The Website is operated by our company Grindstone s.r.o., with its registered seat at Pekná 13, Košice 040 01, Slovak Republic, Id.no.: 48 258 121 (“Grindstone” or “we“, “us” or “our“) and we are committed to protecting the privacy of individuals who use our services and visit our Website. For the purpose of the regulation (EU) 2016/679 of the European Parliament and of the Council, the General Data Protection Regulation (“GDPR”), the Company is the Data Controller. Data Controller, for the purposes of the GDPR, refers to the Company as the legal person which alone or jointly with others determines the purposes and means of the processing of Personal Data.
Personal Data is any information that relates to an identified or identifiable individual. For the purposes for GDPR, Personal Data means any information relating to you such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity.
Our Online Privacy Practices
We are committed to transparency about your Personal Data. We ask for your consent when required, otherwise by using our Website, you consent to the collection, use and sharing of your Personal Data subject to and consistent with applicable laws and other notices you may have received based on your relationship with us.
Protecting your Personal Data
To protect Personal Data from unauthorized access and use, we use security measures that comply with applicable federal and state laws. In the event of a data breach, we provide timely notification, in accordance with applicable laws.
We also recognize the importance of protecting privacy where children are involved. Our Website is not directed to individuals under the age of 13, and we request that these individuals do not provide Personal Data through our Website. We do not knowingly collect Personal Data from children under 13. If it comes to our attention that we have collected Personal Data from a person under the age of 13, we will delete or suppress this information as quickly as possible.
Making sure Personal Data is accurate
Keeping your Personal Data accurate and up to date is very important. If your Personal Data is incomplete, inaccurate or not current, please contact us at email@example.com.
Personal Data We Collect
How do we collect Personal Data online?
We may use external service providers and vendors to process Personal Data for business purposes on our behalf. External service providers and vendors are contractually obligated to comply with our policies to protect information we share with them or they collect on our behalf. For the purpose of the GDPR, service providers are considered Data Processors.
The Personal Data we collect is limited to what is required to provide our products or services and to support legal and risk requirements.
The type of Personal Data we collect from and about you online will depend on how you interact with us and may include:
Personally Identifiable Information (“PII”) is information that can be used to identify or contact an individual, including but not limited to your contact information as your name and e-mail address or other information that identifies you for ordinary business purposes. We collect, receive and store PII when you sign up on our Website or when you otherwise correspond with us or directly provide such information to us.
Technical Data is information that may include, in particular, the URL of the website you visited before visiting our Website, the time and date of user visits, surfing habits, IP address, the browser name, the type of computer or device accessing our Services, time spent on the Website and other similar technical information. In a limited number of cases it is possible to use technical data and identify you by them as an individual, thus making them personal data according to applicable legal regulations, however, we never use technical data to identify you as an individual.
Cookies and similar tracking technologies,
Protected Class Information. Grindstone does not generally collect information relating to your status as a member of a protected class under federal or California law. However, Grindstone does collect and disclose your date of birth for the purposes applicable to traditional identifiers, described above. Your date of birth necessarily indicates whether you are a member of the protected class of persons age 40 or older, but Grindstone does not use or share the fact that you belong to this group for any purpose.
Integrity and Retention of Personal Data
How We Use and Share Personal Data
Delivering products and services to you by verifying your identity.
Personalizing your digital and mobile experienceby enhancing overall Website organization and design and analyze data to create relevant alerts, products or services.
Protecting the safety of any person and detecting and preventing fraud, identify theft and other risks to you or Grindstone.
Performing analyticsconcerning your use of our online services, including your responses to our emails and the pages and advertisements you view.
Complying with and enforcing applicable legal requirements, relevant industry standards, contractual obligations and our policies.
Allowing you to use features within our Website.
Providing user support and handling user inquiries.
Using in any other manner, or for any other purpose, for which you have given express permission or consent to us.
With whom do we share or to whom we disclose your Personal Data?
Affiliates and subsidiaries of Grindstone. In order to provide the best possible services, we may cooperate with our affiliated companies and subsidiaries. Affiliate means any entity that controls, is controlled by, or is under common control with, another entity, but does not include a joint employee of the entity and the affiliate.
Government agencies as required by laws and regulations. We reserve the right to disclose PII and any other information when it is believed disclosure is appropriate to (i) comply with the applicable law, judicial proceeding, court order, subpoena or other legal process; (ii) detect, prevent, or otherwise address fraud, security, emergency situations or technical issues; (iii) enforce or apply the user agreement and other agreements, rights and remedies; or (iv) protect the rights, property, or safety of Company, our employees and contractors, users, or others.
Please note that Grindstone does not and will not sell anyone’s Personal Data to third parties.
Access and Opt-Out
If your Personal Data changes, or if you no longer desire our service, you may correct, update, amend, delete or ask to have it removed from a public forum or directory by contacting us at firstname.lastname@example.org. We will respond within a reasonable timeframe. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
If at any time you would like to stop receiving promotional emails from us, you may opt out of receiving these secondary communications. To opt out, you must select the “Unsubscribe” link present in each e-mail we send out to our customers. We reserve the right to send customers notification and administrative emails, which are considered a part of your service.
Security and Protection of your Personal Data
Grindstone has, and requires our third-party service providers to have, administrative, technical, and physical safeguards in place in our respective physical facilities and in our respective computer systems, databases, and communications networks that are reasonably designed to protect the information contained within such systems from loss, misuse, and alteration.
We employ commercially reasonable website security and customer verification procedures to protect your data. The measures we use may include storing Personal Data on secured servers, transmitting Personal Data using encryption technologies, and auditing and reviewing our data collection and storage practices.
User passwords and other sensitive information are saved and encrypted to prevent unauthorized access or disclosure and accidental loss, alteration, or destruction. We regularly review our operational and business practices for compliance with corporate policies and procedures governing the security, confidentiality, and quality of our information. We require all of our employees, contractors, and other third parties to protect confidential information as a condition of doing business with, and our business practices limit the use and disclosure of such information, including Personal Data, to authorized persons, processes, and transactions.
Please note that no method of electronic transmission or storage is 100% secure. Therefore, we cannot guarantee absolute security of your Personal Data. You also play a role in protecting your Personal Data. please safeguard your username and password for your account and do not share them with others. You agree to notify us immediately of any unauthorized use of your account or any other breach of security related to our services. We reserve the right, in our sole discretion, to refuse to provide the services, terminate your account, and to remove or edit content.
Our Website includes links to other websites whose privacy practices may differ from those of Grindstone. If you submit Personal Data to any of those websites, your information is governed by their privacy statements and policies. We encourage you to carefully read the privacy statement and policy of any website you visit. Grindstone does not guarantee and is not responsible for the privacy or security of these third-party websites, including the accuracy, completeness or reliability of their information.
Privacy Rights for California Residents
If you are a California resident, California Civil Code Section 1798.83 permits you to request information regarding the disclosure of your Personal Data to third parties for their direct marketing purposes.
At the moment, the California Consumer Privacy Act or “CCPA” is not applicable to the Website and the Company but we are committed to monitoring the situation and should the CCPA become applicable to us, to provide you all the rights and protection it offers.
Subject to certain limitations, the CCPA provides California consumers (i) the right to request to know more details about the categories or specific pieces of Personal Data the covered business collects, (ii) the right to delete their Personal Data, (iii) the right to opt out of any sale of such Personal Data that may be occurring, and (iv) the right to not be discriminated against for exercising these rights.
To contact us with questions about the CCPA, please send an email to email@example.com.
Consent to Processing and Transfer of Your Personal Data
If you use the Website, or otherwise provide us with data, from outside the United States, you acknowledge and agree that your Personal Data may be transmitted outside your resident jurisdiction.
If you are a resident of the European Union, we process your Personal Data in accordance with GDPR. Regardless of the country in which your Personal Data is processed, the Company takes reasonable technical, legal and organisational measures to ensure that the level of protection is the same as in the European Union and the European Economic Area. If you wish to know more about international transfers of your Personal Data and the appropriate safeguards that we have in place to govern the transfer of your personal data, you may contact us at firstname.lastname@example.org.
Legal Basis and Purpose for Processing Personal Data under GDPR
We may process certain Personal Data on the legal basis and for the specific purposes as described below:
On the legal basis of you giving us your consent when singing up on our Website, we may process your email address for the purpose of marketing activities, sending you newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt-out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send or by contacting us at email@example.com.
On the legal basis of you giving us your consent when accepting the cookies setting on the Website, we may process the applicable Personal Data collected with the help of cookies for the purpose of improving our Website, for analytical and marketing/advertising purposes.
In any case, the Company will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.
Recipients of your Personal Data
We do not share your Personal Data with any recipients outside of the Company and the group of companies into which the Company belongs unless one of the following circumstances applies:
it is necessary for the compliance with our obligations towards you
To the extent that our external service providers (Data Processors) need access to your Personal Data to help us operate the Website, we have taken the appropriate contractual and organisational measures to ensure that your Personal Data are processed in accordance with all applicable laws and regulations.
Below is a non-exclusive list of our sub-processors:
Meta Platforms, Inc.
Pine Events Inc.
Xsolla (USA), Inc.
Delivery Hero Slovakia s. r. o.
The list of external service providers we use may change from time to time as we change or remove some of the providers listed above and/or put in place other providers to assist us in operating the Website.
it is necessary for legal reasons
We may share your Personal Data with recipients outside the Company if we have a good-faith belief that access to and use of your personal data is reasonably necessary to: (i) meet any applicable law, regulation, and/or court order; (ii) detect, prevent, or otherwise address fraud, security or technical issues; and/or (iii) protect the interests, properties or safety of the Company, our users or the public as far as in accordance with the law. When possible, we will inform you about such processing.
you have given us your consent If you have allowed the cookies when visiting our Website we may use third-party providers listed below to help us collect and analyze Technical Data.
Below is a non-exclusive list of our sub-processors:
Meta Platforms, Inc.
Pine Events Inc.
Xsolla (USA), Inc.
The list of these sub-processors may change from time to time as we change or remove some of the providers listed above and/or put in place other providers to assist us in providing the Services.
The Company stores your personal data only if it is legally permitted and necessary for the purposes for which the data were collected, however, no longer than 5 years after you use our Website for the last time.
Your Rights under the GDPR
The Company undertakes to respect the confidentiality of your Personal Data and to guarantee you can exercise your rights.
Right of access – The Controller offers you access to your Personal Data we process. This means you can contact us and request from us a confirmation whether or not your personal data are being processed and if so, you have the right to request access to your data, which we will provide to you in the form of a so-called “registry” (stating, in particular, purposes, categories of personal data, categories of recipients of personal data, storage periods or criteria for determining storage periods).
Right to rectification – You have the right to have inaccurate Personal Data we have stored about you rectified.
Right to erasure – You may also ask us to erase your Personal Data from our systems. We will comply with such requests unless we have a legitimate ground to not delete your Personal Data.
Right to restriction of processing – You may request us to restrict certain processing of your Personal Data. If you restrict certain processing of your personal data, this may lead to fewer possibilities to use our Website.
Right to data portability – You have the right to receive your Personal Data from us in a structured, commonly used and machine-readable format in order to transmit the personal data to another controller.
Exercising of Your GDPR Data Protection Rights
You may exercise your rights of access, rectification, cancellation and opposition by contacting us at firstname.lastname@example.org. Please note that we may ask you to verify your identity before responding to such requests. If you make a request, we will try our best to respond to you as soon as possible.
You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, if you are in the European Economic Area (EEA), please contact your local data protection authority in the EEA
Mailing address: Pekná 13, Košice 040 01, Slovak Republic
Telephone: +421 905 397 017