Privacy Policy

Last updated: 11 May 2026

This policy explains what personal data Awantech s.r.o. collects through awantech.sk, why we collect it, how we use it, and what rights you have over it. We process personal data in line with the EU General Data Protection Regulation (GDPR) and the Slovak Act No. 18/2018 on Personal Data Protection.

1. Who we are

The data controller is Awantech s.r.o., a company registered in Slovakia.

Registration No.: 56152876
TAX ID: 2122219308
VAT ID: SK2122219308
Contact: contact@awantech.sk

We have not appointed a Data Protection Officer because we are not required to under Article 37 GDPR. Privacy questions go to the contact address above.

2. What we collect and why

We only collect data that is necessary for a specific purpose. The categories below cover everything we process through awantech.sk.

a) When you visit the site

Our server records standard request logs: IP address, user agent, requested URL, referrer, and timestamp. This is used to operate the site, detect abuse, and investigate security incidents.

Legal basis: legitimate interest (Art. 6(1)(f) GDPR) to run a secure website.

b) When you submit the contact form

We process the name, email address, optional company name, selected service category, and the content of the message you send us. We use it only to reply to your inquiry and, if relevant, to enter into a contract with you.

Legal basis: steps taken at your request prior to entering into a contract (Art. 6(1)(b) GDPR), and our legitimate interest in responding to business inquiries (Art. 6(1)(f) GDPR).

c) When you use the document verifier

The /verify page hashes your PDF in your browser and only sends the SHA-256 hash to our server; the file itself never leaves your device. Alongside each verification request we log the hash, your IP address, and your user agent for abuse monitoring.

Legal basis: legitimate interest (Art. 6(1)(f) GDPR) to prevent automated abuse of the verifier.

d) When you create an account or log in

Authentication is handled by Hanko, running on our own infrastructure. We store your email address, the public key of your passkey (we never see or store passwords), session identifiers, and an internal role (user or admin). No third-party identity provider receives your login data.

Legal basis: performance of a contract (Art. 6(1)(b) GDPR), as we cannot give you access to the member area without an account.

e) When you use member tools that involve AI

Some tools available to logged-in users send content you submit to Anthropic's Claude API to generate a response (for example, AI-assisted features inside the member area). Inputs are sent only when you actively use such a tool. We do not send your contact form messages, your verifier hashes, or your account details to any AI provider.

Legal basis: performance of a contract (Art. 6(1)(b) GDPR) for the requested feature, or your consent (Art. 6(1)(a) GDPR) where we ask for it.

3. How long we keep it

Server and verifier logs: up to 90 days, then automatically rotated.
Contact form submissions: up to 3 years from your last interaction with us, so we can follow up on prospective engagements; deleted earlier on request.
Account data: for as long as your account exists. When you delete your account, we remove your authentication records; any business records we are legally required to keep (e.g. invoicing) are retained for the period set by Slovak law.
AI tool inputs and outputs: kept only as long as the feature requires (typically for the duration of your session or the lifetime of the artefact you generated).

4. Who processes data on our behalf

We keep the list of processors short and self-host wherever practical. The processors below may handle data on our behalf:

Our hosting provider operates the physical servers in the EU on which awantech.sk, our database, and our authentication service run.
Our email provider delivers transactional email such as the notification we receive when you submit the contact form.
Anthropic, PBC (Claude API) processes input you submit through AI-assisted features in the member area. Data is transferred to the United States under the EU-US Data Privacy Framework and/or Standard Contractual Clauses, as published in Anthropic's Data Processing Addendum.

We do not sell personal data and we do not share it with third parties for advertising. We may disclose data if required by law or to protect our legal rights.

5. Cookies and local storage

awantech.sk does not use analytics, advertising, or tracking cookies. The only browser storage we set is strictly necessary:

A session cookie from Hanko after you log in, so we can keep you authenticated. It is removed when you log out.
Standard browser storage used by the framework to make the site work (e.g. preserving form state during a single session).

Strictly necessary cookies do not require consent under Slovak law and the ePrivacy directive.

6. Your rights

Under GDPR, you have the right to:

access the personal data we hold about you;
have inaccurate data corrected;
have your data erased (where legal obligations do not require us to keep it);
restrict or object to specific processing;
receive your data in a portable, machine-readable format;
withdraw any consent you have given, without affecting the lawfulness of processing carried out before the withdrawal.

To exercise any of these rights, email contact@awantech.sk. We will respond within one month.

7. Complaints

If you believe we are processing your data unlawfully, you can lodge a complaint with the Slovak data protection authority:

Úrad na ochranu osobných údajov Slovenskej republiky
Hraničná 12, 820 07 Bratislava 27, Slovakia
dataprotection.gov.sk

8. Changes to this policy

We may update this policy when our practices change. The "Last updated" date at the top reflects the most recent revision. Material changes will be communicated to logged-in users inside the member area before they take effect.

Questions about this policy? Write to contact@awantech.sk.