Current as of 10 Aug 2023

Legal Policies for the use of MinutAI

Conditions of personal data protection

These conditions of personal data protection provide for the protection and processing of personal data of GQsystems, a.s. as a controller as regards the operation of the internet application MinutAI , in particular recording in-person meetings and providing transcript and automated summary from such meetings (hereinafter referred to as the “Application”).

Personal data are processed in accordance with the applicable legislation, in particular Act No. 18/2018 Coll. on the protection of personal data as amended (hereinafter referred to as the “Personal Data Protection Act”) and Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as the “Regulation” or as “GDPR”) and in accordance with these conditions of personal data protection.

1. Controller

Controller is the company: GQsystems, a.s.
Business identification number 55293310
Registered office at Kasalova 27, 949 01 Nitra, Slovak Republic
Registered with the Commercial Register of District Court Nitra, section Sro, insertion No. 10647/N
E-mail: support@minut.ai

(hereinafter referred to as the “Controller”)

2. Data subjects

These conditions of personal data protection apply to:

  • users of the Application, i.e. persons registered with the Application for the purpose of using the Application services, or persons acting in the name or on behalf of these persons (hereinafter referred to as the “Application User”) and
  • persons participating in the meeting or a conversation from which the transcript and summary is made (hereinafter referred to as the “Participating Person”);
  • persons interested in the Application (hereinafter referred to as the “Prospective Clients”).

(hereinafter jointly referred to as the “Data Subjects”).

3. Purpose of the personal data processing

Purpose of the processing of personal data of the Data Subjects pursuant to these conditions is:

  1. implementation of measures prior to the conclusion of a contract with the Application Users, conclusion of the contract with the Application Users for the purpose of using the Application and subsequent provision of the services;
  2. recording in-person meetings for the purpose of providing transcript and automated summary of the conversation during said meeting;
  3. providing transcript and automated summary of a conversation during meeting;
  4. compliance with tax and accounting regulations;
  5. compliance with regulations in the field of archiving;
  6. securing of possible legal claims of the Controller;
  7. direct marketing for the Application Users by providing current information about products and services relating to the Application through newsletters;
  8. marketing for the Prospective Clients of the Application that sign up to receive current information about products and services relating to the Application through newsletters;
  9. operation of the Application – the Controller uses functional and technical cookies in the Application that are required for the proper operation of the Application, i.e. necessary for the performance of the contract;
  10. analysis of the operation of the Application – the Controller uses analytical cookies in the Application to analyse the operation of the Application, for the purposes of the Application traffic statistics, to improve the functioning of the Application and to ensure the user optimality; to this effect, the Controller also retains and analyses information about the user traffic within the Application;
  11. relevant advertising – the Controller uses marketing cookies in the Application to provide relevant advertising to the Data Subject;
  12. analysis of the operation of the Application social media (e.g. Facebook) – the Controller uses cookies on its social media to analyse the operation of these pages.

4. Legal basis for the processing

Legal basis for the processing is:

  1. Section 13(1)(b) of the Personal Data Protection Act, or Article 6(1)(b) of GDPR – performance of the contract and pre-contractual relationships (including the operation of the Application, which is the subject-matter of the contract);
  2. Section 13(1)(a) of the Personal Data Protection Act, or Article 6(1)(a) of GDPR – consent given by the Data Subject(making a transcript and summary from a meeting or a conversation);
  3. Section 13(1)(c) of the Personal Data Protection Act, or Article 6(1)(c) of GDPR in conjunction with Act No. 595/2003 Coll. on the income tax as amended, Act No. 431/2002 Coll. on the accounting as amended and other relevant laws – compliance with tax and accounting regulations;
  4. Section 13(1)(c) of the Personal Data Protection Act, or Article 6(1)(c) of GDPR in conjunction with Act No. 395/2002 Coll. on archives and registries as amended and other applicable laws – compliance with regulations in the field of archiving;
  5. Section 13(1)(f) of the Personal Data Protection Act, or Article 6(1)(f) of GDPR – legitimate interest of the Controller to secure and assert its possible legal claims;
  6. Section 13(1)(f) of the Personal Data Protection Act, or Article 6(1)(f) of GDPR – legitimate interest of the Controller to perform direct marketing for the Application Users;
  7. Section 13(1)(a) of the Personal Data Protection Act, or Article 6(1)(a) of GDPR – consent given by the Data Subject by signing up to receive newsletters;
  8. Section 13(1)(f) of the Personal Data Protection Act, or Article 6(1)(f) of GDPR – legitimate interest of the Controller to operate the Application (necessary cookies);
  9. Section 13(1)(a) of the Personal Data Protection Act, or Article 6(1)(a) of GDPR – consent given by the Data Subject through the cookies notification bar in the Application (analytical cookies);
  10. Section 13(1)(a) of the Personal Data Protection Act, or Article 6(1)(a) of GDPR – consent given by the Data Subject through the cookies notification bar in the Application (marketing cookies);
  11. Section 13(1)(a) of the Personal Data Protection Act, or Article 6(1)(a) of GDPR – consent given by the Data Subject (analysis of the operation of the Application’s social media pages).


5. Subject-matter of the processing

Subject-matter of the processing is:

  1. basic identification and contact personal data of the Application User provided by the Application User and necessary for the performance of the contract – first name, surname, e-mail,; provision of these data is voluntary, however, without providing the data, proper performance of the contract is not possible; the Application User can edit and update the data in its user profile in the Application;
  2. a meeting or a conversation from which the transcript is to be made; having a meeting or a conversation is voluntary, however, without having it the transcript cannot be made; the Data Subjects are entitled to discontinue or end the transcript at any time; the Controller does not retain the transcript; the summary remains in the Application User´s account and may be erased by the Application User at any time; recording of the meeting / conversation is only made upon request of the Application User, the Application User is responsible and liable for acquiring consent of the Participating Person or another Data Subject to record the meeting / conversation in which they participate and, subsequently, processes the transcript from the meeting / conversation in its own name as a controller;
  3. IP addresses through which the Data Subjects use the Application;
  4. information about the activities of the Data Subjects when using the Application;
  5. Cookies:
    • The Controller uses cookies in the Application to ensure proper operation of the Application (functional and technical cookies), to analyse the operation of the Application (analytical cookies) and to provide relevant advertising to the Data Subject (marketing cookies). Cookies are small text files stored by a website in the computer or mobile device of the Data Subject when viewing the website. The Data Subject may reject, control or delete cookies at its own discretion through the setting of its web browser, more information is available at aboutcookies.org, for example. However, the Application may not work properly if functional and technical cookies are rejected;
    • the Controller uses cookies at its social media such as Facebook. These cookies are provided to the Controller by Facebook in an anonymised form to analyse the operation of the Controller’s social media pages. More information about cookies used by Facebook is available at https://www.facebook.com/policy/cookies/.

6. Categories of recipients

Personal data are provided to the following recipients:

  1. the Application Users and the Participating Persons – these persons have a meeting or a conversation between them using the Application;
  2. providers of IT services;
  3. for the purpose of the transcript and summary;
  4. Google Ireland Ltd. – for the purpose of provision of the Google Analytics service;
  5. Facebook Ireland Ltd;
  6. external accountant of the Controller;
  7. providers of legal and tax consulting services;
  8. providers of postal and courier services;
  9. tax authority;
  10. Slovak Trade Inspection;
  11. courts, law enforcement authorities, enforcement agents;
  12. other entities authorised under applicable legislation.

7. Personal data portability

The Controller does not transfer personal data to a third country, or international organisation.

8. Storage period

Personal data will be stored for the period for which the purpose for the processing of personal data remains in existence, i.e. at least for the duration of the contractual relationship and within the necessary scope until the limitation period for the assertion of possible legal claims lapses and for the period of archiving laid down by the applicable legislation, however, always at least until all proceedings concerning the legal claims are concluded. If the processing is based on a consent of the Data Subject, personal data will not be processed for such purpose longer than for the period of the consent given. Consent may be withdrawn in accordance with Article 11 below.

If the processing is based on a legitimate interest of the Controller, personal data will not be processed for such purpose longer than for the period of justified objecting to the processing in accordance with Article 12 below.

The Data Subject may control or delete cookies at its own discretion, more information is available at aboutcookies.org, for example.
The Controller does not store the recordings of meetings and conversations. The Application User is responsible and liable for acquiring consent of the Data Subject for recording the meetings and conversations and, subsequently, processes the transcript and summary in its own name as a controller. The Application User is responsible for informing the Participating Person about the meetings and conversations being recorded and, if he or she does not agree with the recording, he or she may end the recording and transcript at any time during the meetings and conversations.

9. Measures to protect personal data

The Controller processes personal data in accordance with the applicable legislation, especially the Personal Data Protection Act and the Regulation. The Controller uses state-of-the-art technologies to store and transfer data securely and pays attention to the expertise of its staff on a regular basis.

10. Rights of the Data Subjects

The Data Subject whose personal data are processed has the following rights as regards the processing of its personal data:

  1. right to request access to its personal data or information about the processing (including confirmation about the processing) from the Controller;
  2. right to rectification of incorrect personal data and to have incomplete personal data completed;
  3. right to erasure of personal data or to restriction of the processing (in particular, if the purpose of the processing expired, if the consent was withdrawn, or if the processing is unlawful; personal data may not be erased before statutory and contractual time limits set for their retention expire);
  4. right to object to the processing;
  5. right to data portability;
  6. right to withdraw consent if the processing is based on the consent;
  7. right to lodge a complaint with the supervisory authority, i.e. Office for Personal Data Protection of the Slovak Republic (action pursuant to Section 100 of the Personal Data Protection Act).

The Data Subject may contact the Controller at the following e-mail address: support@minut.ai or by mail sent to the address GQsystems, a.s., Kasalova 27, 949 01 Nitra, Slovak Republic. The Controller may only charge a fee for providing information in cases set out in the Personal Data Protection Act, or the Regulation (e.g. with a clearly unsubstantiated request or repeated request). To acquire the information, a person must identify itself as the Data Subject or prove to be authorised to receive the information relating to a third person.

11. Right to withdraw consent

If the processing is based on consent, the Data Subject has the right to withdraw its consent at any time. Lawfulness of the processing of its personal data based on the consent given remains unaffected until the actual withdrawal of the consent. The Data Subject may withdraw its consent at any time at this e-mail address: support@minut.ai or by mail sent to the address GQsystems, a.s., Kasalova 27, 949 01 Nitra, Slovak Republic When there is doubt about the identity, the Controller may request that it is proved or request other way of authenticating the withdrawal of the consent. With newsletters it is sufficient that the Data Subjects unsubscribe from the newsletters by following the instructions provided in the newsletter itself.

If the Data Subject does not agree with making the transcript or summary, or recording of a meeting and a conversation, it may end the transcript at any time during the meeting / conversation.

The Data Subject may reject cookies at its own discretion, or by not giving consent through the cookies notification bar in the Application. More information is available at aboutcookies.org, for example.

12. Right to object to the processing

The Data Subjects have the right to object at any time to the processing of personal data based on the legitimate interests of the Controller. The Controller may not continue to process the personal data unless the Controller demonstrates compelling legitimate grounds for the processing which override the rights and interests of the Data Subject or reasons for the exercise of a legal claim. Where the Data Subject objects to the processing of personal data for direct marketing purposes, the Controller may no longer process the personal data for such purposes.

The Data Subjects may object by sending an e-mail to the address support@minut.ai or by mail sent to the address GQsystems, a.s., Kasalova 27, 949 01 Nitra, Slovak Republic. When there is doubt about the identity, the Controller may request that it is proved. With newsletters it is sufficient that the Data Subjects unsubscribe from the newsletters by following the instructions provided in the newsletter itself.

The Data Subject may reject cookies at its own discretion by setting up its web browser, more information is available at aboutcookies.org, for example.

13. Supervisory authority

The Controller complies with all the set legislative rules and safety measures when handling personal data. If the Data Subjects deem it necessary and do not agree with how the processing of personal data is done, they may turn to: Office for Personal Data Protection of the Slovak Republic seated at Hraničná 12, 820 07 Bratislava.

14. Final provisions

These conditions of personal data protection become valid and effective on 31.05.2023. These conditions also form part of the Controller’s General Sales Conditions for the use of the Application and are regularly revised and updated. Valid and effective conditions are available directly in the Application.