1. Controller
GBdix s. r. o.
Mlynská 14, 040 01 Košice — mestská časť Staré Mesto
IČO: 55 039 383
DIČ: 2121845418
E-mail: gbdixsro@gmail.com
(hereinafter the „Controller")
The Controller processes personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR) and Act No. 18/2018 Coll. on the Protection of Personal Data.
2. What personal data we collect
Depending on how you use our services, we may process the following categories of personal data:
- When downloading a free ebook: email address.
- When purchasing a paid ebook: first name, surname, email address, phone number (optional), and data required to process the payment (processed directly by the Comgate payment gateway — we have no access to it).
- When submitting the contact form: name, email address, phone number, and the content of your message.
- When visiting the website: technical data (IP address, browser type, device information, pages visited) collected through analytics tools and cookies.
3. Purpose of processing and legal basis
| Purpose | Legal basis |
|---|---|
| Delivery of the ordered ebook (both paid and free) | Performance of a contract (Art. 6(1)(b) GDPR) |
| Issuing and archiving tax documents | Compliance with a legal obligation (Art. 6(1)(c)) |
| Responding to an inquiry from the contact form | Consent / legitimate interest (Art. 6(1)(a) / (f)) |
| Improving the website and marketing analysis | Legitimate interest (Art. 6(1)(f)) |
| Sending commercial communications (only if you have subscribed) | Consent (Art. 6(1)(a)) |
4. Retention period
- Accounting documents: 10 years (legal obligation).
- Data from contact forms: max. 3 years or until consent is withdrawn.
- Marketing consents: until consent is withdrawn.
- Cookies: according to the type of cookie (max. 12 months).
5. To whom we may disclose your data
Your data may be disclosed only to processors who provide us with services essential for the operation of the website and the delivery of products:
- Comgate, a. s. — payment gateway for processing payments.
- Hosting provider — for operating the website and storing data.
- Email provider — for delivering ebooks and responses.
- Accountant / accounting firm — for handling bookkeeping.
- Analytics tools (e.g. Google Analytics) — anonymised traffic data.
All processors are bound to protect your data in accordance with the GDPR.
6. Transfer of data outside the EU
Some of our tools (e.g. Google Analytics) may also process data in countries outside the EU. In such cases, we ensure an adequate level of protection through standard contractual clauses approved by the European Commission.
7. Your rights
As a data subject, you have the following rights under the GDPR:
- Right of access to your personal data
- Right to rectification of inaccurate or outdated data
- Right to erasure („right to be forgotten")
- Right to restriction of processing
- Right to data portability
- Right to object to processing
- Right to withdraw consent at any time, without affecting the lawfulness of processing carried out before its withdrawal
- Right to lodge a complaint with the Office for Personal Data Protection of the Slovak Republic
To exercise any of these rights, contact us at gbdixsro@gmail.com. We will respond within 30 days.
8. Cookies
Our website uses cookies — small text files stored in your browser — to ensure functionality, analyse traffic, and personalise content.
- Necessary cookies: ensure the basic functioning of the website (e.g. retaining the checkout state). They cannot be disabled.
- Analytics cookies: help us understand how you use the website (e.g. Google Analytics). These can be declined.
You can manage cookies in your browser settings.
9. Contact
Send any questions regarding the protection of personal data to gbdixsro@gmail.com.
Contact for the supervisory authority: Office for Personal Data Protection of the Slovak Republic.