GlobitApp Privacy Policy

Effective Date: 1 September 2025
Establishment: Czech Republic (EU)

1) Who we are

GlobitApp (“GlobitApp”, “we”, “us”, “our”) provides communications and coordination features to help a sender share beneficiary details. We are the data controller for the personal data described here.
Contact: [email protected]

2) Scope

This notice explains how we collect, use, share, and protect personal data when you use our website/app and related features (the “Services”).

3) Children

Our Services are not intended for persons under 18. We do not knowingly collect data from anyone under 18. If we learn an under-18 user has registered, we will close the account and delete data where required.

4) Data we collect

We collect only the following personal data:

  • Sender: name, phone number
  • Beneficiary: name, phone number

We do not collect copies of ID, addresses, dates of birth, payment reasons, financial data, source of funds/wealth, location, device identifiers, or other categories—unless we clearly tell you otherwise and obtain any required consent.

5) How we use your data (and legal bases)

We use this minimal data to:

  • Provide the Services (store and display sender/beneficiary details, enable sharing/notifications). Basis: Contract (performance of the Services).
  • Communicate with you about service functionality, changes, or support. Basis: Legitimate interests / Contract.
  • Protect the Services (basic logging, security, misuse prevention). Basis: Legitimate interests.

We do not use your data for profiling, targeted advertising, or automated decisions that produce legal or similarly significant effects.

6) Cookies & analytics

We aim to use only essential cookies necessary to run the site/app (e.g., session management, security). If we ever introduce non-essential cookies or analytics, we will ask for your consent first and update this notice.

7) Sharing your data

We share data only with:

  • Service providers (processors) who host or support our platform (e.g., cloud hosting, messaging). They act under our instructions and appropriate contracts.
  • Authorities only if required by applicable law or to protect rights, safety, and security.

We do not sell personal data.

8) International transfers

Your data may be processed outside the Czech Republic/EEA by our processors. Where this happens, we use EU Standard Contractual Clauses or other GDPR-approved safeguards and perform transfer risk assessments.

9) Security

We implement technical and organizational measures appropriate to the risks of holding names and phone numbers, including access controls, encryption in transit, secure configuration, monitoring, and staff confidentiality obligations. No system is perfectly secure; if a personal-data breach risks your rights and freedoms, we will act per law, including any required notifications.

10) Data retention

  • Names and phone numbers: kept only as long as needed to provide the Services and for basic records, typically up to 24 months after your last interaction or account closure, unless we must keep them longer to comply with law or resolve disputes.
    After retention, we delete or irreversibly anonymize the data.

11) Your rights (EU GDPR)

Subject to conditions/exemptions, you can request: access, rectification, erasure, restriction, objection (including to any marketing), data portability, and withdrawal of consent (if we ever rely on consent). We do not rely on solely automated decisions that produce legal or similarly significant effects.

How to exercise your rights: email [email protected]. We may need to verify your identity.

Complaints: You can lodge a complaint with the Czech Data Protection Authority (Úřad pro ochranu osobních údajů – ÚOOÚ) or your local EEA authority.

12) Changes to this policy

If we change what we collect or how we use it, we will update this notice and the Effective Date, and if required, we will notify you and seek consent.

13) Contact

Questions or requests: [email protected]