Privacy Policy

1. Introduction

The operator of the website Joto.sk declares that all personal data are treated as strictly confidential and handled in accordance with the applicable laws of the Slovak Republic and the European Union, in particular Regulation (EU) 2016/679 (GDPR) and Act No. 18/2018 Coll. on the Protection of Personal Data.

This Privacy Policy applies to the processing of personal data when using the website www.joto.sk, during communication via contact or inquiry forms, email, telephone, and in connection with the creation and performance of contractual relationships.

2. Who is the data controller?

Controller:
Joto.sk, s.r.o.
Bratislavská 2543/108
902 01 Pezinok
Slovak Republic

Company ID: 44 807 767
Tax ID: 2022845000
E-mail: info@joto.sk
Website: www.joto.sk
View in the Commercial Register

3. What data do we process?

Depending on how you contact us or use our services, we may process the following categories of data:

  • identification data: name, surname, company name, billing information,
  • contact data: e-mail, telephone number, postal address (if provided),
  • communication content: messages sent via contact/inquiry forms, project specifications, requirements, notes,
  • contract-related data: data contained in contracts, orders, invoices and related documentation,
  • technical data: IP address, device information, logs, cookies, website usage statistics.

4. For what purposes do we process your data?

We process personal data mainly for the following purposes:

  • handling your inquiry sent via the website, email or telephone,
  • preparing a proposal, consultation or price offer,
  • concluding and fulfilling a contract (project development, service delivery, invoicing),
  • fulfilling legal obligations (especially accounting and tax regulations),
  • protecting the rights and legitimate interests of the controller,
  • improving our services and website user experience (analytics and statistics),
  • direct communication related to existing business relationships (B2B direct marketing).

5. Legal basis for processing

We process personal data on one or more of the following legal bases:

  • Performance of a contract and pre-contractual relations under Art. 6(1)(b) GDPR — handling inquiries, preparing offers, concluding and performing a contract.
  • Legal obligation under Art. 6(1)(c) GDPR — accounting, tax obligations and mandatory document retention.
  • Legitimate interest under Art. 6(1)(f) GDPR — protection of our rights, internal statistics, communication with existing clients.
  • Consent under Art. 6(1)(a) GDPR — applicable only where required (e.g., optional newsletter subscription). Consent can be withdrawn at any time.

6. Who may access your data?

Personal data are primarily processed by us. In necessary cases, they may be shared with the following categories of recipients:

  • website hosting and technical infrastructure provider,
  • external accountant or accounting firm,
  • IT partners and collaborating developers,
  • public authorities, if required by law (e.g., tax office, police, courts).

All external partners processing personal data on our behalf are contractually bound by confidentiality and data protection obligations.

7. How long do we keep your data?

Retention periods depend on the purpose of processing and legal requirements:

  • inquiries and non-contractual communication — typically up to 2 years,
  • contracts, orders, invoices — according to legal requirements (usually 10 years),
  • data processed based on consent — until consent is withdrawn,
  • technical logs and statistical data — for the necessary duration for security and optimization.

After retention periods expire, the data are securely deleted or anonymized.

8. Your rights

Under data protection legislation, you have the following rights:

  • Right of access to your personal data,
  • Right to rectification of inaccurate or incomplete data,
  • Right to erasure (“right to be forgotten”),
  • Right to restriction of processing,
  • Right to data portability to another controller,
  • Right to object to processing based on legitimate interest,
  • Right to lodge a complaint with the Slovak Data Protection Authority.

To exercise your rights, contact us at: info@joto.sk. We will respond within the statutory time limit.

9. Data security

We protect your personal data with appropriate technical and organizational measures to prevent loss, misuse, unauthorized access, disclosure or alteration. Only authorized personnel bound by confidentiality have access to personal data.

10. Cookies

This website uses cookies and similar technologies to ensure proper functionality, measure traffic and improve our services. Details can be found in our Cookie Policy. Upon your first visit, you can set your cookie preferences.

11. Automated decision-making

We do not perform automated individual decision-making with legal or similar significant effects on individuals under Article 22 GDPR.

12. Changes to this document

We reserve the right to update this Privacy Policy at any time, especially if required by changes in legislation or the nature of our services. The current version will always be available on this page.

13. Contact

If you have any questions or wish to exercise your rights regarding personal data, contact us at:
info@joto.sk

Last updated: 25.11.2025