ICC s.r.o.

Právne · Legal

Privacy Policy

Naposledy aktualizované:

1. Data controller

The controller of personal data within the meaning of Regulation (EU) 2016/679 ("GDPR") and Slovak Act No. 18/2018 Coll. on personal data protection is:

Company
ICC s.r.o.
Registered office
Biskupa Királya 24, 945 01 Komárno, Slovakia
Reg. No. / Tax ID / VAT ID
31427332 · 2020399139 · SK2020399139
Contact
info@isnex.eu · +421 905 354 536

For questions regarding personal data protection, contact us at info@isnex.eu. Given the scope of the data we process, we have no statutory obligation to designate a Data Protection Officer (DPO) under Article 37 GDPR.

2. What personal data we process

2.1. Contact form

When you submit the contact form at /en/contact, we exclusively process the data that you yourself provide:

  • Full name — for addressing in correspondence
  • Email address — for replying to your inquiry
  • Phone number (optional) — if you prefer a phone reply
  • Company (optional) — context about your business
  • Type of interest — for internal triage
  • Message text — your project / question description
  • IP address and browser type — for basic technical diagnostics and abuse protection (anti-spam)
  • Submission timestamp
  • GDPR consent — record of your explicit consent to processing

2.2. Visit analytics

For traffic measurement we use Umami Analytics — an open-source tool that we operate on our own EU server. Umami is cookieless and by default collects no personal data that would identify a specific person. We process only aggregated data:

  • Anonymized visit hash (rotated daily — cannot be traced back to a person)
  • Country of origin (e.g. Slovakia, Czech Republic)
  • Device type, browser and OS
  • Pages visited and referrer (visit source)
  • Time spent on page

None of this data identifies you personally and it never leaves our infrastructure (EU servers). Umami complies with the EDPB Recommendation 2/2025 on the use of cookieless analytics.

2.3. Local AI — your data does not leave our infrastructure

As part of our "Local AI" value, we guarantee that the content you send via the contact form does not go to external cloud AI services (OpenAI, Anthropic, Google, etc.). Any AI processing happens exclusively on our EU infrastructure or on infrastructure agreed with you in advance.

3. Purposes and legal bases

Handling your contact form inquiry
Legal basis: GDPR Art. 6(1)(b) — performance of a contract or pre-contractual measures at the data subject's request. Without this data we cannot reply to you.
Website traffic statistics (Umami)
Legal basis: GDPR Art. 6(1)(f) — legitimate interest of the controller in measuring website performance and improving content. Since Umami is cookieless and anonymized, no cookies are used and consent is not required.
Abuse protection (anti-spam, technical logs)
Legal basis: GDPR Art. 6(1)(f) — legitimate interest in protecting systems from abuse.
Statutory obligations (accounting, tax records)
Legal basis: GDPR Art. 6(1)(c) — compliance with legal obligations (Slovak Act No. 431/2002 on Accounting, VAT Act).

4. Retention period

  • Contact messages: 3 years from the last contact — for potential follow-up communication and pre-contract negotiation evidence.
  • Concluded contracts data: 10 years (statutory accounting record period under Act No. 431/2002).
  • Technical logs with IP addresses: 12 months — for security diagnostics, then automatic rotation.
  • Umami analytics: no specific expiration (no PII; aggregated only).

5. Your rights

As a data subject you have the following rights under GDPR (Articles 15–22):

  • Right of access (Art. 15) — on request we send you a copy of personal data we process about you
  • Right to rectification (Art. 16) — we correct inaccurate or outdated data
  • Right to erasure / "right to be forgotten" (Art. 17) — we erase your data unless we must keep it for statutory reasons
  • Right to restrict processing (Art. 18)
  • Right to data portability (Art. 20) — machine-readable export
  • Right to object (Art. 21) — particularly to processing based on legitimate interest
  • Right not to be subject to automated decision-making (Art. 22) — we apply only human decisions

Submit requests to info@isnex.eu. We respond within 30 days of receipt (Art. 12(3) GDPR).

6. Disclosure to third parties

We do not share your personal data with third parties except where required by law (e.g. law enforcement). We use no marketing or tracking services.

Our infrastructure (web server, database, mail server, AI models) operates exclusively in the European Union. We use no providers outside the EU (no US Cloud Act risks).

7. Cookies and localStorage

The isnex.ai website does not use any cookies, except for the technical localStorage entry that stores your dark/light theme preference. This entry is strictly local in your browser, never leaves your device, and is sent nowhere.

Details in the Cookies section.

8. Complaint to supervisory authority

If you disagree with our processing of your personal data, you have the right to lodge a complaint with the supervisory authority — Office for Personal Data Protection of the Slovak Republic:

9. Changes to this policy

We reserve the right to update this policy. The current version is always published at this address with the last update date in the header. For material changes (e.g. a new processing purpose), we will notify you by email if we contact you actively.

Questions? Email us at info@isnex.eu — we reply within 24 hours on business days.