These Rules determine the procedures and measures for the protection of personal data kept in personal data files managed by KOPITARNA SEVNICA d.d. ('the company').
This policy sets out measures to ensure the collection, processing, storage, transmission and use of personal data obtained from the online store.
In matters not regulated by these Rules, the provisions of the Personal Data Protection Act and the General Regulation on Personal Data Protection shall apply directly.
Registration and other account information
When you register to use our services, we collect the following information about you:
- if you register on our website: name, surname and e-mail address, and telephone, region and country if you provide us with this information
- Information about your orders, including items, payment method and bank account number.
- data on web habits, obtain data on items and services, links you click on, data on devices from which you access the web, such as IP address and associated location, device ID, its technical parameters, such as operating system , version, screen resolution, selected browser and version thereof, and data obtained from cookies and similar device identification technologies;
PURPOSE OF COLLECTING AND PROCESSING YOUR DATA
We collect and process personal data in accordance with the purpose for which you provided it to us.
This is for the purpose of informing on e-news. We will not use personal data for any other purpose, and we collect and process your personal data on the following legal grounds:
- law and contractual relations,
the consent of the individual, and
- legitimate interest.
Legal basis for collection and processing of personal data
Basis on which we collect your personal data:
- Your explicit consent - from time to time we may ask you for consent to use your personal data for one or more purposes.
- when necessary for our legitimate business interests - the use of your personal data helps us to manage and improve our business. We also use our personal information to make our communication with you more relevant and tailored to you, and to make your experience with our services and products effective and successful.
Storage of personal data
We keep the personal data you provided to us when registering for the e-newsletter, by participating in the prize draw or by submitting an inquiry, until revoked. You can revoke your consent to the collection and processing of personal data at any time.
Withdrawal of consent does not affect the lawfulness of the collection and processing of data prior to the withdrawal of consent. All other personal data within the framework of contractual cooperation is stored in accordance with applicable law. Personal data is stored in computer form.
Our computer systems are protected by technical and organizational measures that prevent accidental or unlawful destruction, loss, alteration, and unauthorized disclosure or access to your personal information.
We store the data we collect on secure servers and store it for as long as is necessary to fulfill the purpose of its collection or until your cancellation.
In order to comply with certain laws, we process your data in accordance with the laws:
• Code of Obligations (OZ),
• Consumer Protection Act (ZVPot),
• Value Added Tax Act (ZDDV-1),
• Tax Certification of Invoices Act (ZDavPR),
• Law on Accounting (ZR),
• Electronic Communications Act (ZEKom),
• Law on the Prevention of Money Laundering and Terrorist Financing (ZPPDFT-1).
For this purpose, we keep your data (contact details and order details) for up to and including 10 years.
Transmission of personal data
We will not pass on personal data to third parties and will not disclose them publicly, except to selected contractual partners, who are also bound by the General Regulation on Personal Data Protection.
We will not pass on personal data to third countries that are not members of the European Union or the European Economic Area.
As an individual, you are aware of and agree that the provider may entrust individual tasks related to your data to other persons (contractual processors).
Contractual processors may process confidential data exclusively on behalf of the provider, within the limits of the provider's authorization:
- accounting services and law firms and other providers of legal advice;
- data processing and analytics providers;
- IT system maintainers;
- Email providers
- payment system providers such as PayPal and others;
- Providers of customer relationship management systems (eg Microsoft);
- providers of online advertising solutions (eg Google, Facebook).
In accordance with the General Regulation on Personal Data Protection, you have the right to access data, the right to rectify data, the right to restrict processing, the right to delete data and the right to transfer data relating to you.
You may exercise any right under the General Data Protection Regulation at any time in writing. Please provide your name, surname and e-mail address.
You can send the request to the e-mail address firstname.lastname@example.org or by post to:
Kopitarna Sevnica d.d.
Prvomajska ulica 8
Publication of amendments to the rules