ROBON® and GDPR:
How We Protect Your Personal Data
Protecting personal data is a top priority for us. The ROBON® system has been designed from the ground up to fully comply with the requirements of the European General Data Protection Regulation (GDPR) while ensuring maximum security and user convenience.
Data Controller and Data Processor
When you purchase the ROBON® system, you act as the Data Controller under GDPR. The system provider, responsible for support and maintenance, acts as the Data Processor. A Data Processing Agreement is concluded to clearly define the rights and obligations of both parties.
What Personal Data Does ROBON® Process?
The system processes two categories of personal data:
- System user data – used for unique user identification and system security.
- Data mailbox owner information – necessary for correctly identifying the sender and recipient of data messages.
Importantly, ROBON® does not read or analyze the content of data messages. It only ensures their secure delivery. The only exception is the optional antivirus scanning feature for attachments.
Cookies and User Experience
When using the web portal, ROBON® stores so-called cookies in the browser to ensure:
- proper functionality of the user interface,
- convenient operation (e.g., pre-filled data, remembering previous actions),
- storage of successful authentication information,
- collection of statistics and marketing (optional cookies, which can be disabled).
If cookies are rejected, some portal features may not function properly.
Legal Basis for Data Processing
ROBON® primarily supports processing activities necessary to comply with legal obligations or contractual performance. In such cases, user consent is not required. For other purposes, processing is only possible on the basis of voluntary consent, requested during system registration.
Sources of Personal Data
- primarily entered by administrators,
- may be provided by external identity providers (for authentication),
- may optionally be retrieved from government registries.
Your Rights Under GDPR
Users are entitled to:
- access their personal data,
- request rectification or erasure,
- restrict processing,
- object to processing,
- exercise data portability,
- withdraw consent.
Some rights may be restricted by legislation. Customer support and self-service features in the portal allow users to view or export their data.
Further Data Processing
ROBON® does not perform profiling or automated decision-making. Data may be used to generate anonymized statistics. Optional security monitoring (SIEM) can be implemented for threat detection.
Data Transfers
By default, ROBON® does not transfer personal data to third parties or abroad. The only exception is disclosure to law enforcement authorities, where required by law.
Data Retention
The retention period of personal data is governed by the retention policy and applicable legislation. After expiration, the data are deleted or anonymized. For example, for data linked to an individual’s life, the retention period may be derived from official death notifications in government registries.
Data Protection and Security
- Data protection is an integral part of the Information Security Management System (ISMS).
- Access is role-based and authenticated.
- All operations are logged in the application log.
- Data in transit are encrypted and regularly backed up.
- High availability infrastructure deployment is recommended.
Security is our priority from the design stage – the principle of “security by design”.
Personal Data Breach
In the event of a breach, the provider will:
- immediately analyze the root cause,
- provide full cooperation to the customer,
- assist with mandatory notifications to supervisory authorities and affected users.
ROBON® Implementation at the Customer Site
Implementation includes:
- detailed analysis of personal data processing,
- configuration of processing purposes and scope,
- design of procedures for handling user requests,
- deployment of additional security measures if required,
- creation of a publicly available Privacy Notice.
🔒 ROBON® is designed with maximum focus on security and GDPR compliance. It safeguards your personal data, streamlines operations, and ensures that all data are processed in full accordance with legal requirements.