Zuboklik main logo black and white

Processing of personal data

  1. What personal data do we process and purpose of their processing

    1. Users
      1. e-mail address
        • entered during registration (except registration via Google or Facebook)
        • option to adjust in settings
        • Purpose:
          • login to the application
          • possibility to reset the password in case of forgetting it (a link to create a new password will be sent to the e-mail)
          • Ability to receive event notifications from the application
      2. Country
        • mandatory, possibility to edit in settings
        • Purpose: days and holidays are determined by country and statistics are calculated accordingly (how many hours are left to work per day / week / month)
      3. name and surname
        • optional, possibility to edit in settings
        • theoretically it does not have to be a real name and surname, it is also possible to fill in eg only the name
        • Purpose: is used to identify users in the application (the name is displayed in tables, reports, etc.)
      4. portrait
        • optional, possibility to adjust in settings
        • theoretically it is not necessary to use a real photo
        • Purpose: allows you to know the owner of the task at a glance
      5. address
        • optional, possibility to adjust in settings
        • Purpose: be contactable by the manager
    2. Companies
      1. company name, company address, VAT number
        • mandatory, except for VAT ID (only for VAT payers), the option to adjust in the settings
        • Purpose: Billing information
      2. abbreviated company name
        • mandatory, entered during registration
        • does not necessarily represent the name of the company, but must meet certain requirements (lowercase letters without accents and numbers)
        • Purpose: used to identify account
      3. access recovery email
        • mandatory, entered during registration
        • Purpose: to restore access to the application

  2. Password security

    We do not store or know your passwords in the database!
    The application works only with the so-called hash of the password, which is generated using the bcrypt function with cost = 12.

  3. Secrecy

    It maintains the confidentiality of the personal data that is processed. We oblige persons who are authorized to work with the User's personal data to confidentiality.

  4. Delete data

    At your request, we will delete all personal data and their copies from database. We will delete them within 90 days from backup.

  5. Security breach

    If the security of data containing personal data is compromised, we will let you know within 24 hours by e-mail.

  6. Audit

    We will allow you to audit with a reasonable extent. You shall inform us of the date of the audit at least 30 days in advance. The scope of the audit shall not unreasonably interfere with the operation of the Operator. The audit costs are paid by the User. The user is obliged to maintain the confidentiality of all findings obtained during the audit. This confidentiality applies to all participants in the audit.