PRIVACY NOTICE

Effective Date 20.08.2024

This privacy notice (“Privacy Notice”) for InfraLogic Solutions Korlátolt Felelősségű Társaság (“InfraLogic”, “the Company”, “we”, “us”, or “our”) describes how and why we might collect, store, use, and/or share (“process”) your information when you use our services such as URL shortening, custom-branded links, link management, link-in-bio, QR code, and analytics products and services (“Services”), when you:

Visit our website at https://slimlink.com, or any website that links to this Privacy Notice
Engage with us in other related ways, including sales, marketing, or events

By using the Services, you provide us with your explicit consent to process your personal data in accordance with the purposes and other conditions set forth in this Privacy Notice.

Questions or concerns? Reading this Privacy Notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at [email protected].

SUMMARY OF KEY POINTS

This summary provides key points from our privacy notice, but you can find more details by using our table of contents below.

Who is the data controller? InfraLogic is the data controller as it processes your data on its own behalf. The contact details of the data controller are: [email protected].

InfraLogic Solutions Korlátolt Felelősségű Társaság is registered in Hungary with registration number 01-09-430124 and tax number 32551055-2-42, having registered address at 1076 Budapest, Garay Street 44, ground floor, door 1.

What personal information do we process? We may process personal information depending on how you interact with InfraLogic and the Services, the choices you make, and the products and features you use.

Do we process sensitive personal information? We do not process sensitive personal information such as racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health data, or data concerning a person’s sex life or sexual orientation.

Do we receive information from third parties? We may receive information from public databases, marketing partners, social media platforms, and other outside sources.

How do we process your information? We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with the law. We may also process your information for other purposes with your consent.

In what situations and with which types of parties do we share personal information? We may share information in specific situations and with specific categories of third parties.

How do we keep your information safe? We have organizational and technical processes and procedures in place to protect your personal information. However, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure.

What are your rights? In general, you have the following rights concerning the processing of your personal data:

The right to request access to your personal data
The right to request the rectification of inaccurate data
In specific cases, the right to request the deletion of some of your data
In specific cases, the right to request the limitation of the processing carried out by InfraLogic
The right to object to the processing of your data on grounds relating to your particular situation or, irrespective of your situation, to the use of your data for direct marketing purposes
The right to receive the data you have provided and/or to request that it be transmitted to another data controller
The right to determine the fate of your data after your death

You also have the right to withdraw your consent to the processing of your data at any time when consent is the legal basis for processing.

You can also file a complaint with your local supervisory authority or with the supervisory authority in Hungary (Hungarian National Authority for Data Protection and Freedom of Information; you can find their contact details here: https://www.naih.hu/about-the-authority

How do you exercise your rights? The easiest way to exercise your rights is by contacting us. We will consider and act upon any request in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Want to learn more about what InfraLogic does with any information we collect? Review the Privacy Notice in full below.

WHAT INFORMATION DO WE COLLECT?
HOW DO WE PROCESS YOUR INFORMATION?
WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR PERSONAL INFORMATION?
WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?
WHAT IS OUR STANCE ON THIRD-PARTY WEBSITES?
DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?
IS YOUR INFORMATION TRANSFERRED INTERNATIONALLY?
HOW LONG DO WE KEEP YOUR INFORMATION?
HOW DO WE KEEP YOUR INFORMATION SAFE?
DO WE COLLECT INFORMATION FROM MINORS?
WHAT ARE YOUR PRIVACY RIGHTS?
CONTROLS FOR DO-NOT-TRACK FEATURES
DO WE MAKE UPDATES TO THIS NOTICE?
HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

1. WHAT INFORMATION DO WE COLLECT?

Personal Information You Disclose to Us

We gather personal information that you voluntarily provide when you register on our Services, show interest in our products or Services, participate in activities on the Services, or otherwise contact us.

The personal data we collect depends on the context of your interactions with us and the Services, the choices you make, and the features you use. Usually, we collect the following data, necessary for the Service provision and account registration:

First name, last name, company/organization name, email address, password, payment methods used

However, the personal information we collect may also include:

Identification data: IP address, user ID
Interaction data: history of our email exchanges and support tickers history, time and date of specific actions performed in our service like link created, user created etc
Communication data: Data related to the processing of emails and communications sent to you, such as timestamps and dates

Processing End-User Data on Behalf of Our Clients

We provide the Services to our clients (“Clients”). Such services also may include analytical products such as collecting information about visitors or customers of our Clients (“End-Users”), visiting the Client’s websites / shortened links. Therefore, when the End-Users access the Client’s websites / shortened links, they may be briefly redirected through our domain, where limited personal data of such end-users – namely, (i) IP address, (ii) information about type of device/browser/device’s operational system, and (iii) country of location – is collected. We process this data solely at the direction of our Clients, who act as the “data controllers” under the General Data Protection Regulation (GDPR). As “data processors,” we do not determine the purposes or means of this processing and will use such data only as instructed by our Clients and strictly in accordance with our contractual obligations. If you are the End-User of one of our Clients and wish to exercise your data subject rights (e.g., access, rectification, erasure), or have questions about how your data is processed, please consult the Client’s privacy notice or contact the Client directly.

Information Automatically Collected

We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity but may include device and usage information such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information. This information is primarily needed to maintain the security and operation of our Services and for our internal analytics and reporting purposes.

Like many businesses, we also collect information through cookies and similar technologies. More details can be found in our Cookie Policy: https://slimlink.com/cookie-policy

The information we collect automatically may include:

Log and Usage Data: This is service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Services. This log data may include your IP address, device information, the pages visited on our website, the website from which our website was accessed, subsequent websites accessed via our website, the transmitted amount of data, the access status (file transmission, file not found, etc.), the operating system used, browser type, settings and version, and information about your activity in the Services (such as date/time stamps, pages and files viewed, searches, and other actions).
Device Data: Information about your computer, phone, tablet, or other device used to access the Services. This data may include IP address (or proxy server), device and application identification numbers, location, browser type, hardware model, internet service provider and/or mobile carrier, operating system, and system configuration information.
Location Data: Information about your device’s location, which can be either precise or imprecise, depending on the type and settings of the device used to access the Services. For example, we may use GPS and other technologies to collect geolocation data. You can opt out of allowing us to collect this information by refusing access or disabling your Location setting on your device. However, opting out may restrict your use of certain aspects of the Services.

Temporary storage of data is necessary for website visits to enable delivery of the website. Further storage of log files ensures website functionality and IT system security (especially to prevent DDoS attacks). Unless specified otherwise, your IP address will be shortened as soon as possible so that identification is no longer possible. The legal basis for temporary storage is to provide you with our website to fulfill a contract or process pre-contractual measures. Further storage with a shortened IP address is based on our legitimate interest to protect our IT systems. Personal evaluation of the data, especially for marketing purposes, does not occur without prior consent.

Account Registration Data

You may register a customer account. During registration, you must provide personal data marked as “mandatory field.” This generally includes:

First name, last name, email address, password If registering as a company, we also collect:
Company/organization name

This data is used for customer identification and account administration. The legal basis for data processing is the necessity to process personal data to fulfill a contract or pre-contractual measures. Additionally, you may voluntarily provide further data categories for our legitimate interest of additional verification and quicker communication.

You will choose a User-ID and a password to log into your account. Ensure that no unauthorized person gains access to your login credentials.

Payment Data

We utilize various payment options from third-party payment providers. If you select one of these options, your payment details will be forwarded to the respective payment service provider for processing. These third-party providers manage your personal data as independent controllers according to their privacy policies. This transfer is necessary for fulfilling the contract and is based on our legitimate interest in secure payment processing and fraud prevention. Please note that we do not assume responsibility for any actions taken by the respective payment providers with regard to your personal data.

In particular, we utilize the services of Stripe Technology Europe, Limited (“Stripe”). When arranging payments, Stripe may collect the following details about payees:

Email
Bank card details (card number, expiration date, CVV/CVC, cardholder name)
Country of the payee
VAT ID (if applicable)
Country of company registration (if applicable)
Information about the chosen Services’ tariff (e.g., tariff name, price, subscription duration)

For more information on how Stripe processes your data, please refer to Stripe’s Privacy Policy.

If you have any questions or concerns related to payment data processing, you may also contact us directly using the information found in the “How Can You Contact Us?” section of this Privacy Notice.

Sensitive Information

We do not process sensitive information.

Geolocation Information

We may request access or permission to track location-based information from your mobile device, either continuously or while you are using our mobile application(s), to provide specific location-based services. You can change our access or permissions in your device’s settings.

All personal information that you provide to us must be truthful, complete, and accurate, and you must notify us of any changes to such personal information.

2. HOW DO WE PROCESS YOUR INFORMATION?

We handle your data to provide, enhance, and manage our Services, communicate with you, ensure security and fraud prevention, and comply with legal requirements. We may also use your information for other purposes with your consent

We process your personal data for various reasons, based on how you interact with our Services, including:

Account Creation and Management: We may use your information to help you create and log in to your account, and to maintain your account's functionality.
Service Delivery: We may use your information to provide the services you have requested.
Customer Support: We may use your information to respond to your inquiries and resolve any issues related to the services you have requested.
Administrative Communications: We may use your information to send you important information about our products, services, changes to our terms and policies, and other similar notifications.
Order Fulfillment: We may use your information to process and manage your orders, payments, returns, and exchanges made through our Services.
User-to-User Communications: We may use your information if you use any features that allow communication with other users.
Feedback Requests: We may use your information to request feedback and to contact you about your experience with our Services.
Marketing Communications: We may use your personal information to send you marketing and promotional messages, according to your marketing preferences. You can opt out of our marketing emails at any time. For more information, see “WHAT ARE YOUR PRIVACY RIGHTS?” below.
Targeted Advertising: We may use your information to create and display personalized content and ads tailored to your interests and location. For more information, see our Cookie Policy: https://slimlink.com/cookie-policy
Service Protection: We may use your information to ensure the security of our Services, including monitoring for fraud.
Usage Analysis: We may use information about how you use our Services to better understand usage patterns and improve our offerings.
Marketing Effectiveness: We may use your information to assess the success of our marketing and promotional efforts and make them more relevant to you.
Vital Interests: We may process your information when necessary to protect an individual’s vital interests, such as preventing harm.

3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR PERSONAL INFORMATION?

We adhere to the requirements and stipulations set forth by GDPR. We process your personal data only when necessary and when we have a valid legal reason (i.e., legal basis) to do so.

GDPR requires us to explain the valid legal bases we rely on to process your personal data. These legal bases include:

Consent: We may process your data if you have given us permission (i.e., consent) to use your personal information for a specific purpose. You can withdraw your consent at any time.
Performance of a Contract: We may process your data when necessary to fulfill our contractual obligations to you, including providing our services or acting on your requests before entering into a contract.
Legitimate Interests: We may process your data when it is reasonably necessary to achieve our legitimate business interests, and these interests do not override your rights and freedoms. For example, we might process your personal information to:
- Send you information about special offers and discounts on our products and services
- Develop and display personalized and relevant advertising content for our users
- Analyze how our services are used to improve them and enhance user engagement
- Support our marketing activities
- Diagnose problems and prevent fraudulent activities
- Understand how users interact with our products and services to improve user experience
Legal Obligations: We may process your data when necessary to comply with our legal obligations, such as cooperating with law enforcement or regulatory agencies, exercising or defending our legal rights, or providing your information as evidence in legal proceedings.
Vital Interests: We may process your data when necessary to protect your vital interests or those of a third party, such as in situations involving potential threats to the safety of any person.

In legal terms, we are generally the “data controller” under European data protection laws for the personal information described in this Privacy Notice, as we determine the means and purposes of the data processing we perform. This Privacy Notice does not apply to the personal data we process as a “data processor” on behalf of our customers. In those cases, the customer to whom we provide services and with whom we have entered into a data processing agreement is the “data controller” responsible for your personal information, and we merely process your data on their behalf according to their instructions. To understand more about our customers’ privacy practices, you should read their privacy policies and direct any questions to them.

If you are located in Canada, this section applies to you (in addition to the preceding section):

We may process your personal information if you have provided explicit consent for a specific purpose, or where your consent can be reasonably inferred. You may withdraw your consent at any time.

In certain exceptional circumstances, we may legally process your information without your consent under applicable laws, including but not limited to:

Individual's Best Interests: If collecting the information is clearly in the best interests of an individual and consent cannot be obtained in a timely manner.
Investigations and Fraud Prevention: For the purposes of investigations and detecting or preventing fraud.
Business Transactions: In the context of business transactions, provided certain conditions are met.
Witness Statements: If the information is in a witness statement and is necessary to assess, process, or settle an insurance claim.
Identifying Persons: For identifying injured, ill, or deceased individuals and communicating with their next of kin.
Financial Abuse: If we have reasonable grounds to believe an individual has been, is, or may be a victim of financial abuse.
Investigations and Legal Compliance: If obtaining consent would compromise the availability or accuracy of the information and the collection is reasonable for investigating a breach of an agreement or a violation of Canadian or provincial laws.
Legal Obligations: If disclosure is required to comply with a subpoena, warrant, court order, or rules of the court concerning the production of records.
Employment, Business, or Professional Context: If the information was produced by an individual during their employment, business, or profession, and the collection is consistent with the purposes for which the information was produced.
Journalistic, Artistic, or Literary Purposes: If the collection is solely for journalistic, artistic, or literary purposes.
Publicly Available Information: If the information is publicly available and specified by regulations.

4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

Sharing Your Personal Data

Sharing Your Personal Data We may share the personal data we collect with your consent as well as under the following conditions:

Within Our Company: We may share data with any department or authorized personnel within our Company or any member company within our group, which includes any subsidiary or holding company as defined by laws of Hungary.
With Business Partners, Suppliers, and Sub-contractors: We may share data with business partners, suppliers, and sub-contractors to perform any contract we enter into with them or with you in relation to the Services.
With Service Providers: We may share data with service providers who perform data services on our behalf or assist us in improving and optimizing our website.
Business Transactions: We may share data with any person or entity as part of a business or asset sale, equity transaction, merger, acquisition, or in preparation for any such events.
Legal Obligations: We may disclose your personal data to comply with any law, legal obligation, or court order, or to enforce rights under any law or other agreements.
Protection of Rights: We may share data to protect our rights, property, or safety, as well as the rights, property, or safety of our customers or others.

5. WHAT IS OUR STANCE ON THIRD-PARTY WEBSITES?

We are not accountable for the security of any information you share with third parties that we link to or who advertise on our Services but are not affiliated with us.

Our Services, including any offer walls, may contain links to third-party websites, online services, or mobile applications and/or include advertisements from third parties not affiliated with us. These third-party links and advertisements may direct you to other websites, services, or applications. We make no guarantees regarding these third parties, and we will not be responsible for any loss or damage resulting from your use of these third-party websites, services, or applications.

The presence of a link to a third-party website, service, or application does not imply our endorsement. We cannot ensure the safety and privacy of data you provide to any third parties. Information collected by third parties is not covered by this Privacy Notice. We are not responsible for the content, privacy, or security practices and policies of any third parties, including other websites, services, or applications that may be linked to or from our Services.

You should review the privacy policies of such third parties and contact them directly if you have any questions or concerns.

6. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

We may use cookies and other tracking technologies to gather and store your information.

We employ cookies and similar tracking technologies (such as web beacons and pixels) to access or store information. Detailed information about our use of these technologies and how you can opt out of certain cookies is provided in our Cookie Policy: https://slimlink.com/cookie-policy.

7. IS YOUR INFORMATION TRANSFERRED INTERNATIONALLY?

We operate globally and may transfer information for the purposes outlined in this Privacy notice to our trusted partners and service providers who have servers outside the European Economic Area (EEA), including in the United States. The privacy and data protection laws in the United States may differ from, and potentially be less protective than, those in your country. Your personal data may be subject to access requests from government authorities, courts, or law enforcement in the United States according to US laws.

For any transfers of personal data from the EEA, Switzerland, or the United Kingdom to other entities as described in this Privacy notice, we implement appropriate safeguards to ensure the lawful processing and transfer of the personal data. These safeguards may include the use of standard contractual clauses approved by the European Commission. We will take all necessary measures to protect your personal information in accordance with this Privacy Notice and applicable law.

8. HOW LONG DO WE KEEP YOUR INFORMATION?

We retain your information for as long as necessary to achieve the purposes outlined in this Privacy Notice, unless a longer period is required by law.

We will keep your personal information only for the duration needed to fulfill the purposes described in this Privacy Notice, unless a longer retention period is mandated or allowed by law (e.g., for tax, accounting, or other legal obligations).

Once we no longer have a legitimate business need to process your personal information, we will delete or anonymize it.

9. HOW DO WE KEEP YOUR INFORMATION SAFE?

We strive to protect your personal information using a combination of organizational and technical security measures.

We have put in place appropriate and reasonable technical and organizational safeguards designed to protect the security of any personal data we process. However, despite our efforts to secure your information, no method of electronic transmission over the Internet or method of information storage can be guaranteed to be 100% secure. Thus, we cannot guarantee that hackers, cybercriminals, or other unauthorized parties will not be able to breach our security and improperly access, steal, or alter your information. While we will make every effort to safeguard your personal data, transmitting personal information to and from our Services is at your own risk. You should access the Services only within a secure environment.

10. DO WE COLLECT INFORMATION FROM MINORS?

We do not intentionally collect data from or target our marketing to children under the age of 18.

We do not knowingly seek or market to children under 18 years old. By using the Services, you affirm that you are at least 18 years old or that you are the parent or guardian of a minor and consent to their use of the Services. If we discover that we have collected personal information from users under the age of 18, we will deactivate the account and take reasonable steps to promptly delete the data from our records. If you become aware of any data, we may have gathered from children under 18, please contact us at [email protected].

11. WHAT ARE YOUR PRIVACY RIGHTS?

You have certain legal rights concerning your personal data and how it is processed. Here are the legal grounds we rely on to handle your personal data and an overview of your privacy rights.

Legal Grounds for Processing Your Personal Data The basis for collecting and using your personal data depends on the specific context and the type of data involved.

Consent: We process your personal data based on your consent, such as when you create an account or request specific marketing communications. You can withdraw your consent at any time without affecting the lawfulness of the processing before its withdrawal.
Legitimate Interests: We process your data when it is necessary for our legitimate interests, provided that your rights do not override these interests. For instance, this includes fraud prevention, enhancing security, direct marketing, expanding our business, and improving our services and website functionality.
Performance of a Contract: We handle your personal data to fulfill contractual obligations to you.
Legal Obligations: We process your data to comply with legal requirements, such as producing audited accounts or responding to legal processes.
Legal Claims: If you initiate a claim against us or we initiate a claim against you, we may process your data to handle that claim.

If you have questions or need more details about the legal basis for processing your data, please contact us using the “How Can You Contact Us” section below.

Your Rights

Access Your Data: You have the right to know whether we are processing your personal data and, if so, to access the information detailed in this Privacy notice. You can also request a copy of your data. Submit requests at [email protected]. We may need to verify your identity and might ask for additional details to locate your data.
Restrict Processing: You can request that we limit the processing of your data in specific situations, such as if you contest its accuracy, if the processing is unlawful but you oppose deletion, if we no longer need the data but you require it for legal claims, or if you object to the processing pending verification of our legitimate grounds.
Correct Your Data: You have the right to request corrections to any inaccurate data and to complete any incomplete data.
Delete Your Data: You can request deletion of your personal data if it is no longer needed for the purposes it was collected, if we lack a legal basis for using it, if we are obligated by law to delete it, if you withdraw consent, or if you object to processing based on our legitimate interests and there are no overriding reasons for processing. Note that this right is not absolute, and we may need to retain some information for legal obligations or administrative purposes, such as record-keeping or detecting fraud. Data will be retained as outlined in the “How Long We Keep Your Personal Data” section above.
Object to Processing: You can object to the processing of your data when it is based on our legitimate interests or your consent.
Data Portability: You can request a copy of your data in a structured, commonly used, machine-readable format and ask us to transfer it to another data controller. This right applies to data processed based on your consent or for performing a contract with you.
Posthumous Data Management: You have the right to determine the status of your data after your passing. This includes specifying whether your data should be deleted, retained, or transferred to a designated individual.

You have the right, at any time, to revoke your consent to the processing of your data when this has your consent as its legal basis.

To exercise any of these rights, please contact us as described in the “How Can You Contact Us” section below.

Filing a Complaint If you have concerns about how we process your personal data, contact us, and we will try to resolve your issues. If you feel we do not meet your expectations, you can also file a complaint with your local supervisory authority:

EU Data Protection Authorities (DPAs): You can find their contact details here: https://edpb.europa.eu/about-edpb/about-edpb/members_en
Hungarian National Authority for Data Protection and Freedom of Information: You can find their contact details here: https://www.naih.hu/about-the-authority
Swiss Federal Data Protection and Information Commissioner (FDPIC): You can find their contact details here: https://www.edoeb.admin.ch/edoeb/en/home.html
Information Commissioner’s Office (United Kingdom): You can find their contact details here: https://ico.org.uk/make-a-complaint

CONTROLS FOR DO-NOT-TRACK FEATURES

Many web browsers and some mobile operating systems and applications offer a Do-Not-Track ("DNT") feature or setting you can activate to indicate that you do not want your online browsing activities monitored and collected. Currently, there is no universally accepted standard for recognizing and implementing DNT signals. Therefore, we do not respond to DNT browser signals or any other mechanism that automatically communicates your preference not to be tracked online. If a uniform standard for online tracking is established and we are required to comply, we will update you about that practice in a revised version of this Privacy Notice.

DO WE MAKE UPDATES TO THIS NOTICE?

We may periodically update this Privacy Notice. The new version will be identified by a "Revised" date and will become effective as soon as it is posted. If we make significant changes to this Privacy Notice, we may notify you by prominently posting a notice of the changes or by sending you a direct notification. We recommend that you review this Privacy Notice regularly to stay informed about how we are safeguarding your information.

HOW CAN YOU CONTACT US?

If you have questions or comments about this Privacy Notice or you wish to file a complaint/request, you may contact us by email at [email protected], or by post to:

InfraLogic Solutions Korlátolt Felelősségű Társaság

Garay Street 44, ground floor, door 1

1076 Budapest

Hungary

For any issues concerning this Privacy Notice or your personal data, you also may contact our Data Protection Officer, OPINIQ LTD, by email at [email protected], or by post to:

OPINIQ LTD

Krinou 3, THE OVAL BUSINESS CENTRE, 4th Floor, Office 401B,

Agios Athanasios, 4103 Limassol, Cyprus