Moniary Logo

Moniary

Privacy Policy - Moniary

Effective Date: 8. dubna 2025

Last Updated: 8. dubna 2025

Sunamity, s.r.o.

Korunní 2569/108, Vinohrady (Praha 10), 101 00 Praha, Czech Republic

Company ID: 22046496

support@moniary.com

Sunamity, s.r.o. ("Moniary", "we", "us", or "our"), located at Korunní 2569/108, Vinohrady (Praha 10), 101 00 Praha, Czech Republic, Company ID: 22046496, is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, services, and applications (collectively, the "Service"). This policy is designed to comply with the EU General Data Protection Regulation (GDPR) and Czech data protection laws.

Please read this Privacy Policy carefully. By using the Service, you agree to the terms of this Privacy Policy. If you do not agree, please do not access or use the Service.

1. Information We Collect

We collect information about you in various ways when you use our Service:

**Information You Provide Directly:**

**Account Information:** When you register for an account, we collect information such as your name, email address, and password.

**Payment Information:** If you subscribe to paid plans, our third-party payment processor (Stripe) collects your payment card details. We do not store your full payment card information.

**Communications:** If you contact us directly (e.g., for support), we may collect your name, email address, and the contents of your message.

**Information Collected Automatically via Email Access:**

**Email Content (Limited Use):** When you connect your email account (e.g., Gmail, Outlook) via secure authentication (OAuth), our Service automatically scans the content of your emails *solely* to identify and extract relevant data from supplier invoices. This includes information like supplier name, invoiced items, price, invoice date, due date, and VAT information.

**Metadata:** We may collect metadata associated with these emails, such as sender, recipient, date, and subject line, to help categorize and manage the extracted data.

**Uploaded Files:** When you manually upload invoice files, we process and temporarily store these files for data extraction.

2. How We Use Your Information

We use the collected information for the following purposes:

**To Provide and Operate the Service:** Create and manage your account, process your email data and uploaded files to extract invoice information, display organized data, and provide other core features.

**To Improve and Optimize the Service:** Understand how users interact with the Service, analyze trends, troubleshoot issues, and develop new features.

**To Communicate With You:** Send service-related communications (e.g., account verification, technical notices, updates, security alerts), respond to your support requests.

**For Security and Fraud Prevention:** Monitor for suspicious activity, prevent fraud, enforce our Terms of Service.

**For Legal Compliance:** Comply with applicable laws, regulations, legal processes, or governmental requests.

3. Legal Basis for Processing (GDPR)

Our legal basis for collecting and using personal data depends on the information concerned and the context:

**Performance of a Contract:** We process your account information, connected email data, and usage data as necessary to provide the Service you requested under our Terms of Service.

**Consent:** We rely on your consent to connect your email accounts to the Service and to send you marketing communications. You can withdraw your consent at any time.

**Legitimate Interests:** We process information for security, fraud prevention, service improvement (using anonymized/aggregated data) based on our legitimate interests.

**Legal Obligation:** We may process information to comply with legal requirements.

4. How We Share Your Information

**We do not sell your personal data.** We may share your information in the following circumstances:

**Service Providers:** We share information with third parties who provide services on our behalf, such as hosting services, payment processors (Stripe), analytics tools.

**Legal Requirements:** We may disclose your information if required by law or if we have a good faith belief that disclosure is necessary.

**With Your Consent:** We may share your information with third parties when we have your explicit consent.

5. Data Security

We implement technical and organizational measures designed to protect your personal information from unauthorized access, use, alteration, or destruction. These measures include encryption (e.g., HTTPS for data in transit, encryption for sensitive data at rest), access controls, and regular security assessments.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. We retain your account information as long as your account is active. Extracted data may be retained while your account is active and for a short period afterward for recovery purposes.

7. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

**Right to Access:** Request access to the personal information we hold about you.

**Right to Rectification:** Request correction of inaccurate or incomplete information.

**Right to Erasure (Right to be Forgotten):** Request deletion of your personal information, subject to certain exceptions.

**Right to Restrict Processing:** Request restriction of how we process your information in certain circumstances.

**Right to Data Portability:** Request a copy of your information in a structured, commonly used format.

**Right to Object:** Object to processing based on legitimate interests or for direct marketing.

**Right to Withdraw Consent:** Withdraw your consent at any time where we rely on consent as the legal basis.

**How to Exercise Your Rights:** To exercise any of these rights, please contact us using the details provided in the "Contact Us" section below. We will respond to your request in accordance with applicable laws.

8. International Data Transfers

Your information may be transferred to, stored, and processed in countries other than your own, including the United States, where our servers or service providers may be located. If we transfer personal information from the EEA, UK, or Switzerland to other countries, we rely on appropriate safeguards, such as the European Commission's Standard Contractual Clauses (SCCs).

9. Children's Privacy

The Service is not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete that information.

10. Changes to Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. For material changes, we will also notify you by email or through a notification in the Service.

11. Contact Information

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us at:

Email: support@moniary.com

Data Protection Officer: support@moniary.com

12. Supervisory Authority

You have the right to lodge a complaint with a data protection supervisory authority. In the Czech Republic, the competent authority is:

Office for Personal Data Protection

Pplk. Sochora 27, 170 00 Praha 7

Phone: +420 234 665 111

Email: posta@uoou.cz

Website: www.uoou.cz