can object to processing based on legitimate interests.
The right to withdraw consent
If the processing is based on consent, you can withdraw it at any time.
How to exercise your rights: Contact us at gdpr@habitable.co with your name and a description of your request. We will respond to you within 30 days.
6. Recipients of personal data
We may share your information with:
IT service providers: hosting, cloud services (AWS, Google Cloud), tools for CRM and email marketing
Accounting and legal advisors: for the fulfillment of legal obligations
By state authorities: if required by law (tax office, courts, law enforcement agencies)
With business partners: only to the extent necessary for the provision of the service and with consent.
7. Transfer of data to third countries
Some tools that we use (Google Analytics, AWS) may transfer data to the USA. In these cases, we ensure the protection of your data through:
Standard contractual clauses approved by the European Commission
Additional security measures (encryption, pseudonymization)
Assessment of the level of protection in the relevant third country
8. Personal data security
To protect your data, we implement:
Technical measures:
• SSL/TLS encryption of communication
• Database encryption
• Regular backups
• Firewall and antivirus
• Multi-factor authentication
Organizational measures:
• Access on a "need to know" basis
• Employee training
• NDA contracts
• Regular audits
• Incident response plan
9. Cookies and tracking technologies
We use the following types of cookies:
Necessary cookies - Ensure the basic functionality of the website (login, security, performance)
Legal basis: Legitimate interest
Duration: Session
Analytical cookies - Google Analytics - help us understand how you use our website
Legal basis: Consent
Duration: 12 months
Marketing cookies - Allow displaying relevant ads and measuring their effectiveness
Legal basis: Consent
Duration: 6 months
Cookie notice: You can change your preferences at any time in your browser settings or by using our cookie management tool in the footer of the website.
10. Automated decision-making and profiling
As part of our AI services, we perform automated data processing for:
Customer segmentation based on behavior and interactions
Prediction of conversion probability
Personalization of marketing campaigns
Recommendations for products and services
Your rights: You can request human intervention, express your opinion, or challenge a decision based solely on automated processing.
11. Protection of children's personal data
Our services are not intended for persons under the age of 16. We do not knowingly collect personal data from children. If we discover that we have unintentionally collected data from a person under the age of 16, we will immediately delete it.
12. Changes to the Privacy Policy
We may update these policies from time to time. We will notify you of significant changes by email or through a notice on our website at least 30 days before they take effect. The current version is always available on this page.
13. Procedure in case of data protection breach
In the event of a violation of personal data protection:
We will report the incident to the Office for Personal Data Protection of the Slovak Republic within 72 hours
If there is a high risk to your rights, we will inform you without undue delay
We will take immediate measures to minimize damage
We will conduct a forensic audit and strengthen security measures
14. Supervisory Authority
If you are not satisfied with how we process your personal data, you have the right to file a complaint with:
Office for Personal Data Protection of the Slovak Republic
Hraničná 12, 820 07 Bratislava 27
Tel: +421 2 3231 3214
Email: statny.dozor@pdp.gov.sk
Web: dataprotection.gov.sk
15. Contact us
For any questions regarding the protection of your personal data, please do not hesitate to contact us:
Email: gdpr@habitable.co
Phone: +421 2 5441 8888
Address: Habitable s.r.o., Zochova 5, 811 03 Bratislava
This document represents the privacy policy of Habitable s.r.o. in accordance with Articles 13 and 14 of the GDPR and is legally binding.