Privacy policy

Rules of personal data processing by ANASOFT APR, spol. s r.o. (product owner of Signatus)

Personal data protection is very important to us. We require from ourselves to be transparent as to why and how we use and process personal data. We respect your personal and private space. We also inform you of the rights as affected persons (data subjects) whose personal data we process.

Why we process personal data?

We acquire and process personal data for different reasons including for multiple purposes but always in accordance with legislation based on sound legal basis.

Depending on your agreement we process: 

• personal information of applicants for the purpose of possible future employment with our company and contacting applicants if an employment opening is available
• selected personal information for the purpose of a newsletter and information related to products and services of the company, as well as events and other similar reasons
• selected personal data in order to contact you via communication channels chosen by you in order to deliver requested information of interest to you such as about our products and solutions.

In accordance with current applicable laws we process:

• data on personal and wage history of former employees for fulfilling employer requirements related to employment, in order to archive data on provided health care and welfare benefits, retirement benefits, salary, bonuses, paid sick leave, deductions, tax contributions and similar items,
• information of security clearances by National Security Authority of former employees of our company,
• invoicing data for accounting purposes,
• mailing information to track sent and received mail,
• information on credit default and payment lateness communication related to collection and their resolution, 
• information related to whistleblowing for purpose of processing ideas and reporting shortcomings,
• further purposes relevant to only our employees.

Based on legitimate interest of ANASOFT we process:

• business data for the purpose of procuring a sales agreement and maintenance of client relationship with existing clients, development of mutual cooperation, organization of workshops, conferences and similar activities related to our products, services or trademarks,
• personal data in book of visitors at every entrance to ANASOFT locations,
• data from the camera system to monitor spaces accessible by the public, for the purpose of safety of workers, visitors, private property and monitoring of criminal activity,
• data collected automatically on web sites and mobile applications (functional and technical cookies necessary for orderly operation of our website, analytical cookies - Google Analytics, Hotjar), recaptcha, Google Maps, various information on your device used to look at website or download an application, login information where it is needed to sign on, information acquired via social plugins of third parties, for example Facebook, “Like Button” and other technologies for proper functioning and improvement of the site operation, site security, providing functions of social networks, adjusting content by user and analysis of visits and behavior of users.

What type of personal data we process? 

Information processed on affected persons belong primarily to the category of typical personal information. Special category of personal data is collected only for employees of the company with explicit consent, but who are able to rescind such a consent at any time.

On our company Website we process cookie files based on the rules of processing cookie files.

Whose data we process?

Affected persons whose data we process in the role of a controller of data are mainly:

• Job applicants,
• employees of our clients and partners,
• employees of our suppliers (including their suppliers and associated persons of our suppliers and their suppliers),
• visitors to our physical spaces, offices or parking,
• visitors of our Website,
• requestors of our pricing and other business information,
• former employees of our company,
• other persons that contact us from their own initiative, such as proposal of a suggestion or complaint, requesting a reply, information or other reasons.

Affected persons whose personal data we process in the role of a controller are mainly: 

• Persons whose personal information we acquire and process in conjunction with providing services to our clients, partners and companies who are parts of the ANASOFT company,
• Persons, whose personal information we procure from publicly available sources in conjunction with our philanthropic activities such as names related to the company sponsored award of ANASOFTlitera, etc.

To whom and on what basis we provide and make available your personal information?

Your personal information we provide to other parties only when it is directly required by law or you expressly agreed to such disclosure. Personal information we can also provide to our suppliers based on a mutual agreement and business considerations. Those provisions commit our suppliers to follow security mechanisms for protection of personal information and follow them at least at the equal level of security standards dealing with confidentiality, integrity and availability of data to the degree that the level of protection does not decrease below our commitment to security guaranties.

Transfer of personal data to third countries is not being done, with the exception of transferring cookie files as defined in specific rules related to processing of cookie files.

How do we protect your personal data?

Security of personal data as well as other confidential information needed to provide our solutions, products and services is to us a high priority. We conform to international security and all business standards, production, marketing, management, organizational and supporting processes are periodically verified by independent audits in conjunction with holding of ISO 27001:2013 management of information security certification. We implemented regulations, processes and education relating to personal data security, maintaining its confidentiality, integrity and availability. We regularly evaluate appropriateness of our organizational as well as technical security policy by investing in their utility or by introducing new tools and policies.

How long we keep your personal information?

Your personal information is kept only for a necessary period that is defined in the internal policies of our company. Filing plan, filing rules and document archiving follow rules required by the Archives of the City of Bratislava. After those periods expire the data is safely liquidated or anonymized.

Are we automatically profiling persons?

We do not profile personal data of persons automatically.

What personal data are processed by using the SIGNATUS product?

Technically it is possible to collect an indefinite amount of personal data needed for creating any type of electronic document in SIGNATUS with the same legal assurances as a paper document. By default, the personal data that is collected contains: name, surname, post address, e-mail, phone number, birth date, personal identification number and biometric features of handwritten digital signature such as pressure, speed, acceleration, position of a pen on the X and Y axis and time. Before the Biometric data are given it needs to be made clear that the Biometric data are collected and processed on the basis of consent, which is given by a clear affirmative act establishing a freely given, specific, informed and unambiguous indication of the data subject's agreement to the processing of personal data relating to him or her.

It is possible to add GPS data to the document signing process, which will be the integral part of the signature, but not the part of the biometry. The document may contain attachments of various kinds of other documents e.g. copies of ID, photographs, etc.

SIGNATUS does not process an IP address and Cookies.

The extent of collected and processed personal data is determined by the Controller - our Customer. The Controller makes a decision about processing activities, the time of data processing, the length of their storage, and similar information based on the defined purpose of data processing.

ANASOFT does not have access to the data processed by Signature Analyzer, an independent forensic tool intended for authenticity of a signature evaluation and for originality evaluation of documents signed by SIGNATUS.

Your rights related to your personal information

In accordance to current legislation you have a right to access your own personal information, you can correct, expunge or limit processing as well as object to our processing.

When we process your personal data based on your consent, you have a right to revoke such consent anytime. In general we do not process personal data based on consent only because we can rely on a different legal basis mentioned above. To revoke such consent to process your personal data send us an email to gdpr@anasoft.com. To end reception of emails, such as newsletters from the marketing list you can also click on the link designated to unsubscribe in the email that you received from us.

All your rights can be realized by submitting a request to a data protection officer by email to gdpr@anasoft.com. To create a reply to your request we are entitled to request from you additional identification in order to establish your identity. Resolution of your request from the view of rights of affected persons will take into account our legitimate reasons for processing personal data or identification, implementation or protection of legal requirements.

In case your personal data is processed by us as an intermediary such as a supplier we recommend to address your concerns and requests primarily to your implementer of personal data as we may not be allowed to process this kind of requests of affected persons without the knowledge of our client – the implementer of personal data.

We hope that you will never have to complain for our use of personal data. In case you decide take this step after all, please send your complaint to gdpr@anasoft.com. We will deal with any complaint and request we receive and will reply to them. You can also have the right to turn to the Office for Personal Data Protection of the Slovak Republic.

Our contact information as an implementer of personal data

If you have any questions to this regulation or desire to know more about how and why we process your personal data you can contact our appropriate employees in charge of personal information in one of the following ways:

Email: gdpr@anasoft.com

Telephone: +421 2 3223 4111

In writing at the company address of: ANASOFT APR, spol. s r.o., Mlynská dolina 41, Bratislava 811 02 Slovakia

Changes to regulation of protection to personal information

This announcement is based on the current legislative of the EU and Slovakia. The specific law is the Regulation (EU) 2016/679 of the European Parliament and of the Council.

The applicability of this regulation about protection of personal data we will regularly update in order to maintain the transparency of communication with affected persons.

This announcement about the protection of personal information was updated as of 25. May of 2018.