Privacy Policy

Effective date: 17 Mar 2026

Deratix s. r. o. ("we") cares about your privacy. This policy explains how we process data of deratix.sk visitors and Deratix application users.

Controller

Deratix s. r. o.
Štúrova 1359/12, 900 28 Ivanka pri Dunaji, Slovak Republic
Company ID: 57512833
Contact: support@deratix.com

1. What data do we collect?

Registration data: Company name, business ID, contact person, email, phone (legal basis: performance of contract).

Technical data: IP address, browser type, login logs (legal basis: legitimate interest).

Application data: Data you enter into the app (your clients, protocols) – we process as a processor on your behalf.

Contact form and demo request: Name, email, company (optional), message, language.

Newsletter: Email, language (double opt-in, legal basis: consent).

2. Where is data stored?

Your data is safe within the European Union.

• Primary servers: Germany (Hetzner Online GmbH, Falkenstein/Nuremberg).
• Backup servers: Germany (Frankfurt region), managed by S.C. SFTPCLOUD S.R.L. (AES-256 encrypted backups).

We do not transfer your data to third countries without appropriate safeguards.

3. Cookies

We use only cookies essential for the application:

• wordpress_logged_in_* – user session identification,
• wp-settings-* – user interface preferences.

Analytics cookies (Matomo, self-hosted on our EU server) are used only with your explicit consent via the cookie banner.

See Cookie Policy for details.

4. Purposes and legal bases

• Responding to inquiries: legitimate interest.
• Demo request: contractual necessity.
• Newsletter: consent.
• Website analytics (Matomo): consent.
• Website security: legitimate interest.

5. SaaS service data processing

When you register for Deratix, we additionally process:

• Registration data: name, email, password hash, company name, subdomain, language.
• Purpose: account management (Art. 6(1)(b) GDPR).
• Hosting: EU servers (Hetzner, Germany). No transfers outside EEA.
• Retention: duration of contract + 30 days for export.
• Export and deletion: support@deratix.com.

6. Recipients / processors

Website: Emailit, Acumbamail, Matomo (self-hosted), Google Fonts.

SaaS sub-processors:

• Hetzner Online GmbH (Germany) – hosting and database servers.
• S.C. SFTPCLOUD S.R.L. (Romania) – encrypted backups in Germany (Frankfurt).
• MechanicWeb, LLC (USA) – infrastructure management, access to German servers.
• cPanel/Softaculous – server management.
• Emailit – transactional emails from the application.

Full list in our Data Processing Agreement (DPA).

7. International transfers

Hosting is in the EU. MechanicWeb (US) is covered by Standard Contractual Clauses (Art. 46(2)(c) GDPR).

8. Retention

• Contact inquiries: typically 12 months.
• Newsletter: until unsubscribed.
• Server logs: typically 6 months.
• SaaS data: duration of contract + 30 days.

9. Your rights

Access, rectification, erasure, restriction, portability, objection, consent withdrawal. Complaints: Slovak data protection authority.

10. Contact

support@deratix.com