Privacy Policy

Protection of personal data

Our company is aware of its responsibility in handling the personal data of our customers, potential subscribers, visitors to our website and all individuals who disclose their personal data when contacting us (hereinafter: users). We guarantee and undertake to use users' personal data exclusively for the purposes stated in this document (Privacy and Personal Data Protection Policy).

In this Privacy and Personal Data Protection Policy (hereinafter: the Policy), we define the methods of collecting users' personal data, the purposes for which we collect it, the security measures we use to protect it, the people with whom we share it, and your rights in relation to protection personal data. The protection and handling of users' personal data is fully coordinated with the provisions of the General Regulation on the Protection of Personal Data (Regulation (EU) 2016/679, hereinafter: GDPR) and other legal regulations governing the field of personal data protection. Our activities comply with European legislation and the conventions of the Council of Europe (ETS No. 108, ETS No. 181, ETS No. 185, ETS No. 189) and with the legislation of the Republic of Slovenia (Act on the Protection of Personal Data (ZVOP-1, Ur. Year of the Republic of Slovenia, No. 94/07) and the Act on Electronic Transactions on the Market (ZEPT, Year of the Republic of the Republic of Slovenia, No. 96/09 and 19/15)).

1. Personal data

Personal data is any data on the characteristics, state, behavior or relationship that refers to a specific or identifiable natural person, i.e. an individual, depending on the form in which it is expressed. An identifiable natural person is one who can be directly or indirectly identified with the help of his identification numbers (e.g. EMŠO, tax number, health insurance number, telephone number, vehicle registration number), or by referring to factors that are characteristic of its physical, physiological, mental, economic, cultural or social identity (e.g. employment, title, function, position or status in a certain entity, etc.).

The website owner collects the following personal data in accordance with the purposes defined below in this privacy policy:

material data about the user (name and surname, address), contact data and data about the user's communication with the website owner (e-mail address, telephone number, date, time and content of postal or e-mail communication), data about the user's use of the website location of the website owner (dates and times of website visits, pages visited or URL), other data that the user voluntarily provides to the website owner when requesting certain services that require this data.

2. Processing purposes and basis for data processing

The processing of personal data means any operation or series of operations in relation to personal data that are processed automatically, or that are part of the collection of personal data during manual processing or are intended to be included in the collection of personal data, in particular collection, acquisition, entry, editing, storage, adapting or modifying, retrieving, viewing, using, disclosing by transmission, communicating, disseminating or otherwise making available, classifying or linking, blocking, anonymizing, deleting or destroying; processing can be manual or automated.

The website owner collects and processes users' personal data on the following legal bases:

consent (consent) of the individual, legal and contractual basis, legal interest.

The owner of the website does not collect or process personal data of users, except when the user allows it or you agree to:

when you subscribe to receive e-news, when you provide us with your data by e-mail, when you hand over your data to us in the form of business cards, when there is a legal basis for the collection of personal data or the owner of the website has a legitimate interest in the processing.

The time period during which the owner of the website keeps the collected data is more precisely defined in the chapter Storage of personal data.

2.1. Processing of personal data based on consent

In our company, we collect and process personal data of users for the following purposes:

• sending e-news,

• informing about its services, offers and business opportunities and

• invitations to events.

2.2. Processing based on laws and contractual agreements

In the event that the provision of personal data is a contractual obligation, an obligation necessary for the conclusion and implementation of a contract with the provider, or a legal obligation, we will have to ask you to provide your personal data; if you do not provide personal data, you will not be able to conclude a contract with the provider, nor will the provider be able to provide you with services or deliver products under the contract.

3. Personal data manager and authorized person for personal data protection

Our company is also a controller of personal data. We process data in accordance with the General Regulation on the Protection of Personal Data.

The authorized person for the protection of personal data in our company can be reached via the umbrella email address.

4. Transmission of personal data to third parties or to third countries

Our company does not forward the collected personal data of users to third parties or to third countries.

5. Storage of personal data

We keep the personal data that you entrusted to us with your personal and explicit consent when registering, signing up for e-newsletters, downloading e-publications or submitting an inquiry until you cancel it.

You can revoke your consent to the collection and processing of personal data at any time. Withdrawal of consent does not affect the lawfulness of data collection and processing prior to withdrawal. We store all other personal data within the framework of contractual cooperation in accordance with applicable legislation.

We take care of the protection of personal data in many ways. We store personal data in digital form, our computer systems are protected by technical and organizational measures that prevent accidental or illegal destruction, loss, alteration and unauthorized disclosure or access to your personal data.

We store the data we collect on secure servers until you cancel, but not longer than the maximum retention period. Business premises, equipment and system software, including input-output units, are also adequately protected.

6. Period of retention of personal data

The personal data of an individual, which is obtained on the basis of consent, can be processed and stored as long as there is a purpose or until the consent given by the individual is revoked.

The personal data of an individual processed on the basis of a contract may be processed and stored for another 5 years from the fulfillment of the contractual obligations of both parties.

In accordance with the law governing the area of value added tax, we keep invoices for 10 years after the end of the year to which the invoice refers.

We can process an individual's personal data for our own needs until the consent is revoked by requesting the removal of personal data from the database, otherwise only for as long as is necessary to achieve the purpose for which the data was collected, i.e. 10 years for registered users and 5 years from the fulfillment of the contractual obligations of both parties or for all other users and until the subscriber unsubscribes from the e-newsletter or until the operator ceases its activity on the market.

During the management of personal data, the individual has the opportunity to view and update data in the database upon request. In accordance with the Value Added Tax Act, the company keeps invoices for 10 years after the year of issue of the invoice.

7. Individual rights

In accordance with the applicable legislation, the individual has the right to revoke the given consent at any time, to request inspection, correction, restriction of processing or deletion of personal data.

You can revoke your consent to the processing of personal data at any time. For this purpose, you can send us your request at any time to our email address or by regular mail to the company headquarters.

Individuals can also submit a complaint regarding the processing of their personal data to our address.

An individual can also submit a complaint regarding the processing of his personal data directly to the competent supervisory authority, i.e. To the Information Commissioner of the Republic of Slovenia.

7. Behavior in case of violations

In case of personal data protection violations, our company will immediately implement all internal and external measures (technical, organizational) to protect the rights and interests of the individual. Each of those affected will be notified of possible violations, as well as the competent supervisory authority in the Republic of Slovenia.