Privacy Policy

The individual's responsible for processing your data are developers Tara Pogancev and Milos Pavlovic, based in Serbia. Tara Pogancev and Milos Pavlovic are also the developer's/creator's of the app and manages all aspects of data processing.

I greatly appreciate your trust in becoming part of this community, and I am fully committed to protecting your personal information and safeguarding your privacy rights. If you have any questions or concerns about how your personal data is handled, feel free to reach out to me at matrixltdapp@gmail.com. For detailed information on how we comply with data protection regulations, please visit the following link:

GDPR Compliance

Who Is This Privacy Policy For?

This privacy policy applies to:

Partners using our platform's services
Users of our services
Visitors browsing our website

When you visit my website, www.matrix.co.rs, or use my services, you provide personal data, which I handle with the utmost care. This policy explains the types of data I collect, how it is processed, the purposes for which it is used, how long it is retained, how you can stay informed about these processes, and your rights regarding your personal data.

These privacy guidelines apply to all data collected through my website, www.matrix.co.rs,), my mobile applications, and any related services, including sales, marketing, and events (collectively referred to as "websites" or "Website" in this policy).

If you disagree with any part of this privacy policy, I recommend discontinuing the use of my website and services. However, if you have any questions or need further clarification, I am always available to assist.

All gender-specific terms used in this privacy policy are intended to be neutral and inclusive of all genders, including non-binary individuals.

What Data Do I Collect?

In short: I collect personal data that you voluntarily provide by manually entering it on my platform.

Through my platform, you can choose how you want to log in or register, and provide your data in one of the following ways:

Using email/password through Firebase Authentication
Using Google sign-in with your preferred Google account
Using Apple sign-in with your Apple ID

Specifically, this includes your first and last name, email, mobile number, device information, and access to your photo gallery. I do not have access to your payment method details (e.g., credit/debit card number or bank account information).

The personal data I collect is the same across all three registration options. By entering your personal data into the designated fields, you give consent for the use of this data for the purpose for which it was provided.

The data I collect includes the following:

First and Last Name: When you first download the app, you will be prompted to enter your first and last name. This allows me to create a personalized experience for you and ensure that you receive the best possible service.
Contact Information: During the registration process with email/password, Google, or Apple, I do not initially ask for your phone number. However, if you continue using the app and create reservations, you will need to provide your phone number. This allows salon owners (the admins who will have access to this data) to contact you regarding your reservations. Your phone number is securely stored in the Firestore database and will not be used for any other purpose or shared with any third party.
Credentials: When registering with an email/password using Firebase Authentication, you are required to enter your password in two fields for confirmation. I do not have access to your password, as it is securely handled by Google’s Firebase security. Password recovery and account management are also managed by Firebase.
Device Identifiers: I use device identifiers to deliver and improve services, conduct analytics, enhance security, prevent fraud, and provide personalized content and recommendations.
Payment Method Information: I do not have access to payment method details. If I decide to introduce payment services in the future, I will update the privacy policy accordingly and seek your agreement to the new terms.
Photo Gallery: For a more personalized experience, users have the option to set a profile picture from their own gallery. The image is stored in Firebase Storage and is used solely for profile display purposes.

All personal data you provide must be accurate, complete, and truthful. Please notify me of any changes to the data you have provided.

Automatically Collected Data

Certain information is automatically collected when you interact with or navigate through my apps. While this data does not include personal identifiers like your name or contact details, it may consist of technical details such as your device type, operating system, language preferences, device name, country, location, and how you engage with the app. This may also include information like referring URLs and the time and manner in which you use the app.

The primary purpose of collecting this data is to ensure the app functions securely and smoothly, as well as to conduct internal analysis through Firebase Analytics for performance evaluation and reporting.

Moreover, I use cached data to store some image URLs, enabling the app to load more quickly and improving user experience. This is particularly useful in cases of unstable internet connections or to generally speed up loading times, but only the URLs of images are cached for this purpose.

Data Collected Through My Applications

When using my applications, the following types of data may be collected:

Location Data: I may ask for permission to access location data from your mobile device, either continuously or while you’re using the app, in order to offer location-specific features. You have the option to manage or modify this access in your device settings.
Mobile Device Information: Automatically gathered details, such as your device's ID, model, manufacturer, operating system, version, and IP address, may be collected to help improve app performance. This data is particularly useful for diagnosing and resolving issues quickly through crash reports.
Push Notifications: I may request permission to send you push notifications related to your account or the app. If you’d prefer not to receive these notifications, you can easily disable them through your device’s settings or directly within the app.

Data Collected from Google and Apple Sign-In

When you choose to sign in using your Google or Apple account, I may collect certain information from these platforms to streamline your registration process and enhance your user experience. This data is only gathered with your consent and may include:

Google Sign-In: I may access your Google profile details, such as your name, email address, and profile picture, when you link your Google account to the app.
Apple Sign-In: When using Apple Sign-In, I may collect your name and email address, as well as any other data you choose to share during the sign-in process.

The information provided by these platforms is used solely to manage your account within the app and to provide a seamless login experience. No additional data is collected unless explicitly allowed by you.

How I Process Your Data, Purposes, and Legal Basis

I only process personal data that is essential for fulfilling specific goals, and I use this information exclusively for clear, legitimate, and anticipated purposes.

Legal Grounds for Processing Your Data:

Consent: I may process your personal data if you have explicitly given permission for specific uses.
Contractual Obligations: If we have entered into an agreement, I may need to process your personal data to meet the terms of our contract.
Legal Requirements: I may be required to disclose your data if mandated by law, court orders, or other legal processes, including responding to requests from government authorities for national security or law enforcement purposes.
Legitimate Interests: I may process your data when necessary to investigate and address potential violations of my policies, suspected fraud, safety threats, illegal activities, or as evidence in legal disputes in which I am involved.

Purposes for Using Your Data

Account Creation and Login: If you choose to link your account using a third-party service (such as Google or Apple), I use the information you’ve authorized from these platforms to set up and log in to your account, ensuring the contract between us is fulfilled. For further details, see the section on data collected through Google and Apple sign-in.
Administrative Notifications: I may use your personal data to send you updates about products, services, new features, or any changes to my terms and policies, but only if you have given explicit consent for such communication.
Feedback Requests: With your permission, I might use your data to request feedback on your experience with my services or applications, or to discuss any improvements.
Service Security: I may use your data to help ensure that my services remain safe and secure, including monitoring for fraud and preventing misuse.
Facilitating Communication with Service Providers: I may use your data to assist communication between you and service providers, ensuring seamless service delivery and improved quality.
Account Management: I use your data to maintain and manage your account throughout our relationship, keeping it functional and updated.
Service Provision: I use your data to deliver the services you have requested, making sure everything works as expected.
Responding to Inquiries and Support Requests: Your data may be used to respond to questions or resolve issues you encounter when using my services or applications.
Business Operations: I may also use your data for general business purposes, such as analyzing usage trends, evaluating service effectiveness, and improving overall performance and user experience. This data is used in an anonymized and aggregated format and is not associated with individual users unless you provide consent for personally identifiable data to be used.

Connecting with Your Third-Party Accounts

Google Accounts: If you choose to log in using your Google account, I will collect your email, full name, and profile picture to display within the app.
Apple Accounts: When logging in with your Apple account, I will use your email and full name as part of your profile in the app.
Data Storage and Backup: All collected data is securely stored using Google Firebase Firestore and Firebase Storage to ensure the safety and availability of your information.
Push Notifications: You may receive push notifications related to actions you take within the app, such as booking confirmations or reminders.
Analytics and Audience Insights: I use Google Analytics and Facebook Custom Audiences to gather statistical data and better understand the app’s user base, which helps me improve the services and tailor marketing efforts.
User Support: As the developer, I am directly accessible to users for any support or assistance they may need regarding the app.

Will Your Data Be Shared with Anyone?

In short: I do not sell, rent, or loan your personal information to unrelated third parties.

Your personal data will not be shared with or transferred to any unrelated third parties. All data is securely stored on my chosen external server or within my business premises, where appropriate technical and organizational measures have been put in place to ensure compliance with the General Data Protection Regulation (GDPR) and to protect your privacy.

I only disclose the minimum amount of data necessary for processing. Any individual or entity that I share your personal data with is contractually obligated to maintain confidentiality and has implemented appropriate security measures.

In specific situations, I may be required to transfer certain data to authorities, but only if legally mandated. Your personal data will not be transferred to any third country, international organization, or recipient outside the required legal jurisdiction.

Specifically, I may need to share your personal data in the following cases:

Suppliers, Consultants, and Third-Party Service Providers: Your data may be shared with third-party vendors, contractors, or service providers who help me operate and maintain the services I offer. This includes services like data analysis, customer service, email delivery, hosting, and marketing. For instance, selected third parties like Google Analytics may use tracking technology to gather data about your interaction with my apps over time for purposes such as analyzing usage and improving service quality. Outside of these essential functions, your data will not be shared with third parties for promotional purposes.
Business Transfers: In the event of a merger, sale of company assets, or any negotiations for financing or acquisition of the business, your data may be shared or transferred to facilitate these transactions.
Other Users: If you interact publicly within the app (for example, by posting comments or contributions), your personal data may be visible to all users and could be shared publicly beyond the app. If you register using a social network (such as Google or Apple), your social network contacts may also be able to view details such as your name, profile photo, and activity within the app.

I’ve categorized each data-sharing scenario to ensure clarity about how your personal data is processed. If you have given consent for data processing and wish to withdraw it at any point, feel free to contact me.

Do I Use Cookies and Other Tracking Technologies?

In short: I use Firebase Crashlytics and Firebase Analytics for tracking and performance purposes and also on my website, I may use cookies.

I may use cookies and similar tracking technologies (such as web beacons and pixels) to collect and store certain data. These tools help me improve app functionality and user experience.

Cookies are small text files placed on your device by an Internet server that allow the service provider to recognize returning users and deliver a customized experience. Cookies are created when your browser visits a website and sends information back to the server. The next time you visit, the browser retrieves the cookie and sends it back to the server.

On my app, I use the following types of tracking technologies:

Firebase Crashlytics: I use Firebase Crashlytics inside my app’s source code to diagnose device issues and errors that occur, providing a better user experience.
Firebase Analytics: I use Firebase Analytics to gain insights into the app’s performance and usability.

On my website, I may use the following types of cookies:

Technical Cookies: These are essential for the website to function properly and cannot be disabled.
Functional Cookies: These allow the website to provide enhanced features and personalization options and can be turned off if you prefer.
Marketing Cookies: These record visits and traffic sources, helping me measure and improve website performance. You can choose to disable these cookies.

How I Process Google and Apple Logins

In short: If you choose to register or log in to my services using your Google or Apple account, I may access certain information from your profile to create and manage your account.

My applications allow you to register and log in using your Google or Apple account details. When you choose to log in through one of these methods, I will receive specific profile information directly from the provider. The information I collect typically includes your name, email address, and profile picture. The exact data may vary depending on the provider's settings.

I will use this information strictly for the purposes outlined in this privacy policy, such as creating your account and improving your user experience. Please be aware that I do not control how Google or Apple handle your personal data. For more details on their practices, I recommend reviewing their privacy policies to understand how they collect, use, and share your information, as well as how you can manage your privacy settings on their platforms.

What Is My Stance on Third-Party Websites?

In short: I am not responsible for the safety of any information you share with third-party advertisers or websites that are not affiliated with my app or services.

My applications may include links from third parties that are not connected with me. These links may lead you to external websites, online services, or mobile applications. I cannot ensure the safety or privacy of any data you provide to these third parties. Any information collected by them is not covered by this privacy policy. I am not responsible for the content, privacy practices, or security policies of third-party websites, services, or applications that may be linked to or from my app. It is important to review the privacy policies of those third parties and reach out to them directly if you have any concerns or questions.

How Long Do I Keep Your Data?

In short: I retain your information for as long as necessary to achieve the purposes outlined in this privacy policy, unless a longer retention period is required by law.

I will store your personal data only for as long as it is necessary to fulfill the purposes described in this privacy policy, unless a longer retention period is mandated by law or regulations (such as tax or accounting requirements).

For example, if you have used my services and I issued an invoice to you, your name, address, and personal identification number will be retained for 11 years (starting from the last day of the year in which the invoice was issued), in compliance with legal obligations for issued invoices. Invoices received from suppliers are also kept for the same 11-year period, as required by law.

Your contact information, such as your phone number or email address, will be deleted immediately after you cancel or delete your user account. You can easily perform the account deletion directly through the app’s settings.

How Do I Protect Your Data?

In short: My goal is to protect your personal data through a system of organizational and technical security measures.

I have implemented appropriate technical, organizational, and personal security measures designed to safeguard all personal data I process. However, it's important to note that while I strive to protect your personal data, no method of transmission over the Internet is 100% secure. You should access the services in a secure environment and be aware that transmitting personal data is done at your own risk.

Do I Collect Information from Minors?

In short: I do not collect data from individuals under 18 years of age.

I do not knowingly collect data from anyone under 18. By using my services or applications, you confirm that you are at least 18 years old or are a legal guardian consenting to the use of my services for a minor. If I discover that personal data from users under 18 has been collected without proper consent, I will deactivate the account and take appropriate steps to promptly delete the data from my records.

What Are Your Rights Regarding the Processing of Your Data?

In short: You have several rights regarding the processing of your personal data, which are detailed below.

Right of Access

You can request confirmation about whether I am processing your personal data. If so, you can request access to your data, the purposes of processing, the categories of personal data involved, the recipients of the data, the storage period, and your rights regarding the processing of your data.

Right to Rectification

If any of your personal data is incomplete or inaccurate, you can request that I correct or update it at any time. You are responsible for providing accurate data and for informing me of any relevant changes to your personal information.

Right to Erasure

You have the right to request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected, if you object to its processing, or if you believe the data has been unlawfully processed. Please note that some legal obligations may prevent the immediate deletion of data, such as data that must be retained for legal reasons.

If I am required to retain certain data for legal purposes, I will inform you of the retention period and when the data will be deleted in response to your request.

Right to Restrict Processing

You can request that I restrict the processing of your data in certain situations:

If you contest the accuracy of the data.
If the processing is unlawful, but you prefer to restrict its use rather than delete it.
If I no longer need the data, but you require it to establish, exercise, or defend legal claims.
If you object to processing based on my legitimate interest or a public task.

If processing is restricted, your personal data will only be processed with your consent or for legal claims, the rights of others, or important public interests. You will be notified before any restriction is lifted.

Right to Object

If I process your data based on legitimate interests or a public interest task, you may object to this processing. I will stop processing your data unless I can demonstrate compelling legitimate grounds that outweigh your interests or if the processing is necessary for legal claims.

Right to Appeal

If you believe that I have processed your personal data in violation of Serbian or EU laws, you can contact me to resolve any concerns. You also have the right to file a complaint with a Data Protection Agency.

Right to Notification of Data Breach

In the event of a data breach that affects your personal information, I will notify you as soon as possible. The notification will explain the nature of the breach, its potential consequences, and the measures I have taken to mitigate the effects. The notification will be written in clear and simple language.

Exercising Your Rights

If you wish to exercise any of the rights mentioned above, you can contact me using the following details:

Email Address: matrixltdapp@gmail.com

I will respond to your requests in accordance with the timeframes and regulations set forth by the General Data Protection Regulation (GDPR). Please be aware that I may need to verify your identity to ensure that your rights and privacy are protected.

These rights can also be exercised by an authorized representative on your behalf. In such cases, the representative must provide a notarized power of attorney, unless the representative is a lawyer, in which case notarization is not required.

If your requests are made too frequently or with clear intent to misuse the process, I may refuse to fulfill them.

Rights Regarding Data Processing Based on Consent

When personal data is processed based on your consent, I ensure that your consent is always provided voluntarily, clearly, and specifically for each purpose, using a written statement signed by hand. You will be fully informed, and the consent will be unambiguous.

The written statement used to obtain your consent for data processing will be tailored to each specific purpose and will be presented in a clear, simple, and easily understandable format.

You have the right to withdraw your consent for the processing of personal data at any time. You will be informed of this right before you provide consent, and it will be clearly mentioned in the consent form. Consent can be withdrawn by signing a simple form that I will provide.

Please note that if the consent was provided for a one-time processing activity and the processing has already been completed, withdrawing consent will not have any retroactive legal effect.

Upon withdrawal of consent, I will promptly delete all of your personal data, except for the information that must be retained in compliance with European Union or Serbian regulations.

If you choose not to provide consent in situations where processing is based on consent, I will be unable to establish a legal relationship with you.

Account Information

If you would like to review or update the information associated with your account, or if you wish to terminate your account at any time, you can:

Log into your account settings and make the necessary changes.
Contact me directly using the provided contact details.

If you request to terminate your account, I will deactivate or delete your account and remove your information from my active databases.

Opting Out of Email Marketing

You can unsubscribe from our marketing email list at any time by clicking the unsubscribe link in the emails we send or by contacting us using the details below. You will then be removed from the marketing email list. However, we will still need to send you service-related emails necessary for the administration and use of your account.

To otherwise opt-out, you can:

Change your preferences when you register an account on the website.
Access your account settings and update your preferences.
Contact us using the provided contact details.

Do I Update This Policy?

In short: Yes, I will update this policy as needed to remain compliant with the General Data Protection Regulation (GDPR) and other applicable regulations.

Any updates to the policy will be reflected by a revised "Last Updated" date, and the new version will take effect as soon as it is made available. If significant changes are made, I may notify you by posting a prominent notice or by directly sending a notification. I encourage you to review this privacy policy periodically to stay informed about how your data is protected.

Contact Information

If you have any questions or comments about this privacy policy, you can reach out to me directly by:

Email: matrixltdapp@gmail.com
Phone: +381640156737
Developers: Milos Pavlovic and Tara Pogancev
Address: Gandijeva 189, Belgrade