Privacy in the online system SKUPONI
This document represents the policy of protecting personal data according to the general data protection regulation (GDPR) for Qualitas d.o.o., acting as a "manager" (hereinafter referred to as "the Manager").
The manager manages the online services family (hereinafter referred to as "Services") intended for advertising, promotion, marketing and sales (skuponi.si). The administrator processes and stores personal data of users of services for their basic operation (hereinafter: Individual).
An individual The services offered by the Manager are used for their own benefit, on their own responsibility and on a voluntary basis. In the same way, the individual also shares his personal data with the Administrator, as the Manager for providing the Highest Quality Service from the Individual needs as much information as possible, or the Individual, through the provision of personal data, provides the Manager with the experience of using the Services.
The manager undertakes to legitimate and correct handling of personal, sensitive and commercially sensitive information, which is indispensable for the successful operation and quality assurance of the Services.
We commit to respecting the principles regarding the processing of personal data Individuals who are:
- Legality, fairness and transparency
- Purpose limitation
- Minimum volume of data
- Storage limit
- Integrity and confidentiality
For the provision of quality services and for the fulfillment of legal obligations, the manager must collect individual personal data and keep and handle them accordingly and in accordance with the principles for the processing of personal data.
For compliance with the law, the manager must provide at least one legitimate reason for the processing (collection, use, management or disclosure) of personal data. In some circumstances, the individual's consent is not necessary.
The data protection policy is designed to interpret and ensure compliance with the law. Where there is a possibility of ambiguity, the document attempts to explain in a detailed and understandable manner, in order to reduce the risk and thereby protect the Individual.
The General Data Protection Act (GDPR) requires a clear, understandable and transparent interpretation of the methods of processing personal data of the individual, as explained in this document, which also demonstrates compliance with the law.
Collection of personal data
The manager ensures the collection of data in accordance with the data protection policy. This applies to personal data collected personally, by telephone or electronically via forms.
In each collection of personal data, the manager ensures, if possible, the presence of clear and understandable explanations to the individual whose personal data we collect, for what purposes they will be used, what are the consequences of disagreement with the processing of personal data, and the explanations with which it is possible that they will be collected personal data is shared.
The above points ensure that the individual has enough information to give consent.
There are situations in which the collection of personal data is given implicitly; such as communication via telephone or e-mail, where personal data is indispensable for processing the request itself.
Preservation of personal data
Personal data and records relating to individuals are safely stored, only authorized individuals (employees) have access to this data.
Personal data will be stored only as long as it takes to process them. The data that are no longer necessary for further processing will be removed in accordance with the law.
Accessing individual information
Every individual has the right to obtain information about the individual's personal data kept by the Administrator about him. The administrator will take steps to ensure that this information is up-to-date with questions to the individual about changes.
All employees of the Manager are obliged to ensure that the personal data of the Individual are real and objective.
The manager will ensure that:
- He has a designated personal data protection officer who is in charge of compliance with this Personal Data Protection Policy
- Anyone who processes personal data understands that the processing of this data is responsible for tracking good data protection practices
- Anyone who processes personal data receives appropriate training for the processing of personal data
- Anyone who processes personal data is properly supervised
- Anyone who processes personal data reports on suspicion or actual misuse of data, following the data breach of data protection reporting
- Anyone who wants to obtain information about the processing of personal data clearly understands what needs to be done
- Clearly show how to process personal data
- It will regularly review and correct the procedures and methods of processing personal data in a manner consistent with the law
- It regularly reviews and assesses the methods and performance of the processing of personal data
- All employees and contract staff of the Manager are aware that any abuse or non-compliance with the rules and procedures defined in this document may trigger disciplinary action against them
According to the general regulation on the protection of personal data (GDPR), a legal requirement for the processing of personal data is required before personal data can be processed. If there is no other legitimate purpose, the Individual must consent to the processing of personal data with the consent.
The processing of personal data is considered to be lawful, if:
- The processing of personal data is necessary for the execution of a contract with an individual, or for entering a contractual relationship with an individual. Such an example may be the purchase of a group or product, and the like
- Processing of personal data is necessary for the fulfillment of legal obligations
- Processing personal data is necessary to protect the interests of the individual or other person
- The processing of personal data is necessary for the performance of tasks in the public interest, or for the exercise of official powers conferred on the Manager
- The processing of personal data is necessary for the purposes of the legitimate interests of the Administrator and does not override the potential harm to the rights and interests of the individual
- It has processing of Individual's consent
As valid consent, it shall be considered if:
- The consent is given voluntarily: An individual has the option of selecting and controlling how his personal data can be processed
- Consent is specific and informed: An individual understands all purposes of processing personal data. If there are several different purposes of the processing, the consent must be given for each of them
- Consent is unequivocal: An individual knows what he agrees and gives consent
- The consent is given as an intentional action of an individual, for example a signature, an oral, an electronic choice between options
Consent may be implied, for example by completing a questionnaire. Personal data collected on the questionnaire can only be processed for the purposes described in the questionnaire. Personal data may not be used for any other way of data processing unless the individual has given specific consent for different ways of data processing.
Consent may be deemed to be consenting to subsequent communication between the Administrator and the Individual. For example, in the case of collecting personal data for one type of service, if the Manager offers another, similar service, it is reasonable that the Manager of the Individual contact with another service, if at the same time offers the possibility of canceling the consent to communicate with another service.
ACQUISITION, RENEWAL AND MANAGEMENT BY PRIVILITIES
Consent must be clear and recognizable from other matters, written in a comprehensible form and in a clear and comprehensible language.
It must be clear who agrees, when the consent was given, how it was given, what it was given, and when the individual consented.
If the Individual still interacts with the Administrator in the manner in which the Individual has already given his consent to the processing of personal data, the consent shall be considered as still valid. If an individual is no longer in interaction with the Administrator, it may be necessary to require renewal consent after re-interaction, depending on the time elapsed since the last interaction.
Where consent has been adopted in accordance with Directive 95/46 / EC, the individual shall not be required to give consent to data processing again if the consent has been given in a manner consistent with the conditions laid down in the current GDPR Regulation.
The manager provides the individual with information on his rights in a concise, transparent, understandable and easily accessible form, and a clear and simple language, either in writing or in an e-form. The rights-holder is exercised without undue delay within one month of receipt of the request, or at most two additional months later, taking into account the complexity and number of requests.
If an individual submits the request in electronic form, the reply shall be provided, where possible, by the Administrator in electronic form.
An individual has the possibility to lodge an appeal with the supervisory authority and the possibility of enforcing legal remedies.
If the individual's claims are clearly unfounded or excessive, especially if they are repeated, the Administrator may:
- It charges a reasonable fee, taking into account the administrative costs of providing information, or the communication, or the implementation of the requested measure
- Refuses action in relation to the request, with the Administrator bearing the burden of obvious unfounded or excessive
An individual has the right to access the following information when the Personal Data is obtained from the Individual:
- Identity and contact details of the operator and his representative, if any
- Contact data of an authorized data protection person, if any
- The purpose of the processing of personal data, the legal basis for their processing
- Legal interests for the enforcement of which are sought by the Manager or a third party
- Users or categories of users of personal data, if any
- Information on possible transfers of personal data to a third country
An individual has the right to the following information in order to ensure fair and transparent processing when the Personal Data is obtained from the Individual:
- The period of retention of personal data, or the criteria used to determine this period
- Existence of the right for an individual to request the withdrawal from the processing of personal data, or the correction or deletion of personal data, or the processing restriction, the existence of the right of objection to processing and data transmission rights
- Where the processing is based on consent, the existence of the right to withdraw consent, without prejudice to the lawfulness of the processing which, on the basis of the consent, was carried out until its cancellation
- Existence of the right to file a complaint with the supervisory authority
- Existence of the right to information if the provision of personal data is a statutory or contractual obligation or an obligation which is necessary for the conclusion of a contract and the possible consequences if such information is not provided
- Existence of automated decision-making, including profiling, reasons, meaning and foreseeable consequences
An individual has the right to require the Administrator to confirm if his personal data is being processed and how. In the event that his personal data are processed, the Individual has the right to obtain the following processing information:
- Purpose of processing
- Types of personal information
- Users or categories of users to whom their personal data are disclosed, particularly in the case of third-country users
- Whenever possible, the estimated period of retention of personal data, or the criteria under which the retention period is fixed
- Existence of the right to require the Administrator to correct or delete personal data, or limit the processing of personal data, and the existence of the right to object to such processing
- Right to file a complaint with the supervisory authority Where personal data are not collected from the individual, information on their sources
- The existence of automated decision-making, information on the reasons, the meaning and the intended consequences
An individual has the right to be erased or the right to be forgotten, and the Administrator of the Individual must unload it without undue delay if:
- Personal data is no longer needed for processing purposes for which they have been collected or otherwise processed
- An individual revokes the consent on the basis of which the processing takes place, and there is no other legal basis for further processing
- An individual opposes the processing, but there are no overriding legitimate reasons for processing
- Personal data was processed illegally
- Personal data should be deleted in order to fulfill a legal obligation in accordance with EU law or the law of a Member State that applies to the Administrator
An individual has the right to limit the processing to the Administrator in the following cases:
- An individual disputes the accuracy of the data for a period allowing the Administrator to verify the accuracy of personal information
- The processing is illegal and the individual opposes the erasure of personal data, and instead requires a restriction of use
- The administrator does not need any more personal data for the purposes for which it was collected, but the individual needs them to enforce, enforce or defend legal claims
- An individual lodges an objection and the verification of the legal reasons of the Manager has not yet been completed on the grounds of the individual
Where personal data processing is limited, such personal data, other than the storage, enforcement, exercise or defense of legal claims or the protection of the rights of another natural or legal person, or for the public interest of the EU or a Member State, shall be processed solely with the permission of the Individual.
The administrator communicates to other Personal Data Providers modifications, corrections, deletions or restrictions on the use of personal data, except in cases where this requires disproportionate effort, or it proves impossible.
An individual has the right to receive personal information relating to him held by the Administrator in a structured, widely used and machine-readable form, and the right to forward that information to the other controller without the Administrator who was his personal the information provided is obstructed in the event of:
- processing is based on consent (or contract),
- processing is carried out with automated means.
An individual has the right at any time to object to the processing of his personal data. In this case, the manager ceases to process personal data unless he proves necessary legitimate grounds for processing that prevail over the interests, rights and freedoms of the individual, or for the enforcement, execution or defense of legal claims.
An individual has the right not to be subject to a decision based solely on automated processing that has legal effects in relation thereto or in a similar manner to it. It is permissible, however, if the decision is:
- Necessary to conclude or implement a contract between the Individual and the Administrator
- Permitted by EU law or by the law of a Member State that applies to the Administrator and also provides for appropriate measures to protect the rights and freedoms and legitimate interests of the individual
- Justified by the explicit consent of the Individual
The rights of an individual can be restricted by law, in the following cases:
- If this is in the interest of national security
- For the purpose of defense For the sake of public security
- For the prevention, investigation, detection or prosecution of criminal offenses or the enforcement of criminal sanctions
- To protect the independence of the judiciary and the judicial process
- Due to the enforcement of civil claims
Breaches of personal data protection
In the event of a breach of the protection of personal data, the Administrator shall notify the competent supervisory authority without undue delay, within 72 hours of the notification of the infringement, unless it is unlikely that the rights and freedoms of individuals would be jeopardized by violation of the protection of personal data. If the notification was not made within 72 hours, the Manager shall enclose the reasons for the delay.
After noticing the breach of the protection of personal data, the processor shall notify the Administrator without undue delay.
The notification shall include:
- Description of the violation type,
- the number of Individuals concerned, the type and number of personal data records in question
- Name and contact details of the Data Protection Authorized Person
- A description of the likely consequences of the violation of the protection of personal data
- A description of the measures taken by the Administrator to address and mitigate the potential adverse effects of the infringement, if appropriate
If the information can not be provided at the same time, they are reported gradually, without undue delay.
The administrator shall document any infringement of the protection of personal data, including facts relating to the violation of the protection of personal data, its effects and the measures taken. The documentation shall enable the supervisory authority to verify compliance with this Article.
COMMUNICATION TO THE INDIVIDUAL OF BREACH OF PERSONAL DATA PROTECTION
If it is likely that a violation of personal data protection is likely to pose a high risk to the rights and freedoms of Individuals, the Administrator shall without undue delay notify the individual that the infringement occurred and clearly describes the type of data protection breach in the communication and also includes information and recommendations regarding the infringement .
The message is not necessary for an individual if:
- The Administrator has already carried out appropriate technical and organizational measures to protect personal data, in particular the measures on the basis of which personal data become incomprehensible to anyone not authorized to access them, for example encryption
- The Administrator has taken steps to ensure that a high risk to the rights and freedoms of individuals is unlikely to be enforced
- Would this require a disproportionate effort?
What personal information do we collect?
The manager collects and stores personal data of individuals whom the individual voluntarily submits directly to the Administrator when he wishes to use the Services provided by the Manager. Typically, this happens at the time of registration for the use of the Services.
Alternative situations in which the Manager obtains personal information is prize-winning games, registration to secondary Services (for example, an application for receiving electronic notices).
In all cases where the Administrator collects personal data, there is a legal basis or Individual's consent to the processing of personal data.
The individual's personal data collected by the Manager are obtained in the following situations and are as follows:
- Create a user profile to use the Service, or use at least one of the Services offered. The personal data thus collected are processed either for the quality of the Service or for fulfilling the legal requirements for the provision of the Service or entry into a contractual relationship with the Operator, such as the purchase of a product, the reservation of a tourist arrangement (First Name, Last Name, E-mail Address, Birth date, Primary end, Secondary place, photo). The personal data thus collected may be compulsory or non-compulsory. Compulsory personal data are those without which the normal operation of the Service would be limited or impossible (for example, E-mail), and optional personal data are those which improve the user experience, but are not essential for the basic operation of the Service (for example, deliver shipments).
- Request for help by customer support either via e-mail, online form, or telephone support. The personal data thus collected are necessary for processing the request itself (Name, Last name, Email address)
- Registration via an electronic form or subscription to electronic newsletter (e-mail address, first name, surname)
- Participation in prize games, questionnaires or any other participation in activities that require Individual's personal information
Other methods of collecting personal data, or data by means of which it is possible to determine the Individual are:
- User account information. These include coupon codes, purchases and communications related to purchases (demand and estimates)
- Usage data Services that are automatically collected while in use Adds a service (type of device, browser type, location, language preferences, cookies, IP address, login time, clicks by categories and pages, purchase, any errors that have occurred occurred during the use of the Services) and assist the Manager in:
- Ensuring a higher quality of service by recognizing the technical capabilities and preferences of an individual and his devices using the Services Manager
- Ensuring higher security for an individual by identifying unusual applications, unusual purchases, attempted abuse
- Ensuring faster and better responsiveness in solving problems and conflicts
- Data obtained from data providers
How do we process personal information?
The specific way of processing personal data depends on the Service that the individual benefits, uses and the individual preferences.
APPLICATION OF PRIMARY SERVICES AND PERSONALIZATION
Individual personal data is processed for authentication and recognition of the Individual when registering in the system, for personalizing received e-mails, for recording interests and wishes, such as the use of shopping carts or browsing by category.
COMMUNICATION RELATING TO SERVICES
Individual personal data is processed for communication in relation to services offered by the Operator or for the provision of the Services as such (day-to-day communication is also the primary Service Manager).
The manager also processes personal data also in connection with purchases and coupons. Since this kind of processing can not be unsubscribed, it is necessary to provide the Service as such and is linked to Individual entry into a contractual relationship with the Manager (purchase).
The manager can communicate with an individual about alternative and new Services that are directly or indirectly related to the Services for which the Manager has already received the Individual's consent.
MARKETING AND PROMOTION OF SERVICES
On the basis of prior consent, or use of the Services, the Operator may recommend, suggest, or otherwise promote and market new Services or offerings within the Services. A cancellation of such processing of personal data is possible.
SUPPORT TO CLIENTS
In order to support customers, personal data processing is indispensable to the individual. For more detailed analysis, faster and better resolution of problems or conflicts, the Administrator may request additional personal and other information.
SAFETY AND PROTECTION
We process personal data to ensure the security and protection of individuals, managers and processors. This kind of processing involves the monitoring of service applications, the monitoring of the use of services, the monitoring of the Individual's activities within the Services, which makes it easier for the User to identify threats and abuse attempts for the Service, Individual, Manager or Processors.
IMPLEMENTATION OF LEGAL INTERESTS
If required by law, the Administrator may process personal data without the individual's consent, or to continue the use of the Service for the execution of a contract between the Manager and the Individual. A concrete example of such processing of personal data is, for example, the purchase of a product, and the provision of the Services without processing personal data is not possible.
The manager may also process personal data even if he is convinced that he / she protects his own legitimate interests or that he / she protects the interests of other natural or legal persons involved.
If none of the above reasons exist for the processing of personal data, the Individual agrees to the processing of data for a specific purpose, Individual Personal Data may be processed for this purpose up to the cancellation, or unless otherwise specified by a change in the policy of protecting personal data.
How do we share acquired personal information with third parties?
In order to ensure the quality of the Service or for the provision of the Services, we may share the acquired personal data with third parties. In these cases, the Manager with the Processor has an agreement on the processing of personal data, unless the processing of personal data is necessary for the exercise of legitimate interests.
The administrator does not in any way exploit the personal data databases for sale, but processes them and provides them for processing only for the purpose of providing the Services. If there is no other legitimate interest in the transmission of personal data to third parties, the Administrator shall obtain the consent from the Individual for such processing.
How do we store and protect collected personal data?
INFORMATION SECURITY AND DATA PROTECTION
Personal data Individuals are stored and processed on web servers in Slovenia. The manager is constantly endeavoring to maintain and develop the information system in accordance with the latest technological safety standards in order to protect the individual's personal data.
Despite the high standards and implemented protection that the Manager managed to implement in his information system due to the nature of the Internet, he can not guarantee the subsequent misuse of personal data that would occur after the transfer from the Manager to the Individual, or in case of an invasion into the information system, where The manager does not have his own resources or the ability to prevent such abuse.
HOW DO WE CARE PERSONAL DATA?
The length of the personal data storage period depends on the type of personal data, the Individual's use of the Services, the manner of processing, the legal requirements. When and if personal data for processing is no longer necessary, or if an individual decides to abolish the user profile, the Manager erases, parsifies or anonymises such data, except in cases where they are indispensable to continue the performance of the Service Manager, or they must remain fed by legal requirements.
The data collected for the needs of the user's user profile are stored as long as the User is active, or a reasonable time after the end of the activity, in case the user decides to become active again.
Any activity of the Service user is considered as an activity, from registration, registration, transfer to shopping cart, purchase, read-in electronic message or to the opening of a website. Data that helps the Administrator to process claims or disputes by the Individual, or otherwise legally required to be kept for longer, even if the user profile is terminated. A typical example is coupon and purchase data.
Data for marketing
Personal data directly linked to marketing (cookies, clicks of categories, ad clicks), even in the event of termination of the consent of the processing, may be kept for a reasonable time after discontinuation of consent, if this is necessary for the manager's business processes or the quality of the Service. In the event of termination of the Service and hence the cessation of the collection and processing of data directly related to marketing, personal data collected for marketing purposes may be deleted within a reasonable time, provided that they do not in any way affect the quality of performance of the Services offered by the Manager.
Personal data collected through forms, prize games and other sources
Personal data collected for processing purposes that are not directly related to the Services provided by the Manager may have different feeding times depending on the purpose of the processing.
If personal data is not otherwise designated for alternative processing purposes (in order to guarantee legal interests, with the consent of the Individual), such personal data may be deleted, anonymised or pseudonymized after the expiration of the processing time, depending on the type of data and the processing method.
Access and control of personal data collections
An individual who is a user The services offered by the Manager can access personal databases through their user profile, where they also have the option of controlling, updating personal information, and modifying consents.
Some personal data can not be managed by the user himself, in these cases, contact support is available to users who, if possible, make the change in the Individual's name upon request.
An individual as a user can also access data through which the individual can be identified and not transmitted by the individual, such as coupons, purchases, which the individual can not change, can only access these data. In the case of changes, contact customer support is available, making the change, if possible, performed on behalf of the Individual.
Personal data, collected through questionnaires, prize games, employment forms or other online or physical forms that are not linked to the user's profile Services and still kept by the Manager, are generally valid and processed for a shorter time than personal data collected for primary processing purposes , therefore, personal data that is not part of the personal data collection accessible in the user profile is not easily accessible to the user, except on request through a contact user support, which provides such information on request or changes the personal data.
DEACTIVATION OF USAGE PROFILE
An individual has a discontinuance of the user profile in case he no longer wants to use the Services provided by the Manager. Withdrawal An individual can make a contact with support to users, which, if possible and if it does not interfere with other business processes, or the legal interests of the Manager or related parties, is performed at the request of the Individual.
Alternatively, it is possible to deviate from individual services or individual data processing modes, with the complete abolition of the user profile is not necessary.
In the event of termination of the user profile, the Manager stores some collected personal data within a reasonable period of time.
ASSOCIATION OF USE PROFILES
User Profiles belonging to the same person or It can not be combined with an individual.
DELETING PERSONAL DATA
Personal data that an individual wishes to discontinue can be deleted or restricted to process them if this does not hinder the business processes of the Manager or the Administrator has no other legitimate reasons for continuing the retention of these personal data.
Some types of personal data are such that deletion is already enabled in the user profile, but those who do not have these options are data for which it is necessary to contact support for users who do this on behalf of the Individual.
REQUEST FOR LIMITING THE PERSONAL DATA PROCESSING
An individual may request a restriction on the use of personal data, but the Reservier reserves the right to request the reasons for such a restriction if the type of personal data is not simple and if the limitation of the processing of a personal data can affect business processes or other legitimate reasons for processing.
In the case of simple types of personal data, the option of processing restriction for a specific purpose is already enabled and available in the user profile or in the e-mail foot where the individual can manage the consent and restrictions of the processing of individual personal data for certain purposes. If there is no such option, or the Individual can not find it, it can contact support for users who change a restriction or consent instead of the Individual.
TRANSFER OF PERSONAL DATA
An individual may require the Manager to collect a personal data file that the Administrator conducts on an Individual, such a collection being in an electronic readable format, so that the transfer of personal data to another similar Service may be possible. The administrator provides the option of exporting personal data collections, but this does not apply to all types of personal information, since all types can not be transferred to another service.
In the case of requests for the export of personal data, the Individual contact the customer support, which prepares such exports within a reasonable time, the export is not automatic and is not immediate. In the event of repeated multiple successive unfounded requests for the export of personal data collections or claims which the Administrator reasonably believes are disproportionately frequent, the Administrator reserves the right to charge a payment for the service of the export of personal data.
Personal data processors
The Service Provider cooperates with other legal entities who can process certain types of personal data managed by the Administrator.
For each processor of personal data, the Contractor has concluded a cooperation and processing of personal data, unless the processing of personal data is necessary for the legitimate interests of the Administrator or the Producer. Personal data processors may include, inter alia:
- Payment processors and payment service providers
- Providers of technical or other support services
- Providers of communication modes, such as electronic notifications and electronic conversation
- Customer Service Providers
- Service Providers Tool for Analyzing Application Services and Easier Troubleshooting Service Issues
- Service providers promoted, marketed, sold by the Manager
The data processors are as follows (the list may vary according to the requirements of the Manager):
The country of the provider depends on the service provider
Processors and processing methods that are not listed in the above list may process pseudonymized or anonymised personal data and are thus exempt from the requirements
Of the General Data Protection Regulation.
Report infringement and abuse
An individual may, if he / she suspects that there has been an abuse or an infringement in the processing of his personal data, report the suspicion of the infringement to the e-mail address of the Administrator listed in the contact information.
In order to process the request as quickly as possible, the Individual must communicate as much information as possible (which user profile, which personal data are allegedly misused, in what way, and what the individual believes is a violation or abuse).
The administrator of the request for infringement and misuse of personal data shall exercise without undue delay within one month after receipt of the request, or no more than two additional months later, taking into account the complexity and number of requests.
Data Protection Authority
The manager is convinced that he collects and stores personal data of individuals in accordance with the general regulation on data protection (GDPR) and other applicable laws in the territory of the Republic of Slovenia and the European Union.
In case of questions and complaints regarding the General Data Protection Regulation, you can contact the Data Protection Authority, which is available in the Republic of Slovenia Information Commissioner of the Republic of Slovenia, available at the following address:
Zaloška cesta 59
T: 01 230 97 30
F: 01 230 97 78
E-mail: gp.ip (at) ip-rs.si
These privacy policies are also available in the PDF document, which is available on request via email to email@example.com
Personal data is processed by Qualitas d.o.o as a Joint Manager. For any questions regarding personal data and their processing, you can contact us by e-mail at firstname.lastname@example.org.
For requests regarding the change, or updating of personal information, deleting user accounts, unsubscribing or any other possible problem with the user profile, please contact us by e-mail at email@example.com.
To report a suspected violation when processing personal information, please contact us by e-mail at the address firstname.lastname@example.org.
For any claims relating to the protection of personal data, the Administrator undertakes to respond within 30 days of receipt of the request. For serious disputes or difficulties, we reserve the right to extend this period to an additional 60 days.
Ljubljanska c. 24b
For more information about the general data protection regulations, please visit https://www.eugdpr.org/