Privacy & Cookie Policy (IT Gale s.r.o.)

1) Data Controller (who is responsible)

IT Gale s.r.o.

Registered office: Plynárenská 17561/3B, 821 09 Bratislava – Ružinov, Slovak Republic

Company ID (IČO): 56186339

Tax ID (DIČ): 2122228768

Contact (general):

Email: info@itgale.com

Phone: +421 220 400 922

Address for correspondence: Plynárenská 3B, 821 09 Bratislava, Slovakia

We may also be reachable via: info@itgale.com and +421 220 400 922 (as shown on our contacts page).

2) What personal data we collect

Depending on how you use the website, we may process:

A) Data you provide to us

• Contact / lead form data: name, email and/or phone, company name/type, message/details you submit.
• Any additional information you include voluntarily in your message.

B) Data collected automatically (website usage)

• Device & log data: IP address, browser type, device identifiers, approximate location (city/region), timestamps, pages visited, referrer URL.
• Analytics and interaction data via cookies or similar technologies (see Section 6).

3) Why we process your data (purposes)

• To respond to your inquiries, prepare proposals, and communicate with you about requested services.
• To operate, secure, and improve our website (performance, fraud prevention, debugging).
• To measure marketing and website effectiveness (analytics) and understand how visitors interact with our site.
• To run advertising/remarketing only where you have provided consent (where required).

4) Legal bases (GDPR)

• Performance of a contract / pre-contract steps (Art. 6(1)(b)) — e.g., when you ask for a quote or request services.
• Legitimate interests (Art. 6(1)(f)) — e.g., basic website security, preventing abuse, and improving services (balanced against your rights).
• Consent (Art. 6(1)(a)) — for non-essential cookies, marketing/remarketing technologies, where required.
• Legal obligations (Art. 6(1)(c)) — if we must comply with applicable laws.

5) Payments / card data

We do not accept, process, or store bank card details on our website, and we do not store card numbers or CVV codes (as you confirmed).

6) Cookies and similar technologies

We use cookies and similar technologies for:

• Necessary (essential) operation of the website (security, core functionality).
• Analytics (e.g., Google Analytics, Microsoft Clarity) to understand website usage and improve UX.
• Marketing (e.g., Meta Pixel) to measure ad performance and (where enabled) support remarketing.

Cookie control / consent

• accept or refuse non-essential categories, and
• change preferences later (if the tool provides a “Cookie settings” link).

You can also manage cookies via your browser settings (blocking or deleting cookies). Note that blocking certain cookies may affect site functionality.

7) Who we share data with (recipients)

We may share personal data with:

• Service providers that help us operate the website (hosting, security, email, IT support).
• Analytics and marketing partners (acting as independent controllers or processors depending on the tool/setup), including: Google (Google Analytics), Meta (Meta Pixel), Microsoft (Clarity).

We share only what is necessary for the stated purposes and in line with your consent choices (where required).

8) International transfers

Some providers (e.g., Google, Meta, Microsoft) may process data outside the European Economic Area. Where applicable, transfers are protected using recognized safeguards (such as Standard Contractual Clauses) and additional measures as required.

9) Retention (how long we keep data)

• Contact/lead inquiries: typically up to 24 months after the last interaction (or sooner if you request deletion), unless we must keep it longer for legal reasons.
• Security/log data: typically up to 6 months (unless needed longer for incident investigation).
• Analytics/marketing data: retained according to tool settings and provider policies, and limited where possible.

10) Your rights under GDPR

• access your data,
• correct inaccurate data,
• delete data,
• restrict processing,
• object to processing (especially based on legitimate interests),
• data portability,
• withdraw consent at any time (for consent-based processing),
• lodge a complaint with a supervisory authority.

To exercise your rights, contact us using the details in Section 1.

11) Children

Our website/services are allowed for children. However, we do not intentionally collect personal data from children beyond what is necessary to respond to inquiries.

If processing relies on consent (e.g., non-essential cookies/marketing), and the user is under the applicable digital age of consent, consent should be provided/authorized by a parent or legal guardian (in Slovakia commonly applied at 16).

If you believe a child has provided personal data without appropriate authorization, contact us and we will take appropriate steps.

12) Security

We use appropriate technical and organizational measures to protect personal data (access controls, least privilege, secure hosting, and monitoring). No system is 100% secure, but we work to reduce risks and respond to incidents.

13) Changes to this Policy

We may update this Policy from time to time. The “Effective date” above shows when it was last updated.

14) Complaints (Supervisory Authority)

If you are in Slovakia or the EU, you can lodge a complaint with the supervisory authority. In Slovakia:

Personal Data Protection Office of the Slovak Republic (Úrad na ochranu osobných údajov SR)

Address: Námestie 1. mája 18, 811 06 Bratislava

Email: statny.dozor@pdp.gov.sk

Phone: +421 2 32 31 32 11