1. About Us

1.1 For the purposes of Regulation (EU) 2016/679 (the General Data Protection Regulation or GDPR) and Act No. 18/2018 Coll. on the Protection of Personal Data (the Slovak Data Protection Act), the data controller is Codabu.

1.2 Our contact details for data protection matters are:

• Email: support@codabu.com
• Website: https://www.codabu.com/

1.3 We will only process personal information in accordance with the GDPR, Slovak Data Protection Act, and any other applicable privacy laws.

1.4 If you have any questions in relation to this privacy policy or how we collect, use or store your personal information, you can contact us by emailing support@codabu.com

2. Which Personal Information Will We Collect?

We may collect and process any of the following information about you:

2.1 Information You Give Us

You may give us information about yourself by using the online forms provided on the Website, connecting your GitHub account, or by corresponding with us by email or otherwise. This includes, without limitation, information you provide when you:

• Sign up and register to use the Website
• Connect your GitHub repository
• Post issues or bounties
• Submit solutions or pull requests
• Request early access
• Participate in discussion forums or other social media functions on the Website
• Report a problem with the Website or our services

The information you give us may include:

• Your name
• Your email address
• Your GitHub username and profile information
• Your payment information (bank account details, credit or debit card information, payment processor account details)
• Your IP address
• Information about your GitHub repositories, issues, and pull requests
• Communications between users on the platform

2.2 Information We Collect About You

Each time you visit the Website we may automatically collect any of the following information:

• Technical information, including the Internet protocol (IP) address used to connect your computer to the internet, your login information, browser type and version, browser plug-in types and versions, operating system and platform, time zone setting, and device information
• Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time), length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page
• GitHub API data, including repository information, issue details, commit history, and pull request data necessary to provide our services

2.3 Information We Receive From Other Sources

We may receive information about you from:

• GitHub, including your public profile information, repository data, and activity when you connect your GitHub account to our services
• Payment processors and financial service providers
• Technical service providers, analytics providers, and security service providers
• Other third-party services you choose to integrate with Codabu

We work closely with third parties and may receive information about you from them. We will have informed you when we collected that data that it may be shared internally and combined with data collected on the Website.

3. How Will Your Personal Information Be Stored and Used?

3.1 Legal Basis for Processing

We process your personal information based on the following legal grounds under GDPR:

• Performance of a contract: To provide the services you requested when you signed up for Codabu
• Legitimate interests: To improve our services, prevent fraud, and maintain platform security
• Legal obligation: To comply with applicable laws and regulations
• Consent: For marketing communications and certain data sharing (where required)

3.2 Purposes of Processing

We, or third party data processors acting on our behalf, may collect, use and store the personal information listed above for the following reasons:

• To allow you to access and use the Website and to register for an online account
• To connect and synchronize your GitHub repositories and issues
• To facilitate the posting of bounties and submission of solutions
• To process payments and manage financial transactions
• To match developers with issues and bounties
• To verify your identity in order to prevent and detect fraud and money laundering
• To provide you with content which is tailored specifically to you
• To provide you with the information and services that you request from us
• To carry out statistical analysis and market research
• For security, system maintenance, and troubleshooting purposes
• To notify you about changes to our services and to keep you informed about our fees and charges
• With your consent only, to contact you (including by email) with information about our products and services which either you request, or which we feel will be of interest to you
• To comply with legal and regulatory obligations

3.3 Data Retention

We will retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. When we no longer need your personal information, we will securely delete or anonymize it.

3.4 Anonymized Data

We may also collect details about you as a user of the Website for the purposes of preparing reports or compiling statistics. Such details will be anonymized and you will not be identifiable from the data collected.

4. Disclosure of Your Personal Information

4.1 Internal Sharing

We may share your personal information with any company that is a member of our group, which means our subsidiaries and affiliates.

4.2 Third Party Service Providers

We will share your personal information with selected third parties, including:

• GitHub, as our platform integration partner
• Payment processors (such as Stripe, PayPal, or similar services) for handling financial transactions
• Cloud hosting providers for data storage and platform infrastructure
• Email service providers for sending notifications and communications
• Analytics and search engine providers that assist us in the improvement and optimization of our site
• Customer support and communication tools
• Security and fraud prevention services
• Identity verification service providers

Any third parties with whom we share your personal information are limited (by law and by contract) in their ability to use your personal information for any purpose other than to provide services for us. We will always ensure that any third parties with whom we share your personal information are subject to privacy and security obligations consistent with this privacy policy and applicable laws.

4.3 Legal and Business Transfers

We may also disclose your personal information to third parties:

• In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets
• If Codabu or substantially all of its assets are acquired by a third party, in which case personal information held by Codabu will be one of the transferred assets
• If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, court order, or governmental request
• To enforce or apply our terms and conditions or any other agreement
• To protect the rights, property, or safety of Codabu, our customers, or other persons. This may include exchanging information with other organizations for the purposes of fraud protection and credit risk reduction

4.4 Your Consent

Save as expressly detailed above, we will never share, sell or rent any of your personal information to any third party without your consent. Where you have given your consent for us to share your information, but later change your mind, you should contact us by email at support@codabu.com.

4.5 Public Information

Please note that certain information you provide may be publicly visible, including:

• Your GitHub username and profile information (as public on GitHub)
• Issues and bounties you post (if in public repositories)
• Pull requests and code submissions
• Public comments and communications on the platform

5. Your Rights Under GDPR

5.1 Your Data Protection Rights

Under the GDPR, you have the following rights:

• Right of access: You have the right to request copies of your personal information
• Right to rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete
• Right to erasure: You have the right to request that we erase your personal data, under certain conditions
• Right to restrict processing: You have the right to request that we restrict the processing of your personal data, under certain conditions
• Right to object to processing: You have the right to object to our processing of your personal data, under certain conditions
• Right to data portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions
• Right to withdraw consent: Where we rely on consent to process your personal data, you have the right to withdraw that consent at any time

5.2 Exercising Your Rights

To exercise any of these rights, please contact us by email at support@codabu.com. We will respond to your request within one month. If you are not satisfied with our response, you have the right to lodge a complaint with the Slovak Data Protection Authority (Úrad na ochranu osobných údajov Slovenskej republiky) at https://dataprotection.gov.sk/

5.3 Marketing Communications

You have the right to ask us to not process your personal information for marketing purposes. We will inform you (before collecting your personal information) if we intend to use your personal information for such purposes.

You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your personal information. Alternatively, you can contact us by email at any time.

If you have previously given your consent to the use of your personal information for marketing purposes, you can choose to stop receiving marketing communications which we send to you from time to time by following the unsubscribe instructions included in such communications. Alternatively, you can opt out of such communications at any time by contacting us by email.

6. International Transfers of Personal Information

6.1 Data Transfers

The personal information that we collect from you may be transferred to, and stored at, a destination outside of the European Economic Area (EEA), including but not limited to servers and services located in the United States and other countries where our service providers operate.

6.2 Transfer Safeguards

When we transfer your personal information outside the EEA, we will ensure that:

• The transfer is to a country deemed by the European Commission to provide an adequate level of protection for personal data, or
• We have put in place appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission, or
• We rely on other appropriate legal mechanisms approved under GDPR

We will always take all reasonable precautions to ensure that your personal information is treated securely and in accordance with this privacy policy.

7. Security of Data

7.1 Security Measures

All information you provide to us is stored on secure servers. We implement appropriate technical and organizational measures to protect your personal information against unauthorized or unlawful processing, accidental loss, destruction, or damage, including:

• Encryption of data in transit using SSL/TLS technology
• Encryption of sensitive data at rest
• Regular security assessments and vulnerability testing
• Access controls and authentication mechanisms
• Employee training on data protection

7.2 Payment Security

Payment transactions are undertaken by third party payment service providers (such as Stripe or PayPal) and are encrypted using industry standard security protocols. We do not store complete payment card information on our servers.

7.3 Password Security

Where we have given you (or where you have chosen) a password which enables you to access your online account, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

7.4 Limitation of Liability

We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. Although we make every effort to protect the personal information which you provide to us, the transmission of data over the internet is not completely secure. As such, you acknowledge and accept that we cannot guarantee the security of your information transmitted to the Website and that any such transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to prevent unauthorized access.

8. Third Party Websites and Services

8.1 External Links

The Website may, from time to time, contain links to websites operated by third parties, including GitHub and other integrated services. Please note that this privacy policy only applies to the personal information that we collect through this Website and we cannot be responsible for personal information collected and stored by third parties.

8.2 Third Party Terms

Third party websites and services have their own terms and conditions and privacy policies, and you should read these carefully before you submit any personal information to these websites. We do not accept any responsibility or liability for third party terms and conditions or policies.

8.3 GitHub Integration

When you connect your GitHub account to Codabu, you authorize us to access certain information from your GitHub account in accordance with GitHub's terms of service and privacy policy. We only access the minimum information necessary to provide our services.

9. Cookies and Tracking Technologies

9.1 Use of Cookies

Our Website uses cookies, which are small files placed on your internet browser when you visit our Website. We use cookies in order to:

• Enable essential website functionality
• Remember your preferences and settings
• Analyze website traffic and usage patterns
• Improve user experience
• Provide security features

9.2 Types of Cookies

We use the following types of cookies:

• Strictly necessary cookies: Required for the website to function properly
• Performance cookies: Help us understand how visitors interact with our website
• Functionality cookies: Remember your preferences and personalize your experience
• Analytics cookies: Collect information about website usage (we may use services like Google Analytics)

9.3 Managing Cookies

You can control and manage cookies through your browser settings. Please note that removing or blocking cookies may impact your user experience and some features of the website may not function properly.

For detailed information on the cookies we use and the purposes for which we use them, please refer to our Cookies Policy (if available separately). By continuing to use the Website and/or our services, you are agreeing to our use of cookies as described in this policy.

10. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you become aware that a child has provided us with personal information, please contact us. If we become aware that we have collected personal information from a child under 18 without verification of parental consent, we will take steps to remove that information from our servers.

11. Changes to Our Privacy Policy

We may update our privacy policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. Any changes we make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by email.

The date at the top of this privacy policy indicates when it was last updated. By continuing to use the services and our Website after changes are posted, you agree to the updated privacy policy. We encourage you to review this privacy policy periodically to stay informed about how we are protecting your information.

12. Contact Us

If you have any questions, concerns, or requests regarding this privacy policy or our data practices, please contact us at:

For data protection matters specific to Slovak law, you may also contact the Slovak Data Protection Authority: