Privacy Policy
Personal data processing policy under GDPR
1. Data Controller
The data controller is Zela-Servis, s.r.o., Company ID: 10928065, VAT ID: CZ10928065, registered at Svetova 523/1, Liben, 180 00 Prague 8, Czech Republic, registered with the Municipal Court in Prague, Section C, File 350829.
Contact: info@zela-servis.cz, phone: +420 799 797 633.
2. What Personal Data We Process
Within the Siton Monitor platform, we process the following categories of data:
- Identification data — first name, last name
- Contact data — email address, phone (optional)
- Login data — password (stored in hashed form)
- Technical data — IP address, browser type, access time
- Device data — telemetry data from solar inverters (voltage, current, power, temperature, status), ESP8266 MAC address
- Location data — inverter location (if provided by user)
3. Purpose of Personal Data Processing
| Purpose | Legal Basis |
|---|---|
| Creation and management of user account | Contract performance |
| Display of inverter telemetry data | Contract performance |
| Sending verification and system emails | Contract performance |
| Platform security and abuse prevention | Legitimate interest |
| Technical support and troubleshooting | Legitimate interest |
| Display of public inverters in gallery and map | User consent |
4. Data Retention Period
| Data Type | Retention Period |
|---|---|
| User account data | Duration of account + 30 days after deletion |
| Inverter telemetry data | Per retention setting (default 90 days for raw data) |
| Access logs (IP, browser) | 90 days |
| Email communication | 1 year from last contact |
5. Data Sharing with Third Parties
We do not sell or share personal data with third parties for marketing purposes. Data may be shared with:
- Hosting provider — for operating platform servers
- Email service provider — for sending system emails
- Public authorities — if required by law
6. Your Rights
As a data subject, you have the following rights:
- Right of access — obtain information about what data we process about you
- Right to rectification — request correction of inaccurate data
- Right to erasure — request deletion of your data ("right to be forgotten")
- Right to restriction — request temporary restriction of processing
- Right to portability — obtain your data in a machine-readable format
- Right to object — against processing based on legitimate interest
7. How to Exercise Your Rights
You can exercise your rights:
- By email at info@zela-servis.cz
- In writing to the company address
- Through profile settings on the platform (change/delete data)
8. Data Security
To protect your data, we use:
- Encrypted connection (HTTPS/TLS) for all communication
- Password hashing with bcrypt algorithm
- API keys for device authentication (ESP8266)
- Login attempt rate limiting
- Regular data backups
- CSRF protection for forms
9. Right to File a Complaint
If you believe that the processing of your personal data violates your rights, you have the right to file a complaint with the supervisory authority:
Office for Personal Data Protection (UOOU)
Pplk. Sochora 27, 170 00 Prague 7, Czech Republic
Web: www.uoou.cz
Email: posta@uoou.cz
10. Changes to This Policy
This policy may be updated in connection with changes in legislation or platform features. Registered users will be notified of significant changes via email. The current version is always available on this page.
Last updated: March 15, 2026