Privacy Policy

We care about data privacy and security. By using the Site, you agree to be bound by our Privacy Policy posted on the Site, which is incorporated into these Terms of Use. Please be advised the Site is hosted in Slovakia. If you access the Site from any other region of the world with laws or other requirements governing personal data collection, use, or disclosure that differ from applicable laws in Slovakia, then through your continued use of the Site, you are transferring your data to Slovakia, and you agree to have your data transferred to and processed in Slovakia.

The Provider as the operator of the Software, website provides following statement:

We use your Personal Information only for providing and improving the Software, Site and the App. By using the Software, Site and the App, you agree to the collection and use of information in accordance with this policy.

As the operator is established in the European Union, his activities are also covered by the Regulation (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter “GDPR”).

Recitals and Definitions:

In line with Art. 28 GDPR, the Provider as a Cloud Services Provider (Data Warehousing Services) and operator of the Site and App shall have the Processor’s status and the User shall have status of the Concerned Person. Where the term "Concerned Person" is used in this article, it is meant by the User, and where the term "Processor" is referred to in this article, it is meant by the Provider.

The User as the Concerned Person assigns to the Provider as the Processor his agreement to the processing of the User’s personal data by automated means on the virtual server of the intermediary or its supplier (hereinafter "cloud") during the usage of the Software, Site or App by the User.

The Provider take appropriate technical and organizational measures so that the processing of personal data complies with the GDPR requirements and the relevant legislation governing the protection of personal data and with the protection of the rights of the data subject.

Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

The authorized operations performed by the Provider in the processing of personal data are to collect, record, browse, store, block, organize, repair, modify, sort, store on data carriers, and also by remote access within the range of activities provided by the Provider services. Personal data stored in the cloud can only be processed by the intermediary in the scope of permitted operations with them. In case of doubts about the admissibility of processing operations, the intermediary is obliged to request written instructions from the Provider and to respect them.

Provider process your Personal Information for providing and improving the Software, Site and the App. By using the Software, Site and the App, you agree to the collection and use of information in accordance with this policy.

The conditions for the processing of personal data provided about users by their employers are governed by the conditions of a separate agreement between the provider and the employer governing the rights and obligations of employers as Controller´s of the Personal data.

Type of personal data and category of persons concerned:

Personal data processed by the Provider as Processor on behalf of the User are in particular all information that could identify the physical person and the recorded personal nature of physical persons as part of the User's data stored in the Cloud such as name, surname, address, e-mail address, phone number, cookies and GPS coordinates.

The data subject is any natural person whose personal data is processed in the cloud.

User is authorized to restrict Provider´s access to the Personal Information through the application settings by refusing to provide GPS coordinates however, this will limit some functionalities of the Software, Site and App.

Information and content you provide.

We collect content, communication and other information you provide when you use our Services, including when you sign up for the account, create, publish or comment on posts in the calendar.

Your usage.

We collect information about how you use our Services, such as which functionality or features you use, the actions you take, and the time, place and the frequency of such usage.

Information about transactions made on our Products.

If you are in charge of your subscription, we collect information about the payments and the transactions. This includes payment information, such as your credit or debit card number and other card information, other account and authentication information; and billing, shipping and contact details.

Things others do and information they provide about you.

We also analyze content, communications and information other users provide about you. This may include information, for example when other users send you posts for approval or mention you within a post comment.

As described below, we collect information from and about the computers and phones connected and using our Services. For example, we use the information collected to better understand which features are or aren’t important to you, or to help us quickly identify the problem you might be experiencing with any of Software’s functionality and to secure your account before unauthorised access.

Information we obtain from these devices includes:

Device attributes:

Information such as operating system, hardware and software versions or browser type.


Unique identifiers or device IDs associated with the same device or account.

Network and connections:

Information such as time zone and IP address

Cookie data:

Data from cookies stored on your device, including cookie IDs and settings.

Usage of data

Provide, personalize and improve our Services.

We use the information we have to deliver our Services, personalize features and make suggestions for you (such as features you might be interested in using or have not used). Our legal basis for such processing is the need to comply with contractual obligations contained in the Terms of use according to article 6 par. 1 letter b) of the GDPR.

Product research and development:

We use the information we have to develop, test and improve our Services, including by conducting surveys and research, and testing and troubleshooting new products and features. Such processing is necessary for our legitimate interests consisting in providing an innovative Services to our users and partners.

Provide measurement, analytics, and other business services.

We use the information we have to analyze the effectiveness of our marketing campaigns. Such data may be aggregated, pseudonymized or de-identified, but if it does contain personal data, processing is necessary for our legitimate interests consisting in efficient marketing.

Promote safety, integrity and security.

We use the information we have to verify accounts and activity, combat harmful conduct, detect and prevent spam and other bad experiences, maintain the integrity of our Services. We also use data we have to investigate suspicious activity or violations of our terms or policies. Such processing is necessary for our legitimate interests consisting in providing a safe environment and secure Service to our users and partners.

Confidentiality and Security

The User and the Provider are obliged to keep confidential the personal data being processed. The duty of confidentiality persists even after the processing of personal data has ended.

User and Provider are obliged to bind the confidentiality of the personal data of the natural person who comes into contact with the personal data of the User or Provider (including other processors and their authorized persons). The obligation of secrecy does not apply if it is necessary for the fulfilment of the tasks of the court and of the law enforcement bodies under a special law.

The Provider take appropriate technical and organizational measures with regard to the latest knowledge, the cost of implementing the measures and the nature, scope, context and purpose of the processing, as well as the risks with different probabilities and seriousness for the rights and freedoms of natural persons to ensure a level of safety appropriate to that risk (under Article 32 of the GDPR), in particular to ensure:

  1. pseudonymization and encryption of personal data;

  2. the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;

  3. the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;

  4. a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.

The Provider is obliged to ensure without undue delay the updating of the measures taken in order to correspond to the accepted changes in the processing of personal data.

The Provider undertakes to protect processed personal data against unauthorized or accidental disclosure, damage, destruction, loss, alteration, unauthorized disclosure, provision, transfer, disclosure or misuse, as well as any other inadmissible processing.

Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.

Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential.

All sensitive information you supply (your phone, credit card, paypal authorization) is encrypted via Secure Socket Layer (SSL) technology.

We do not store or process any credit card information or PayPal authorizations on our servers. All credit card information and PayPal authorizations are stored and processed within service, known as credit card payment gate

The security of your Personal Information is important to us, but remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security.


Provider collect information that your browser sends whenever you visit our Site and App ("Log Data"). This Log Data may include information such as your computer's Internet Protocol ("IP") address, browser type, browser version, the pages of our Site that you visit, the time and date of your visit, the time spent on those pages and other statistics.

The cookies in use on our Site and App are session cookies used for technical reasons. Session cookie enable the Site to keep track of your movement from page to page so you don't get asked for the same information you've already given to the site. Cookies allow you to proceed through many pages of a site quickly and easily without having to authenticate or reprocess each new area you visit. Session cookies allow Users to be recognized within a website so any page changes or item or data selection you do is remembered from page to page.

Google uses first-party cookies to track visitor interactions as in our case, where they are used to collect information about how visitors use our site. We then use the information to compile reports and to help us improve our site.

Google collects information anonymously. It reports website trends without identifying individual visitors.


Provider may use your Personal Information to contact you with software upgrade notices, system maintenance notifications and other customer support-related information and alerts. Occasionally, we may contact you with newsletters, marketing or promotional materials and other information that is relevant to the software.

Sharing of the personal data

We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when its release is appropriate to comply with the law, enforce our site policies, or protect ours or others' rights, property or safety.

Rights and obligations of the Provider

The Provider is authorized to process personal data only on the basis of written instructions from the User, including instructions on the transfer to a third country or international organization (except as provided in Article 28 (3) (a) of the GDPR).

Having regard to the nature of the processing of personal data, the Provider shall, to the maximum extent possible, provide the User with appropriate technical and organizational measures to fulfil his obligation to take action at the request of the data subject under Chapter III of the GDPR (Articles 12 to 23 GDPR), but in particular on the basis of an express written instruction or an application by the User

  1. in fulfilling the information obligation to the data subject under Articles 13 and 14 of the GDPR;

  2. to ensure that the data subject has access to personal data under Article 15 of the GDPR, in particular to provide the User with a copy of the personal data subject to processing in the form requested by the User;

  3. to ensure the right of the data subject to correct personal data under Article 16 of the GDPR, in particular without undue delay, to correct outdated or incorrect personal data;

  4. to ensure the right of the data subject to delete the processing of personal data under Article 18 of the GDPR, in particular to delete the processing of personal data;

  5. to ensure the right of the data subject to restrict the processing of personal data under Article 18 of the GDPR, in particular to restrict the processing of personal data;

  6. In securing the right of the data subject to the portability of personal data under Article 20 GDPR, he shall in particular provide the User with personal data in the form requested by the User;

  7. in ensuring the right of the data subject to object to the processing of personal data under Article 21 of the GDPR (if processing is necessary for the performance of a public service task or for the exercise of public authority entrusted to the User or for the legitimate interests of the User or a third party, or the rights of the person concerned, or if personal data are processed for direct marketing purposes, including profiling), in particular, stop processing personal data;

  8. to ensure the right of the data subject not to be covered by a decision based exclusively on the automated processing of personal data, including profiling, which has legal effects that affect him or her or have a significant effect on him under Article 22 of the GDPR.

The Provider is obliged to provide the User with the assistance of ensuring compliance with the obligations under Articles 32 to 36 of the GDPR, taking into account the nature of the processing of personal data and the information available to the Provider.

In the event that the Provider receives a complaint from the data subject in connection with the processing of personal data, he shall be obliged to submit the complaint to the User without undue delay.

The Provider undertakes to provide the User with the information necessary to demonstrate the fulfilment of the obligations and to provide co-operation within the framework of the audit of personal data protection and control by the User or auditor entrusted by the User.

The Provider is obliged to inform the User without undue delay if he / she considers that the User's instruction violates the Personal Data Protection Regulations.

Personal data may be processed only in accordance with the Privacy Regulations so as not to violate the fundamental rights and freedoms of the persons concerned, in particular the violation of their right to the preservation of human dignity or other unjustified interference with their right to privacy.

Data retention, account deactivation and deletion

We store data until it is no longer necessary to provide our Services or until your account is deleted - whichever comes first.

Privacy Policies changes

This Privacy Policy is effective as of 14.07.2023 and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page. We reserve the right to update or change our Privacy Policy at any time and you should check this Privacy Policy periodically. Your continued use of the Service after we post any modifications to the Privacy Policy on this page will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified Privacy Policy.

In the event of any change, the Provider commits the User to inform them in advance so that the User can assess the change and take measures to enable him / her to act in accordance with the Personal Data Protection Regulations (e.g. fulfilment of the information obligation to the data subject for the transfer to third landscape).

If Provider make any material changes to this Privacy Policy, Provider will notify you either through the email address you have provided us, or by placing a prominent notice on our website.

Contact information

If you have any questions about this Privacy Policy, contact us at:

Business name: Tools Done Right s.r.o.

Registered office: Brigádnická 27, 841 10 Bratislava – Devín, Slovak republic

Identification no.: 52 909 719

Registered in: Commercial register maintained by District court Bratislava I,

Section Sro, file no. 144736/B

Phone number: (+421)905 159 845