ErlaServers Brand
Sign in
Join BetaJoin Beta
  1. Legal
  3. Privacy Policy

Privacy Policy

This Privacy Policy provides you with the information about how we, company ErlaServers s.r.o., having the seat at Veľký diel 3323/1, Žilina 010 08, Slovakia, ID number (IČO): 54 385 504, registered with the Commercial Registry of District Court Žilina, Section: Sro, File No.: 81219/L (the “Company”, or “we”, or “our”) process your personal data when you browse our website www.erlaservers.com (the “Website”), or when you decide to become our business partner and use our products and services.

We may change and update the Privacy Policy from time to time. You can always find the most recent version posted on our Website, with the current version effective as of April 20, 2023.

For the purposes of this Privacy Policy, the abbreviation “GDPR” means General Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Please be informed that the information provided in this Privacy Policy shall fulfill our information obligation based on art. 13 of GDPR and we use all our efforts to ensure our compliance with the applicable data protection legislation.

This Privacy Policy applies exclusively to the processing of personal data carried out by us as a data controller. This Privacy Policy does not deal with the processing methods and data protection practices of third parties for which we are not responsible. If, for certain purposes, we process personal data as a data processor, you need to check the privacy information provided by the respective data controller. When we provide you with cloud services, we act as your processor towards your data in the cloud. This however does not impact other processing operations, when we act as a data controller. This Privacy Policy explains how we will use your personal data obtained directly from you. We do not process the personal data of persons younger than 18 years old.

1. Whose data will be processed?

We process personal data of the following categories of data subjects:

  1. visitors of our Website,
  2. our business partners, who decided to use our services (“you” or “your”).

 

2. Why do we process your personal data, which data do we process and on which legal basis?

Our main purpose for processing your data is (i) to contact you and provide you with beta version of our product, (ii) conclude a contract with you to provide you with our products and services (currently in beta version only), (iii) to promote our products and services and provide you with relevant offers, (iv) to provide you with the best possible experience when browsing our Website and using our products and services. 

Please note that we process your data obtained directly from you in a limited scope, securely, only when we have a justified reason and legal basis for such processing and in compliance with applicable data protection legislation. 

If you are interested, please find below a more detailed overview of the purposes for processing of your data, concrete scope of processed data and applicable legal basis.

2.1 First contact and request of beta version of our product

  • Detailed purpose description
    • When you reach out to us by using the request form on our Website or when you approach us by different means to discuss our products and services, we will process your personal data.
  • Scope of processed data
    • We process your email address and your beta credentials. If you reach out to us differently than through the request form, we process your identification details (name, surname), your contact details (e-mail) and content of your message or other communication.
  • Applicable legal basis
    • Art. 6 (1) (b) of GDPR for the performance of a contract or to take steps prior to conclusion of a contract

2.2 Visit our Website

  • Detailed purpose description
    • When you browse our Website, we process your data to ensure technical operation of our Website, to find out how you use our Website and what are your preferences. More details are included in our Cookies policy.
  • Scope of processed data
    • We process some technical details about your device, your IP address, browser you use, your preferences, your activities on the Website and other details. See our Cookies policy for more information.
  • Applicable legal basis
    • Art. 6 (1) (f) of GDPR for our legitimate interest to ensure technical functionality of our Website
    • Art. 6 (1) (a) of GDPR based on your explicit consent

2.3 Contract conclusion and contract management

  • Detailed purpose description
    • If you decide to order a product from us (currently in beta version only), we will enter into an agreement. During our cooperation we need to administer our contract to maintain our relationship, to discuss details of our cooperation and to develop our relationship.
  • Scope of processed data
    • We process your identification details (name, surname), your contact details (address, e-mail, phone number), information about the company you represent (name of the company, your position, information about size of the organisation), IP address, country from which you are logging into the service, years of experience with software development, and contract details (information about product you use and other details).
  • Applicable legal basis
    • Art. 6 (1) (b) of GDPR for the performance of a contract or to take steps prior to conclusion of a contract

2.4 Maintaining contact database

  • Detailed purpose description
    • We keep a database with contacts of our customers (users of the beta version of our product) to develop our business and for our internal administration purposes.
  • Scope of processed data
    • We process your identification details (name, surname), your contact details (address, e-mail, phone number), information about the company you represent (name of the company, your position), information about services we provide to you, country from which you are logging into the service, years of experience with software development, and the status of our relationship.
  • Applicable legal basis
    • Art. 6 (1) (f) of GDPR for our legitimate interest to develop our business and to maintain database of our customers

2.5 Process your feedback on beta version of our product and further product development

  • Detailed purpose description
    • We provide you with a beta version of our product and we are interested in your feedback on it. Your suggestions may help us to improve our product. We need to know how you use this product version to continue in its development.
  • Scope of processed data
    • We process your feedback, suggestions, inputs about our product, your email address, our communication, technical and analytical data about how you use this version of our product.
  • Applicable legal basis
    • Art. 6 (1) (f) of GDPR for our legitimate interest to develop and improve our product and to expand our business

2.6 Provide customer and technical support

  • Detailed purpose description
    • When you use our products and services, we may need to communicate with you to respond to your queries, to support you with technical issues.
  • Scope of processed data
    • We process your email address, your name and surname, information about service you are getting from us, phone number, country from which you are logging into the service, Slack nick, content of our communication, details about issues that need to be solved, including necessary technical data.
  • Applicable legal basis
    • Art. 6 (1) (b) of GDPR for the performance of a contract or to take steps prior to conclusion of a contract
    • Art. 6 (1) (f) of GDPR for our legitimate interest to provide customer support and improve customer relations

2.7 Marketing and promotion

  • Detailed purpose description
    • We want to promote our services and develop our business. Therefore we provide you with some electronic marketing communication containing information about our company and services we offer.
  • Scope of processed data
    • We process your identification details (name, surname), your contact details (e-mail).
  • Applicable legal basis
    • Art. 6 (1) (f) of GDPR for the purpose of our legitimate interest to provide you with direct marketing communication

2.8 Dispute resolution, exercising and defending our claims

  • Detailed purpose description
    • We may process your personal data for the purposes of solving legal disputes, claims, complaints or other similar proceedings arising out or related to our business relationship.
  • Scope of processed data
    • We process your identification details (name, surname), your contact details (address, e-mail, phone number), information about the company you represent (name of the company, your position), content of our contract, information about products and services we provide to you, content of our communication, your requests, suggestions, complaints, any other personal data that may be necessary and relevant for dispute solving or claim defending.
  • Applicable legal basis
    • Art. (6) (1) (f) of GDPR for the purpose of our legitimate interest to handle disputes that may arise our cooperation
    • Art. 6 (1) (c) of GDPR for compliance with a legal obligation to which we are subject

2.9 Fulfilment of our legal obligations

  • Detailed purpose description
    • We are obliged to process your personal data to fulfil our various legal obligations (e.g., tax obligations, accounting obligations, data protection obligations, etc.). Further, we may have to process your personal data to comply with a decision of respective public authority or with a judicial order.
  • Scope of processed data
    • The scope of personal data we process for this purpose depends on the requirements imposed on us by the public authorities and by applicable law.
  • Applicable legal basis
    • Art. 6 (1) (c) of GDPR for compliance with a legal obligation

When we process your personal data based on our legitimate interest under art. 6 (1) (f) of GDPR, you are entitled to object to such processing based on art. 21 of GDPR. If you decide to object to the processing, please send us a message on our email contact mentioned below.

If the processing of your personal data is a contractual requirement according to art. 6 (1) (b) of GDPR and you decide not to provide us with this personal data, such action may result in the impossibility of entering into a contractual relationship with you, or other complications related to the fulfilment of our contractual obligations.

Whenever we process your personal data based on your consent given to us under art. 6 (1) (a) of GDPR, you have the right to withdraw such consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal. If you wish to withdraw your consent to the processing of your personal data, please contact us via email below.

If we are legally required to process personal data, you may have an obligation to provide us with that personal data. If you refuse to do so, it may have various legal consequences for you and for us, including adverse consequences (e.g., impossibility to perform relevant action, impossibility of further cooperation, etc.).

As mentioned above, when we provide you with cloud services, we act as your processor towards data you decide to store in the cloud. Therefore, it is your responsibility to fulfil the obligations of the data controller under the GDPR, including the information obligation with respect to your data subjects, who are affected by such data processing.

3. With whom may we share your personal data?

We may share your personal data with our suppliers who support us in our business or provide us with partial services, e.g. marketing services, postal services, legal, accounting and audit services, tax advisors, technical subcontractors, IT and cloud services, etc. These include the following entities:

3.1 Cloud providers

  • DigitalOcean LLC, 101 Avenue of the Americas, 2nd Floor New York, NY 10013, USA
  • UpCloud, Oy Aleksanterinkatu 15 B, 7th floor 00100 Helsinki, Finland

3.2 E-mail services, analytics and IT support

  • DigitalOcean LLC, 101 Avenue of the Americas, 2nd Floor New York, NY 10013, USA
  • Userflow Inc. 548 Market St PMB 69598, San Francisco, CA 94104-5401, USA
  • MailerSend, Inc. 228 Park Ave S PMB 54955 New York, New York 10003, USA
  • Intercom R&D Unlimited Company, 18-21 St. Stephen’s Green Dublin 2, Ireland
  • Hotjar Ltd, Dragonara Business Centre 5th Floor, Dragonara Road, Paceville St Julian’s STJ 3141 Malta

3.3 Webhosting and services

  • WebSupport s.r.o., Karadžičova 7608/12 821 08 Bratislava – mestská časť Ružinov, Slovakia
  • Better Stack, Inc., 651 N Broad Street, Suite 206 Middletown, Delaware 19709, USA

3.4 IT development and IT support

  • Pixelered s. r. o., Tichá 1705/46 90026 Slovenský Grob, Slovakia
  • DigitalChoice s. r. o., Gazdovská 39/28 040 01 Košice – mestská časť Kavečany, Slovakia
  • Bad Ape s.r.o., Námestie Hraničiarov 10, 85103 Bratislava, Slovakia

3.5 Accounting services

  • MA DANE s.r.o., Hviezdoslavova 2076/9, 02204 Čadca, Slovakia

We do not permit our suppliers to sell any personal data we share with them, or to use any personal data we share with them for their own purposes or for other purposes than to perform the services they provide to us. Before engaging any supplier, we perform due diligence, including detailed privacy, security and legal analysis. We do not engage a supplier unless our quality standards are met. Our suppliers are all subject to contract terms that enforce compliance with applicable data protection laws.

Certain of our employees and coworkers may have access to your personal data as well. In such a case, access shall be granted only if it is necessary for the purposes described and only if the respective employee is bound by the confidentiality duty.

Our suppliers may engage additional contractors to support them in their business and to provide them with certain services, which can possibly also require processing of your data. Such services may include but are not limited to: cloud services and website hosting, data analysis, information technology and related infrastructure, customer service, mail delivery and postal services, banks and payment method providers, accounting, legal, tax and audit services. These further contractors should provide their services based on the contract, under which they are obliged to follow applicable law, especially with respect to observance of applicable data protection legislation.

Lastly, please note that we may share your personal data if required to do so by law or decision of respective public authority or court order, for example with our suppliers or clients, tax authorities, social security agencies, law enforcement agencies or other state authorities.

4. Do we transfer your personal data to third countries?

We process your personal data outside the EU/EEA since some of our partners are located in the third countries outside of the EU/EEA territory or process personal data in third countries in a different way. We strive to ensure that your personal data is transferred exclusively to countries that are considered to have an equivalent level of personal data protection in accordance with the relevant European Commission decision, or where the appropriate personal data protection measures are in place. Whenever necessary, we rely on valid standard contractual clauses for data transfers to third countries or require compliance with other additional guarantees and measures. Regardless of the country in which your personal data is processed, we take appropriate technical, security and organisational measures to ensure that the level of protection is the same as in the EU/EEA. If you have any concerns about the international transfer of your personal data and the relevant safeguards, you can contact us via email mentioned below.

5. Are you subject to automated decision making or profiling?

Your personal data are not used for automated decision making or for profiling.

6. Which measures do we use to protect your personal data?

We make reasonable efforts to ensure a level of security appropriate to the risk associated with the processing of your personal data. We maintain technical and organisational measures designed to protect your personal data within our organisation against relevant security threats, including against unauthorised access, destruction, loss, alteration, or misuse. As already mentioned above, your data are accessible only to a limited number of personnel who need access to perform their duties. In case you wish to learn more about our technical and organisational measures, please do not hesitate to contact us on the contact details mentioned below.

7. How long do we process your personal data?

We store your personal data as long as is necessary to fulfil the purpose mentioned in this Privacy Policy, for which the data were obtained, to pursue our legitimate interests and to comply with applicable laws. This means that we will retain most of your personal data throughout the duration of our cooperation, or for the period of given consent. However, if possible, we will erase certain of your data even before, once it is not needed for the original purpose, or when you withdraw your consent, or if you request us to delete your data. Please note that we may process some of your personal data for longer period of time, even after the termination of our contractual relationship, if e.g.: (i) the applicable law (e.g. tax and accounting laws requires us to do so), (ii) if there is an ongoing legal proceeding, or (iii) in exceptional cases, if you gave us the permission to keep your personal data on record for a longer period of time. The above stated period may be prolonged in case of the request of the relevant public authority or of the court. If you are interested in detailed retention periods we apply, contact us via email mentioned below.

8. What are your rights?

You are entitled to exercise your rights as a data subject with respect to the processing of your personal data. Please see the table below for more details.

8.1 Right to access

You have the right to obtain the information whether your personal data are processed, and if yes, you can request a copy of your personal data we process, for which we may charge you with a fee. If we process your personal data, you can request information about purpose why we process your personal data, which personal data we process, with whom do we share your personal data, for how long we store your personal data and how do we determine the period, your rights to rectification or erasure, restriction or objection of processing of your personal data, your right to lodge a complaint with a supervisory authority, from where we collected your personal data, if not directly from you, whether you are subject to automated decision making or profiling, whether we transfer your personal data to third countries. All of the above-mentioned information is included in this Privacy Policy.

8.2 Right to rectification

It is important that we have the correct information, and we request you to notify us if any of your personal data is incorrect or if any of your personal data have been changed. We will rectify your personal data without undue delay upon your notification. 

8.3 Right to erasure (“right to be forgotten”)

If the processing of your personal data is no longer necessary or has been unlawfully processed, you withdraw your consent or object to the processing of your personal data, you may request us to erase your personal data.

8.4 Right to restrict processing

From the moment when you (i) asked for rectification of your personal data, or (ii) objected the processing, until we assess your request (e.g. to confirm the accuracy of your personal data or to rectify them according to your instructions), you are entitled to request us to restrict the processing. You may also request us to restrict the processing of your personal data if the processing was unlawful, but you do not want us to delete your personal data, or if we do not need your data anymore for the original processing purposes, however the data are important for defending your legal claims. This means that we (except for the retention of personal data) may process your personal data for which the processing was restricted, only if you consented with such processing, if it is necessary in connection with legal claims, to protect someone else’s rights, or if there is a significant public interest in processing.

8.5 Right to object processing

If we process your personal data based on our legitimate interest or for direct marketing purposes, you may object to such processing. We can process your personal data further if we can demonstrate the compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims.

8.6 Right to data portability

You may request us to provide you with the personal data that you provided to us for the processing based on the consent or for fulfilment of the contract. We should provide you with your personal data in a structured, commonly used and machine-readable format. You also have the right to request the transfer of these data directly to another data controller, if it is technically feasible.

8.7 Right to withdraw your consent

When we process your personal data based on your consent, you have the right to withdraw such consent at any time. Please note that the withdrawal of your consent does not affect legality of the processing previously performed based on the originally granted valid consent.

8.8 Rights related to automated decision making and profiling

You have the right not to be subjected to automated decision-making, including profiling, which produces legal effect for you or has a similar significant effect. We do not use automated decision-making or profiling for the outlined purposes of data processing. However, if you have been subject to an automated decision and do not agree with the outcome, you can contact us using the details below and ask us to review the decision in a non-automated manner.

9. How can you contact us?

If you would like to exercise any of your rights set out above, if you would like to make a complaint about how we process your personal data, or if you have any other questions about how we process your personal data, you can contact us using the following email address: info@erlaservers.com. We will review your request, suggestions and answers to your questions and reply to you.

If you are not satisfied with our response or if you believe that we are processing your data unfairly or unlawfully, you can file a complaint with the competent supervisory authority, which is the Office for Protection of Personal Data of the Slovak Republic; more information can be found at www.dataprotection.gov.sk.

Table of contents