PRIVACY POLICY

AI Vision s. r. o.

Please read this Privacy Policy ("Policy") carefully, as it describes how we collect personal information and data about individuals ("Personal data"), how we retain, process and use Personal data, and how we comply with your privacy rights.

I. INTRODUCTION

Protecting your Personal data is extremely important to us. For this reason, we process your Personal data in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) ("GDPR"), as well as Act No. 18/2018 Coll. on the Protection of Personal Data and on Amendments and Additions to Certain Acts, as amended, and other applicable data protection legislation ("Legislation"). For the purposes of this Policy, the terms "we" and "us" shall refer to the Controller as defined below.

II. INFORMATION ABOUT THE CONTROLLER

AI Vision s. r. o., with its registered seat at Karpatské námestie 7770/10A, 831 06 Bratislava – mestská časť Rača, ID No. (IČO): 56 214 634, registered with the Commercial Register of the Municipal Court Bratislava III, Section: Sro, Insert No.: 177897/B ("Controller") is responsible for the processing of Personal data on our website and/or for the purposes described in these Policy as the data controller. The registered seat of the Controller is also the correspondence address of the Controller.

III. WHAT PERSONAL DATA WE PROCESS

Personal data means any information from which you can be identified or from which you are identifiable. In particular, we process the following categories of your Personal Data:

• Identification data (e.g. name and surname, date of birth, ID number, postal address);
• Contact details (e.g. email address, phone number);
• Banking and billing details (e.g. bank account number, bank name);
• Other voluntarily provided data (e.g. when communicating with us or with our artificial intelligence software);
• Other information provided to us by you or a third party (e. g. provided by you by communicating with our AI-based chatbots).

However, we may also process other data not specified above for the purposes set out in Article IV of this Policy.

IV. PURPOSE OF THE PROCESSING OF PERSONAL DATA

Our website https://fullvio.com/ ("Website") does not require any form of registration, so you can visit it without providing us with your Personal data.

If you contact us to express interest in receiving our services or products, or in interacting with artificial intelligence software created by us, and voluntarily provide your Personal data, we will use that Personal data for the following purposes:

• (a) Entering into a contractual relationship with you and therefore, in particular, ensuring the mutual communication within the framework of pre-contractual relations, processing your requests for the provision of services or products, accepting payments and delivering the agreed product or service and fulfilling our contractual obligations towards you;
• (b) Fulfilling our legal obligations under the law, particularly in the areas of tax and accounting;
• (c) Protecting and pursuing our legitimate interests, such as proving, exercising or defending our rights, legal claims, legally protected interests and/or our legal protection;
• (d) Certain marketing activities, where permitted by law, as well as responding to messages and requests sent to us via social media networks or email;
• (e) Ensuring the continuous development and training of our AI products to continuously improve our AI products as well as their safety;
• (f) Automatically process the input you provide in communication with our AI technology to generate more relevant responses to your requests;
• (g) Direct marketing such as contacting and reaching out to data subjects directly to inform data subjects about our products and services that we offer.

V. LEGAL BASIS FOR PROCESSING OF PERSONAL DATA

We obtain your Personal Data for the purposes set out in Article IV almost exclusively directly from you on one of the following legal bases:

• (a) The performance of a contract to which our client is a party as a data subject within the meaning of Article 6(1)(b) of the GDPR in connection with the purpose under Article IV. a) and e) of these Policy;
• (b) Fulfilment of a legal obligation within the meaning of Article 6(1)(b) of the GDPR in connection with the purpose under Article IV. b) of this Policy;
• (c) Legitimate interest in connection with the purposes under Article IV. c), d) and e) of this Policy:
  • Ad IV. c): In order to protect and exercise our rights in relation to the services and products provided;
  • Ad IV. d): It is in our legitimate interest to ensure effective communication with our customers and to respond effectively to enquiries about our services and products. Similarly, it is also our legitimate interest to spread awareness, educate on the development of AI for all age groups and increase demand for our products;
  • Ad IV. e): Training is an essential part of AI technology. It is in our legitimate interest to ensure the continuous development and improvement of our AI technology that leads to innovation in our services, improving the safety, reliability and efficiency of our technology.
• (d) Consent within the meaning of Article 6(1)(a) of the GDPR in relation to the purpose under Article IV. f) and g) of these Rules:
  • Ad IV. f): Our AI-based chatbot available on our Website can respond to your requests in a personalised way and offer you suitable solutions based on the data you provide. Before using this chatbot, we always ask for your consent to process the data you provide as input to generate a response.
  • Ad IV. g): We process your Personal data for direct marketing purposes only on the basis of your prior consent to the use of this form of marketing. The provision of Personal data in this case is not a contractual or legal obligation on your part. Without your consent, it will not be possible to carry out marketing and promotional activities.

VI. PERSONAL DATA RETENTION PERIOD

We will retain your personal data for the purposes set out in Article IV only for as long as necessary to fulfil those purposes, as follows:

• Ad IV. a) and c): During the contractual negotiations and pre-contractual relations and during the duration of the contractual relationship, for a maximum period of 5 years after the end of our contractual relationship or the unsuccessful conclusion of the contractual negotiations, in particular in the event of the assertion of any claims, unless a longer retention period is required by applicable law;
• Ad IV. b): For a period of 10 years in the case of concluded contracts and payment transaction data, in order to comply with tax and accounting legislation;
• Ad IV. d) and g): We process your Personal data for as long as you do not object to the continuation of the processing or withdraw your consent;
• Ad IV. e): For a maximum period of 5 years from the provision of your Personal data;
• Ad IV. f): Until such time as your consent is withdrawn, but no longer than 5 years from the date your Personal data was provided.

VII. RECIPIENTS OF PERSONAL DATA

Access to your Personal data is mainly granted to the Controller, but in the necessary case and to the extent necessary, your Personal data may be disclosed to the following recipients:

• Our contractors in the area of our information system and AI software administration;
• Service providers and professional advisors of the Controller (e.g. banks, law firms, tax advisors, accountants, etc.);
• Public authorities (e.g. tax office, labour inspectorate, labour office, etc.) and courts;

VIII. TRANSFER OF PERSONAL DATA OUTSIDE THE EUROPEAN UNION OR THE EUROPEAN ECONOMIC AREA

Your Personal data is processed primarily within the territory of the Member States of the European Union and is transferred within the Member States of the European Union or the European Economic Area ("EEA"), as the case may be, where these countries provide the highest level of protection for Personal data globally and as defined by the European Union as adequate protection for Personal data.

When providing our services and developing artificial intelligence software, we use the services of the company OpenAI Ireland Limited, with its registered office at 1st Floor, The Liffey Trust Centre, 117-126 Sheriff Street Upper, Dublin 1, D01 YC43, Ireland ("OpenAI") which may have access to some of your Personal data that you provide as input when interacting with our AI-powered chatbots.

OpenAI may process your Personal data on servers located outside of the EEA. This includes processing and storing your Personal data in facilities and servers in the United States of America. While data protection legislation varies by country and USA may not offer the same level of data protection as EAA countries. When transferring Personal data outside of the EEA we rely on the following transfer mechanisms to comply with Legislation:

• The European Commission’s adequacy decisions pursuant to Article 45(1) GDPR (see the EU-US Adequacy Decision);
• Standard Contractual Clauses as approved by the European Commission pursuant to Article 46(2)(c) GDPR.

IX. PROTECTION OF YOUR PERSONAL DATA

In accordance with the requirements of the Legislation, we take all necessary security, technical, and organizational measures to protect your Personal data, including instructing authorized persons, implementing security settings, and using protective software, both on our side and that of our suppliers.

X. AUTOMATED DECISION-MAKING OR PROFILING

An automated decision is a decision that is based solely on automated processing, including profiling, and that has legal effects concerning you or similarly significantly affects you. The Controller does not use automated decision-making or profiling when processing your Personal data. Our AI-powered chatbot implemented on our Website automatically processes the Personal data you provide for the purpose of generating a response, but in this case it is not automated decision-making that would significantly affect you, it is merely a recommendation on how to resolve your request through the services and products we provide, which does not give rise to any legal effects for you.

XI. YOUR RIGHTS IN THE PROCESSING OF PERSONAL DATA

As a data subject, you have the following rights in connection with the processing of Personal data:

• (a) Right to be informed: You have the right to be informed about the processing of Personal data by the Controller. We seek to provide such information primarily through this Policy, from which you should learn: the identification and contact details of the Controller, the purposes of the processing, the categories of Personal data we process, to whom we disclose the Personal data where necessary, whether we transfer the Personal data to third countries that do not provide an adequate level of protection of Personal data, the retention period of the Personal data, and whether and how automated decision-making based on your data or profiling takes place. If you would like to know more, please contact us at: [email protected].
• (b) Right of access: You have the right to request confirmation from us as to whether your Personal data is being processed and, if so, to obtain a copy of that data and any additional information required by the relevant Legislation. In the event that we collect a large amount of Personal data about you, we may require you to specify your request for the range of specific Personal data we process about you.
• (c) Right to rectification: In the event of a change in Personal data (e.g. a change in your surname or contact details), you have the right to inform us and we are obliged to bring your Personal data that we process up to date.
• (d) Right to erasure: If we do not need your Personal data for the purposes set out above, we should delete it, as well as if you withdraw your consent to processing or if required to do so by law, if our processing of Personal data is unlawful or if our legitimate interests do not outweigh your rights and freedoms. In such cases, we are obliged to delete your Personal data.
• (e) Right to restriction of processing: This right may be exercised in specific cases provided for by Legislation and is related to the exercise of other rights mentioned here, e.g. when the timeliness of the Personal data processed is checked or the weight of the legitimate interests of the Controller is assessed.
• (f) Right to data portability: You have the right to receive the Personal data that we process about you on the basis of consent and/or contract and that we process by automated means in a structured, commonly used and machine-readable format. You may also transfer this Personal data to another person, therefore, if technically possible, we will transfer your Personal data directly to your chosen controller at your request.
• (g) Right to object: If you believe that we are processing your Personal data for legitimate interest purposes in a way that is contrary to the protection of your privacy (rights and freedoms) or contrary to the law, you have the right to contact us to object.
• (h) Right to lodge a complaint with the competent supervisory authority: If you wish to contact the authority responsible for the supervision of personal data protection, this authority is the Office for Personal Data Protection of the Slovak Republic, Námestie 1.mája 18, 811 06 Bratislava, web: https://dataprotection.gov.sk/en/.
• (i) Right to withdraw consent: If the processing of your Personal data is based on your consent, you have the right to withdraw your consent at any time. Withdrawal of consent does not affect the processing of Personal data carried out up to the time of withdrawal.
• (j) Rights in relation to profiling and automated decision-making: We do not carry out profiling or automated decision-making when processing Personal data.

These data subject rights are further specified in Articles 15–22 of the GDPR. You can exercise these rights in accordance with the GDPR and other generally binding legal regulations by submitting a written request to AI Vision s. r. o., Karpatské námestie 7770/10A, 831 06 Bratislava – mestská časť Rača, or electronically via email at: [email protected]. In certain cases, particularly if there is doubt regarding the applicant’s identity as the data subject, we may request identity verification from you.

XII. CONTACT

If you require more detailed information about the processing of your Personal data or have any questions about this Policy, please contact us at: [email protected].

XIII. CHANGES TO THE POLICY

We may update this Policy from time to time. Therefore, please review it periodically. We will notify you of any material changes to this Policy through a notice or email. Any further changes to this Policy will take effect as of the "Last updated" date indicated.

Last updated: 20.03.2025

You can also download this policy as a PDF version.