These privacy rules apply to (i) the Company’s website https://www.valicon.net/, (ii) the execution of the organisation of VALICON events and registrations to such events, (iii) the provision of information about new features and the Company’s services, (iv) inquiries about the Company’s services by email, over the telephone and through the sample forms posted on the Company website, (v) the Company’s social channels and applications, (vi) the downloads of documents available on the Company website, and (vii) your use of any other present or future online or offline service, technical support or VALICON products and services (hereinafter altogether from (i) to (vii) “Services”).
The personal data controller is VALICON d.o.o., with its registered office in Kopitarjeva 2, 1000 Ljubljana.
If you have any questions, you can contact us by sending an email to [email protected] or calling us at +386 1 420 49 08.
Your personal data is obtained by the Company when it is sent to the Company, i.e. through your use of the website and its functions, when you contact the Company directly by email, over the phone, in writing or via social media, when you procure the Company services or in any other way you use to provide personal data.
The types of information collected about you may include information such as:
- your name and surname;
- your business email address or other email address provided by you;
- the company you work or worked for;
- your job position at the company;
- your telephone number;
- information about your computer or mobile device (e.g. your IP address and type of browser, type of device);
- information about the way you use the Company website (e.g. which pages you have seen, the time of your visit, and which links you clicked).
The Company may also obtain your personal data from certain publicly available sources, including (but not limited to) public online databases, business directories, media publications, social media, websites, and other publicly available sources.
VALICON does not process special categories of personal data.
Valicon does not use automated decision-making or profiling.
Your personal data may be used for one or more of the following purposes:
- In relation to your use of the Services and to the tailoring of the user experience to your needs and goals:
- The operation and improvement of the Company website, also by tailoring the user experience on the Company website. The latter is required for the Company’s legitimate interest to better understand the wishes of customers and potential buyers, and to adjust the Company website, products and services to your desires and needs.
- Management of Company relations with present and potential customers. The latter is performed with an analysis of data about past relations with customers in order to improve business relationships with customers, with stress placed on customer retention and ultimate sales growth. The latter is required for the Company’s legitimate interest to better understand the desires of customers and for efficient management and administration of Company operations.
- General segmentation of data about you (your industry, country), which allows us to tailor our services to you and for the purposes of internal statistical reports on the use of Company Services.
- Communicating directly with you regarding updates to the Company website, procurement of Company services and answers to inquiries received from you. The latter will be required to inform you from time to time about changes to the Company website, to perform a contract concluded with you, to prepare a quotation or for the Company’s legitimate interest to fulfil and confirm your requests for the provision of Company services and to answer the questions received from you.
- Conclusion of a contract and preparation of a quotation. If you do not provide your personal data, where necessary for such a purpose, it will not be possible to conclude or perform a contract with you or to provide the products or services you have requested. The Company may also postpone or cancel all orders placed and enforce its legal rights against you (e.g. if the Company incurred costs or expenses in the preparation or completion of any orders that you placed).
- Protection of Company operations and business interests, including for the purpose of checking credit and past experiences, preventing fraud and collecting debts. The latter is required to protect the Company’s legitimate interests to prevent criminal activities, such as fraud or money laundering, to ensure that the Company website and Services are not subject to abuse, and to protect Company operations. Such checks will only be conducted if permitted under the law.
- Communication with the Company’s business advisers and legal representatives. The latter is required for the Company’s legitimate interests to obtain legal or expert business advice, whereas the Company will forward your personal data, if required, in the smallest extent necessary and in an anonymised form, where possible and provided that a non-disclosure agreement has been concluded.
- Sharing personal data with third parties (hereinafter “sub-processors”) that are related with the Company in terms of service provision, such as the Company’s business partners, email providers, web hosting providers and providers of various ICT services. The latter will be required for the performance of a contract concluded with you (or preparation of a quotation), for the Company’s legitimate interest to run and manage its operations efficiently, and for compliance with legal obligations binding the Company. When sharing your personal data, we will do so consistently based on the need to know, pursuant to the relevant confidentiality restrictions, on an anonymised basis, where possible, and only to the extent necessary for any of such purposes.
- Enforcement of the Company’s legal rights and compliance with laws, regulations and other legal requirements. The latter is necessary for the Company’s legitimate interest to protect its operations and enforce its contractual and other legal rights. For the provision of physical, network and information security and integrity. The latter is necessary for the Company’s legitimate interest to provide a safe and uncompromised IT system and networks, including data backup and storage, preventing malware, viruses, errors or other malicious codes, preventing unauthorised access to the Company systems and all forms of attacks or defects to the Company IT systems and networks. The Company may have to use and process your personal data in order to comply with the legal requirements it needs to observe. For example, the Company may request that you provide some of your personal data for the purposes of executing the legal obligation to prevent money laundering or to disclose your data to the court upon the receipt of a court order. Your personal data may also be required to comply with the applicable legal obligations, such as tax legislation and other regulations binding the Company.
- In relation to requirements for disclosure and in the event of the sale or purchase of the Company and/or assets, either actual or potential. The latter is required for the Company’s legitimate interests to sell and/or ensure and promote its business performance.
- For statistical and research purposes. The data will be anonymised and used for the legitimate interests of personal data processing for research purposes, including market research, for better understanding the Company customers and for tailoring the Company products and services to your needs.
- To notify any criminal offences or threats to public safety to the competent body. The latter is required for the Company’s legitimate interest to promote its business performance, prevent crime, comply with legal obligations, for the general public interest or for the legitimate interests of public authorities and competent bodies preventing criminal offences.
- In relation to any legal dispute or proceedings. The latter is required for the Company’s legitimate interest to promote and ensure successful Company operations, resolve disputes and provide such disclosures as required under the law or which are believed to be reasonable under the law.
Your personal data may also be used for the purposes of marketing and with your express consent for the purposes of e-marketing, unless terms under which your consent is not required are met, e.g. where your data has been made publicly available or the Company has a business interest.
Where your personal data is processed on the basis of your consent, you may cancel the consent at any time by sending the email address at varstvo.poda[email protected]. The effective date of such a cancellation is 30 working days after the date on which your request is received.
VALICON stores your personal data on its own servers.
VALICON will process your personal data in the extent relevant and limited to what is needed for the purposes for which it is processed, i.e. the purpose(s) for which your personal data is processed, e.g. whether such data must still be stored in order for the Company to comply with its obligations under the contract concluded with you or for the Company’s legitimate interests; whether the Company has any legal obligation to continue processing your data, such as any record-keeping obligations as laid down by the applicable legislation; and whether the Company has a legal basis to continue processing your personal data, such as your consent.
If you wish to receive more information about where and for how long your personal data is stored and for more information about your right to the deletion and portability of personal data, please contact us at [email protected].
The Company has adopted appropriate technical and organisational measures to secure your personal data and protect it against unauthorised or illegal use or processing and against accidental loss, destruction or damage to your personal data, including:
- the principle of data minimisation and processing on an anonymised basis, where possible;
- training Company employees about the importance of confidentiality and keeping your data confidential and safe;
- commitment to the adoption of suitable disciplinary actions to enforce employee responsibility regarding privacy;
- continuous and comprehensive updating and testing of the Company security technology;
- prudent and responsible selection of Company sub-processors;
- the use of safe servers to store your personal data;
- the appointment of an independent data protection officer;
- a request to prove the identity of each individual requesting access to personal data.
We would like to warn you that the transfer of information (including personal data) over the Internet is not always completely safe and if you send any information over the Internet (by email, via the Company website or in any other way), you do so entirely at your own risk. The Company cannot be held responsible for any costs, expenses, loss of profit, damage to reputation, responsibility or any other form of loss or damage you have suffered because you provided data over the Internet.
If your personal data is transmitted outside the European Economic Area, the Company will do so upon prudent examination of the relevant legal bases and security measures, such as:
- data protection policies known as “Binding Corporate Rules” or “BCRs”;
- standard contract clauses as adopted by the European Commission or the Information Commissioner and confirmed by the European Commission pursuant to the relevant law;
- code or codes of conduct as prepared by an association or some other body authorised by the Information Commissioner;
- approved certification mechanisms;
- other legal bases as laid down in the General Data Protection Regulation.
You are hereby informed of the following rights relating to your personal data that you may exercise by sending an email at [email protected] and:
- requesting access to your personal data and information relating to the Company’s use and processing of your personal data;
- requesting the rectification or deletion of your personal data;
- requesting that the use of your personal data be restricted;
- requesting the personal data you provided, which will be provided to you in a structured and machine-readable form (e.g. an Excel spreadsheet), and the right to transfer such personal data to some other personal data controller;
- objecting to the processing of your personal data for certain purposes (for further information see the section below entitled “Your right to object to the processing of your personal data for specific purposes”); and
- requesting the withdrawal of consent to the Company’s use of your personal data based on your consent. If you withdraw your consent, this will not prejudice the legality of the Company’s use and processing of your personal data based on your consent prior to the withdrawal of your consent. Due to technical restrictions, the withdrawal of consent will reflect in the Company’s system within 5 working days of the receipt of a request.
You also have the right to file a complaint to the supervisory body, which is the Information Commissioner in the Republic of Slovenia, whose contact information is available here.
Additional information about your rights relating to your personal data, including certain restrictions applicable to some of such rights, is available in Articles 12 to 23 of GDPR.
You have the following rights relating to your personal data, which you may exercise in the same manner as indicated in the previous chapter (your rights relating to your personal data):
- objecting to the use or processing of your personal data, where used or processed in order to complete a task in the public interest, if your personal data is processed for the Company’s legitimate interests, including “profiling” (e.g. predicting your behaviour based on your personal data) based on any of such purposes; and
- objecting to the processing of your personal data for the purposes of direct marketing.
Furthermore, you may enforce your right to object to the use or processing of your personal data for the purposes of direct marketing by:
clicking the unsubscribe link at the bottom of any of the Company’s marketing email sent to you and following the instructions indicated in the browser after clicking such a link, or by sending an email to [email protected] requesting that the Company stop sending you marketing emails or using the words “OPT OUT”.
Every time you object to direct marketing sent by the Company using a different communication method than in the marketing messages received from the Company, you are required to indicate your name and provide sufficient data to be identified in relation to the messages you received (e.g. if your received a text message and wish to unsubscribe by email, you may have to indicate your phone number in such an email).
The Company’s privacy rules may be amended from time to time. You will be informed of such amendments. If you continue to access the Company website on or after such a date, you agree that you are bound by the new versions of the Company’s privacy rules.
When the Company intends to use your personal data for a new purpose, you will receive information about such a purpose and any other important information before your personal data is used for such a new purpose.
You are kindly asked to notify the Company of any changes to your personal data, so that the data about you may be accurate and up to date.