Termio
Back to Home

Privacy Policy

Last updated: March 19, 2026

1. Data Controller

The data controller is Bc. Matúš Močkor, Business ID: 54979153, Tax ID: 1120613516, place of business: Mlynský Sek 16, 941 02 Lipová, email: [email protected] (hereinafter referred to as the "Controller"). The Controller processes personal data in accordance with Regulation (EU) 2016/679 (GDPR) and Act No. 18/2018 Coll. on personal data protection.

2. Data We Collect

We collect the following categories of personal data: personal information (first name, last name, email, phone number), business information (company name, business ID, tax ID, address), payment data (processed through Stripe — we do not store payment card numbers), technical data (IP address, browser type, operating system, device information), and Service usage data (logins, interactions, settings).

3. Legal Basis for Processing

We process personal data based on: performance of a contract (Art. 6(1)(b) GDPR) — providing the Service, account management, billing; legitimate interest (Art. 6(1)(f) GDPR) — securing and improving the Service, fraud prevention, technical support; legal obligation (Art. 6(1)(c) GDPR) — accounting and tax obligations; consent (Art. 6(1)(a) GDPR) — marketing communications, analytics cookies.

4. Purposes of Processing

We use your data for: providing and managing the Service, processing payments and billing, Service-related communication (notifications, service announcements), technical support, securing and protecting the Service from misuse, improving and developing the Service, fulfilling legal obligations.

5. Payment Processor — Stripe

Payments are processed by Stripe, Inc. (PCI DSS Level 1 payment processor). Stripe processes payment data including card number, expiration date, and CVC. This data is processed directly by Stripe and the Controller does not have access to it. Stripe's data processing terms are available at https://stripe.com/privacy.

6. Data Sharing, Transfer, and Disclosure

We do not sell, rent, or trade your personal data, including Google user data, to any third parties. We share your data only with the following processors strictly necessary to operate the Service: Stripe, Inc. (payment processing — see Section 5), Sentry (application error and performance monitoring; the Session Replay feature captures user interactions and page content when an error occurs for debugging purposes), Google (Google Calendar API — if you enable Google Calendar integration, we access your calendar data solely to synchronize appointments between Termio and your Google Calendar; we do not use this data for any other purpose), hosting provider (server infrastructure), email service (transactional emails and notifications). We do not use any artificial intelligence (AI) models or third-party AI services to process your data, including Google user data. We have a data processing agreement in accordance with Art. 28 GDPR with each processor. Data is shared with these processors only to the extent necessary to provide the Service and is not used for advertising, profiling, or any purpose unrelated to the Service.

7. Cookies and Technical Data

We use essential cookies to ensure the functionality of the Service (login, session, language preferences). These cookies do not require consent as they are necessary for providing the Service. Analytics cookies are used only with the User's consent.

8. Data Retention

We retain personal data for the duration of the account and provision of the Service. After account deletion, we delete data within 30 days, except for data we are required to retain by law (accounting documents — 10 years, tax documents — 10 years). Technical logs are retained for a maximum of 90 days.

9. Data Subject Rights

Under GDPR, you have the right to: access your personal data (Art. 15), rectification of inaccurate data (Art. 16), erasure of data (Art. 17), restriction of processing (Art. 18), data portability (Art. 20), object to processing (Art. 21). To exercise your rights, contact us at [email protected]. We will respond to your request within 30 days. You also have the right to lodge a complaint with the Office for Personal Data Protection of the Slovak Republic, Hraničná 12, 820 07 Bratislava, https://dataprotection.gov.sk.

10. Security Measures

To protect your data, we implement appropriate technical and organizational measures including: data encryption in transit (TLS/SSL), secure password storage (hashing), access control and authorization, regular security updates, security incident monitoring.

11. International Data Transfers

Some of our processors (particularly Stripe) are based in the USA. The transfer of personal data to the USA is carried out based on the European Commission's adequacy decision (EU-US Data Privacy Framework) or Standard Contractual Clauses (SCCs) in accordance with Art. 46(2)(c) GDPR.

12. Changes to Privacy Policy

We may update this policy. We will inform the User of material changes by email. The current version is always available on the Service's website.

13. Contact

For questions regarding personal data protection, contact us: Bc. Matúš Močkor, Mlynský Sek 16, 941 02 Lipová, email: [email protected]. Supervisory authority: Office for Personal Data Protection of the Slovak Republic, Hraničná 12, 820 07 Bratislava, https://dataprotection.gov.sk.