Privacy Policy
Effective Date: June 17, 2026
1. Introduction
Renvia (the “Service” or “Renvia”) is committed to ensuring the confidentiality, integrity, and security of personal data processed in connection with its platform. This Privacy Policy outlines the data protection practices implemented by Renvia in compliance with the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) and applicable data protection laws. It describes the types of personal data collected, the purposes and legal bases for processing, data sharing practices, security measures, and the rights of Data Subjects. All Customers and Users of the Service are encouraged to review this policy carefully to understand the responsibilities and obligations of Renvia and its Customers.
2. Data Controller and Data Processor Roles
Renvia acts as a Data Controller with respect to the personal data it collects and processes directly in the provision and operation of its platform services. This includes personal data related to account management, billing, customer support, security monitoring, marketing communications, website analytics, and platform operations. In these contexts, Renvia determines the purposes and means of processing personal data and is responsible for compliance with applicable data protection requirements.
Customers of Renvia, as users of the platform, act as independent Data Controllers for personal data they upload, manage, or process through the Service. This includes personal data concerning tenants, guests, reservations, properties, team members, and any uploaded business records or documents. Customers determine the purposes and means by which this data is processed within the platform and bear full responsibility for establishing lawful bases for processing such personal data under GDPR and other relevant laws.
In its role as a Data Processor, Renvia processes Customer Data strictly on documented instructions provided by the Customer, except where otherwise required by law. Renvia does not exercise autonomous decision-making authority over Customer Data and implements appropriate technical and organizational measures to safeguard such data. The distinction between Data Controller and Data Processor roles is critical for compliance with data protection laws and the rights of Data Subjects.
Where Renvia acts as a Data Processor, processing activities are performed solely based on the documented instructions of the Customer, unless otherwise required by applicable law. In such cases, Renvia will inform the Customer of that legal requirement before processing, unless the law prohibits such information on important grounds of public interest.
Customers, as Data Controllers, are responsible for providing appropriate privacy notices to tenants, guests, property owners, team members, and other Data Subjects whose personal data is uploaded or processed within the platform. Customers must ensure that Data Subjects are informed about the nature, scope, and purpose of processing and their rights under applicable data protection laws.
Customers acknowledge and agree that they are solely responsible for ensuring that any personal data uploaded or entered into the platform has been collected and processed in compliance with all applicable data protection laws, including obtaining any necessary consents or establishing other lawful bases for processing.
3. Company Information
moovit, s.r.o.IČO: 45240639
IČ DPH: SK2022919415
Bobuľová 11/B
900 28 Ivanka pri Dunaji
Slovakia
4. Categories of Personal Data We Collect
Renvia collects and processes various categories of personal data in the course of providing and operating the Service. These categories include, but are not limited to:
- Account Data: Identification and contact information such as names, email addresses, login credentials, and communication preferences.
- Profile Data: User roles, permissions, preferences, and settings configured within the platform.
- Team and Member Data: Information concerning team members, collaborators, and contacts managed through the platform.
- Property Data: Details about properties managed by Customers, including addresses, descriptions, and related metadata.
- Reservation Data: Booking information, occupancy records, and associated details.
- Financial Data: Billing records, invoices, payment histories, subscription details, and related financial information.
- Payment Metadata: Transaction identifiers, payment statuses, and metadata processed via Stripe payment services.
- Uploaded Documents: Invoices, contracts, receipts, booking documents, and other files uploaded by Customers.
- OCR Extracted Data: Data extracted from uploaded documents using Optical Character Recognition technology.
- Support Communications: Correspondence with customer support, including emails, chat logs, and tickets.
- Technical Logs: Device information, IP addresses, browser types, usage logs, error reports, and other diagnostic data.
5. Sources of Personal Data
Personal data processed by Renvia is primarily collected directly from Customers and Users during registration, platform usage, document uploads, and communications. Additionally, data may be received from integrated third-party services, such as Stripe for payment processing, and collected through automated tracking technologies including cookies and web beacons to support analytics and platform functionality.
6. Purposes and Lawful Bases for Processing
Renvia processes personal data for specific purposes, each supported by a lawful basis under GDPR Article 6. The following matrix outlines key processing activities and their corresponding legal bases:
- Account Creation and Management: Processing personal data to establish and maintain Customer and User accounts. Legal Basis: Performance of a contract (Art. 6(1)(b)).
- User Authentication and Authorization: Verifying identity and managing access to the Service. Legal Basis: Legitimate interests (Art. 6(1)(f)), necessary for security and fraud prevention.
- Security Monitoring and Fraud Prevention: Detecting and preventing unauthorized access, fraud, and abuse. Legal Basis: Legitimate interests (Art. 6(1)(f)) and compliance with legal obligations.
- Subscription Management and Billing: Handling subscription plans, invoicing, payment processing, and related financial operations. Legal Basis: Performance of a contract (Art. 6(1)(b)).
- Document Processing and OCR Extraction: Processing uploaded documents and extracting relevant data to support platform functionalities. Legal Basis: Performance of a contract (Art. 6(1)(b)).
- Customer Support and Service Delivery: Responding to inquiries, resolving issues, and providing assistance. Legal Basis: Legitimate interests (Art. 6(1)(f)) and performance of a contract.
- Service Analytics and Product Improvement: Analyzing usage data to enhance platform performance and features. Legal Basis: Legitimate interests (Art. 6(1)(f)).
- Legal Compliance and Dispute Resolution: Complying with applicable laws, regulations, tax obligations, and resolving disputes. Legal Basis: Legal obligations (Art. 6(1)(c)).
- Direct Communications and Marketing: Sending important updates, policy changes, and marketing communications where consent has been obtained. Legal Basis: Consent (Art. 6(1)(a)) or Legitimate interests where applicable.
Customers are responsible for ensuring that any personal data uploaded to the platform has an established lawful basis for processing under applicable data protection laws.
Where processing relies on Article 6(1)(f) (legitimate interests), Renvia may conduct legitimate interest assessments to ensure that its business interests are balanced against the rights and freedoms of Data Subjects. Such assessments consider the necessity, proportionality, and potential impact on Data Subjects to ensure fair and lawful processing.
7. Stripe Payment Processing
Subscription payments and billing operations are conducted exclusively through Stripe, an independent third-party payment processor. Renvia does not receive, store, or process full payment card numbers, CVV codes, or complete payment credentials. Payment data is transmitted securely directly to Stripe using industry-standard encryption protocols.
Stripe acts as an independent Data Controller with respect to certain payment-related activities, including the collection and processing of payment card details, fraud detection, and tax processing. Customers are encouraged to review Stripe's privacy policy at https://stripe.com/privacy for detailed information on Stripe's data handling practices.
Subscription renewals, invoice generation, payment retries in the event of failed transactions, fraud screening, and tax determination are handled through automated workflows integrated with Stripe. This ensures timely billing, accurate calculation of applicable taxes, and proactive fraud prevention for all subscription services.
Payment card information is processed directly by PCI-DSS compliant payment providers and is never stored or retained by Renvia. All sensitive payment data is handled exclusively by Stripe or other authorized payment processors in accordance with industry security standards.
Subscription billing includes automated invoicing, payment retries in case of failures, and the application of applicable taxes. Fraud detection mechanisms are employed by Stripe and Renvia to mitigate unauthorized transactions and ensure platform security.
8. Documents and OCR Processing
Customers may upload various documents to the platform, including invoices, receipts, contracts, booking documents, and other files relevant to their business operations. These documents are stored securely and processed to facilitate platform functionalities.
Renvia employs Optical Character Recognition (OCR) technology to extract relevant data from uploaded documents automatically. This process assists in reducing manual data entry and improving operational efficiency.
OCR technology may not always achieve perfect accuracy due to the quality of the uploaded documents or inherent limitations of the technology. Therefore, Customers are responsible for reviewing and verifying the accuracy of any data extracted via OCR before relying on it for accounting, legal, or operational purposes.
The OCR feature is provided as an assistance tool and does not constitute professional accounting, legal, or financial advice. Customers should consult qualified professionals for such matters.
OCR results should be treated as draft extracted information only. The Customer remains solely responsible for the accounting, tax, legal, and regulatory accuracy of any information derived from OCR processing within the platform.
9. Sharing and Disclosure of Personal Data
Renvia may share personal data with third-party service providers and partners to facilitate the operation and maintenance of the platform. Categories of recipients include:
- Infrastructure Providers: Cloud hosting and data storage providers that support platform availability and performance.
- Payment Providers: Stripe and other payment processors involved in subscription billing and payment handling.
- Communications Providers: Email delivery services, notification systems, and communication platforms used for customer correspondence.
- Analytics Providers: Services that analyze platform usage to improve functionality and user experience.
- Support Providers: Customer support and ticketing platforms used to manage inquiries and issue resolution.
- Legal and Regulatory Disclosures: Where required by law, regulation, or legal process, Renvia may disclose personal data to governmental authorities, law enforcement agencies, or courts.
- Corporate Transactions: In the event of mergers, acquisitions, or asset sales, personal data may be transferred as part of the transaction, subject to confidentiality obligations.
Renvia does not rent, sell, trade, or monetize personal data. Personal data is disclosed only where necessary for service delivery, legal compliance, security, or corporate transactions, and always subject to appropriate safeguards and contractual obligations.
10. Subprocessors
Renvia engages subprocessors to perform specialized services required for the operation, maintenance, and enhancement of the platform. All subprocessors are subject to a rigorous due diligence process prior to onboarding, which includes assessments of technical and organizational security measures, data protection practices, and compliance with applicable data protection laws.
Subprocessors are engaged only under written agreements that impose confidentiality, data protection, and security obligations that are at least as protective as those required by the GDPR and other applicable regulations. These agreements incorporate the requirements of GDPR Article 28, including:
- Processing personal data solely on documented instructions from Renvia as Data Controller or, where applicable, from the Customer as Data Controller.
- Ensuring that all persons authorized to process personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.
- Implementing appropriate technical and organizational measures to ensure a level of security appropriate to the risk.
- Assisting Renvia or Customers in fulfilling obligations to respond to Data Subject requests and to comply with GDPR Articles 32 to 36.
- Returning or securely deleting all personal data upon termination of services.
- Making available all information necessary to demonstrate compliance with Article 28 and allow for audits by Renvia or the Customer.
Access to personal data by subprocessors is strictly limited to what is necessary for the performance of their assigned tasks, consistent with the principle of least privilege. Subprocessors are prohibited from processing personal data for any purpose other than the provision of contracted services.
Renvia maintains and regularly updates a list of authorized subprocessors. Notification of material changes to subprocessors or their data processing activities will be provided to Customers in advance, where required, to allow for objections or additional due diligence.
11. International Data Transfers
Personal data processed by Renvia or its subprocessors may be transferred outside the European Economic Area (EEA) in connection with the provision of the Service.
Such transfers are conducted in compliance with GDPR Chapter V requirements, including reliance on adequacy decisions issued by the European Commission, or the implementation of Standard Contractual Clauses (SCCs) approved by the European Commission to ensure appropriate safeguards.
Where equivalent legal safeguards are in place, personal data may also be transferred to countries without an adequacy decision. Renvia ensures that such transfers maintain a high level of data protection consistent with EU standards.
12. Security Measures
Renvia implements a comprehensive suite of technical and organizational security measures designed to safeguard personal data against unauthorized access, disclosure, alteration, or destruction. Security practices are continuously reviewed and updated to address evolving threats and regulatory requirements. Key measures include:
- Encryption in Transit: All data transmitted between Users and Renvia servers is protected using industry-standard TLS/SSL protocols.
- Encryption at Rest: Personal data is encrypted at rest using strong encryption algorithms for databases, file storage, and backups where applicable.
- Role-Based Access Control (RBAC): Access to information systems and personal data is restricted based on job roles and operational necessity to enforce the principle of least privilege.
- Least Privilege Access: System accounts, personnel, and vendors are granted only the minimum permissions required to fulfill their functions.
- Audit Logging: Detailed audit logs are maintained for access, modification, and deletion of personal data to enable monitoring, incident investigation, and regulatory compliance.
- Continuous Monitoring: Infrastructure and applications are subject to continuous monitoring for suspicious activity, anomalies, and potential security incidents.
- Regular Backups: Secure, encrypted backups are performed regularly, stored offsite or in segregated environments, and tested for integrity to ensure data availability and recoverability.
- Vulnerability Management: Regular vulnerability scanning, penetration testing, and security assessments are conducted to identify and remediate security risks.
- Incident Response Procedures: Documented incident response plans outline the processes for detecting, reporting, containing, and resolving security incidents and data breaches.
- Employee Confidentiality Obligations: All employees, contractors, and vendors are subject to confidentiality agreements and receive mandatory data protection and security training.
Renvia follows secure software development lifecycle (SDLC) practices, including code reviews, automated security testing, and deployment controls to minimize vulnerabilities in the platform. Regular access reviews are conducted to ensure that only authorized personnel retain access to systems and data.
Periodic access reviews and privileged account monitoring are conducted to detect and address inappropriate or unnecessary access. Privileged accounts are subject to heightened monitoring, including audit logging and separation of duties, to minimize risks associated with elevated permissions.
Change management and deployment controls are enforced to ensure that updates to systems, applications, and infrastructure are reviewed, tested, and approved prior to release into production. All changes are tracked and documented to maintain system integrity and traceability.
Business continuity and disaster recovery planning is in place to maintain service availability and protect personal data in the event of major incidents, outages, or disasters. Regular testing and review of continuity plans ensure preparedness for potential disruptions.
Credential management policies require the use of strong, unique passwords and the implementation of multi-factor authentication (MFA) for critical systems and administrative accounts where technically feasible. Credentials are stored using salted and hashed formats, and access is revoked promptly upon role changes or termination.
Security incident detection capabilities include automated alerts, log analysis, and scheduled incident response drills to test readiness. Vendor risk management processes evaluate the security posture of all third-party service providers and subprocessors.
While Renvia employs industry best practices and strives for the highest level of security, no system can be guaranteed to be completely impenetrable. Renvia encourages Customers to implement their own security measures, such as strong authentication, regular password changes, and secure network practices.
13. Data Retention
Renvia retains personal data strictly for as long as necessary to fulfill the purposes for which it was collected, to comply with statutory obligations, to resolve disputes, and to enforce contractual rights. Retention periods are determined based on the data category, legal and regulatory requirements, and the legitimate interests of Renvia and its Customers. The following retention matrix provides an overview of typical retention periods:
| Data Category | Purpose | Typical Retention Period |
|---|---|---|
| Customer Account Data | Account creation, authentication, management, and communications | For the duration of the Customer relationship and up to 7 years after account closure |
| Subscription and Billing Data | Invoicing, payment processing, regulatory compliance | Up to 7 years following termination of services |
| Customer Data | Platform functionality, business operations, service delivery | While account is active and up to 90 days after deletion request, subject to legal requirements |
| Uploaded Documents | Document storage, processing, compliance support | While account is active and up to 90 days post-deletion unless required for legal retention |
| OCR Extracted Data | Automated data extraction, operational efficiency | While associated document is retained, subject to Customer deletion |
| Support Records | Customer support, dispute resolution, quality assurance | Up to 3 years after ticket closure or Customer account termination |
| Audit Logs | Security monitoring, compliance auditing, incident investigation | Up to 12 months, unless required longer for legal or security purposes |
| Security Logs | Threat detection, system integrity, forensic analysis | Up to 12 months, extended if part of an ongoing investigation |
| Marketing Preferences | Consent management, direct communications | Until consent is withdrawn or account is deleted |
| Legal Hold Records | Litigation support, regulatory investigations | For the duration of the legal hold, as required by law |
The above retention periods are indicative and may be adjusted to reflect evolving legal, regulatory, or operational requirements. Where statutory retention periods apply, such as for tax, accounting, or anti-money laundering laws, Renvia will retain relevant data for the legally mandated period, even if a deletion request has been submitted.
Retention periods may be extended where required for the establishment, exercise, or defense of legal claims, ongoing litigation, fraud investigations, regulatory requests, or enforcement of contractual rights. In such cases, data will be retained only for as long as strictly necessary to fulfill these obligations.
Upon expiration of the applicable retention period, personal data is securely deleted or anonymized using industry-standard methods. In some cases, data may persist in encrypted backups for a limited time until those backups are overwritten in accordance with the backup retention policy.
Customers acting as Data Controllers are responsible for defining and communicating their own data retention requirements for Customer Data processed via the platform.
14. Account Deletion
Customers may initiate an account deletion request by contacting Renvia at privacy@renvia.app. The account deletion process is designed to ensure security, compliance, and transparency throughout the lifecycle:
- Request Submission: The Data Subject or authorized Customer representative submits a deletion request to the Renvia privacy team, specifying the relevant account and associated data to be deleted.
- Identity Verification: Renvia verifies the identity and authority of the requester using appropriate authentication measures to prevent unauthorized or fraudulent deletion requests.
- Export Opportunity: Before deletion is processed, Customers are informed of their right to export account data and records. Renvia provides guidance or tools for data export in a structured, commonly used format.
- Account Deactivation: Upon confirmation, the account is deactivated to prevent further access or processing. Associated sessions and access tokens are revoked.
- Scheduled Deletion: Personal data and Customer Data are scheduled for deletion from active systems, typically within 30 days of confirmation, unless a different timeline is required by contract or law.
- Backup Expiration: Deleted data may persist in encrypted backups for up to 90 days (or as specified in the retention policy) until those backups are overwritten in the normal course of operations.
- Legal Retention Exceptions: Certain data may be retained beyond deletion for the duration necessary to comply with statutory obligations (e.g., tax, accounting, anti-fraud), resolve disputes, enforce agreements, or as required by legal holds.
- Final Purge Process: After all retention periods expire, data is permanently and irreversibly deleted or anonymized using industry-standard secure deletion methods.
Renvia will notify the Customer upon completion of the deletion process or if any legal or technical constraints prevent full deletion of specific data categories. Where Renvia acts as a Data Processor, the deletion will be performed in accordance with the documented instructions of the Data Controller.
15. Data Portability
Data Subjects have the right to receive their personal data, as processed by Renvia in its capacity as Data Controller, in a structured, commonly used, and machine-readable format. Supported export formats include JSON, CSV, or other industry-standard formats suitable for data interoperability.
To exercise the right to data portability, a formal request may be submitted to privacy@renvia.app. Renvia will carry out identity verification to ensure that data is disclosed only to the Data Subject or their authorized representative.
Exports will include personal data provided directly by the Data Subject and, where technically feasible, data generated through their use of the Service. Renvia will provide the data within one month of receiving a valid request; this period may be extended by up to two additional months for complex or voluminous requests, with notification to the requester.
Where Renvia acts as a Data Processor, data portability requests should be directed to the relevant Data Controller (i.e., the Customer). Renvia will assist the Data Controller in fulfilling such requests as required by applicable law and contractual obligations.
Data portability does not apply to data that is processed solely on the basis of legitimate interests or legal obligations, or to derived or anonymized data that cannot be linked to an identifiable Data Subject.
16. GDPR Rights of Data Subjects
Data Subjects whose personal data is processed by Renvia or its Customers are entitled to exercise the following rights under the General Data Protection Regulation (GDPR, Articles 15–22). Each right is subject to applicable legal conditions, and Renvia will respond to valid requests without undue delay, and in any event within one month of receipt. This period may be extended by up to two additional months for complex or numerous requests, with notification of the reasons for delay.
- Right of Access (Art. 15): Data Subjects have the right to obtain confirmation as to whether personal data concerning them is being processed and, if so, to access that data along with information regarding the purposes of processing, categories of data, recipients, retention periods, and the source of the data.
- Right to Rectification (Art. 16): Data Subjects may request the correction of inaccurate personal data or the completion of incomplete data without undue delay. Renvia and Customers will promptly update records upon verification of the request.
- Right to Erasure (Art. 17): Also known as the "right to be forgotten," this right allows Data Subjects to request deletion of personal data where it is no longer necessary for the purposes collected, where consent is withdrawn, there is no overriding legitimate interest, or processing is unlawful. Legal or contractual exceptions may apply.
- Right to Restriction of Processing (Art. 18): Data Subjects may request the restriction of processing in certain circumstances, such as when the accuracy of data is contested, processing is unlawful, or the data is no longer needed but required for legal claims.
- Right to Data Portability (Art. 20): Data Subjects may receive their personal data in a structured, commonly used, and machine-readable format, and have the right to transmit that data to another Data Controller where processing is based on consent or contract and carried out by automated means.
- Right to Object (Art. 21): Data Subjects may object to processing of their personal data based on legitimate interests, including profiling, or for direct marketing purposes. Processing will cease unless compelling legitimate grounds override the interests of the Data Subject or processing is required for legal claims.
- Right Not to be Subject to Automated Decision-Making (Art. 22): Data Subjects have the right not to be subject to decisions based solely on automated processing, including profiling, which produce legal effects or similarly significant impacts, unless necessary for contract performance, authorized by law, or based on explicit consent.
- Right to Withdraw Consent (Art. 7(3)): Where processing is based on consent, Data Subjects may withdraw consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.
To exercise these rights, Data Subjects may contact Renvia at privacy@renvia.app or, where Renvia acts as Data Processor, contact the relevant Customer as Data Controller. Verification procedures will be employed to confirm the identity and authority of the requester.
All data subject requests are processed following a standardized workflow that includes verification of the requester's identity, logging of the request, and tracking of the response. Requests are assigned to appropriate personnel and may be escalated if complex or sensitive. Renvia aims to respond within one month of receipt, with a possible extension of up to two months for particularly complex or voluminous requests, in accordance with GDPR requirements.
17. Supervisory Authority
Data Subjects have the right to lodge a complaint with a competent supervisory authority if they believe that the processing of their personal data infringes applicable data protection laws. In Slovakia, the competent supervisory authority is:
Úrad na ochranu osobných údajov Slovenskej republikyHraničná 12
820 07 Bratislava 27
Slovak Republic
https://dataprotection.gov.sk/
Data Subjects may also contact the supervisory authority in their habitual residence, place of work, or the place of the alleged infringement, in accordance with Article 77 GDPR.
18. International Data Transfers
Personal data processed by Renvia or its subprocessors may be transferred to countries outside the European Economic Area (EEA) where necessary for the provision of services, support, or platform functionality.
All international data transfers are conducted in compliance with GDPR Chapter V requirements. Transfers to countries recognized by the European Commission as providing an adequate level of data protection are permitted without additional safeguards. For transfers to countries without an adequacy decision, Renvia implements appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission, or uses other legally recognized transfer mechanisms.
Renvia regularly reviews its international transfer arrangements and ensures that Data Subjects' rights and effective legal remedies remain protected at all times, regardless of the data's location.
Where appropriate, Renvia may conduct transfer impact assessments to evaluate the risks associated with international data transfers. Supplementary safeguards may be implemented depending on the destination country's legal environment and risk profile, to ensure an adequate level of protection for personal data.
19. Data Breach and Security Incident Response
Renvia maintains a robust data breach and security incident response framework in line with GDPR Articles 33 and 34. This framework encompasses incident detection, triage, containment, remediation, post-incident review, and statutory notification obligations.
Upon detection of a potential data breach or security incident, Renvia initiates immediate triage to assess the scope, impact, and nature of the incident. Containment measures are deployed to prevent further unauthorized access, data loss, or damage.
Remediation efforts focus on restoring system integrity, mitigating vulnerabilities, and preventing recurrence. Each incident is followed by a post-incident review to analyze root causes and implement corrective actions.
All security incidents are documented, and corrective actions are tracked through to resolution. Lessons learned reviews are conducted following incidents to identify opportunities for improvement and to strengthen future prevention and response capabilities.
In accordance with GDPR Article 33, Renvia will notify the competent supervisory authority of a personal data breach without undue delay and, where feasible, not later than 72 hours after becoming aware of it, unless the breach is unlikely to result in a risk to the rights and freedoms of Data Subjects.
Where the breach is likely to result in a high risk to the rights and freedoms of Data Subjects, Renvia will also notify affected Data Subjects directly and without undue delay, as required by Article 34 GDPR. Notifications will include the nature of the breach, likely consequences, and measures taken or proposed to address and mitigate the breach.
Renvia fully cooperates with supervisory authorities and affected Customers throughout breach investigations and ensures transparent communication and remediation.
20. Data Processing Agreement (DPA)
Where Renvia acts as a Data Processor on behalf of a Customer (Data Controller), all processing of Customer Data is performed strictly in accordance with documented instructions provided by the Customer, in compliance with GDPR Article 28.
Renvia provides a Data Processing Agreement (DPA) to business Customers upon request or as part of contractual arrangements. The DPA details the scope, nature, and purpose of processing, the types of personal data, categories of Data Subjects, security measures, and the rights and obligations of both parties.
The DPA supplements and forms an integral part of this Privacy Policy and the applicable Terms of Service. In the event of conflict, the DPA prevails with respect to data processing provisions.
The DPA forms part of the contractual documentation for business Customers. Customers may request execution of a separate DPA prior to initiating any processing of Customer Data. Renvia will provide a signed DPA or enter into Customer-provided DPAs subject to mutual agreement.
21. Children's Privacy
Renvia is intended for business users and property management activities. The Service is not directed to children under 16 years of age. Renvia does not knowingly collect personal data directly from children under 16. If such data is discovered, reasonable steps will be taken to delete it.
22. Changes to this Privacy Policy
This Privacy Policy is reviewed and updated periodically to reflect changes in legal requirements, data processing activities, technological advancements, or the Service. Updated versions will be published on this page with a revised effective date. Customers and Users are encouraged to review the policy regularly to remain informed of data protection practices.
23. Data Protection Officer
Renvia has not appointed a Data Protection Officer (DPO), as it is not currently required to do so under Article 37 GDPR.
Privacy-related inquiries, data protection requests, and communications regarding the processing of personal data should be directed to privacy@renvia.app.
24. Contact Information
For questions, concerns, or requests regarding this Privacy Policy or the processing of personal data by Renvia, please contact:
Privacy-related requests, data subject rights requests, deletion requests, and DPA inquiries may be submitted to privacy@renvia.app. Our privacy team will respond in accordance with applicable data protection laws and contractual obligations.
privacy@renvia.appsupport@renvia.app
billing@renvia.app
moovit, s.r.o.
IČO: 45240639
IČ DPH: SK2022919415
Bobuľová 11/B, 900 28 Ivanka pri Dunaji, Slovakia