This Privacy Policy is effective as of 1 January 2024.

This document describes

How accute handles, stores, processes, and retains your data, including your personal data, within the Service in accordance with data protection laws, in particular the General Data Protection Regulation ("GDPR").

Introduction

accute s.r.o. ("accute", "we", "us", or "our") is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect information when you visit our website at accute.sk (the "Website").

This policy covers data collected through:

• your visits to and navigation of the Website

• cookies and analytics tools used on the Website

• the contact form of the Website

This Privacy Policy is intended to satisfy our obligations under the EU General Data Protection Regulation (GDPR) – Regulation (EU) 2016/679.

Data Controller

accute s. r. o. Dvořákovo nábrežie 4/A, 811 02 Bratislava, Slovak Republic. Company ID: 54 136 041 Registered in the Commercial Registry of the Slovak Republic. Email: info@accute.sk

What personal data we collect

Contact form

When you reach out to us via the contact form, we collect:

• name

• e-mail address

• phone number

• the content of your message

We use this data solely to respond to your inquiry and to maintain a record of our communication.

Analytics & cookies

When you visit our Website, we automatically collect certain technical data through cookies and analytics tools, including:

• IP address (anonymised where possible)

• Browser type and version

• Device type and operating system

• Pages visited and time spent

• Referring URL

• Interaction data such as clicks, scroll depth, and session recordings (via Microsoft Clarity)

Cookies and Analytics Tools

What are cookies

Cookies are small text files stored on your device when you visit a website. We use cookies to understand how visitors use our Website and to improve the experience.

Cookies we use

Essential cookies — Necessary for the Website to function. Cannot be disabled.

Google Analytics — We use Google Analytics to understand how visitors interact with our Website (pages viewed, session duration, traffic sources). You can opt out via Google's opt-out browser add-on at tools.google.com/dlpage/gaoptout.

Microsoft Clarity — We use Microsoft Clarity to record and analyse user behaviour on our Website, including session recordings, heatmaps, and click tracking. This helps us identify usability issues and improve our content. Data is processed by Microsoft. For more information, see Microsoft's Privacy Statement at privacy.microsoft.com/en-us/privacystatement.

Managing your cookie preferences

When you first visit our Website, a cookie banner allows you to accept or decline non-essential cookies. You can adjust your preferences at any time via the cookie settings link at the bottom of the page. You can also control cookies through your browser settings — note that disabling certain cookies may affect Website functionality.

Legal Basis for Processing

We process your personal data on the following legal grounds under Article 6 GDPR:

• Consent (Art. 6(1)(a)) — for analytics and behaviour tracking cookies. You can withdraw your consent at any time via the cookie settings.

• Legitimate interests (Art. 6(1)(f)) — for processing contact form submissions to respond to your inquiry, and for operating and improving the Website.

• Legal obligation (Art. 6(1)(c)) — where we are required by applicable law to retain certain data.

How Long We Retain Your Data

• Contact form data — retained for as long as necessary to handle your inquiry, deleted or anonymised within 3 years unless a longer retention period is required by law.

• Google Analytics — data retained per Google's default settings (up to 26 months).

• Microsoft Clarity — session recordings and heatmaps retained for up to 30 days by default.

• Cookie consent records — retained for up to 1 year to demonstrate that consent was properly obtained.

Who We Share Data With

We do not sell your personal data. We may share data with the following third-party processors, under appropriate data processing agreements:

• Google LLC (Google Analytics) — analytics; data may be transferred to the US under the EU–US Data Privacy Framework.

• Microsoft Corporation (Microsoft Clarity) — behaviour analytics; data may be transferred to the US under the EU–US Data Privacy Framework.

• Websupport s.r.o. (Slovakia) — web hosting.

• Legal and accounting advisors — only where required, strictly limited to what is necessary.

We may also disclose personal data to competent authorities if required by law or to protect our legal rights.

International Data Transfers

Some of our service providers (Google, Microsoft) are based outside the European Economic Area (EEA). Where personal data is transferred outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) or adequacy decisions recognised by the European Commission.

Your Rights Under GDPR

Under the GDPR, you have the following rights regarding your personal data:

• Right of access — obtain a copy of the personal data we hold about you.

• Right to rectification — have inaccurate or incomplete data corrected.

• Right to erasure — request deletion of your data, subject to legal obligations.

• Right to restriction — request that we limit how we use your data.

• Right to data portability — receive your data in a structured, machine-readable format.

• Right to object — object to processing based on legitimate interests, including direct marketing.

• Right to withdraw consent — withdraw consent at any time where processing is based on consent. This does not affect prior lawful processing.

• Right to lodge a complaint — submit a complaint to the relevant supervisory authority.

To exercise any of these rights, please contact us at info@accute.sk. We will respond within 30 days. We may ask you to verify your identity before fulfilling your request.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against accidental loss, unauthorised access, disclosure, alteration, or destruction. Access to personal data is limited to those with a genuine need to know it.

Children's Privacy

Our Website is not directed at children under 16 years of age, and we do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

Links to Third-Party Websites

Our Website may contain links to third-party websites. We are not responsible for the privacy practices or content of those websites. We encourage you to review their privacy policies before providing any personal data.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The updated version will be posted on this page with a revised "last updated" date. For significant changes, we will make reasonable efforts to notify you via a notice on the Website.

Contact Us

If you have any questions about this Privacy Policy or how we handle your personal data:

accute s. r. o. Dvořákovo nábrežie 4/A, 811 02 Bratislava, Slovak Republic Email: info@accute.sk