DATA PROTECTION POLICY

Besides aiming to provide top-notch services, we also value your privacy and strive to protect your personal data. Therefore, we process and protect personal data that you provide to us in accordance with applicable legal regulations, in particular the General Data Protection Regulation (GDPR)[1] and the Act No. 18/2018 Coll. on Personal Data Protection. In the text below, you will find information on what personal data we process, for what purpose and what your rights are.

Who is the controller?
The controller is our company: SeekApp, s.r.o., with its registered seat at: Jána Milca 3775/52, 010 01 Žilina, Slovak Republic, ID No.: 52 340 325, registered in the Commercial Register of the District Court Žilina, Section: Sro, File No.: 72207/L, i.e. the legal entity that will process your personal data in accordance with GDPR and the mentioned Act on Personal Data Protection.

Who is the data subject?
The data subject is the natural person who provided personal data to the controller and whose personal data are processed or to whom the personal data relate (mainly the driver of the carrier and the natural person – customer of the transport services). The data subject is protected regardless of nationality or place of residence in relation to processed personal data.

What is the data protection policy?
Information provided herein explains what the controller can do with the personal data you provided us with and also states what your rights are in relation to processing your personal data.

Why do we process your personal data?
Providing personal data for realization of commercial relations is necessary for conclusion of contractual relationship between the controller and the data subject. If the data subject fails to provide personal data in the extent necessary for fulfilment of duties or obligations from contractual relationships, the controller will not be able to fulfil his obligations from the contractual relationship. If you as the data subject fail to provide all required and necessary data, the controller cannot establish a respective relationship with you, and therefore may not provide required services to you, since he will not have the necessary legal basis.

For what purposes do we process your personal data?
Our company as the controller processes only personal data necessary for fulfilment of contractual and statutory obligations as well as personal data regarding which our company was granted a consent for processing.

We process your personal data with the aim of ensuring realization and fulfilment of controller’s obligations in relation to the commercial relationship with the carrier or customer of the transport services, for the purpose of observing tax, accounting and other statutory obligations.

We process your personal data only on the relevant legal basis for data processing stated in GDPR, the Act on Personal Data Protection or other special regulation (e.g. the Commercial Code or tax and accounting regulation).

Legal bases authorizing the controller to process personal data include mainly:

  1. Act No. 513/1991 Coll. the Commercial Code as amended;
  2. Act No. 40/1964 the Civil Code as amended;
  3. Act No. 595/2003 Coll. on the Income Tax as amended;
  4. Act No. 355/2007 Coll. on Protection, Support and Development of Public Health and supplementation of other acts as amended;
  5. Act No. 124/2006 Coll. on Safety and Protection of Health at work and on change and supplementation of other acts as amended;
  6. Act No. 431/2002 Coll. on Accounting as amended;
  7. Act No. 222/2004 Coll. on Value Added Tax as amended;
  8. Act No. 18/2018 Coll. on Personal Data Protection;
  9. legitimate interest of the controller pursuant to the Article 6(1) section f) of GDPR;
  10. consent of the data subject with processing of personal data.

If you granted us consent with processing of personal data for the purposes of marketing, we process your personal data in the extent of the granted success and you have the right to revoke your consent at any time. Revocation of the consent does not have any impact on legality of processing of personal data carrier our prior to consent revocation.

The purpose: Fulfilment of the contract
We process personal data through our application mainly for the purpose of intermediating conclusion of the contract on transport between the customer of the transport services and the carrier. To achieve this, it is necessary mainly to:

  • identify the customer of the transport services and identify the carrier (his driver) in the extent necessary for provision of services through application, including finding and assignment of the driver for due and effective fulfilment of the customer´s request,
  • find out the current location of the customer of the transport services that will provide the carrier with the information on the place of delivery,
  • find out the current location of the carrier that will provide the customer of the transport service necessary information on the estimated time of service provision,
  • ensure fulfilment of rights and obligations by the customer of transport services and the carrier, e.g. for the purpose of making a non-cash payment for the provided transport service,
  • enable notifications regarding the process of transport services provision through the application, e.g. notification on the arriving or waiting vehicle
  • provide information on the transport carried out, mainly in the extent of the identification details of the customer of the transport services, itinerary, time of transport and the price of transport.

In relation to drivers of the carrier:
Personal data of drivers, including data stated in the submitted documents, are processed for the purpose of concluding and fulfilment of the contract on intermediation, including verification of the driver’s qualification for the provision of transport services and suitability of the vehicle for this activity.

The purpose: Fulfilment of statutory obligations
We process personal data also for the purpose of fulfilling invoicing and other obligations pursuant to applicable legal regulation, mainly the Act on Accounting, Act on Value Added Tax, etc. In such case, provision of personal data is a statutory requirement and the failure to provide personal data would result in the objective impossibility of providing services, i.e. the necessity to stop provision of services due to the breach of law.

The purpose: Upgrade of the controller´s application and protection of clients
One of our legitimate interests is a continual improvement of the application, mainly improvement of the application design and optimalization of its content and functions, as well as protection of customers of the transport services intermediated through the application and also protection of carriers. Therefore, we use the personal data also for the following purposes:

  • informing on changes in the application and on upgrade of terms and conditions of use of the application, by sending notifications to the application mailbox or to the e-mail address of the customer of transport services or the carrier;
  • promotion of news regarding the application;
  • ad hoc monitoring of observing the terms and conditions of the application use and revealing the breaches.

The purpose: Marketing
Another of our legitimate interests are selected marketing services, such as:

  • direct marketing of our own products and services to the existing users of application, whereas the recipient of the electronic mail must have the possibility in each e-mail to refuse at any time, free of charge and in a simple way having his data used for such purposes;
  • monitoring birthday date of registered application users;
  • re-activation with the intent to monitor the application user for further use of services, e.g. by sending a promotion coupon with a price reduction for further purchase;
  • segmentation – based on what services the application user uses, he will be sent newsletters with information on similar services;
  • upselling – based on the history of orders, when completing the order (in the process of payment) the user may be recommended a service for the future.

What personal data do we process?
During usage of the application we gain and process personal data of customers of the transport services and personal data of the carriers providing transport services.

Both parties may use our application only after a successful registration and provision of all required data. In the registration process, it is necessary to fill out the registration form where the customer of the transport services states: basic identification data such as e-mail address and password, telephone number, invoice details and a copy of the extract from the Commercial Registry or Trade License Registry, and the carrier states: basic identification data including e-mail address and password, telephone number and invoice details, a copy of the extract from the Commercial Registry or Trade License Registry, while the carrier may also state, if he wishes so, to publish confirmation on his CMR insurance, and regarding the driver the carrier states: name, surname, e-mail, photography and telephone number.

Apart from the abovementioned details submitted by the customer of the transport services or carrier through the application, we gather certain technical details of the mobile device or PC also automatically, mainly the IP address, operation system of the device, type of internet search engine.

In order to use the mobile application SeekApp Driver, it is necessary to process the location geographic data of the carrier’s driver by means of locational sensors (e.g. GPS) of mobile devices. The application periodically updates the location of the driver’s communication device for the purpose of viewing the customer who ordered the service. The driver can turn off the application on his mobile device at any time, which prevents the application from accessing location details.

Who do we share your personal data with?
We only provide personal data to customers and drivers reciprocally, in the extent necessary to mediate the conclusion of a contract on transport. For this purpose we provide customers with the following driver data: name, surname, photography, e-mail, phone number and current location, and the confirmation on carrier’s CMR insurance if the carrier uploaded such confirmation in his profile, and for this purpose we provide drivers with the following customer data: name, surname of the customer or his contact person, telephone number and e-mail. It is also possible to provide additional data, which depends on the settings that the user himself entered into the application directly.

We process your personal information in the necessary extent in accordance with the legality principle and principle of minimization of personal data processing also through intermediaries who provide us with contractual obligations and provide services related to the application. These persons perform certain activities on our behalf, e.g. sending PUSH notifications regarding the state of service provision and in case of using the application through a mobile device, sending e-mail notifications and advertising offers, processing card payments and providing IT services (technical support and development) and cloud services. These entities will have access to the personal data necessary for performing of these activities but may not use them for any other purpose and they are required to process such personal data in accordance with applicable legal regulations.

Your personal data may be shared in the necessary extent pursuant to the applicable legal regulation also with the following institutions: external accounting company, tax advisors, auditors, The Office of Labour, Social Affairs and Family, health insurance companies Social Insurance, pension funds, state authorities for execution of public control and monitoring, Statistical Office, audit companies, providers of legal services, courts, criminal proceedings authorities, executors, Financial Authority, banks, commercial insurance companies, institutions for further education, control public authorities as well as other entities whose cooperation is necessary for fulfilment of statutory obligations of the controller.

Transfer of your personal data abroad
The controller does not contemplate transfer of your personal data to third countries, i.e. outside the territory of the EU member states or outside countries that concluded the Agreement on European Economic Area.

How long will your personal data be stored?
Your personal data will be stored during the time of duration of the contractual relationship, or during the period for archiving as laid down by the Act on Archives and Filings as well as legislation governing tax and accounting records keeping.

Your personal data will be stored in a secured way and only during the period necessary for fulfilment of the purpose of data processing (e.g. accounting documents for the period of 10 years following the year to which they relate). Access to your personal data will be granted only to persons authorized by the controller to process personal data based on the instructions of the controller in accordance with the security policy of the controller.

Your personal data are stored in accordance with the retention regulations of the controller.  Your personal data will be deleted from the storage devices immediately when this becomes possible in accordance with the storage policy. Personal data stored on the back-up devices serve to prevent security incidents, mainly non-availability of the personal data caused by the security incident. The controller is obliged to ensure storage of personal data in accordance with the security requirements of the GDPR and the Act on Personal Data Protection.

Cookies on our website

Our company uses cookies on its website www.seekapp.eu and in our application www.cloud.seekapp.eu. Cookies are small text files consisting of a series of numbers and letters that are stored on your computer’s hard drive through a web browser and can clearly identify your computer and your IP address.

We uses cookies when analyzing the use of websites and the application with Google Analytics. The purpose is a statistical analysis of the website and the application.

Access to our personal data and the right for rectification
You have the right to request and access your personal data at any time. You have the right to request confirmation of your personal data processing as well as a copy of personal data. If you would like us to issue a confirmation on processing or a copy of some or all of your personal data, please send us your request by e-mail to: gdpr@seekapp.euor by mail to: SeekApp, s.r.o., Jána Milca 3775/52, 010 01 Žilina, Slovak Republic, or you can ask us to provide you with the confirmation or copy of your personal information in person.

If your personal information have changed, you may request us to update or complete your personal data. Our company will correct or complete your personal data without undue delay upon receipt of the request for such action in person, via e-mail to: gdpr@seekapp.eu or by mail to: SeekApp, s.r.o., Jána Milca 3775/52, 010 01 Žilina, Slovak Republic.

Deleting and limiting your personal data processing
You have the right to ask us to delete or limit processing of your personal data, in person, by e-mail us at: gdpr@seekapp.eu or by mail your request to: SeekApp, s.r.o., Jána Milca 3775/52, 010 01 Žilina, Slovak Republic.

Personal data processed on the basis of your consent with processing of your personal data for marketing purposes will be deleted immediately upon receipt of the request for deletion of such data, or immediately following the withdrawal of your consent to processing of your personal data.

Portability of your personal data
If you are no longer interested in your personal data being processed by our company pursuant to your consent, but you wish to have your personal data processed by another entity, you can ask us to receive your personal data in person, via e-mail to: gdpr@seekapp.eu or by mail to: SeekApp, s.r.o., Jána Milca 3775/52, 010 01 Žilina, Slovak Republic. Your personal information will be provided to you without undue delay and in a commonly used and machine-readable format.

Objecting to processing of your personal data
As the data subject, you hve the right to object to processing of your personal data due to a reason relating to your specific situation. You need to submit such a request to the controller in person, via e-mail to: gdpr@seekapp.eu or by mail to the following address: SeekApp, s.r.o., Jána Milca 3775/52, 010 01 Žilina, Slovak Republic.

As the data subject, you have the right to object processing of personal data relating to your person, for the purpose of direct marketing including profiling in the extent that is related to the direct marketing. If you object processing of personal data for the purpose of the direct marketing, the controller may not continue processing your personal data for the purpose of direct marketing.

In case of such an objection, we will cease to process your personal data, unless the necessary reason for its further processing or the grounds for proving, claiming or defending legal claims are established.

Automated individualized decision-making including profiling
Your personal data will not be used for automated decision making and will not be processed by an automated form using personal data for assessment of certain personal features or characteristics relating to the natural person, mainly for analysis or prevention of features or characteristics relating to the natural person.

Personal data of drivers, including details from submitted documentation, are processed for the purpose of concluding and fulfilling a contract on intermediation, including verification of the driver’s qualification for provision of transport services and suitability of the vehicle for such activity. For the purpose of selecting a suitable driver for the customer of the transport service we do not make a decision based on automated processing of personal data of drivers that would result in selection of drivers based on certain criteria for conclusion of certain criteria for conclusion of contract on transport with the customer (the so called automated individual decision-making).

Through our application, the customer of the transport services can see all prospective carriers (and vice-versa, the carrier may see all prospective customers), who meet the criteria stated through the filter set by the application user, which does not result in any automated selection of drivers or customers of transport services (potentially leading to discrimination) based on a certain criterion assessed automatically, e.g. driver distance from the place of delivery or customer assessment, ratio of accepted order, etc. Such a process does not result in selective showing of orders only to a certain group of drivers or selective showing of drivers only to a certain group of customers, or eventually even termination of mediating the transport for selected carriers or customers.

The selection is carried out only based on the filter that is set according to the individual requirements set manually by the customer of the transport services or carrier according to their current or future possibilities. Therefore, the generated results are not a result of automated processing, but a result of selection performed based on the criteria that are set in each individual case by a concrete human intervention – on the part of the carrier or the customer of transport services.

How to revoke your consent to personal data processing?
Your personal data will be processed for the purpose of marketing only if you consented to such processing when providing us your personal data. However, this holds true only if we do not process your personal data on the basis of our legitimate interests. If you consented to processing of your personal data for the purposes of marketing, you may revoke such consent at any time, in person or via e-mail to: gdpr@seekapp.eu or by mail to the following address: SeekApp, s.r.o., Jána Milca 3775/52, 010 01 Žilina, Slovak Republic.

Following consent revocation, your personal data will not be processed any further and will be deleted without any undue delay. Consent revocation is applicable only to those categories of personal data for which the consent was granted, and is not applicable to personal data processed on the basis of legal regulation, contract or on the basis of legitimate interests of the controller.

What if your rights were violated when processing your personal data
If you believe your rights have been violated while processing your personal data or your personal data is not processed for the purpose or in the extent as agreed, you have the right to contact the Office for Personal Data Protection, with its registered seat at: Hraničná 12, 820 07 Bratislava, Slovak Republic.

How do we ensure security?
In order to safeguard protection against unauthorized access or manipulation with your personal data, we adopted necessary technical and organizational measures. These measures include the necessary software and hardware security including firewall protection, deciphering of data and limited access through private keys that are available only to authorized persons. These security measures are regularly adapted and gradually optimized in order to keep pace with the latest technology development.

Our processing and protection of personal data is regularly monitored and upgraded. Therefore, this Data Protection Policy is subject to change. The up-to-date valid version of the Data Protection Policy is available on our website and in our application.

Who to contact in case of queries?
If you have any questions regarding processing of your personal data or regarding this Data Protection Policy you may contact our Data Protection Officer at the e-mail address: gdpr@seekapp.eu.

[1] Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).