SAFE

Privacy Policy

ORRO GROUP a.s.  ·  Effective date: 12 June 2026

This Privacy Policy explains how ORRO GROUP a.s. collects, uses, and protects personal data in connection with the SAFE application. It should be read together with the SAFE Terms of Service.

1. Who We Are (Data Controller)

The controller responsible for your personal data is:

ORRO GROUP a.s.

Budilova 161/15, 301 00 Plzeň, Czech Republic

Company identification number (IČO): 04365569

Email: orro-group@orro-group.com

We have not appointed a Data Protection Officer, as we are not legally required to do so. For any privacy-related question, please use the contact email above.

2. What Personal Data We Collect

Teachers and tutors (account holders). When you register and use SAFE, we collect:

Students. Students use SAFE-EN without creating an account. Apart from transient technical data necessary to deliver the service (such as IP address and device identifiers), we do not store personal data about students beyond the duration of their session.

Vocabulary content. Vocabulary sets created in SAFE-GEN-EN are stored locally in the teacher’s browser and are not transmitted to our servers unless you explicitly use a backup, synchronisation, or sharing feature that clearly indicates that data will be uploaded.

We do not intentionally collect special categories of personal data (such as data revealing racial or ethnic origin, political opinions, or health information).

3. Why We Use Your Data and Our Legal Basis

We process personal data for the following purposes, on the following legal bases under Article 6 of the GDPR:

We do not sell your personal data, and we do not use it for advertising or for automated decision-making that produces legal or similarly significant effects.

4. Who We Share Data With (Processors)

We do not sell or rent personal data. We share it only with trusted service providers (processors) who help us operate SAFE and who process data on our behalf under a data processing agreement:

We may also disclose personal data where required by law, by a public authority, or to protect our legal rights.

5. International Transfers

Some of our processors are established outside the European Economic Area (EEA), or may process data outside the EEA. Where personal data is transferred outside the EEA, we ensure that appropriate safeguards are in place, such as the European Commission’s Standard Contractual Clauses or a relevant adequacy decision, so that your data continues to receive an adequate level of protection.

6. How Long We Keep Your Data

We keep personal data only for as long as necessary for the purposes described above, and for as long as required by applicable law:

After these periods expire, we delete or anonymise the data in a secure manner.

7. Cookies and Similar Technologies

SAFE uses only strictly necessary cookies and similar technologies that are required to provide the service – for example, to keep you signed in (authentication and session) and to keep the service secure. Strictly necessary cookies do not require your consent.

We do not use advertising, marketing, or third-party tracking cookies. If we later add analytics or other non-essential cookies (for example, Google Analytics), we will implement a consent banner that complies with applicable law and we will update this Privacy Policy accordingly.

8. Your Rights

Under the GDPR, you have the right to:

To exercise any of these rights, contact us at orro-group@orro-group.com. We will respond within the time limits set by the GDPR.

You also have the right to object, on grounds relating to your particular situation, to processing based on our legitimate interests (Article 6(1)(f) GDPR).

9. How to Complain

If you believe we have not handled your personal data correctly, you have the right to lodge a complaint with the Czech supervisory authority, the Office for Personal Data Protection (Úřad pro ochranu osobních údajů):

Úřad pro ochranu osobních údajů

Pplk. Sochora 27, 170 00 Praha 7, Czech Republic

Web: https://uoou.gov.cz

If you are resident in another EU country, you may also lodge a complaint with your local supervisory authority.

10. How We Protect Your Data

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or misuse, including encrypted connections (HTTPS), access controls, and security measures provided by our hosting and payment partners. No system can be guaranteed to be completely secure, but we work to maintain a level of security appropriate to the risk.

11. Changes to This Policy

We may update this Privacy Policy from time to time, for example to reflect changes in law or in our services. Where changes are material, we will notify account holders by email. The effective date at the top of this policy shows when it was last updated.

12. Contact

For any question about this Privacy Policy or your personal data, please contact:

ORRO GROUP a.s.

Budilova 161/15, 301 00 Plzeň, Czech Republic

Email: orro-group@orro-group.com

Web: www.orro-group.com