Privacy is of utmost importance to us at CSLO Regionalna d.o.o.
CSLO Regionalna d.o.o. acts as a data controller under GDPR for your personal data that we collect and a data processor (process your data) or data controller for any of your data shared with us by a third-party.
Data controller contact details (and owner of CSLO Regionalna d.o.o.):
CSLO Regionalna d.o.o.
Hrvaška ulica 4
Company Registration Number: 6889832000
VAT ID Number: 93295235
Questions and complaints
We would always welcome the opportunity to rectify any complaints that you have about your data and privacy held with us and can be contacted as shown in the ‘Data Controller Contact Details’ section above. If you would like to make a complaint to the Slovenian information commissioner, you can find their contact information here:
Data minimisation and anonymous data processing
We strictly abide to minimising the amount of data we collect. Unless otherwise stated in the following sections, no personal information is collected, processed or utilised when using our website.
Data that you supply to us
- This is personal information about you that you share with us through filling in online or offline forms (such as the “Contact us” form), by email, through the post, on the telephone or by any other means.
- Most often, your personal information will include your full name, home and/or business address and/or delivery address, personal and/or business email address and telephone and/or mobile phone number. Where payment is made, additional personal information may include your credit card details, your bank details and information needed to carry out any checks, such as credit checks.
- If you apply for a role with our organisation, other personal data shared is likely to include your employment history, proof of identity, qualification checks, health information etc.
- Where you are sharing personal information that does not directly relate to you (e.g. your representatives that legally act on your behalf), you must ensure you have the consent to do so and have shared this Privacy Notice with that person/those people.
Data that we collect
- We generate data to understand customer and market trends through the use of analytical cookies on our website.
- To better understand and continuously improve our website and services, our website also monitors website usage information through the use of the following services: Google Analytics, Google AdWords, Facebook Pixel and Hotjar in order to gather statistical information like how many people visits our website, how long they stay on our web pages, the actions they perform, etc. This information may include IP addresses used but, does not include any other personal data.
Information we receive from third-parties
- Business Partners – where we have formal relationships with business partners who may introduce new customers or sales opportunities to us, data would include personal contact details, information on the areas of interest and data required to fulfil a request, product or service
- Social Media – where you have responded to a promotional item or offer from us through social media platforms such as Facebook, Instagram, LinkedIn etc., we can receive profile information about you which can include your name, address, telephone number(s) and/or your business contact details. This information can be used to respond to your interest, to fulfil a request/order from you and/or to send you future information and offers, where you have given clear consent to do so.
- Publicly Available Information – we may receive personal information about you from publicly available sources. This can include your name, address and other publicly available information. As far as possible, we ensure that where any third-parties are involved in supplying such information, that they are compliant to do so.
- Other – from time to time, we may receive personal information from other sources. We will always endeavour to ensure such information is provided from reputable sources, who are compliant to do so.
How we use your data
We collect data to help operate our business and deliver our products and services to you. Where you have completed a form with the appropriate consent or given us consent in another way, we will send you the relevant information in line with the consent you gave us. This can include email, telephone and/or other communication methods. We may also contact you with survey completion requests, designed to improve our services. You do not have to respond to such surveys and we will always give you the option to opt-out or unsubscribe from any of these communications.
We will share personal information with the relevant agencies and without notice, where we are requested to or suspect fraudulent activities, money laundering, terrorist-related activities or where there is another legal requirement to do so.
We will keep and use your data in terms of any legal or regulatory requirements that we have and can use your data to protect our legal position, if legal action is required, including the recovery of any outstanding debts.
Our standard business operations
- To provide the products, services and any other responsibilities that we contract to do so with you
- To provide you with information that you request from us
As part of our billing, payments and recovery processes
Automated decision-making and profiling
We do not cary out automated individual decision-making (making a decision solely by automated means without any human involvement) or profiling (automated processing of personal data to evaluate certain things about an individual).
Protection of data and disclosure to third parties
Information that we collect is stored on secure servers using standard security procedures and practices appropriate to the nature of the information in an effort to protect information from unauthorised access, destruction, use, modification, or disclosure. CSLO Regionalna d.o.o. transmits the personal data encrypted over the Internet using the so-called SSL (Secure Sockets Layer) method. However, providing personal information, whether it be in person, over the phone, or over the Internet, always entails risks, and no technological system is completely unaffected by manipulation or sabotage. CSLO Regionalna d.o.o. makes reasonable efforts to prevent and minimise the risk of unauthorised access to, and the unauthorised use or corruption of, personal information.
In principle, CSLO Regionalna d.o.o. will not disclose personal data to third parties, unless there is a legal obligation to pass it on or if a data transfer is required to carry out the contractual relationship. We may however engage a reputable third party to help us perform or deliver the product or service we have contracted with you. If this is the case, said third party will receive the minimal data about you to complete their part of the contracted service or product and we contract with them that your data should not be used for any other reason.
Third parties may also be contracted:
- to improve data safety and security levels
- as part of the business development function
- to perform a statistical analysis.
If necessary, CSLO Regionalna d.o.o. may also make appropriate written statements, duplicate records against loss, create intermediate files or workspaces, and give such powers to third parties.
In the event that CSLO Regionalna d.o.o. is merged, sold, or in the event of a transfer of some or all of our assets, we will not disclose or transfer non-personal information and personal information in connection with such a transaction without your prior consent.
Online privacy protection of children and adolescents
Our products and services are not intended to be used by data subjects under the age of 18. We will thereby never knowingly collect data from or on children or adolescents. If you become aware of such a child (or another person) supplying data regarding himself, a child or adolescent, please contact us via: email@example.com
When you visit our website, you remain anonymous. Every time you access our website and every time a file is accessed, access data about this process is stored in a log file on our server without any personal reference, i.e. IP address, page from which the file was requested, date, time, browser type, operating system, the page you visited, the amount of data transferred, access status (file transfer, file not found, etc.). From this data, statistics are generated which help CSLO Regionalna d.o.o. customise this site and tend to your needs.
We may share data, such as technical identifiers derived from your registration information on our website or our CRM system with our trusted advertising partners. This allows them to link your devices and/or environments and provide you a seamless experience across the different devices and environments that you use.
No data storage and processing outside of the European Economic Area
The data you provide to us will be either securely stored and backed up within the EEA/EU or with a complaint Non-EEA/EU based supplier. Data may also be processed by employees who work for such suppliers.
We will take all reasonable actions to ensure any data processed outside of the EEA/EU protects your privacy rights and handles such data in a secure way. As part of you sharing your data with us, you are agreeing to such data being handled and cared for in this way.
Any data about you that can be considered as sensitive (e.g. your politics, beliefs. medical information etc.) will not be processed by us without your consent or, if the processing of such data is not a binding legal requirement.
Timescales That We Keep Your Data For
The timescale we keep or process your data will vary depending on the requirement. The criteria for this includes:
- The reason we are using your data. We will keep the minimum amount of data required for that reason and for the timescale that that reason requires (e.g. service agreement periods)
- Legal requirements and where a minimum timescale is set (e.g. keeping invoices for tax and revenue purpouses)
We will keep your data for the term you have consented to, the contracted term between us or where there is a legitimate interest for us to remain in contact with you plus 3 years in case of any queries that you may have (g.g. copy of the original agreement) or for legally required reasons (e.g. tax and revenue purposes), whichever is the longest period.
Your Data Protection & Privacy Rights
There are various rights that you have under the GDPR:
- The right to be informed – Individuals have the right to be informed about the collection and use of their personal data
- The right of access – Individuals have the right to access their personal data and supplementary information
- The right to rectification – Individuals have the right to have inaccurate personal data rectified, or completed if it is incomplete
- The right to erasure – The right for individuals to have personal data erased. This is also known as ‘the right to be forgotten. Please note this right is not absolute and only applies in certain circumstances
- The right to restrict processing – The right to request the restriction or suppression of their personal data. Please note this is not an absolute right and only applies in certain circumstances
- The right to data portability – The right to data portability allows individuals to obtain and reuse their personal data for their own purposes across different service
- The right to object – Individuals have the right to object to processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling), direct marketing (including profiling) and processing for purposes of scientific/historical research and statistics
The full rights for individuals under the GDPR can be seen at the Internet link below:
The full rights for businesses and organisations under the GDPR can be seen at the Internet link below:
You can exercise your rights by contacting us via:
Last change made on: /