Terms & Conditions & Privacy Policy

1. Introductory provisions

These Terms and Conditions govern the use of cloud-based economic software (hereinafter referred to as the "Service") provided by the Operator. The service is provided in SaaS (Software as a Service) mode via the Internet. By using the Service, the User confirms that he/she has read and agrees to these terms and conditions.

2. Definitions of terms

Operator– the entity providing the Service.
User– the natural or legal person who uses the Service.
Account– the User's access to the Service.
Module– the functional part of the Service (e.g. invoicing, warehouse, accounting, CRM).
User data– all data entered by the User into the Service.
Paid extensions– additional functions beyond the basic functionality.
Basic functionality– free features available in all modules.

3. Nature and scope of the Service provided

The service is a cloud-based economic system available online. The operator provides operation, updates, security measures, infrastructure maintenance and technical support. The operator does not guarantee continuous availability, but makes every effort to ensure stable and safe operation.

4. Registration and access

The user is obliged to provide true and up-to-date data. The User is responsible for the protection of login data. The Operator may refuse registration or cancel the account in violation of these Terms or the law.

5. Basic Functionality – Free Version

The basic functionality of all modules of the Service is provided free of charge and without time limit.

The free version includes, in particular:

• basic accounting and economic functions,
• issuing invoices and registering documents,
• basic warehouse operations,
• Partner records and simple reports,
• access to the user account and basic data storage,
• standard technical support.

The Operator reserves the right to modify the scope of free functions, while informing the User in an appropriate manner about substantial changes.

6. Paid Extensions and Add-on Services

Paid extensions are optional and are activated only with the explicit consent of the User. Paid extensions include, in particular:

• AI integrations (OCR, automatic billing, predictive analytics, recommendations),
• advanced warehouse management, payroll, CRM, analytical modules,
• automation and bulk operations;
• Extended data storage and higher limits
• Priority technical support
• API accesses and third-party integrations.

The prices are listed in the current price list available in the Service. The price change does not apply to the already subscribed period.

7. Invoicing and payment terms

Invoicing is done electronically. The User is obliged to make payments within the specified period. In the event of a delay, the Operator may limit or suspend access to paid features, while the free version remains available. Long-term non-payment may lead to the deactivation of paid services.

8. Obligations of the User

• use the Service in accordance with the law;
• not to misuse the Service for illegal or unethical purposes;
• not to interfere with the technical infrastructure of the Service,
• Protect your login details
• ensure that its staff comply with these conditions.

9. Liability of the Operator

The Operator shall not be liable for damages caused by improper use of the Service, internet outages, incorrect data entered by the User or force majeure events. The Operator is responsible for the secure storage of data, protection against unauthorized access and proper provision of the Service under these Terms.

10. Service Availability (SLA)

The Operator strives to ensure the availability of the Service at the level of 99% in a calendar year, not counting planned outages, maintenance, outages of third parties and force majeure events. Planned outages are announced in advance. The operator ensures operation monitoring, performance scaling, regular updates and data backup.

11. Maintenance, Updates and Changes to the Service

The Operator may perform updates that may change the appearance or functionality of the Service. Updates may include new features, bug fixes, security enhancements, and performance optimizations. The Operator reserves the right to change the scope of functions, while maintaining the basic functionality.

12. Intellectual Property Rights

The Service, its source code, design, database structure and documentation are protected by copyright. The User may not copy the Service, reverse engineer, circumvent licensing mechanisms or use the Service in a way that is detrimental to the Operator.

13. Usage limits and quotas

The free version may contain technical limits, such as limits on storage, number of documents, number of users, API requests, or size of attachments. The limits are listed in the price list or in the user interface. Paid extensions can increase or remove limits. The Operator may introduce protective limits to prevent misuse of the Service.

14. API – Terms of Use of the Application Interface

The Operator may provide an API interface for integration with third-party systems. The API can be available in free mode with limited quotas or in paid mode with higher limits. The User may not abuse the API, bypass authentication or compromise the stability of the Service. The operator can change API endpoints, introduce new versions, and end support for older versions reasonably in advance.

15. API Versions and API Lifecycle

The API can be provided in several versions (e.g. v1, v2, v3). Each version has a defined life cycle: Active, Maintenance, Deprecated, End-of-life (EOL). End of support for a version is announced at least 90 days in advance. The user is required to adapt their integrations to the new API version. The Operator is not responsible for damages caused by the use of outdated API versions.

16. AI Integrations and Automated Processing

The service may include features powered by artificial intelligence (AI), such as document recognition, automatic billing, expense categorization, predictive analytics, and recommendations. AI features are provided "as is" and may contain errors or inaccuracies. The user is obliged to control the results of the AI and not to use them without human control in decisions with legal or financial consequences. The Operator is not responsible for damages caused by improper use of AI or erroneous inputs of the User.

17. Responsibility for data and its accuracy

The User is solely responsible for the correctness, completeness and timeliness of the data entered into the Service, for compliance with accounting and tax regulations and for the correct setting of accounting parameters. The Operator is not responsible for incorrect accounting procedures, erroneous data or damages caused by improper export or import of data. The operator is responsible for the secure storage of data and its availability according to the SLA.

18. Operational logs

The Operator collects operational logs for the purpose of securing the Service, diagnosing problems, protecting against unauthorized access and fulfilling legal obligations. Logs can include IP address, time and type of request, URL endpoint, user ID, technical errors, and device information. The logs are stored in encrypted form and only authorized persons have access to them.

19. Audit trail (records of user activities)

The Service may record audit records of the Users' activities, in particular the creation, modification and deletion of documents, changes in settings, logins, changes in authorisations and data exports/imports. The audit trail is used for transparency, tracing changes, protection against misuse and compliance with legal obligations. Audit records are non-modifiable and are kept according to the statutory deadlines.

20. Data Rights and Data Ownership

The User is the sole owner of all data that he enters into the Service. The Operator does not have the right to use the User's data for marketing or to provide it to third parties without the User's explicit consent, except in cases of compliance with legal obligations. The Operator may use the data only for the provision of the Service, technical support, ensuring operation and fulfilling legal obligations. The user has the right to export, transfer and delete their data in accordance with the law.

21. Third-Party Integrations

The service may allow interconnection with external systems (banking API, e-commerce, CRM, accounting systems, state registers). The Operator is not responsible for the availability of external services, the correctness of data obtained from external APIs or for damages caused by outages of third parties. The User is obliged to comply with the terms and conditions of these third parties.

22. Liability for damages

The operator is only liable for damage caused intentionally or by gross negligence. The Operator shall not be liable for lost profits, consequential damages, loss of data caused by the User or damages caused by third parties. The maximum amount of damages is limited to the amount of the User's annual subscription.

23. Termination of Use of the Service

The User may terminate the use of the Service at any time. Before terminating, it can request the export of its data. After termination, the data is stored according to legal deadlines and then securely deleted. The Operator may limit or terminate the Service in the event of a serious breach of these Terms and Conditions.

24. Changes to the Terms and Conditions

The Operator may update these Terms and Conditions. The User will be informed of the changes in an appropriate manner (e.g. by e-mail or notification in the Service). By continuing to use the Service after the change in the terms and conditions, the User agrees to their new wording.

25. Final provisions

These terms and conditions are governed by the laws of the Slovak Republic. Disputes are preferably resolved amicably, otherwise before the competent court according to the registered office of the Operator.

The Service uses cookies and similar technologies to ensure proper functioning, increase security and improve user experience. Cookies are small text files stored on the User's device.

Types of cookies used

• Technical and necessary cookies– ensure the basic functioning of the Service (login, navigation, session security).
• Security cookies– help protect the Service from abuse and attacks.
• Preference cookies– store the User's settings (language, display, preferences).
• Analytical cookies– are used for anonymous statistics on the use of the Service and performance optimization.

Managing cookies

The user can adjust the cookie settings in their web browser. Blocking some types of cookies may lead to a limitation of the functionality of the Service (e.g. the inability to log in or maintain a session).

1. Identification of the operator

The controller of personal data is an entity providing cloud economic software (hereinafter referred to as the "Controller"). The Controller is responsible for the processing of personal data in accordance with the GDPR Regulation (EU 2016/679) and the Personal Data Protection Act of the Slovak Republic.

2. Identification of the intermediary

In cases where the User processes the personal data of its clients through the Service, the Operator acts asIntermediarypursuant to Article 28 of the GDPR and processes the data on behalf of the User.

3. Legal bases for processing

• performance of the contract between the Operator and the User,
• compliance with legal obligations (accounting and tax regulations),
• legitimate interest of the Operator (security, operation, development of the Service),
• in some cases, the User's consent (e.g. marketing).

4. Purposes of personal data processing

• provision and operation of the cloud-based economic Service,
• keeping accounting and economic records,
• Manage user accounts
• communication with the customer,
• system security and protection against misuse,
• analysis and optimization of the Service,
• compliance with legal obligations.

5. Categories of personal data processed

• identification data (name, surname, company name),
• contact details (e-mail, telephone, address),
• login data (login, password hash, tokens),
• accounting and economic data entered by the User,
• technical data (IP address, device, logs),
• data on the use of the Service (activity, modules, settings).

6. Categories of data subjects

• Users of the Service,
• the User's clients,
• the User's employees,
• the User's business partners.

7. Rights of data subjects

The data subject has the right to:

• access to your personal data;
• rectification of inaccurate or incomplete data;
• erasure of data ('right to be forgotten');
• restriction of processing;
• data portability;
• objection to processing,
• filing a complaint with the Office for Personal Data Protection.

8. Obligations of the Controller

• process data only to the extent necessary for the purposes of the Service,
• ensure appropriate technical and organisational measures;
• ensure the confidentiality of persons with access to the data;
• to provide cooperation to the User in fulfilling the GDPR obligations,
• inform the User of a data breach.

9. Obligations of the processor (Operator towards the User)

• process data only according to the User's instructions,
• not to transfer data to third parties without the User's consent, except for legal obligations,
• allow for an audit or control of safety to an appropriate extent;
• assist the User in handling requests from data subjects.

10. Safety Precautions

• encryption of data at rest (e.g. AES-256) and in transit (TLS 1.2+),
• Department of databases and data repositories,
• Regular backup and recovery testing.
• monitoring and detection of incidents,
• access policies based on minimum privileges;
• physical security of data centers.

11. Sub-processors

The Controller may use subcontractors for data processing, in particular cloud providers (Azure, AWS), email and notification services and technical partners. Subcontractors are bound by the same data protection obligations as the Controller.

12. Transfer to third countries

Data transfers outside the EU only take place for providers that provide adequate data protection guarantees (standard contractual clauses, adequacy decision, certifications).

13. Data retention

Personal data is stored for the duration of the contractual relationship and subsequently according to statutory deadlines (e.g. accounting and tax regulations). After the expiry of the time limits, the data is anonymised or securely deleted.

14. Termination of processing and deletion of data

After the termination of the use of the Service, the User may request the export of data. After the agreed period, the data is irretrievably deleted, unless further storage is required by law.

15. Data Protection Officer (DPO)

If the Operator designates a Data Protection Officer, his/her contact details will be specified in the Service or in the contractual documentation.

16. Incidents and data breaches

In the event of an incident or breach of personal data protection, the Operator shall immediately take measures to minimise the risks and, in the cases stipulated by the GDPR, shall inform the competent supervisory authority and the User.

17. Records of processing activities

The Controller shall keep records of the processing activities pursuant to Article 30 of the GDPR.

18. Final provisions

This Privacy Policy may be updated. The User will be informed of the changes in an appropriate manner. By continuing to use the Service, the User agrees to their new wording.

In order to provide the Service, diagnose problems and prevent incidents, the Operator performs logging and monitoring of the operation of the system.

Scope of logged data

• access logs (IP address, time, URL, type of request),
• Authentication events (login, logout, failed attempts)
• System errors, exceptions and technical events;
• audit trails when working with sensitive or critical data.

Purpose of logging

• ensuring the integrity and availability of the Service;
• protection against unauthorized access and attacks,
• analysis of incidents and technical problems,
• compliance with legal obligations in the field of security and auditing.

The logs are stored for a period of time appropriate to the purpose of their processing and in accordance with legal regulations. Only authorized persons bound by confidentiality have access to them.

The Service is operated in a secure cloud environment, which may include the infrastructure of providers such as Microsoft Azure, Amazon Web Services (AWS) or the Operator's own data centers.

Safety precautions

• encryption of data at rest and in transit,
• regular backups and data recovery testing,
• geographical redundancy and high availability,
• access policies based on the principle of minimum privileges;
• monitoring and detection of security incidents.

Data retention and deletion

The User's data is stored for the duration of the contractual relationship and subsequently for the period required by law (e.g. accounting and tax deadlines). After these deadlines, the data is securely anonymised or deleted. Before terminating the use of the Service, the User has the option to request the export of their data in the agreed format.

Transfer to third countries

If data is transferred outside the European Economic Area, this only happens when using providers that provide adequate data protection safeguards (standard contractual clauses, certifications, adequacy decisions).