GDPR Compliance

General Data Protection Regulation Information

1. Our Commitment to GDPR

Kartička is committed to protecting your personal data and respecting your privacy rights under the General Data Protection Regulation (GDPR). This page explains how we comply with GDPR requirements and what rights you have regarding your personal data.

The GDPR applies to all individuals in the European Union (EU) and European Economic Area (EEA), regardless of where the data processing takes place.

2. Data Controller

Company: Cask Coded s. r. o.

Address: Sokolovska 178/10, Kosice - mestska cast Zapad, 040 11, Slovakia

Email: studio@caskcoded.com

DPO Email: dpo@caskcoded.com

3. Legal Basis for Processing

We process your personal data based on the following legal grounds:

Consent (Article 6(1)(a))

For optional features like cloud sync and camera access, we rely on your explicit consent. You can withdraw consent at any time.

Contract Performance (Article 6(1)(b))

To provide our loyalty card management service as requested by you, including card storage and barcode display functionality.

Legitimate Interests (Article 6(1)(f))

For service improvement and security, balanced against your privacy rights. We minimize data processing to what is strictly necessary.

4. Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

Right of Access

Request a copy of your personal data we hold

Right to Rectification

Correct inaccurate or incomplete data

Right to Erasure

Request deletion of your personal data

Right to Restrict Processing

Limit how we use your data

Right to Data Portability

Receive your data in a structured format

Right to Object

Object to certain types of processing

5. Data Processing Activities

Personal Data We Process

  • Card Data: Barcode numbers, card names, store names (stored locally on device only)
  • Preferences: App settings, display preferences, categories (stored locally)
  • Subscription Status: Premium subscription status (if applicable, via Apple)

Processing Purposes

  • Providing the loyalty card management service
  • Displaying barcodes for checkout scanning
  • Syncing data across devices (Premium, with consent)
  • Processing subscription payments (via Apple)

Minimal Data Processing: Kartička is designed to minimize data processing. The vast majority of your data never leaves your device. We do not operate servers that store your card data.

6. Data Transfers and Storage

  • Card data is stored locally on your device and never transferred to our servers
  • If iCloud sync is enabled, data is transferred to Apple's iCloud servers under Apple's privacy policies
  • Subscription data is processed by Apple through the App Store
  • We do not independently transfer personal data outside the EU/EEA

7. Data Retention

  • Card Data: Retained on your device until you delete it or uninstall the app
  • iCloud Data: Retained in your iCloud until you delete it or disable sync
  • Subscription Data: Managed by Apple; retained per Apple's policies
  • Support Communications: Retained for up to 2 years for service improvement

8. Exercising Your Rights

To exercise any of your GDPR rights, please contact us using the information below. We will respond within 30 days of receiving your request.

You have the right to lodge a complaint with your local data protection authority if you believe we have not handled your data appropriately.

9. Data Protection Officer

For questions about data protection and GDPR compliance, you can contact our Data Protection Officer:

Data Protection Officer

Email: dpo@caskcoded.com

Subject: GDPR Inquiry - Kartička

10. Updates to GDPR Compliance

We regularly review and update our GDPR compliance measures. Any material changes will be communicated through our Privacy Policy and this page. The last update date is shown at the top of this page.

11. Contact for GDPR Requests

For any GDPR-related requests or questions, please contact us:

GDPR Requests

Email: gdpr@caskcoded.com

Subject: GDPR Request - [Type of Request]

Website: https://caskcoded.com