Privacy Policy

SK

Last updated: 2026-05-25 · EqualPay Ready platform, operated by Aspecta s. r. o. (hereinafter the “operator”).

What data we collect

  • User account data: email address, name, organization, role, last sign-in timestamp.
  • Organization business data (uploaded during import in accordance with the employer’s statutory obligations): list of employees, pay components, job classifications, reporting period.
  • Audit log records of sign-ins and key actions in the application (per Constitution VI — security baseline).

How we store data

Data is stored in Neon Postgres in the EU region (Frankfurt, AWS eu-central-1) per EP D-034. Connections are encrypted with TLS; database access is restricted to the production application runtime. Backups are managed by Neon as a managed service; retention is configured at the Neon account level.

Third parties (sub-processors)

  • AWS (Amazon Web Services EMEA SARL) — hosting of the application and secrets in the eu-central-1 region (Frankfurt).
  • Resend (Resend, Inc.) — delivery of transactional emails (invitations, password reset) from the verified domain equalpayready.eu.
  • Google (Google Ireland Limited) — OAuth provider for the “Continue with Google” sign-in.
  • Microsoft Entra (Microsoft Ireland Operations Limited) — OAuth provider for the “Continue with Microsoft” sign-in, multi-tenant mode.
  • Anthropic (Anthropic, PBC) — the Claude model for the AI report assistant; only aggregated data is sent to the model, never PII.
  • Neon (Neon, Inc.) — managed Postgres provider (EU region).

Processing purpose

Data processing serves to fulfil the employer’s statutory obligations under EU Directive 2023/970/EU on pay transparency (Pay Transparency Directive) and national transpositions. The application enables computation of the gender pay gap, generation of regulatory reports, and tracking of compliance obligations.

Your rights

As a data subject, you have the right under the GDPR (Regulation 2016/679) to access, rectification, erasure, restriction of processing, portability, and objection. Requests can be addressed to support@equalpayready.eu; they are processed within 30 days.

Retention period

We retain account data for the duration of the agreement + 3 years after its termination (for potential audit requests). Business data (employee pay components) is retained according to statutory periods for accounting and personnel records.

Contact

Questions about data processing: support@equalpayready.eu. Complaints can be filed with the Office for Personal Data Protection of the Slovak Republic.

Governing law

These terms are governed by the laws of the Slovak Republic and the GDPR (Regulation 2016/679). When the terms change, we will publish the updated version on this page and notify active users by email from noreply@equalpayready.eu.