PERSONAL DATA PROTECTION NOTICE
WEB INTERFACES
1 April 2026
1. BASICS
This Personal Data Protection Notice (“Notice”) defines how the individual companies (“we”, “our” or “NAKA”) from the NAKA Group process, protect, and manage your Personal Data across the NAKA Web Interfaces, operated by the NAKA Entities. This Notice does not cover websites, links, or domains owned by third parties, even if you access them through our Web Interfaces (unless specifically stated otherwise). It also includes all public-facing pages, informational content, and digital touchpoints accessible via a web browser, including contact forms and other email correspondence for the purpose of direct marketing.
This Notice refers solely to the NAKA Web Interfaces. Processing of the Personal Data when you use the NAKA Services (e.g., when you obtain a NAKA card) is governed by separate privacy notices, together with other legal documents, relating to that particular NAKA Service.
Whenever you interact with one of the NAKA Web Interfaces, this Notice serves as the governing framework for processing of your Personal Data. If a specific NAKA Web Interface implements a unique Personal Data handling process, we will include an additional notice to ensure full transparency.
This Notice also refers to the Personal Data processed through the use of cookies included on the NAKA Web Interfaces. For specific information, please see Addendum: Cookie Policy below.
1.1 Your Agreement to this Notice
By using NAKA’s Web Interfaces, to which this Notice refers, you expressly confirm that you accept and agree with this Notice.
1.2 Changes to the Notice
We will update this Notice when necessary. For example, we might change it if data protection laws change, if a local authority adopts a new decision, opinion, stance, or if we change how we collect, use, or store your Personal Data or when other relevant circumstances change. In such cases, we reserve the right to change the provisions of this Notice without prior notification. We will provide you with any updates and modifications through NAKA Web Interfaces, indicating the effective date of said changes, so that you may familiarize yourself with them. Each version of this Notice will have the date of its effect stated at the top of the Notice, so that you may track the currently applicable version of this Notice by checking this date. We also recommend that you save a copy of the Notice for future reference and comparison.
We recommend you check this Notice each time before using our Web Interfaces or review it periodically to stay informed of our current privacy rules.
1.3 Applicable Terms and Definitions
Terms and capitalized words not defined in the main text have the following meanings:
Term | Definition / Meaning |
Agent(s) | means shareholders, directors, officers, Associates, contractors, partners, insurers, and attorneys of the NAKA Entities. |
Associate(s) | means any persons performing work for the NAKA Entities based on an independent contractor agreement. |
ICT | means information and communication technology. |
NAKA Payment Network | means a Blockchain-based payment network compatible with EMV and PCI DSS standards, used to facilitate transactions and settlements between the Cardholders and the Merchants, who are associated with this Network, through the utilization of the Smart Contracts. |
NAKA Entity(ies) | means any, several or all (as the context may require) of the following companies: 1. NAKA GLOBAL d.o.o. (NAKA GLOBAL Ltd.), incorporated under the laws of the Republic of Slovenia, with its corporate seat at Letališka c. 33F, 1000 Ljubljana, Republic of Slovenia, reg. no. 8106452000 (“NAKA GLOBAL”); 2. NAKA CH Sagl, incorporated under the laws of Switzerland, with its corporate seat at Crocicchio di Cortogna 6, 6900 Lugano, Switzerland, reg. no. CHE-327.549.674 (“NAKA CH”); 3. NAKA SLV, S.A. de C.V., incorporated under the laws of El Salvador, with its corporate seat at Calle Cuscatlán, Casa 4312, Colonia Escalón, the municipality of San Salvador, El Salvador, reg. no. 2023108736 (“NAKA SLV”); 4. NAKA EUROPE d.o.o. (NAKA EUROPE Ltd.), incorporated under the laws of the Republic of Slovenia, with its corporate seat at Letališka c. 33F, 1000 Ljubljana, Republic of Slovenia, reg. no. 9244557000 (“NAKA EUROPE”). |
NAKA Group | means a group of legal entities, which are subsidiaries and/or the Affiliates of the parent company, NAKA GLOBAL, either directly or indirectly, including all NAKA Entities. |
NAKA Mobile App(lication)(s) | means a software program developed, owned, and operated by one or more of the NAKA Entities, designed to be downloaded and installed by a User on a device (e.g., a smartphone or tablet) running a compatible operating system (e.g., iOS or Android). This includes all versions, updates, and integrated features of the published NAKA Mobile App. |
NAKA Partner(s) | means any individual or a legal entity with whom the NAKA Entities concluded a service or other type of contract, such as ICT services and cloud service providers, AML/CTF checks service providers, CRM software providers, card processing service providers, etc. |
NAKA Personnel | means individuals acting as NAKA’s employees, Associates and Agents. |
NAKA Primary Websites | means domains www.naka.com, www.ch.naka.com and www.sv.naka.com. |
NAKA Service(s) | means any of the products and services offered by any of the NAKA Entities, including NAKA Pay App and issuing of the Cards. |
NAKA Web Interface(s) | refers to any browser-based graphical user interface, through which the Users access the NAKA Websites and/or interact with the NAKA Services and or the NAKA Entities (i.e., all content, functionalities, and digital tools hosted on the domains owned or operated by the NAKA Entities, public-facing pages, informational content, and digital touchpoints accessible via a web browser, including contact forms and other email correspondence for the purpose of direct marketing). |
NAKA Website(s) | means all websites, microsites and web pages owned, operated, or controlled by the NAKA Entities, regardless of the specific domain or subdomain name used to access them, including the NAKA Primary Websites. |
Personal Data | means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more other factors. |
Regulatory Authority(ies) | refers to the local authorities in charge of monitoring provision of the NAKA Services and personal data processing activities in a particular jurisdiction in which the NAKA Entity is incorporated. |
User(s) | means any individual user of any of the NAKA Web Interface(s). |
2. WHOSE PERSONAL DATA DO WE PROCESS?
This Notice applies to all individuals accessing the NAKA Web Interfaces (i.e., the Users), regardless of the type of the device, device’s operational system and the region they’re located in when accessing the NAKA Web Interface (e.g., website visitors, recipients of marketing communications, etc.).
3. WHO ACTS AS A CONTROLLER OF YOUR PERSONAL DATA?
The controller of your Personal Data in accordance with this Notice is the NAKA Entity, operating and managing the NAKA Web Interface that you’re using (i.e., accessing/visiting/browsing). For the current list of the NAKA Web Interfaces, to which this Notice applies, please see General Terms of Use: Web Interfaces.
The NAKA Entity that may act as a controller in a particular case may be:
NAKA Entity | Contact Information | |
Address | ||
NAKA GLOBAL | Letališka c. 33f, 1000 Ljubljana, Slovenia | dpo@naka.com |
NAKA CH | Crocicchio di Cortogna 6, 6900 Lugano, Switzerland | |
NAKA SLV | Calle Cuscatlan, Casa 4312, Colonia Escalon, the municipality of San Salvador, El Salvador | |
NAKA EUROPE | Letališka c. 33f, 1000 Ljubljana, Slovenia | |
If you’re uncertain as to which of the NAKA Entities is the controller of your Personal Data, we recommend checking General Terms of Use: Web Interfaces.
If you have any questions regarding the processing of your Personal Data, please contact the NAKA Entity, acting as the controller of your Personal Data at the contact information stated in the table above.
The processing of personal data carried out in El Salvador is governed by the Personal Data Protection Law and other applicable regulations issued by the State Cybersecurity Agency (ACE). The company is committed to processing personal data in accordance with the principles of lawfulness, purpose, minimization, security, accuracy, and temporality established under Salvadoran legislation.
4. IN WHAT CASES CAN WE PROCESS YOUR PERSONAL DATA?
We will only collect and use your Personal Data if we have a valid legal ground to do so, according to local data protection laws, and our own internal rules. We do not collect Personal Data in excess of what is absolutely necessary to achieve the purpose for which we are processing your Personal Data.
4.1 Legal Grounds for Personal Data Processing
We will collect and process your Personal Data only when we have a legal ground to do so, which can be one of the following:
(a) Your Consent: When required by law, we will always ask for your permission to process your Personal Data;
(b) Legal Obligation: In certain cases, the locally applicable legislation requires us to process Personal Data of our customers (e.g., for the purpose of adhering to the local AML/CTF Legislation, for adhering to the payments, crypto and digital asset sector related regulations etc.);
(c) Preparing for a Legal Relationship: We will need to use some of your Personal Data to prepare necessary documents, offers, or drafts before you start using a NAKA Service;
(d) Contract Performance: Once we establish a legal relationship with you, we will process your Personal Data in order to successfully implement and perform the obligations from the contract we executed with you;
(e) Our Business (Legitimate) Interests: In certain cases, none of the above legal grounds will exist, but we may still process your Personal Data. In such cases, we’ve established that our need to process your Personal Data is so paramount that it overrides your interests or fundamental rights and freedoms, which require protection of Personal Data. In most cases, this includes processing of Personal Data to allow us to maintain or enhance the NAKA Web Interfaces and/or NAKA Services, e.g., when implementing information system security measures in line with the international standards which bound us, when identifying information technology systems and server issues/incidents.
5. HOW DO WE COLLECT YOUR PERSONAL DATA?
We may obtain your Personal Data from various sources. We will always try to obtain your Personal Data directly from you or your device when you use our Web Interface (e.g., when you visit a NAKA Website or a NAKA Mobile App, subscribe to our newsletter, fill out our contact form, etc.). We may also use other information and data accessible through or provided by third party providers.
When you visit our Web Interface, we may also collect your Personal Data through cookies. You can find all the details on how we use cookies in the separate Addendum: Cookie Policy.
6. WHAT PERSONAL DATA DO WE PROCESS AND WHY?
NAKA processes the following types of Personal Data (the purpose for which we process each type is stated in each category):
6.1 NAKA Primary Websites Visitors
Purpose of Personal Data Processing | To analyze how visitors use the NAKA Primary Websites, by using Google Analytics. We monitor: (i) the countries, from which a visitor is visiting the NAKA Primary Websites; (ii) number and frequency of visits. |
Categories of Data Subjects to which the Personal Data refer to | The Users of the NAKA Primary Websites |
Personal Data Processed | (i) user ID allocated by a cookie; (ii) geo-location of the visitor’s device (IP address); (iii) type of the visitor’s device, browser and OS; (iv) duration of the visit and subpages visited; (v) visitor count and the date of the first/last visit. |
Source of data | The User (or their devices) |
Legal Grounds for Processing | The controller’s business interest |
6.2 ICT and Cyber Security relating to the Web Interfaces
Purpose of Personal Data Processing | To ensure the security of the Web Interfaces and to monitor for any illicit or harmful activity. |
Categories of Data Subjects to which the Personal Data refer to | The User of the NAKA Web Interfaces |
Personal Data Processed | (i) geo-location of the visitor’s device (IP address); (ii) date of the visit; (iii) domains and subdomains visited. |
Source of data | The User (or their devices) |
Legal Grounds for Processing | Controller’s business interest |
6.3 Subscribers to NAKA Newsletter
Purpose of Personal Data Processing | To inform interested individuals about news and updates in the NAKA Group. |
Categories of Data Subjects to which the Personal Data refer to | The Users of the NAKA Web Interfaces, who provided their consent to receive the NAKA Newsletter |
Personal Data Processed | (i) Email address |
Source of data | The User (or their devices) |
Legal Grounds for Processing | Consent |
7. WHO CAN USE YOUR PERSONAL DATA?
7.1 General
Apart from the trusted NAKA Personnel, whose position within the NAKA Group requires them to process your Personal Data (due to the fact that a particular NAKA Entity is operating and/or managing specific tasks within the NAKA Group’s ecosystem), we only share your Personal Data with those NAKA Partners (service providers) who process the data on our behalf and follow our strict instructions, as agreed in our contracts with them. We may also have to share your Personal Data with the authorized Regulatory Authorities.
7.2 Other Entities
We never sell or otherwise trade your Personal Data, nor do we share it with unauthorized persons. Under NAKA’s internal policies, your Personal Data is treated as NAKA’s business secret and is handled as such. The NAKA Personnel processes your Personal Data in accordance with their limited authorizations, contractual obligations and our internal policies. They are legally obliged to protect your Personal Data and respect your rights at all times, under the threat of applicable legal consequences for any breach.
The entities to which we may disclose or which may come in contact with your Personal Data are:
(a) Companies within the NAKA Group: Some of the features of the NAKA Web Interface are operated by the NAKA Entities and other NAKA Group companies, which are not acting as the controller of your Personal Data (e.g., ICT security measures are operated primarily by one company).
(b) The NAKA Partners: To facilitate the use of the NAKA Web Interfaces, NAKA is using capacities of other service providers. This includes services like web hosting, traffic analysis, email providers, cloud service providers, etc. In any of these instances, NAKA concludes adequate contracts governing how and for which purposes the NAKA Partners may process your Personal Data.
Since our business operations are dynamic, it is impossible to publish a list of every single individual or entity who might see your Personal Data in a manner that would be up to date at all times. In addition, some of the information is NAKA’s business secret, which we are not allowed to disclose publicly. However, you may request a full list of the users processing your Personal Data at any time by emailing dpo@naka.com.
7.3 Relationship With Regulatory Authorities
While we will never disclose your Personal Data without being compelled to do so, there will be instances in which we will be required to share your Personal Data with the Regulatory Authorities (e.g., due to a data breach, which we must notify to the data protection authority in charge). We will only do so if (i) we deem this as necessary to comply with the applicable legislation, (ii) if the Regulatory Authorities present a legally enforceable request applicable to the NAKA Entity, which acts as the controller and/or processor of your Personal Data and we (a) deem the request as justified or (b) are forced to comply.
When dealing with the Regulatory Authorities, we will comply with their respective requests in a way that protects your privacy rights to the broadest extent possible considering the local legislation. We will only disclose the information that is absolutely necessary to comply with the Regulatory Authorities’ request or legal requirements.
8. TRANSFERS OF PERSONAL DATA TO OTHER JURISDICTIONS?
The Personal Data we collect and process is mainly stored and processed in the country where the specific NAKA Entity, acting as controller, is based. However, under some circumstances, we have to transfer some of the data outside of these countries for particular processing activities, e.g., when one of our service providers (acting as processors on our behalf) is located in a different jurisdiction.
Whenever we transfer your Personal Data to another jurisdiction, we will ensure that it is protected and transferred in a manner which complies with the local legal requirements for personal data protection. For instance, when we transfer your Personal Data from the EU to a third country, we always ensure that (i) the country to which we transfer your Personal Data was approved by the European Commission, or (ii) the recipient of your Personal Data signed a contract based on “Model Contractual Clauses” approved by the European Commission, obliging them to protect your Personal Data.
By agreeing to this Notice (as stipulated in section 1.1 Your Agreement to this Notice), you also expressly consent to transfers of your Personal Data to other jurisdictions, as described above. For transfers based on cookies we use, please see Addendum: Cookie Policy.
9. HOW WILL YOUR PERSONAL DATA BE PROTECTED?
When we process your Personal Data, we use all the necessary organizational, technical and other suitable procedures and measures to protect it and prevent unauthorized data destruction, modification, loss or any unauthorized processing.
The NAKA Group’s parent company (NAKA GLOBAL) holds several ISO certifications, including ISO 27001: Information Security Management System and ISO 22301: Business Continuity Management Systems. The same high standards from these international certifications and NAKA GLOBAL’s internal rules are applied across all other NAKA Entities. This ensures that the same robust level of personal data protection and security is used throughout the entire NAKA Group.
Specifically, these measures include:
(a) Defining internal data protection rules, which oblige all NAKA Personnel;
(b) Providing regular training to all NAKA Personnel on how to process Personal Data safely and in compliance with internal rules;
(c) Implementing other standard measures (like a clean desk policy, regular password changes, and using 2-step verification wherever possible);
(d) Implementing internal controls for all processing activities;
(e) Regularly monitoring our IT and other assets;
(f) Conducting regular internal and external reviews.
We also implement other measures, such as:
(a) Minimalizing the Personal Data we collect;
(b) Using pseudonymization (hiding direct identifiers) where possible;
(c) Ensuring transparency;
(d) Continuously upgrading our safety measures.
The NAKA Group regularly invests in various safety features for both our physical premises (like regular checks for alarms) and our IT systems (like state-of-the-art monitoring software), to ensure we maintain a strong and wide scope of security measures.
10. HOW LONG DO WE KEEP YOUR PERSONAL DATA?
The period of keeping your Personal Data depends on the basis and individual purpose of personal data processing (i.e., why and for what purpose we collected your Personal Data ). We only keep your Personal Data for as long as this is (i) legally required (e.g., due to the AML/CTF Legislation), (ii) necessary to achieve the purpose for which the Personal Data has been collected or processed and/or (iii) necessary to initiate/implement/finalize any legal proceedings in relation to you, in the scope needed to implement the legal proceedings (e.g., for evidence or defense purposes in case of a possibility of legal claims).
Once the original purpose is achieved or any legal proceedings are finished, we will only keep the data that we are legally obliged to keep (if any). The rest of the Personal Data will be erased (to the extent this is technically possible) or blocked and/or anonymized for use, unless otherwise is legally required for certain types of data (e.g., where a permanent record is legally required).
As a general rule, most of the Personal Data is kept for a period of five years from when it is collected, with several exceptions:
(a) If you revoke consent: The processing of Personal Data based on your consent will cease after you revoke your consent and there is no other legally recognized reason for us to continue to process it (e.g., an ongoing legal claim or proceedings and your Personal Data is necessary to defend/pursue such claim).
(b) The AML/CTF Legislation: Personal Data relating to AML/CTF legislation is as a rule processed for a period of 10 years after the last transaction/termination of the legal relationship.
(c) Legal proceedings: Any data needed to finalize a legal proceeding will be kept until the proceedings are concluded with a final effect, even if the general five-year deadline has already passed.
Any Personal Data we process for direct marketing (like sending you offers and newsletters) is kept until you withdraw your consent or, in any case, for a maximum period of five years from the date we obtained your consent. After that time, we will ask for your permission again if we still want to send you marketing communications.
11. EXERCISING YOUR RIGHTS
You can always request to exercise the following rights relating to your Personal Data:
(a) Right to Withdraw the Consent: If we’re relying on your consent as the legal ground for processing your Personal Data, you may withdraw your consent at any time. However, please take into account that the withdrawal of your consent does not affect the lawfulness of the processing that took place based on your consent for the period prior to the withdrawal.
(b) Right to File a Complaint with a Supervisory Authority: You have a right to always file a complaint with the Regulatory Authority monitoring the data protection requirements in the jurisdiction of the controller’s incorporation. While you are not legally required to, we would appreciate it if you would inform us before filing any claim, as we may be able to resolve the matter to mutual satisfaction on our own. In addition, we would appreciate it if you would inform us of the lodged claim so we can properly review and respond to the matter.
NAKA Entity | Regulatory Authority |
NAKA CH | Federal Data Protection and Information Commissioner (FDPIC) Feldeggweg 1 Switzerland - 3003 Berne T: 058 462 43 95 W: www.edoeb.admin.ch www.edoeb.admin.ch/de/kontakt |
NAKA SLV | Agencia de Ciberseguridad del Estado T: (503) 7530-6114 E: contacto@ace.gob.sv W: www.agenciadeciberseguridad.gob.sv |
NAKA GLOBAL NAKA EUROPE | Informacijski pooblaščenec (Information Commissioner) Dunajska cesta 22 1000 Ljubljana, Slovenia T: +386 1 230 97 30 E: gp.ip@ip-rs.si W: www.ip-rs.si |
Information about the Regulatory Authority in charge or individual controllers within the NAKA Group: (c) Right to Access: You can always contact us to confirm if we are processing any of your Personal Data, and if so, to provide you a copy of the Personal Data undergoing processing. You may also request information on: (i) the purpose for processing and the source of Personal Data, if you haven’t provided them to us, (ii) the categories of Personal Data we process, (iii) the users/recipients or categories of users/recipient to whom the Personal Data have been or will be shared, in particular users/recipients in third countries or international organisations, (iv) the planned duration of storage, or, if not possible, the criteria used to determine that period, (v) your rights in relation to the processing (especially the rights from this section), (vi) the right to file a complaint with a supervisory authority, (vii) the existence of automated decision-making, including profiling and (vii) whether the Personal Data are transferred outside of the controller’s jurisdiction and what safeguards will be employed during the transfer.
(d) Right to Correction or Rectification: You may also request that we - without undue delay - rectify any of your Personal Data that is inaccurate and/or incomplete.
(e) Right to Erasure: You have a right to request that we erase your Personal Data without undue delay, in particular if your Personal Data are no longer necessary to achieve the purposes for we were processing them, if you have withdrawn your consent and there is no other legal ground for the processing or if we’ve been processing your Personal Data unlawfully. You may request us to erase your Personal Data also if we have no overriding legitimate grounds for the processing, or you object to the processing for the purposes of direct marketing. We will erase your Personal Data also if we have to comply with a legal obligation to which we’re subject. In general, we do not transact with individuals, who are considered children, but if this nevertheless happens, we will fully adhere to any requests to erase the data of children for which no other legal ground for the processing exists.
(f) Right to Restriction of Processing: In certain cases, you may also request that we restrict processing of your Personal Data. This may happen when: (i) you are challenging the accuracy of your Personal Data; (ii) the processing is unlawful, but you do not wish us to erase your Personal Data, just not to process them; (iii) we no longer need your Personal Data for the purposes of processing, but you need them for the establishment, exercise or defence of legal claims; (iv) you have objected to processing and we’re still verifying if our legitimate interests override yours.
(g) Right to Object: In particular situations you may object to processing of your Personal Data if the legal grounds for the processing stem from our legitimate interests (including profiling). To continue to process your Personal Data, we will have to demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or that we need them for initiation, exercise or defence of legal claims. You may also object to processing of your Personal Data for direct marketing purposes, such as sending offers and newsletters (including profiling to the extent that it is related to such direct marketing).
(h) Right to Data Portability: Under certain circumstances, you also have a right to data portability, as defined under the applicable legislation. The enforcement of this right depends on the technical capacities and internal policies of individual controllers. For further information about this right and whether it applies to your situation, you may contact us at dpo@naka.com.
We will try to fulfill your requests within 20 business days after receiving them. If the request is complex and we have a justified reason, we might need up to an additional 20 business days.
If your request affects how you use the NAKA Web Interface or the NAKA Services, we will let you know.
Please note that you are responsible for making sure the personal information you give us is accurate and up-to-date, unless our internal policies state otherwise.
If there is a data breach that affects your Personal Data, we will notify you as required by the law.
12. AUTOMATED DECISION-MAKING ACTIVITIES
Our processing of your Personal Data on the NAKA Web Interfaces does not involve automated decision-making.
13. DO YOU NEED TO KNOW ANYTHING ELSE?
We recommend you also read the general terms of use for the NAKA Web Interface you are using, as those terms, along with this Notice, form a binding agreement between you and NAKA.
If you have any questions or want to clarify anything in this Notice or about how we process your Personal Data, please contact us at dpo@naka.com or use the other contact details listed above.
NAKA Team
Addendum: Cookie Policy
1. BASICS
This Cookie Policy (“Cookie Policy”) is in addition to the Personal Data Protection Notice Web Interface and together with it represents a comprehensive framework for Personal Data processing in the NAKA Group. Any capitalized terms not defined in this Cookies Policy, have the same meaning as defined in this Notice.
The Cookie Policy refers specifically to processing of information and your Personal Data obtained through cookies and other similar technologies used on the NAKA Websites, in the NAKA Mobile Apps or other Web Interfaces used by the NAKA Group, including the emails sent by us. While not all information we obtain through cookies can be categorized as the Personal Data when observed individually and in isolation, in connection with other data we collect, they may be categorized as the Personal Data under certain legislations (e.g., GDPR).
2. WHO IS THE CONTROLLER OF PERSONAL DATA OBTAINED THROUGH COOKIES?
The controller of your Personal Data obtained through cookies in line with this Cookie Policy is the NAKA Entity, which operates the specific NAKA Web Interface that you’re accessing with your device. For further details please see the Notice, section 3. “WHO ACTS AS A CONTROLLER OF YOUR PERSONAL DATA?” above.
3. WHAT ARE COOKIES AND WHAT IS THEIR PURPOSE?
Cookies are small text files that are downloaded to your device when you visit a website or other web interface (e.g., a mobile app). Usually they contain the name of the server from which the cookie was sent, the cookie’s expiration time and a randomly generated unique number, which serves as a cookie value.
A cookie itself does not contain or collect information. However, when a server reads the cookie together with your web browser, it helps the website provide a better, more user-friendly service, e.g., to remember your username and password for your next visit. Cookies are not harmful for the device and are always set to expire after a certain amount of time.
The main purpose of cookies is to make the website work better and to improve your experience while viewing it. Cookies make the interaction between you and a website faster and easier, saving you time and making your visit more efficient.
In general, there are two types of cookies: (i) essential and (ii) non-essential cookies:
(a) Essential cookies are required for a basic web service (e.g., just browsing a website) to function properly. You cannot opt out of these, as the website won't work without them.
(b) Non-essential cookies are not necessary for the provision of a particular web service (e.g., browsing a website), but merely serve to enhance your user experience or help the website operator gain insight into the functionalities of the service it offers through the website. You can choose not to allow these to be saved on your device.
Cookies can also be categorized as (i) internal (“first party”): set and used directly by us, or (ii) external (“third party”): set and used by third parties, such as service providers like Google Inc.
4. WHICH COOKIES DO WE USE?
NAKA uses both essential and non-essential cookies. Non-essential cookies include: (i) analytics cookies and (ii) marketing cookies.
We use cookies to determine how you navigate the NAKA Websites, what content you are interested in, and how long your visits last. This information allows us to tailor the content of the NAKA Websites to better suit your needs.
The data collected through cookies is used exclusively for statistical purposes and for collecting demographic data and visitor interests (but in a way that cannot reveal your identity), identifying server problems and for editing the NAKA Website.
Some cookies we use are temporary (also known as session cookies), meaning they are deleted when you close your browser. Other cookies are saved on your device for a certain time even after you have left our Website (the persistent cookies). We use temporary cookies to measure the number of visitors and check our content's effectiveness. Persistent cookies allow us to save your contact information for subsequent visits so our Website content adjusts to your device. We also use saved cookies originating from other sites like Google, Facebook, X, etc.
4.1 Essential Cookies
Essential cookies are necessary to enable the basic NAKA Website functionality and are always active.
Essential Cookies | Uses | Type | Expiration |
cookie_consent | Used by the website to remember the user's cookie consent preference and ensure compliance with privacy laws. | Internal | 180 days |
4.2 Non-Essential Cookies
Privacy is important to us, so you have the choice to disable all or some of the non-essential cookies—those that are not strictly necessary for the basic functioning of the NAKA Website you’re visiting.
You can choose not to allow any of the below non-essential cookie categories to be stored on your device (you can make this choice in the cookie banner by clicking the “Cookies preferences” button). Please remember that if you opt out, some features that depend on these cookies (or the information they convey) may not work.
Please also note that once external cookies are downloaded to your device, we are not able to control them. To delete them, you need to manage your browser settings yourself.
Analytics and marketing cookies help NAKA understand how its website performs, how visitors interact with the site, and whether there may be technical issues.
Analytics and Marketing Cookies | Uses | Type | Expiration |
_ga | Google Analytics assigns a randomly generated ID to distinguish between different users and analyze website traffic (calculate visitors, sessions, and campaign data). | External | 400 days |
_ga_ID | Stores session and campaign data for Google Analytics to measure performance | External | 400 days |
__hstc | The main cookie for tracking visitors. It contains the domain, user token (utk), and timestamps of previous visits. Tracks visitor behavior across sessions to understand how users interact with the website and improve performance. | Internal | 180 days |
hubspotutk | Keeps track of a visitor's identity. This is used to link website behavior to a specific contact record in the CRM. | Internal | 180 days |
visitor_id | Used to monitor unique visitor behavior and interactions across the site to improve user experience. | Internal | 270 days |
_hjSessionUser_4944793 | Identifies a unique user for behavior tracking (e.g., heatmaps - where users click, session recordings - how users move their mouse). | Internal | 365 days |
5. GOOGLE ANALYTICS
We also use the Google Analytics web service by Google Inc. (“Google”). Google Analytics is a web analysis service providing information on your behaviour on our Website, which helps us to create a better user experience for you. Data related to your use of our Website (e.g., your IP address, browser type, language settings, operating system, etc.) collected by Google will be transferred to Google’s server in the United States of America, where this data will be stored and analysed. The relevant data in anonymized form will then be sent to us. Google guarantees adequate data protection standards because it complies with the "Model Contractual Clauses" approved by the European Commission, which legally require them to protect your personal information.
You may withdraw your consent to the use of web analysis at any time by downloading Google Analytics Opt-out Browser Add-on. You can find more information about the service in the Google Analytics terms and conditions, its security and privacy principles, and Google's general privacy policy.
6. CONTACT
If you have any questions or comments in connection with the cookies, you can reach us at dpo@naka.com.