Remos Novo mesto, d.o.o., registration number 5830109000, with registered office at Livada 21, 8000 Novo mesto (hereinafter the company), as the data controller, informs you with this notice of the way your personal data is processed and protected.
1. What information do we collect about you?
When you contact us, we collect and process your personal data (for example, information you provide to us by filling out forms on our website (the "Website") or by phone, email or otherwise). This includes information you provide when you register to use our website, when you subscribe to our service (place an order on our website, participate in discussions or other social media features on our website, enter a prize draw, promotion or participate in a survey, fill out an application form, for example for a job advertisement), and when you report a problem with our website. The information you provide to us may include your name, address, e-mail address, telephone number, personal description and photo, age, date of birth and gender, and any other information defined in each case.
We do not collect or process special types of (sensitive) personal data (for example, information about your medical condition, sexual orientation, race or ethnicity) unless the sensitive personal data is relevant for the specific purpose for which we are processing it; if we are required to do so by law; or if you have separately provided us with your explicit consent. When you voluntarily provide us with personal information (including sensitive personal information) through contact with our website (for example, by voluntarily submitting sensitive personal information to us through the comments section of the website) at your own request and not at our request, we will delete such personal data from our systems if we believe that the processing of such data is not necessary for a legitimate purpose, unless you have made such data publicly available (for example, through a publicly viewable forum post); in this case, we will delete the data from our websites only if required by law or if we do not want to keep them.
Every time you visit our website, we automatically collect the following information:
- technical data, which may include the Internet Protocol (IP) address for connecting the computer to the Internet, login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, device type and mobile device brand; this data may be collected and processed by third-party cookies on our behalf. You can find more information about this at the link at the bottom of each website.
- information about your visit, which may include, for example, the entire chain of "Uniform Resource Locators (URLs)" to access, through and from our website (including date and time), information about the pages you viewed or searched for ( including articles read, categories accessed), page response time, download errors, duration of visits to specific pages (including average time spent on specific pages, viewing specific content or videos), average the time spent using the application and the number of views from such applications, the average number of articles viewed on our website, information about the interaction with the website (for example, scrolling, clicks and mouse movements), the methods used to move from the website, user behavior data and any telephone number to call, or any email address to access our customer contact representatives.
In some cases, we obtain your personal data from third parties, such as business partners, subcontractors for the field of technical, payment and delivery services, advertising networks, analytics service providers, search information providers, credit rating agencies. When visiting and registering on one of our online platforms, we may obtain your personal data from an unaffiliated social media provider (Facebook, Gmail) if you voluntarily choose to register through the unaffiliated social media provider's platform.
1.How do we use your personal data and on what legal basis?
We may process your personal data for the purposes of implementing the contract we have concluded with you; when we have to comply with a legal obligation (for example, under legislation governing criminal liability for public incitement to hatred, violence or intolerance); where necessary for our legitimate interests (or the legitimate interests of a third party) and your interests (for example to detect and prevent fraud or ensure network and information technology security), unless your fundamental rights override these interests; when it is necessary to protect your important interests (or the important interests of others); or when this is necessary for the public interest or for official purposes.
We process your personal data for various technical, administrative and operational reasons, for example to ensure that the content is presented to you in the most effective way according to your computer; to improve our website, including its usability; to manage our website; for internal purposes, including troubleshooting, data analysis, testing, research, statistical and research purposes; for marketing, including targeted marketing to show you content that may be of interest to you; and as part of our efforts to keep our website safe and secure.
In some cases, we will only process your personal data with your consent. In such cases, we will separately ask for your express consent when you provide us with your personal data. You can subsequently revoke your consent at any time via the e-mail you receive or your profile settings on the individual website. However, this does not affect the lawfulness of any processing that took place before the withdrawal of consent.
When we require personal data to fulfill legal or contractual obligations, it is mandatory for you to provide personal data. This means that if you do not provide such personal data, we will not be able to manage our contractual relationship or fulfill the obligations that such relationship imposes on us. In all other cases, providing personal data is optional and you are not obliged to provide it.
We may also process your personal data, such as identification data, contact data and residential address, in order to exercise our rights against you in the future. This processing is based on our legitimate interest in asserting our rights in potential disputes.
We will most often use your personal data in the following circumstances:
- Users and customers:
For the purposes of providing services, delivering goods and making payments in accordance with relevant contracts (including subscription contracts), we may process your personal data, such as identification data, contact data and bank details. Such processing is based on the performance of a contract with which users (especially subscribers) are customers, or on a legal obligation imposed on us.
We may process personal data to provide you with information about goods or services that we think may be of interest to you. If you are an existing customer, we will only contact you by email with information about goods and services that are similar to those that have been the subject of previous sales or sales negotiations with you (direct marketing), unless you have previously notified us, that you do not want to receive such messages. If you want your data to be used in this way, check the appropriate box on the form on the basis of which we collect your data.
Without your prior express consent, we will not forward your personal data to third parties for marketing purposes.
We may also use your personal data to measure or understand your preferences and to provide relevant content; to enable you to participate in interactive features of our Services when you choose to do so; to measure or understand the effectiveness of the advertising we display to you and others and to display relevant advertising; and to provide you and other users of our website with suggestions and recommendations about products or services that may be of interest to you.
- Application users:
In connection with your use of our mobile applications, we may collect and process your personal information, such as identity information, contact information, debit or credit card information and geolocation information, if:
- send a message, rating or other post through our mobile applications.
Such processing is based on the performance of a contract, the customer of which becomes a user of the application when registering through such application for mobile devices; our legitimate interest to verify user account information for services provided in the territory in which you normally reside and to detect and prevent fraud; or to the legal obligations imposed on us.
2.How and to whom do we disclose your personal data?
In the company, only a limited number of employees have access to your personal data based on the need for familiarization or implementation of business processes such as employees in the departments of marketing, legal service marketing, production, informative content and IT. These employees are bound by confidentiality in relation to personal data. We take appropriate technical and organizational measures to protect personal data. The company's employees have the right to process personal data only according to the company's instructions and, if necessary, in connection with their work obligations.
We may also disclose your personal information to third parties, including:
- service providers who provide administrative, professional and technical support to the company for support in the field of IT, security and business resources;
- business partners, suppliers and subcontractors for the performance of any contract we enter into with you;
- advertisers and advertising networks that need your information to select and display relevant advertisements. We do not disclose information about identifiable individuals to advertisers, but we do provide them with aggregate information about our users (for example, we can inform them that 500 men under the age of 30 clicked on their ad every day). With such aggregate data, we can help advertisers reach a specific type of their target group. We may use the personal information we have collected from you to fulfill the wishes of our advertisers by showing their advertisements to the desired target audience;
- analytics and web search engine providers that help us improve and optimize our website;
If necessary, the company may also share personal data with external consultants (e.g. lawyers, accountants, auditors).
In some cases, we may disclose personal information as necessary to our affiliates (including any subsidiaries or our ultimate holding company and its subsidiaries). Together with our affiliated companies, we have ensured adequate safeguards against the possible disclosure of personal data.
We may share personal information with our affiliates and other third parties in connection with certain types of transactions, including any transactions involving a change in control of the company, sale of a substantial portion of assets or restructuring.
The company strives for due diligence in the selection of unrelated service providers and requires that these service providers maintain appropriate technical and organizational security measures to protect personal data, and process personal data only in accordance with the company's instructions. Service providers may use subcontractors to provide services to the company, whereby the subcontractor must meet the same data protection requirements as the service provider itself.
3.Storage of personal data and their transfer abroad
In addition, your personal data may be transferred to and stored at a destination outside the EU and EEA. In doing so, the laws and regulations protecting your personal data in the country to which it is transferred may be different (or offer a lower level of protection) than those in force in the country in which you work.
We will not intentionally transfer your personal data outside the EEA, except where appropriate safeguards are in place, including: a European Commission decision on the adequacy of the receiving country or countries; "privacy protection" certificate; relevant binding business rules; approved code of conduct together with binding and enforceable commitments of the controller or processor in a country outside the EU and EEA; an approved certification mechanism together with a binding and enforceable obligation on the controller or processor in a non-EU and EEA country to apply appropriate safeguards; or EU Standard Contractual Clauses approved by the European Commission.
If you would like more information about any such transfer and the appropriate safeguards we have in place prior to transfer, you may contact the Data Privacy Officer or CME's Data Protection Officer via the contact details below.
You can request confirmation from us about whether your personal data is being processed or not, a copy of your personal data, or their change/correction. In certain circumstances, you have the right to request that we delete your personal data or that we transfer some of your personal data to you or to other entities based on the right to portability. You also have the right to object to certain processing of your personal data (for example, processing for direct marketing purposes or for certain decisions made solely through automated processing, including profiling). If we have asked for your consent to process your personal data, you have the right to withdraw this consent without negative impact on you. If we process your personal data on the basis of our legitimate interest (as explained above), you have the right to object to such processing. You also have the right to restrict the processing of your personal data in certain circumstances.
Please note that in some cases your rights described above may be limited and subject to applicable data protection laws and regulations; your right to object to the processing of your personal data may, for example, be limited if we demonstrate that we have valid legitimate grounds for processing your personal data that may override your interests. When submitting your request, you will need to prove your identity and provide us with other information that will enable us to respond to your request. We will not charge you any fees for responding to your request, unless permitted by law; if we charge you, they will be reasonable and proportionate to your request.
If you wish to exercise these rights, please contact us using the contact details below. We hope that we will be able to satisfactorily answer any questions you may have about the way your personal data is processed. In any case, you have the right to complain to the competent authorities for data protection. You can file a complaint in the Member State where you live, work or where the alleged breach of data protection law occurred.
5.Retention period of your personal data
We intend to keep your personal data only for as long as is necessary in accordance with our Data Retention Policy, to carry out the purposes stated in this notice, or in accordance with applicable law, taking into account the applicable minimum statutory retention periods, or as necessary to enforce our legal rights (and the legal rights of others). We will retain the personal data of the users of the applications for the period of use of the mobile application or for the period determined by the relevant applicable law, in accordance with our data retention policy. If you would like further information about how long we keep your personal data, please contact us using the contact details below. Please note that we may process any of your personal data that has been anonymized without further notice.
Where we process your personal data on the basis of your consent, we only process it for the period specified in your consent, unless you revoke or limit your consent before the end of that period. In such cases, we will stop processing the relevant personal data for the relevant purposes, taking into account any legal obligation to process such personal data or the need to process such personal data in order to exercise our legitimate interests (including the legitimate interests of others).
We store your information on our servers and on servers hosted by third parties (including third party cloud based services). For this purpose, we have implemented appropriate technical and organizational measures to protect your personal data and prevent unauthorized access to them. In relation to services hosted by third parties, we have entered into contractual agreements that include obligations regarding the organizational and technical security of personal data. You are solely responsible for maintaining the confidentiality of any authentication methods (eg passwords) that you use to access individual parts of our websites.
Data transmission over the Internet is not completely secure. Although we will do our best to protect your information, we cannot guarantee the security of your information that you provide through our website; any download is at your own risk. After receiving your information, we will implement strict procedures and security measures to prevent unauthorized access.
On its website, the company does not (knowingly) collect personal data of persons under the age of 15. If a parent or guardian discovers that their child has provided the Company with their personal information, they should notify the Company immediately. If the company finds that a person under the age of 15 has provided the company with their personal data, the company will immediately delete this data from its servers, unless the parent or guardian expressly allows the company to process the child's personal data for certain purposes.
All websites affiliated with the Company Group (including any subsidiary companies or our ultimate holding company and its subsidiaries) collect and process limited personal data from children (as defined by applicable law) for services aimed at children (data such as name, age and email address may be collected to assess eligibility to enter a contest related to programs aimed at children). In connection with these websites, we ask (and encourage) children to obtain the consent of their parents or guardians on these websites, and the Company has taken appropriate steps to verify the validity of such consents.
8.Social media cookies and plugins
Our website may include social media features such as Facebook, LinkedIn or Youtube buttons. These features may collect information about you, such as information about your IP address and the websites you visit, and may set a cookie to ensure that the feature works properly. The processing of this data through interactions with these features is governed by the privacy notice/policy of the company providing the service.
9.Links to other websites
Our websites may contain links to websites that are not under the control of the company. When you click on a third-party link, you will be redirected to their website. If you visit any of these linked websites, please read their privacy notices. We are not responsible for the policies and practices of other companies. Our company has no control over and assumes no responsibility for the content, privacy policies and notices or practices of third party websites or services.
If you have any questions or doubts regarding the processing of your personal data or if you wish to exercise any of your rights, please contact us by phone at +386 7 373 78 00, by email at email@example.com or by letter, addressed to Remos Novo mesto, d.o.o., Livada 21, 8000 Novo mesto.
Please do not disclose sensitive personal information (such as information about race or ethnicity, political opinions, religion or other beliefs, health or trade union membership), your tax identification number or information from your criminal record when contacting us.