AI COACH SIMBION — Privacy Policy / Politika privatnosti

Data Controller

Rukovalac podacima

The data controller for the Simbion application is the author and sole owner of the service.
Contact: coachgoranpro@gmail.com · +381 64 409 6248 · WhatsApp · Viber

Rukovalac podacima za aplikaciju Simbion je autor i jedini vlasnik servisa.
Kontakt: coachgoranpro@gmail.com · +381 64 409 6248 · WhatsApp · Viber

Data We Collect

Podaci koje prikupljamo

We collect only data necessary for the operation of the service:

Basic data: First name, last name, and email address (for account creation).
Payment data: Transaction information is processed securely through an authorized payment processor. We do not store credit card numbers on our servers.
Sports data: Physical fitness metrics and progress data entered by the user (coach or parent) for the purpose of generating personalized training plans.
Technical data: Device type, OS version, IP address, and app usage logs — collected automatically for security and performance purposes.

Prikupljamo samo podatke neophodne za rad servisa:

Osnovni podaci: Ime, prezime i e-mail adresa (za kreiranje naloga).
Podaci o plaćanju: Informacije o transakcijama obrađuje ovlašćeni procesor plaćanja. Ne čuvamo brojeve kreditnih kartica.
Sportski podaci: Podaci o fizičkoj spremi i napretku koje korisnik (trener ili roditelj) unosi u svrhu generisanja personalizovanih planova treninga.
Tehnički podaci: Tip uređaja, verzija OS-a, IP adresa i logovi korišćenja — prikupljaju se automatski u svrhu bezbednosti i performansi.

Purpose of Data Collection

Svrha prikupljanja podataka

We use collected data exclusively for:

Providing personalized physical preparation plans
Account administration and service billing
Sending important notifications regarding the application
Security monitoring and technical performance optimization
Legal compliance obligations

We do not use personal data for advertising, profiling, or sale to third parties.

Prikupljene podatke koristimo isključivo za:

Pružanje personalizovanih planova fizičke pripreme
Administraciju naloga i naplatu usluga
Slanje važnih obaveštenja u vezi sa aplikacijom
Praćenje bezbednosti i optimizaciju tehničkih performansi
Ispunjenje zakonskih obaveza

Lične podatke ne koristimo u reklamne svrhe, za profilisanje niti za prodaju trećim stranama.

Legal Basis for Processing

Pravni osnov obrade

Data is processed on the following legal bases (GDPR Art. 6 / ZZPL):

Art. 6(1)(b) — Performance of contract: processing necessary to provide the service
Art. 6(1)(c) — Legal obligation: financial and tax record-keeping
Art. 6(1)(f) — Legitimate interest: security and fraud prevention
Art. 6(1)(a) — Consent: marketing communications (opt-in only)

Sports performance data may constitute a special category (GDPR Art. 9) and is processed only with explicit user consent.

Podaci se obrađuju na sledećim pravnim osnovama (GDPR čl. 6 / ZZPL):

Čl. 6(1)(b) — Izvršenje ugovora: obrada neophodna za pružanje usluge
Čl. 6(1)(c) — Zakonska obaveza: finansijsko i poresko evidentiranje
Čl. 6(1)(f) — Legitimni interes: bezbednost i sprečavanje prevare
Čl. 6(1)(a) — Pristanak: marketinška komunikacija (samo opt-in)

Sportski podaci o učinku mogu spadati u posebne kategorije (GDPR čl. 9) i obrađuju se isključivo uz izričit pristanak korisnika.

Sharing with Third Parties

Deljenje podataka sa trećim licima

Simbion never sells or shares your personal data with third parties for marketing purposes. Data is shared only with:

Authorized payment processors — solely for billing execution
Legal obligation — only upon lawful request by competent state or federal authorities

In the event of a business transfer or acquisition, users will be notified in advance and their data rights will be fully preserved.

Simbion nikada ne prodaje niti deli vaše lične podatke trećim stranama u marketinške svrhe. Podaci se dele isključivo sa:

Ovlašćenim procesorima plaćanja — isključivo radi izvršenja naplate
Zakonska obaveza — samo u slučaju zahteva nadležnih državnih ili federalnih organa

U slučaju poslovnog prenosa ili preuzimanja, korisnici će biti obavešteni unapred, a njihova prava u pogledu podataka biće u potpunosti sačuvana.

Data Retention

Period čuvanja podataka

Account data: retained for the duration of the active account + 12 months after cancellation, then permanently deleted.
Financial records: retained for 5 years in compliance with Serbian accounting law and applicable US/EU tax regulations.
Technical logs: retained for a maximum of 90 days for security purposes.

Upon account deletion request, all personal data is erased within 30 days.

Podaci o nalogu: čuvaju se za vreme aktivnog naloga + 12 meseci nakon otkaza, zatim trajno brišu.
Finansijski zapisi: čuvaju se 5 godina u skladu sa srpskim računovodstvenim zakonodavstvom i primenljivim US/EU poreskim propisima.
Tehnički logovi: čuvaju se najviše 90 dana u svrhu bezbednosti.

Na zahtev za brisanje naloga, svi lični podaci se brišu u roku od 30 dana.

Data Security

Bezbednost podataka

We apply modern encryption and security measures to prevent unauthorized access. All data in transit is protected by SSL/TLS encryption. In the event of a data breach, we will notify affected users and the competent supervisory authority within 72 hours, in accordance with GDPR Art. 33–34 and applicable US breach notification laws.

Primenjujemo savremene enkripcione i sigurnosne mere. Svi podaci u prenosu zaštićeni su SSL/TLS enkripcijom. U slučaju povrede podataka, obavestićemo pogođene korisnike i nadležni nadzorni organ u roku od 72 sata, u skladu sa GDPR čl. 33–34 i primenljivim US zakonima o obaveštavanju o povredi.

Protection of Minors

Zaštita maloletnih

Simbion does not knowingly collect personal data from persons under 13 without parental consent (US COPPA). When creating an account for a minor (under 18), the parent/guardian explicitly consents to data collection and processing. Under GDPR Art. 8 and ZZPL, the minimum age for independent digital consent in Serbia is 15 years. Any data of a child under 13 discovered without proper consent will be immediately deleted.

Simbion ne prikuplja namerno lične podatke lica mlađih od 13 godina bez roditeljskog pristanka (US COPPA). Kreiranje naloga za maloletno lice (ispod 18) podrazumeva izričit pristanak roditelja/staratelja na prikupljanje i obradu podataka. Prema GDPR čl. 8 i ZZPL, minimalna starost za samostalan digitalni pristanak u Srbiji je 15 godina. Podaci dece mlađe od 13 god. bez odgovarajućeg pristanka biće odmah obrisani.

User Rights (GDPR / ZZPL)

Prava korisnika (GDPR / ZZPL)

In accordance with GDPR and ZZPL, you have the right to:

Access

Request a copy of all data we hold about you

Rectification

Request correction of inaccurate data

Erasure

Request permanent deletion ("right to be forgotten")

Portability

Receive your data in machine-readable format

Object

Object to processing based on legitimate interest

Restrict

Request temporary restriction of data processing

All requests are processed within 30 days. Contact: coachgoranpro@gmail.com

U skladu sa GDPR i ZZPL, imate pravo na pristup, ispravku, brisanje ("pravo na zaborav"), prenosivost, prigovor i ograničenje obrade podataka.

Svi zahtevi se obrađuju u roku od 30 dana. Kontakt: coachgoranpro@gmail.com

US Users — CCPA & Additional Rights

Korisnici iz SAD — CCPA i dodatna prava

California residents and other US users have the following additional rights:

Right to Know: You may request disclosure of the categories and specific pieces of personal data collected.
Right to Delete: You may request deletion of your personal data (subject to certain exceptions).
Right to Opt-Out: You may opt out of the sale of personal data. Simbion does not sell personal data.
Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.
Nevada SB 220: Nevada residents may also opt out of any future sale of their personal data.

To exercise these rights: coachgoranpro@gmail.com. We will respond within 45 days as required by CCPA.

Rezidenti Kalifornije i drugi korisnici iz SAD imaju sledeća dodatna prava:

Pravo na uvid: Možete zatražiti otkrivanje kategorija i konkretnih ličnih podataka koji se prikupljaju.
Pravo na brisanje: Možete zatražiti brisanje ličnih podataka (uz određene izuzetke).
Pravo na odjavu: Možete se odjaviti od prodaje podataka. Simbion ne prodaje lične podatke.
Pravo na nediskriminaciju: Nećemo diskriminisati korisnike zbog ostvarivanja CCPA prava.
Nevada SB 220: Rezidenti Nevade mogu se odjaviti od buduće prodaje podataka.

Za ostvarivanje prava: coachgoranpro@gmail.com. Odgovaramo u roku od 45 dana.

Kolačići

The application uses only technically necessary cookies for session management and security. No tracking, advertising, or third-party analytics cookies are used. Users may disable cookies in browser settings, which may affect some functionality. This practice complies with the EU ePrivacy Directive and applicable US guidelines.

Aplikacija koristi isključivo tehnički neophodne kolačiće za upravljanje sesijama i bezbednost. Ne koristimo kolačiće za praćenje, reklamiranje niti analitiku trećih strana. Korisnici mogu onemogućiti kolačiće u podešavanjima pretraživača. Ova praksa je u skladu sa EU ePrivacy Direktivom i primenljivim US smernicama.

Supervisory Authority

Nadzorni organ

If you believe your data protection rights have been violated, you have the right to lodge a complaint with:

Serbia: Commissioner for Information of Public Importance and Personal Data Protection (Poverenik za informacije od javnog značaja i zaštitu podataka o ličnosti), Bulevar kralja Aleksandra 15, Belgrade.

EU Users: The data protection authority of your EU member state.

US Users: The Federal Trade Commission (FTC) at ftc.gov/complaint, or your state attorney general's office.

Ukoliko smatrate da su vaša prava povređena, možete podneti pritužbu:

Srbija: Poverenik za informacije od javnog značaja i zaštitu podataka o ličnosti, Bulevar kralja Aleksandra 15, Beograd.

EU korisnici: Organ za zaštitu podataka vaše EU države.

US korisnici: Federal Trade Commission (FTC) na ftc.gov/complaint, ili kancelarija državnog tužioca.

Changes to This Policy

Izmene politike

We reserve the right to update this Privacy Policy at any time. Users will be notified of significant changes via email at least 15 days before they take effect. Continued use of the application after changes take effect constitutes acceptance of the updated policy.

Zadržavamo pravo izmene ove Politike privatnosti. O značajnim izmenama korisnici će biti obavešteni putem e-maila najmanje 15 dana pre stupanja na snagu. Nastavak korišćenja podrazumeva prihvatanje ažurirane politike.