PROVIDER’S STATEMENT ON THE PROTECTION OF PERSONAL DATA
Rokmar, manufacture of machines and preparations for ice cream and confectionery d.o.o.
Gojače 81, 5262 Črniče
registered number: 1917196000
tax number: SI 42730147
e-mail address: email@example.com
phone: +386 5 335 24 00
A user is any legal or natural person who uses or visits the website (hereinafter: user).
The administrator and processor of personal data is the Provider.
The provider will process and manage your personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals in the processing of personal data and on the free flow of such data and on the repeal of the Directive 95/46/EC (General Data Protection Regulation) (hereinafter: General Data Protection Regulation) and in accordance with the Personal Data Protection Act (Official Gazette of the RS , No. 94/07 hereinafter: ZVOP-1).
Personal data is all data relating to a specific natural person or individual, regardless of the form in which it is expressed. It is data that can be used to identify you.
TYPES OF PERSONAL DATA COLLECTED BY THE PROVIDER
The provider collects the following types of personal data:
- e-mail address,
- nickname or first and last name,
- telephone number,
- online identifiers such as “COOKIES” and IP address .
BASES ON WHICH THE PROVIDER PROCESSES PERSONAL DATA
In accordance with Article 6 of the General Data Protection Regulation and Article 10 of ZVOP-1, the provider has the right to process personal data in cases where – and to the extent – at least one of the following conditions is met:
- the user to whom the personal data relates has consented to the processing of his personal data for one or more specific purposes;
- the processing is necessary for the execution of the order placed by the user on whose personal data refer to or at the request of the user to take the necessary steps before concluding the contract;
- processing is necessary for legal obligations that apply to the Provider; or
- the processing is necessary due to the legitimate interests pursued by the Provider or a third party, except when such interests are overridden by the interests or fundamental rights and freedoms of the user to whom the personal data relate, which require the protection of personal data , especially when the user to whom the personal data relates is a child.
At least one of the above-mentioned reasons in points a) to d) must be fulfilled in order for the Provider to process personal data.
PURPOSE OF THE PROVIDER FOR THE PROCESSING OF PERSONAL DATA
The provider processes personal data of users:
- to maintain commercial relations with users, issue invoices, ship products and perform contractual services and for the purposes of contract performance (effective performance of the contract);
- for sending advertising messages, if the customer gives consent for this purpose (marketing);
- for direct marketing purposes, if the customer for this the purpose gives consent (direct marketing);
- to meet the requirements of tax legislation (management of tax and accounting accounts ).
More specifically, the Provider collects, processes and stores user data primarily for the following purposes:
- identification of user profiles,
- identification of authors, contributions and comments,
- conclusion of contracts / agreements on the transfer of material copyrights from the authors of contributions to the publisher (Provider),
- communication between website users and between the publisher and website users,
- informing individuals about current news and events,
- advertising our business partners.
IMPLEMENTATION OF THE AGREEMENT
The provider collects any personal data during the user’s registration process on the website, where the provision of data is a contractual obligation, and the data is processed for the purpose of order processing: completion and confirmation of the order, preparation of the product, delivery of the product, settlement of complaints and others, with purchase-related communication. If the user does not provide the data, the Provider cannot fulfill the obligations arising from the order.
If the user makes a purchase without logging into his user account, the Provider processes only those data that are absolutely necessary for the execution of his order (purchase contract concluded): name, surname, address of permanent residence for delivery, information about the ordered product, payment information and telephone number and e-mail address, for the purpose of informing about the receipt and processing of the order. Without the data, the Provider cannot execute the order. The Provider does not process this data for any other purpose, except for the case of the user’s potential complaint, but the Provider is obliged to keep it for another 10 years after issuing the invoice for the ordered product based on tax regulations.
If the user makes the purchase as a registered user of the online store www.catering.javornik.com or website, the Provider also stores the user’s order data within the user profile and, until the user’s cancellation, the Provider uses it for the purposes listed below on the legal grounds listed below (Data of registered users).
Data of registered users:
By registering on the website, the user concludes a contract with the Provider on the provision of services to registered users. This gives you the right to use your user profile, where the following data is stored:
- data provided by the user upon registration or later when filling out the profile;
- if the user registers using his Facebook or Google+ account, data, data provided to the user by Facebook is stored or Google (only e-mail address and username), and data provided by the user himself;
- data on purchases made by the user as a registered user.
Data from your profile is used by the Provider for the following purposes:
- for automatic filling in of customer information (the user does not need to fill in the delivery address information every time – he can also save several addresses and when placing the order, he just chooses the one to which he wants to receive the ordered product – he can add a new address at any time, change or delete the old one);
- so that the Provider can show the user the history of his purchases, which makes it easier for him to order products that he repeatedly orders;
- so that the Provider can prepare very special offers , benefits and campaigns offered by e-mail or to home addresses only to registered users with similar purchasing habits (if the Provider specifically allows this during registration or later by the user; permission can also be easily revoked at any time in the user profile);
- that the Provider can carry out internal research and analysis that enable the Provider to provide the highest quality and most favorable offer on the website for all customers.
LEGITIMATE INTERESTS OF THE PROVIDER
Some personal data may be processed by the Provider on the basis of the legitimate interest of the company, when its interests prevail over the fundamental rights and freedoms of the user, such as e.g. with the aim of preventing fraud and potential crimes.
Subscribing to electronically delivered news:
The user can subscribe to receive e-notifications at any time by anyone by:
- in the registration form on the website, enter your e-mail address;
- when registering your user profile, check the box “Sign up for e-news”.
To e-newsletter subscribers, the Provider will send news, notifications about new products, any specifics related to business and current campaigns and special offers to their e-mail address.
The provider will process the user’s personal data for the purpose of sending the e-newsletter until canceled by the user.
The user can unsubscribe from receiving e-news at any time in the manner described in each e-news, or by sending an e-mail to or written unsubscribe to the e-mail address of the Provider or to the postal address of the Provider, registered users also in your user profile.
The provider properly stores and protects personal data in electronic form, namely at the company headquarters.
Data that is processed for the fulfillment of contractual obligations is kept until the fulfillment of all obligations arising from the contractual relationship, or until the expiration of the statute of limitations for an individual claim. In accordance with the Code of Obligations (Official Gazette of the RS No. 97/07 et seq., hereinafter:OZ), the general limitation period for contractual obligations is 5 years. p>
Due to the requirements of tax legislation, invoices and related personal data are kept for 10 years after the end of the year in which the individual invoice was issued.
Personal data processed on the basis of the user’s consent is managed by more food until its cancellation. The user can submit a written request to cancel the use and processing of his personal data at any time, to the Provider’s e-mail address.
After the purpose of personal data processing is fulfilled or the limitation period expires, personal data is destroyed, deleted, blocked or anonymized.
SAFETY MEASURES FOR THE PROTECTION AND DISCLOSURE OF PERSONAL DATA
The provider guarantees all users the protection of personal data that they enter during registration, in accordance with the General Data Protection Regulation and the valid ZVOP-1. It has adopted appropriate technical and organizational security measures to ensure the integrity of information and data confidentiality in accordance with the obligations set out in the General Data Protection Regulation and ZVOP-1.
The security measures adopted include the determination and identification of persons who are granted access to data and IT systems, the recording of data in a security document, the notification of persons who have access to the data about the obligation of non-disclosure, the implementation of security measures to limit access to unauthorized persons and preventing unauthorized intrusions, storing the website and its data on servers in Slovenia, keeping records of incidents and using a system for obtaining backup copies and restoring information.
Transmission of all personal data is protected by a secure SSL protocol.
However, the provider may disclose personal data if required by law or in good faith that such action is necessary for:
- ensure compliance with legal orders or legal proceedings against the Provider or the website;
- protect and safeguard the rights or property of the Provider or its family of websites;
- take action in emergency circumstances to protect the personal safety of the Provider’s employees or intermediaries, users of the Provider’s products or services, or the public.
The provider strives and undertakes to protect data carefully and in accordance with the law and to act in accordance with the provisions of ZVOP-1 and the General Data Protection Regulation.
By accepting the general conditions and using the website, users agree that the provider cannot fully guarantee the security or privacy of information transmitted via the Internet or e-mail, and that the provider will not be held responsible in any way in connection with the use of any such information from third parties. There is a possibility that other members or users of the service, including unregistered users, may send, link or submit offensive or obscene material to the service or to other users, and that users will be exposed to such material. It is also possible that others may misuse users’ personal information through the use of the Service and may use it to harass or threaten. By accepting the general conditions, users or members agree that the provider is not responsible for the behavior of third parties with the information they send themselves.
TRANSMISSION OF DATA TO THIRD PARTIES
Pondunik will not disclose the user’s personal data to a third party without the express prior consent of the user, except:
- in the event that this is necessary due to compliance with legal obligations that the Provider has (e.g. disclosure of personal data to state authorities upon their reasoned written request in connection with specific procedures),
- to external service providers with whom the Offeror has concluded appropriate data processing contracts (e.g. accounting service, printer, post office), – they process this data exclusively on behalf of the Offeror and for the purposes of performing the service for the Offeror.
Users who have provided their personal data have the following rights:
- right to correction,
- right to erasure (“right to be forgotten”),
- right to restriction of processing,
- right to portability data,
- right to object,
- right to access data.
- Right to correct inaccurate personal data
The User has the right to request the Provider to correct or complete inaccurate or incomplete personal data relating to him.
The provider will notify the user without delay in case of correction or addition of personal data.
- Right to erasure/forgetfulness
The user has the right to request the immediate deletion of personal data processed in connection with the Provider.
In the case of deletion of personal data, the provider will notify the user of the deletion without delay.
If you want us to delete your personal data from the collection of personal data of website users, please notify us at the Provider’s e-mail address.
- The right to limit the processing of personal data
The user has the right to request the provider to limit the processing of his personal data in the event of their inaccuracy, illegality, termination of the purpose of processing or filing of an objection.
- The right to portability of your data
The user has the right to request the Provider to provide him with personal data that is processed in connection with him.
The user has the right to request the Provider to pass on the personal data processed in connection with him to another controller at his request.
- Right to object
In addition to the right to revoke consent, in the case of using personal data of users for the purposes of notification or direct marketing, the user requests in writing at any time the termination of the use of his personal data for this purpose.
In case of objection to processing for marketing purposes, the Provider will immediately stop processing the user’s personal data for marketing and information purposes.
- The right to access personal data relating to you
You have the right to receive confirmation from the provider as to whether personal data is being processed in relation to you, to request access to personal data relating to you and the following information:
- purpose of processing,
- type of personal data processed in relation to you,
- users of your personal data,
- anticipated retention period personal data,
- source of personal data.
The user can exercise his/her rights by making a written or electronic request to the Provider. You send the request by mail to the Provider’s address or to the Provider’s e-mail address. The provider will approve the forwarded request or inform the user without undue delay of the reasons for refusal, but no later than 15 days after receiving the request.
PERSONAL DATA PROTECTION VIOLATION
In the event of a breach of personal data protection and in the event that it is likely that such a breach of personal data protection could cause a significant risk to the user’s rights and freedoms, the Provider will immediately inform the user thereof.
In the event of a breach of personal data protection, the Provider will notify the competent authority of the breach without undue delay, but no later than within 72 hours of becoming aware of the breach of personal data protection.
RIGHT TO COMPLAINT
The User has the right to file a complaint against the Provider in the event of a violation of the protection of personal data with the competent supervisory authority at the address: Information Commissioner, Zaloška 59, 1000 Ljubljana alina: firstname.lastname@example.org.
All explanations on the processing of the user’s personal data refer only to use within the website and do not apply to pages and integrated applications that the user accesses via links that can be found on the website. The pages and integrated applications accessed through the links have their own provisions on the processing of personal data, which may be different. The provider recommends that users familiarize themselves with the information on the processing of personal data on these pages/applications before using each website/application.
In case of all questions, ambiguities and exercising rights in the area of personal data, the user can contact the Provider’s contact person at the Provider’s postal address or the Provider’s e-mail address.
Given that the use of website content and services implies acceptance of the conditions set forth in this policy and its subsequent updates, in case of continued use of the website, the Provider recommends frequent reading of this section.
What are cookies?
A cookie is a file that is downloaded to the user’s computer when he accesses certain web pages. Among other things, cookies enable the website to store and retrieve information about the habits of the user’s browser or his computer and, depending on the information they contain and the way the computer is used, can be used to identify the user.
Which cookies does the Provider use on the website?
Data collected by cookies on the website is processed by the Provider.
The website also uses session cookies, which are necessary for the website to function. They are downloaded to the user’s computer when the website is visited and deleted when the user closes the browser.
The website also uses essential cookies to ensure the functionality of essential website functions, such as the online shopping cart. The Provider does not require the express consent of the user for these cookies.
How are cookies rejected?
If the user wants to allow, know, block or delete cookies installed on his computer, he can do so by configuring the options of the browser installed on his computer. More detailed information, which depends on the browser, is available on the web pages:
- Firefox: support.mozilla.org/sl/kb/delete-cookies- data-pages
- Chrome: support.google.com/chrome/answer/95647< /a>
- Internet Explorer and Edge: support.microsoft.com/sl-si/help/17442/windows-internet-explorer-delete-manage-cookies
- Safari: support.apple.com/kb/ph5042
- Opera: help.opera.com/en/latest/web-preferences/#cookies