The policy of protecting personal data and the privacy of visitors of the website, customers, business partners and other clients (hereinafter also: ‘individuals’) is of the utmost importance for the company MUFLON, d.o.o. (hereinafter also referred to as: ‘the controller’), and therefore we would like to make known the information in our policy on the protection of personal data and their rights deriving from Regulation (EU) 2016/679 of the European Parliament and of the Council from April 27, 2016 on the protection of individuals with regards to the processing of personal data and the free movement of such data, and repealing Directive 95/46 / EC (General Data Protection Regulation, hereinafter also: GDPR).
The purpose of this is to inform individuals about the purposes and bases for the processing of their personal data and to inform them with their rights in this regard.
The manager of personal data of individuals processed in accordance with the provisions of the GDPR is Muflon, doo, Titova 99, 1433 Radeče, registration number: 5921210000.
All information regarding personal data can be requested by individuals via e-mail: email@example.com or by phone: +386 (0) 3 568 06 00.
The operator will process personal data of individuals solely and only to the extent necessary for the smooth running of work processes, the provision of services and the fulfilment of rights and obligations that arise from contractual and other relationships with individuals.
The manager undertakes that the personal data of individuals in accordance with the GDPR and its internal acts will be properly stored and protected from any loss, destruction, forgery, unjustified use and unwarranted access or discovery by persons who are not entitled to it.
Personal data of individuals will be processed exclusively for purposes for which the operator has acquired them or for which individuals have provided it to the latter and are determined in the GDPR. If the controller wishes to use personal data already acquired for another purpose, he will inform the individuals about this beforehand and, if necessary, request consent for processing.
Personal data of individuals will be transmitted only to authorized persons within the controller in accordance with the purpose of the processing and will not be transmitted to third parties or to third countries. This does not apply insofar as the transmission of personal data by individuals is required by official bodies or courts of law.
The manager will keep the personal data of individuals for ten (10) years from their first processing, which, in the opinion of the controller, represents the shortest possible period for fulfilling the interest for which the personal data of individuals has been processed. The manager undertakes to regularly check the personal data of individuals in order to correct inaccurate data or ensure that such data is deleted.
Individuals whose personal data are processed by the controller have, on the basis of GDPR, in addition to the right to revoke the consent for the processing of personal data, insofar as such consent has been given, also the following rights:
- the right to access data is the right of an individual to receive confirmation from the controller whether personal data are processed in relation to him and, if so, access to personal data and information regarding their processing, which are specified in GDPR;
- the right to a correction is the right of an individual to correct the inaccurate personal data relating to him without undue delay;
- the right to be erased (“right to forget”) constitutes the right of an individual to delete the personal data relating to him without undue delay when there are reasons for doing so under the GDPR.
- the right to limit processing is the right of an individual to limit the processing by the operator when one of the cases is specified in the GDPR.
- the right to data transferability constitutes the right of the individual to receive personal data relating to him held by the controller in a structured, widely used and machine-readable form, and the right to forward this information to another controller without the operator, to which his personal data have been provided, hindering it;
- the right to object is the right of an individual to, at any time, object to the processing of personal data relating to him in accordance with the GDPR, on any grounds relating to his particular situation. An individual’s application is filed with the manager at the contact firstname.lastname@example.org.
- the right to appeal constitutes the right of an individual to file a complaint with the supervisory authority if he considers that the processing of personal data in connection with him violates the GDPR. The Supervisory Authority in the Republic of Slovenia is the Information Commissioner, Zaloška cesta 59, 1000 Ljubljana, telephone: 01 230 97 30, fax: 01 230 97 78, e-mail: email@example.com.