Privacy Policy

Privacy for the website, Arin ERP, Arin ONE and Mikeš AI.

You are in the right place if you want to understand how Arin Services handles personal data when operating its company website, the Arin ERP system, the Arin ONE mobile application and the Mikeš AI chat. We take privacy and data security seriously.

Last updated: May 2026
Mikeš AI at a laptop with a privacy and data security visual

Who We Are

Arin Services, s. r. o. is the operator of the website and services covered here.

For the company website and service-related communication, the data controller is Arin Services, s. r. o., Poděbradská 520/24, Vysočany, 190 00 Prague 9, Czech Republic, Company ID 18233082.

Within Arin ERP and Arin ONE, we typically process business, accounting and operational data on behalf of our client organizations. In that setup, the relevant client organization is usually the controller of data stored in its own workspace, while Arin Services acts as the processor operating the service and infrastructure.

Services Covered

This policy applies to four specific areas.

  • The Arin Services website, including the contact form and basic technical logs.
  • Arin ERP, a B2B ERP and accounting workflow system primarily used for accounting and company documents.
  • Arin ONE, a mobile companion app for Arin ERP used for secure access, capturing receipts and uploading documents into the ERP environment.
  • Mikeš AI, an AI chat integrated into Arin ERP for natural-language assistance, navigation and authorized actions over ERP data.

These services are not a public social network or a consumer platform. They are intended for authorized users within client organizations.

Data We Process

We process only the data required to operate the services, secure access and handle documents.

  • user and organization identifiers, roles, account assignments and basic operational metadata
  • device and app instance identifiers needed for security, access control and synchronization
  • photos of accounting documents, uploaded files, business documents and related metadata
  • for Mikeš AI, also chat message content, conversation history, AI interaction metadata, tool parameters and results, and aggregate technical usage data such as token consumption
  • technical logs, audit records, sign-in information and error diagnostics to the extent needed for secure service operation
  • contact details submitted through the website form, such as name, company, e-mail, phone number and message content

If diagnostic logging is enabled for Mikeš AI troubleshooting, limited technical previews of prompts, replies and usage metrics may also be recorded for operational diagnostics.

The company website does not use advertising trackers or marketing cookies. Only essential technical or session mechanisms may be used to keep the website functional and protect the contact form.

How Data Are Used

We use data to provide the service, manage accounts and keep the system secure.

  • to provision and manage user accounts within a client organization
  • to support secure invite-only onboarding into Arin ONE via QR invitation generated in Arin ERP
  • to enable document upload, processing and synchronization between the web and mobile environments
  • to answer questions in Mikeš AI, preserve the relevant conversation context, generate related follow-up suggestions and execute authorized ERP tools on the server side based on the user's role
  • to operate, secure, monitor and troubleshoot the platform and provide support
  • to handle enquiries submitted through the company website
  • to comply with contractual, accounting, tax and legal obligations where applicable

We do not use third-party social identities. User accounts are not self-created; they are created and managed by the client organization or its administrator in Arin ERP.

Data Security

Security is addressed through technical and organizational measures.

  • all communication between the website, Arin ERP, Arin ONE and backend services is protected via HTTPS/TLS
  • data are stored and processed on infrastructure operated by Arin Services in the Czech Republic and/or the European Union
  • data access is limited based on roles and permissions configured by the client organization
  • for Mikeš AI, access to available functions and backend tools is enforced server-side according to the user's role in Arin ERP
  • operational logs and audit trails are used to detect incidents and protect the service
  • biometric unlock in Arin ONE is used only as local device protection; Arin Services does not collect biometric templates and they never leave the user's device
  • regular backups are replicated across multiple geographically separated locations in the Czech Republic

Third-Party Sharing

We do not sell data or share them for advertising or marketing purposes.

We do not sell, rent or disclose personal data to third parties for advertising or marketing. Data may be accessible only to:

  • authorized users and administrators of the relevant client organization
  • Arin Services personnel to the extent necessary for operating, supporting, securing and maintaining the service
  • public authorities where required by law or binding legal order
  • a technical anti-abuse provider used on the website contact form where necessary to protect the site from spam and misuse

If the website uses Cloudflare Turnstile, technical data required to distinguish legitimate traffic from automated abuse may be processed when the contact form is submitted.

If Mikeš AI is enabled, relevant chat inputs, limited conversation context, tool parameters and results, and necessary parts of ERP context may be processed by Azure OpenAI within Microsoft Foundry solely for generating responses, operating the AI chat and handling authorized Mikeš functions.

Certain technical processes, such as document analysis, OCR, infrastructure security or backup services, may rely on carefully selected third-party providers. Such services are used solely to ensure the functionality of Arin ERP, Arin ONE and/or Mikeš AI and are not used for advertising or marketing purposes.

User Accounts

Accounts are controlled by the organization, not by end users themselves.

  • users do not create their own accounts in Arin ERP or Arin ONE
  • access to Arin ONE is invite-only and tied to a QR onboarding invitation generated in the ERP system
  • accounts, roles and permissions are managed by the organization or its administrator in Arin ERP
  • Mikeš AI is available only to authorized Arin ERP users, and its functions depend on the permissions and role of the specific user
  • if you use the service through your employer or client organization, that organization is usually your primary contact for account management

Data Retention

Retention periods depend on the purpose, contract and legal obligations.

  • website enquiry data are kept for the time necessary to respond and maintain related business records
  • operational and security logs are retained for a limited period needed for service protection, troubleshooting and audit
  • documents and data stored in Arin ERP and Arin ONE are retained during the service term, according to the client organization's instructions and applicable accounting, tax or archiving requirements
  • Mikeš AI conversation history may be retained within Arin ERP for service continuity, audit and troubleshooting purposes; inactive conversations may be archived
  • if Mikeš AI diagnostic logging is enabled, technical logs and usage records are retained only for a period reasonably necessary for debugging, security and operational control

After the contractual relationship ends, data are deleted, returned or retained only where required by law, contractual commitments or legitimate security needs.

User Rights

Data subjects have rights under the GDPR.

Depending on the specific controller role and the nature of the processing, you may have the right to access, rectify, erase, restrict, object to processing or request portability of your personal data.

If your data are processed by your organization in Arin ERP or Arin ONE, we recommend contacting that organization first as the controller of that data. For the Arin Services website or for operational and security data controlled directly by us, you may contact Arin Services directly.

You also have the right to lodge a complaint with the competent supervisory authority, including the Czech Data Protection Authority, if you believe the processing is not compliant with applicable law.

Contact Information

Contact us if you have privacy-related questions.

  • Company: Arin Services, s. r. o.
  • Address: Poděbradská 520/24, Vysočany, 190 00 Prague 9, Czech Republic
  • Company ID: 18233082
  • Contact e-mail: info@arinservices.cz