Privacy Policy

Last Updated: April 3, 2025

1. Introduction

This Privacy Policy explains how SETO Corp. We collects, uses, and protects your personal data when you use the website tomek.wtf (the "Website"). We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR) and relevant Czech legislation.

This policy applies to all visitors and registered users of the Website. By using the Website, you also agree to our Terms of Service.

2. Data Controller

The data controller responsible for your personal data is:

SETO Corp.
Contact Email for Privacy Matters: se.to.zaridi@gmail.com

3. What Personal Data We Collect and Why

We collect the following types of personal data for the purposes listed below:

  • Account Information:
    • Data: Email address, chosen name/nickname, hashed password.
    • Purpose: To create and manage your user account, allow you to log in, identify you, and communicate essential service information (e.g., password resets).
    • Legal Basis (GDPR Art. 6(1)(b)): Processing is necessary for the performance of a contract to which you are party (i.e., providing the website service you registered for).
  • Google Login Information (if used):
    • Data: Email address, name, profile picture URL (provided by Google upon your authorization).
    • Purpose: To authenticate you via your Google account and potentially pre-fill profile information.
    • Legal Basis (GDPR Art. 6(1)(b)): Processing is necessary for the performance of a contract (providing the Google login service).
  • Technical Information (Server Logs):
    • Data: IP address, browser type, operating system, access times, pages visited.
    • Purpose: To ensure the security and stability of the Website, diagnose technical problems, prevent abuse, and analyze traffic patterns (anonymously or pseudonymously where possible).
    • Legal Basis (GDPR Art. 6(1)(f)): Processing is necessary for the purposes of our legitimate interests (maintaining website security and functionality).
  • Cookies:
    • Data: Small data files stored on your device.
    • Purpose & Legal Basis:
      • Essential/Session Cookies: Used to maintain your login session. Necessary for the function of the service (Legal Basis: GDPR Art. 6(1)(b) or legitimate interest).
      • [If applicable: Analytics Cookies:] Used to understand website usage (e.g., Google Analytics). Requires your explicit consent (Legal Basis: GDPR Art. 6(1)(a)). [Link to Cookie Policy/Settings if you have one].
      • [If applicable: Other Cookies:] [Describe any other cookies used and their purpose/legal basis].
    • [Mention if you have a separate Cookie Policy or settings management tool].

We only collect personal data that is necessary for the stated purposes.

4. Data Sharing and Third Parties

We do not sell your personal data. We may share your data with the following third parties only when necessary:

  • Google LLC: If you choose to log in using Google Login, information is exchanged with Google for authentication as per their privacy policy.
  • Hosting Provider: Our Website is hosted by [Name of Your Hosting Provider]. Your data is stored on their servers, located primarily in [Location, e.g., the European Union].
  • [If applicable: Email Service Provider]: For sending password reset emails or other essential notifications. [Provider Name, e.g., SendGrid, Mailgun, own server].
  • [If applicable: Analytics Provider]: If using services like Google Analytics, anonymized or pseudonymized data may be shared based on your consent.
  • Legal Requirements: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).

5. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

  • Account Information (Email, Nickname): Retained as long as your account is active. If you delete your account [or specify inactivity period], we will delete or anonymize this data within [Specify Timeframe, e.g., 30 days], unless required otherwise by law.
  • Server Logs: Retained for a limited period (e.g., [Specify Timeframe, e.g., 14 days, 1 month]) for security and diagnostic purposes.
  • Cookie Data: Retention period varies by cookie type (session cookies expire when you close your browser, persistent cookies have set lifespans).

6. Data Security

We implement appropriate technical and organizational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. This includes measures like password hashing, use of HTTPS, and regular security reviews. However, no method of transmission over the Internet or electronic storage is 100% secure.

7. Your Rights Under GDPR

As a data subject under GDPR, you have the following rights regarding your personal data:

  • Right of Access: You can request copies of your personal data.
  • Right to Rectification: You can request correction of inaccurate personal data or completion of incomplete data.
  • Right to Erasure ('Right to be Forgotten'): You can request the deletion of your personal data under certain conditions.
  • Right to Restrict Processing: You can request the restriction of processing your personal data under certain conditions.
  • Right to Data Portability: You can request transfer of your data to another organization, or directly to you, under certain conditions.
  • Right to Object: You can object to the processing of your personal data based on legitimate interests.
  • Right to Withdraw Consent: If we rely on your consent for processing (e.g., non-essential cookies), you can withdraw it at any time.
  • Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority, in particular in the EU Member State of your habitual residence, place of work, or place of the alleged infringement. The supervisory authority in the Czech Republic is the Úřad pro ochranu osobních údajů (UOOU - www.uoou.cz).

8. How to Exercise Your Rights

To exercise any of these rights, please contact us at our dedicated privacy email: se.to.zaridi@gmail.com. We may need to verify your identity before processing your request.

9. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

10. Contact Us

If you have any questions about this Privacy Policy, please contact us at: se.to.zaridi@gmail.com