Privacy Policy

1. Introduction

Welcome to Bitloom s.r.o. ("we," "our," or "us"). We are a Software Craftsmanship company based in Košice, Slovakia, specializing in web development, mobile development, and technical consulting. We are committed to protecting your personal information and your right to privacy.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website bitloom.sk and blog.bitloom.sk, use our services, or contact us for business inquiries.

2. Information We Collect

2.1 Information You Provide Directly

When you contact us through our website forms, we collect:

• Contact Information: Name, email address
• Business Information: Company name, project details
• Communication Content: Messages, project requirements, goals, and timeline information

2.2 Information Collected with Your Consent

Only when you accept cookies through our consent banner, we collect:

• Analytics Data: Page views, session duration, bounce rate, device information
• Technical Information: IP address, browser type, operating system, referring URLs
• Usage Patterns: Pages visited, time spent on pages, interaction with website elements
• Performance Data: Page load times, scroll depth, form interactions

Important: If you decline cookies, we do not collect any of this analytics data. Only essential website functionality cookies are used.

2.3 Cookies and Tracking Technologies

We use different types of cookies based on your consent:

• Essential Cookies: Always active - Required for website functionality, security, and consent preferences
• Analytics Cookies: Only with your consent - Google Analytics for website performance analysis
• Preference Cookies: Remember your settings (theme, language preferences, cookie consent choice)

Your Choice: You can accept or decline cookies when you first visit our website. You can change your choice at any time through your browser settings.

3. How We Use Your Information

We use your information for the following business purposes:

• Business Communications: Responding to inquiries, providing project quotes, discussing technical requirements
• Service Delivery: Managing projects, providing technical consulting, and delivering development services
• Website Improvement: Analyzing website performance, understanding user behavior, optimizing user experience
• Marketing: Sharing relevant content, case studies, and service updates (with consent)
• Legal Compliance: Meeting legal obligations, resolving disputes, enforcing agreements
• Security: Protecting against fraud, unauthorized access, and security vulnerabilities

4. Google Analytics (Consent-Based)

Only when you accept cookies, we use Google Analytics 4 (GA4) to analyze website traffic and improve our services. Google Analytics collects anonymous usage data including:

• Pages visited and time spent on each page
• Geographic location (country/city level)
• Device and browser information
• Traffic sources and referral information
• User interactions and engagement metrics

Your Control: You can decline analytics tracking through our cookie consent banner. If you decline, no analytics data is collected. You can also opt-out later by installing the Google Analytics opt-out browser add-on.

No Consent = No Tracking: If you decline cookies, Google Analytics is completely disabled and no usage data is collected about your visit.

5. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information. We may share information in the following limited circumstances:

• Service Providers: Trusted third-party services (email providers, analytics, hosting) under strict confidentiality agreements
• Legal Requirements: When required by law, court order, or to protect our legal rights
• Business Transfers: In connection with merger, acquisition, or sale of business assets (with prior notice)
• Consent: When you explicitly consent to sharing for specific purposes

6. Data Security

We implement industry-standard security measures to protect your information:

• Encryption: SSL/TLS encryption for data transmission
• Access Controls: Limited access to personal information on need-to-know basis
• Secure Storage: Protected servers and databases with regular security updates
• Regular Monitoring: Continuous monitoring for security vulnerabilities

While we strive to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security but commit to promptly addressing any security incidents.

7. Your Privacy Rights (GDPR)

Under the General Data Protection Regulation (GDPR), you have the following rights:

• Right to Access: Request copies of your personal information
• Right to Rectification: Request correction of inaccurate information
• Right to Erasure: Request deletion of your personal information
• Right to Restrict Processing: Request limitation of how we process your information
• Right to Data Portability: Request transfer of your information to another service
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent for marketing communications

To exercise these rights, contact us at info@bitloom.sk. We will respond within 30 days of receiving your request.

8. Cookie Management and Consent

You have full control over cookie consent and can manage your preferences through:

• Cookie Consent Banner: Accept or decline cookies when you first visit our website
• Browser Settings: Configure your browser to block or delete cookies (this will override your consent choice)
• Third-party Tools: Use privacy tools and browser extensions

Note: Disabling essential cookies may limit website functionality and user experience. Analytics cookies are optional.

9. Data Retention

We retain your information for the following periods:

• Contact Inquiries: 3 years from last communication
• Project Communications: 5 years after project completion
• Analytics Data: 26 months (Google Analytics default) - only if consent was given
• Cookie Consent Preferences: 12 months from last visit
• Essential Cookies: Session-based or until browser closure

We will delete or anonymize your information when it's no longer needed for legitimate business purposes.

10. International Data Transfers

Your information may be transferred to and processed in countries outside the European Economic Area (EEA), including the United States (Google Analytics). We ensure appropriate safeguards are in place:

• Google Analytics: Covered by Google's EU-US Data Privacy Framework certification
• Contractual protections: Standard contractual clauses for data transfers
• Adequacy decisions: Transfers to countries with adequate data protection levels

11. Children's Privacy

Our website and services are not directed to children under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected information from a child under 16, we will take steps to delete such information promptly.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. We will notify you of significant changes by:

• Posting the updated policy on our website
• Updating the "Last Updated" date
• Sending email notifications for material changes (if applicable)

Your continued use of our website after changes constitutes acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

For GDPR-related requests or data protection concerns, please use the subject line "Privacy Request" in your email to ensure prompt handling.