Privacy Policy

1. Definitions

What do we mean when we use some word or phrase?

When we say “consent” we mean your explicit consent on the processing of personal data. Persons who are 15 years of age or older may give free consent to the processing of their personal data.

When we say “cookies” we mean small pieces of data stored on your device (computer or mobile device). This information is used to track your use of the Website and to compile statistical reports on website activity. For further information about the use of cookies and how you can manage them, please read our Cookie Policy.

When we say “Data Controller“ we mean the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

When we say “Data Processors” or “processor” we mean any natural or legal person who processes the data on behalf of the Data Controller. In some cases, Del Systems may use the services of various service providers to process your data more effectively. In such cases, they are our processors.

When we say “Data Protection Law” we mean:

• Serbia - the Law on Personal Data Protection adopted in November 2018, entered into effect on August 22, 2019, (harmonized with the GDPR)
• EU/EEA - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR)

When we say “Data Subject” or “you”, “your” we mean any natural person that shares personal data with us via Website.

When we say “GDPR” we mean the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.

When we say “processing” we mean any operation or set of operations which is performed on personal data or sets of personal data. This includes activities such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

When we say “personal data”, “Data” or “data” we mean any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, either directly or indirectly. Therefore, data about a company or any legal entity is not considered to be personal data but registering on behalf of a legal entity may include sharing personal data. For example, the information in relation to one-person companies may constitute personal data where it allows the identification of a natural person. The rules also apply to all personal data relating to natural persons in the course of professional activity, such as the employees of a company or organization, business e-mail addresses like “[email protected]”. This Privacy Policy does not apply to information from which no individual can reasonably be identified (anonymized information).

2. Data Controller

Who is responsible for your Data and how?

When Del Systems acts in the capacity of a Data Controller, Del Systems determines the purposes and means of the processing of personal data. The purpose of data processing is the reason why we process your personal data.

In relation to your personal data processed on or via the Website, Del Systems acts as a Data Controller.

When Del Systems acts in the capacity of a Data Controller, Del Systems determines the purposes and means of the processing of personal data. The purpose of data processing is the reason why we process your personal data. The table in Section 4 of this Privacy Policy presents the purposes and legal basis for data processing. In such cases, Del Systems is responsible for your personal data.

This Privacy Policy contains information on processing your data in the capacity of a Data Controller. Should you have any inquiries, or you wish to exercise any of the rights of a Data Subject stipulated in Section 10 of this Privacy Policy, please contact us:

3. What Data We Collect and When?

We may collect and receive information about you in various ways:

(i) Information you provide through the use of the Website;

(ii) Information you decide to provide through getting in touch with us via the Contact page or email: [email protected];

(iii) Information we collect through the use of cookies in accordance with our Cookie Policy.

4. Personal Data We Process

When we act as Data Controller, it means that we determine the purpose of the processing of your personal data. We will ensure that processing is limited to what is necessary for the purposes for which the data is collected.

Data We Collect	Purpose	Legal Basis	Retention
Your name and e-mail, as well as the additional information shared within your message or the attachment (subjects, question/message/note/file).	Responding to your inquiries. We collect your personal data in order to respond to the inquiries you sent us via the Contact page on our Website, as well as to respond to you regarding the rest of your requests, and to provide and improve Services to you.	Processing is necessary for the performance of the Agreement or to enter into such an Agreement with you.	In the event an agreement is concluded between you and DelSystems, your data will be processed for the duration of that agreement. If an agreement is not concluded, we may process your data for a period of 12 months based on our legitimate interest.
Name, email, as well as the additional information shared within your message or the attachment.	Organizing a demo call When you provide your personal data to book a demo call, the purpose of collecting this information is to schedule and facilitate a session where we can present our products and services to you.	Processing is necessary for the performance of the Agreement or to enter into such an Agreement with you.	In the event an agreement is concluded between you and DelSystems, your data will be processed for the duration of that agreement. If an agreement is not concluded, we may process your data for a period of 12 months based on our legitimate interest.
Email of subscribers to our newsletter.	Newsletter You can leave us your email address in order to subscribe to our newsletter. This newsletter allows us to inform you of the new products and services, updates, as well as other news relevant to DelSystems. We may use your email address to notify you about any changes to the Website, policies, products and Services.	Processing is based on your consent. Also, you can withdraw your consent at any time, but this will not affect the lawfulness of processing based on your consent that was carried out before you withdrew your consent. You may unsubscribe from or mailing list at any time, by using the option “unsubscribe” in the email.	We will keep you on our mailing list until you withdraw your consent.
Technical data and data related to your device collected primarily by using cookies and similar tracking technology, as explained further in our Cookie Policy.	Analysis, management, and improvement of Website and Service Automatically collected data is used for: - managing the Website, - improvement of use and performance of the Website, as well as the update, analysis of the use of the Website and measure the interest of the Website visitors; - providing the most efficient presentation of the Website according to the data subject’s device.	Processing is based on your consent or our legitimate interest, i.e. for the safe usage and functioning of our Website, the protection of our business, but also the protection of our other Website visitors, which is essential to us.	If the processing is based on your consent, until the withdrawal of your consent. You can withdraw your consent at any time at your cookie setting as explained in our Cookie Policy. The withdrawal of consent does not affect the lawfulness of the processing based on the consent prior to such withdrawal. If the processing is based on our legitimate interest, we will keep the data as long as our legitimate interest exists.
Information necessary for identification	To allow Data Subjects from EEA to exercise their rights in accordance with this Privacy Policy, as defined in Section 10.	Processing is necessary for compliance with a legal obligation which the Controller is subject to.	We keep this information for a period of one year.
Other personal data	For the prevention and detection of fraud, money laundering or other crimes or to respond to a binding request from a public authority or court.	The processing is necessary to comply with legal and regulatory obligations.	In accordance with the applicable statutory deadlines.

5. What We Do Not Do?

We will ensure that your Data is processed lawfully, and we will never use the Data in any manner that is not described under this Privacy Policy.

Del Systems will never:

• Sell any kind of personal information or data,

• Disclose this information to marketers or third parties not specified in Section 7,

• Process your data in any way other than stated in this Privacy Policy.

6. Personal Data Security

We will take all adequate measures to protect your Data.

We take administrative, technical, organizational and other measures to ensure the appropriate level of security of personal data we process. Upon assessing whether a measure is adequate and which level of security is appropriate, we consider the nature of the personal data we are processing and the nature of the processing operations we perform, the risks to which you are exposed by our processing activities, the costs of the implementation of security measures and other relevant matters in the particular circumstances.

Some of the measures we apply include access authorization control, information classification (and handling thereof), protection of integrity and confidentiality, data backup, firewalls, data encryption and other appropriate measures. We equip our staff with the appropriate knowledge and understanding of the importance and confidentiality of your personal data security.

7. With Whom Do We Share Your Personal Data?

We may share your Data with our service providers.

This section provides information about the parties whose services we use for our data processing purposes.

Del Systems utilizes external processors for certain processing activities. We use information audits to identify, categorize and record all personal data that is processed outside the company, so that the information, processing activity, processor and legal basis are all recorded, reviewed and easily accessible.

We have strict due diligence procedures and measures in place and review, assess and background check all processors prior to forming a business relationship. We obtain company documents, certifications, references and ensure that the processor is adequate, appropriate and effective for the task we are employing them for.

We audit their processes and activities prior to contract and during the contract period to ensure compliance with the data protection regulations and review any codes of conduct that oblige them to confirm compliance.

This is the list of processors with whom we share your personal data:

Processor	Role	Seat
Calendly, LLC	Organizing demo calls	USA
Cloudflare, Inc	Push notifications	USA

We may also share your personal data with our outside accountants, legal counsels, and auditors.

8. International Transfer of Your Personal Data

If we transfer your personal data outside your territory, we will transfer them only to the countries that ensure an adequate level of protection or by applying the appropriate safeguard measures.

We may transfer your personal data to countries other than the one you reside in. Given that we follow internal rules for the protection of personal data that are stricter than the applicable law (see Section 10. of the Terms of Use), in these cases, we transfer your personal data only:

• To the countries within the EEA;

• To the countries which ensure an adequate level of protection;

• To the countries which do not belong to those specified under item 1. and 2, but only by applying the appropriate safeguard measures (such as Standard Contractual Clauses).

9. How Long do We Keep Your Data?

We retain the Data in accordance with the applicable law to provide the Service and for legitimate and lawful purposes.

The period for which we store your personal data depends on a particular purpose for the processing of personal data, as explained in detail in Section 4. We retain personal data for as long as we reasonably require it for legal or business purposes. In determining data retention periods, we take into consideration the applicable law (see Section 10. of the Terms of Use), contractual obligations, and the expectations and requirements of our Users. When we no longer need personal information, or when you request us to delete your information, where this is legal, we will securely delete or destroy it.

However, as an exception to the retention periods in Section 4 the data may be processed to determine, pursue or defend claims and counterclaims.

10. Your Rights

If we process your personal data, we will enable you to exercise any right you have when Del Systems is Data Controller.

Given that transparency is one of our cornerstone principles, we grant Data Subjects certain rights in relation to their personal data. These rights may be exercised by Data Subject when Del Systems operates as a Data Controller.

Right of Access

At any time, you can request access to your personally identifiable information.

You can send us a request for a copy of the personal data we hold about you.

We have ensured that appropriate measures have been taken to provide such in a concise, transparent, intelligible and easily accessible form, using clear and plain language. Such information is provided in writing free of charge. It may be provided by other means when authorized by the Data Subject and with prior verification as to the subject’s identity.

Information is provided to the Data Subject at the earliest convenience, but at a maximum of 30 days from the date the request was received. Where the retrieval or provision of information is particularly complex or is subject to a valid delay, the period may be extended by two further months where necessary.

Right of Correction of Your Personal Data

At any time, you can request that we correct a record of your personal information, if you believe it is inaccurate or incomplete.

If the personal data we have about you is incorrect, you have the right to request that we correct those data. Where notified of inaccurate data by the Data Subject, we will rectify the error within 30 days and inform any third party of the rectification if we have disclosed the personal data in question to them.

Right to Erasure

Unless processing of your data is necessary, you have the right to request from us to erase your personal data.

You have the right to request from us that your personal data is deleted in certain circumstances including:

• The personal data are no longer needed for the purpose for which they were collected;

• You withdraw your consent (where the processing was based on consent);

• You object to the processing and no overriding legitimate grounds are justifying us processing the personal data;

• The personal data have been unlawfully processed; or

• To comply with a legal obligation.

However, this right does not apply where, for example, the processing is necessary:

• To comply with a legal obligation; or

• For the establishment, exercise or defense of legal claims.

Right to Restriction of Processing

If you believe the processing is unlawful, but you do not want us to erase your personal data, you have the right to request a restriction of processing under certain circumstances.

If the accuracy of the personal data is contested, you consider the processing is unlawful, but you do not want it erased, we no longer need the personal data but you require it for the establishment, exercise or defense of legal claims or you have objected to the processing and verification, you can exercise your right to the restriction of processing.

Right to Data Portability

You have the right to obtain and reuse your personal data for your own purposes.

Where you have provided personal data to us, you have the right to receive such personal data back in a structured, commonly used and machine-readable format, and to have those data transmitted to a third-party Data Controller without hindrance but in each case only where:

• The processing is carried out by automated means; and
• The processing is based on your consent or the performance of a contract with you.

Right to Withdraw the Consent

At any time, contact us if you want to withdraw your consent to the processing of your personal data. Exercising this right will not affect the lawfulness of processing based on consent before its withdrawal.

If you have provided your consent to the collection, processing and transfer of your personal data, you have the right to fully or partly withdraw your consent. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose(s) to which you originally consented unless there is another legal ground for the processing.

Right to Lodge a Complaint

Contact us at [email protected] for any complaint.

If you have any concerns or requests in relation to your personal data, please contact us at [email protected] and we will respond as soon as possible but not later than within 30 days.

11. Changes to Privacy Policy

We will update our Policy from time to time after giving proper notice.

We reserve the right to change Privacy Policy from time to time at our sole discretion. If we make any changes, we will publish the new rules on this web page and, if we have your email, we will notify you directly.

Where you have previously consented to our Privacy Policy, your continued use of the Website after we make changes is deemed to be acceptance of the updated rules.

Effective as of December 6, 2024.