GDPR

Introduction

Our platform is committed to protecting your privacy and ensuring that your personal data is handled in compliance with the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679). This statement provides information about how we collect, use, and protect your personal data.

Controller and Contact Information

The data controller responsible for your personal data is Vladimír Urík - Development. For any questions or concerns regarding data protection, you can contact our Data Protection Officer at: Email: support@portfolio4me.com.

Data We Collect

We collect and process the following personal data:

• Contact Information: Email addresses and other contact details provided during registration.
• Usage Data: Information on how you use our platform, including login details (encrypted), onboarding process, and interactions with our dashboard and themes section.
• Technical Data: IP addresses, browser type, and operating system.

Purpose of Processing

Your personal data is processed for the following purposes:

1. Account Management: To create and manage your account on our platform.
2. Customization: To enable you to personalize and manage your portfolio.
3. Analytics: To analyze usage and performance of the platform using Plausible (self-hosted version).
4. Third-Party Services: To integrate and utilize services provided by Vercel, Supabase, Cloudflare, and MinIO (self-hosted S3 storage).
5. Authentication: To facilitate login via Google and Discord OAuth.
6. Subscription Management: To manage Premium subscriptions and related payments through Stripe.

Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Consent: For sending marketing communications and for certain types of cookies (Article 6(1)(a) GDPR).
• Contract: To perform our obligations under the contract with you (Article 6(1)(b) GDPR).
• Legitimate Interests: For improving our platform, preventing fraud, and ensuring security (Article 6(1)(f) GDPR).

Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Consent: For sending marketing communications and for certain types of cookies (Article 6(1)(a) GDPR).
• Contract: To perform our obligations under the contract with you (Article 6(1)(b) GDPR).
• Legitimate Interests: For improving our platform, preventing fraud, and ensuring security (Article 6(1)(f) GDPR).

Third-Party Services

We use the following third-party services to support our platform:

• Vercel: For hosting and deployment services.
• Supabase: For database management and authentication services.
• Google OAuth: For authentication and user account management.
• Discord OAuth: For authentication and user account management.
• MinIO: For self-hosted S3 storage solutions to securely store user data.
• Stripe: For processing payments and managing Premium subscriptions. By making a payment, you agree to the Stripe Data Processing Agreements.
• Cloudflare: For DNS management and hosting services, including for our documentation site at docs.portfolio4me.com.
• Hetzner: For hosting the systems that manage statistics, our custom version of Plausible analytics, and Slimpic software.
• Contabo: For S3-compatible storage solutions to securely store user data.

Cookies

We use the following types of cookies on our platform:

• sp_authtoken: A token used for authentication with Supabase. The name may vary but serves the same purpose.

Data Subject Rights

Under the GDPR, you have the following rights regarding your personal data:

• Right to Access: You can request access to your personal data and obtain a copy.
• Right to Rectification: You can request correction of inaccurate or incomplete data.
• Right to Erasure: You can request deletion of your personal data under certain conditions.
• Right to Restriction: You can request restriction of processing under certain conditions.
• Right to Object: You can object to the processing of your data in certain situations.

To exercise any of these rights, please contact us at support@portfolio4me.com.

Data Security

We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, disclosure, alteration, and destruction.

International Transfers

In cases where personal data is transferred to third countries outside the EU/EEA, we ensure that appropriate safeguards are in place, such as standard contractual clauses or binding corporate rules, to protect your data.

Changes to This Statement

We may update this GDPR compliance statement from time to time. Any changes will be posted on this page with an updated revision date.

Contact Us

If you have any questions or concerns about our use of your personal data, please contact us at support@portfolio4me.com.

Last updated: 13. 8. 2024