Privacy Policy

For every diet

/
Privacy Policy

Privacy and personal data protection policy

The purpose of the Privacy and Personal Data Protection Policy (hereinafter: the Policy) is to acquaint website visitors (hereinafter: Individuals) with the purposes and basis of personal data gathering and processing by PAJS BREZ OBRESTI d.o.o. (hereinafter: the Company) and the rights of Individuals in this regard.

In accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (hereinafter referred to as the data protection act), the following information is covered:

  • contact information of the Company that is handling personal data,the method of obtaining, using and processing personal data,
  • what types of personal data the Company collects or obtains about Individuals,
  • purposes of personal data processing of Individuals and legal basis for personal data processing,
  • time of personal data retention and processing period,
  • the rights of individuals in relation to the processing of personal data,
  • the right to a formal complaint regarding the processing of personal data,
  • protection of personal data,
  • disclosure of web plug-ins and other online tools,
  • use of cookies and similar technologies.


Where appropriate, the rights relating to Individuals shall also apply to users who are legal entities.

This Privacy and Privacy Policy applies to:

  • the online store  (hereinafter referred to as the Home page),
  • organization of all forms of educational or other events and registration for such events,
  • sign up for notifications about news and other activities,
  • inquiries for solutions and services via e-mail, telephone and forms on the Home page,
  • form submissions to obtain download documents available on the Home page, and
  • Individual’s use of any other, current or future, online or offline services or technical support that the Company offers. (hereinafter all bullet points from (1) – (6) will be referred to as Services)

The controller of personal data is PAJS BREZ OBRESTI d.o.o., registered office and business address at Na Jelovcu 4, 2354 Bresternica.

All questions and any requests regarding the rights of the Individual are accepted by the Company by e-mail info@forverydiet.com or by post to the address PAJS BREZ OBRESTI d.o.o., Na Jelovcu 4, 2354 Bresternica.

The Company collects personal data from Individuals by providing subscriptions to email newsletters, and personal data them, use of the Homepage and its functionalities, when the Individual contacts the Company directly by email, telephone, or in writing, or via social networks, when registering for events. The Company may collect personal data from publicly available data such as. TIS, AJPES or in any other way by which Individuals provide personal data.

Where permitted by law, the Company obtains information from other public sources.

The company also collects data on the Home page with the use of cookies and similar technologies. More information on the use of cookies and similar technology for the purpose of collecting information about Individuals is provided in section 10 of this document.

The types of information that the Company collects about Individuals may include information about the Individual, such as:

name and lastname,      

  • business email address or other email address provided by the Individual,
  • the company for which the Individual works or has worked; position (function) in the company,
  • telephone number,
  • information about the computer or mobile device (eg IP address and browser type, Individual device type),
  • Information about how the Individual is using the Homepage (eg, which pages the Individual visited, the time he or she Individual viewed the Hompega, and what the Individual clicked on).

 
The Company may obtain Personal Data from Individuals from certain publicly available sources, including (but not limited to) public online databases, business directories, media publications, social networks, websites, and other publicly available sources.

The Company stores personal data of Individuals on the servers of it’s IIT service providers in the cloud located in EU Member States. From time to time, personal data of Individuals may also be processed outside the EU on the servers of IT providers whose services are approved through certification mechanisms such as e.g. EU-US Privacy Shield.

Personal data of Individuals are kept as long as there is a basis for their processing and storage.

Personal data of Individuals obtained on the basis of application forms are processed and stored until revoked.

Personal data of Individuals obtained on the basis of consent are processed and stored until the consent is revoked.

For the purpose of fulfilling contractual obligations such as fulfilling orders, personal data of Individuals are kept until the full payment of obligations or until the expiry of the limitation period in relation to an individual claim. The invoices which also may contain personal data shall be kept for 10 years in accordance with the law.

Personal data may only be processed on existing legal bases and purposes determined by the GDPR and the law, which are known to the Individual in advance.

Contract processing

The Company processes personal data of Individuals in order to fulfill its obligations from the Articles of Association, from consent forms,  from contractual relationships between Individuals and the Company and from value-adding services.

As part of exercising rights and fulfilling contractual obligations, the Company processes personal data for the following purposes: identification of the Individual, fulfillment of contractual obligations to the Individual, notifications about educational and other organized events and other notifications from the Companie.

Processing based on the legitimate interest pursued by the Company

The Company may also process data on the basis of a legitimate interest pursued by the Company, except when such interests are outweighed by the fundamental rights and freedoms of the Individual to whom the personal data relates, which require the protection of personal data.

Based on a legitimate interest, the Company may contact Individuals for the purpose of improving the user experience for the purpose of determining their satisfaction.

Other legitimate interests may include the prevention of abuse.

Processing on the basis of consent for processing of personal data

The processing of data may be based on the consent given by the Individual to the Company. Consent may, for example, relate to information about educational or other organized events, informing the Individual about novelties and the work of the Company. Communication is carried out through channels selected by the Individual.

The Individual may withdraw or change consent at any time in the same way as the consent was given or in another way defined by the Company, whereby the Company. Withdrawal or change of consent refers only to data processed on the basis of consent. 

Sharing data to third parties and sharing data to third countries (countries not members of the European Union or the European Economic Area) is allowed If this is in accordance with the purpose for which consent for processing of personal data was given and is in accordance with EU law and Slovenian regulations.  The company may provide personal data for Individuals to:

  • third parties who perform individual processing tasks for the Company, such as the preparation and transmission of invoices, maintenance and development of the network and other services, including software, when these tasks include the processing of personal data to the extent necessary to perform this services,      
  • to third parties who provide services to the Company or cooperate with the Company to the extent necessary for such tasks within the purposes and bases defined in this Policy.

The Company guarantees to the Individuals the exercise of their rights without undue delay and in any case within one week of receiving the request. The company may extend the deadline for exercising the rights of the Individual by a maximum of three additional weeks, taking into account the complexity and number of requirements. If the Company extends the deadline, it shall notify the Individual of any such extension within one week of receiving the request. 

The Company accepts requests regarding the rights of the Individual by email or by post mail to the Company’s address. An individual may also submit a request at the Company’s registered office.

The Company grants the following rights to individuals whose personal data it has obtained on the basis of consent with regard to the processing of personal data:

  • the right to access data,
  • the right to rectify or change data,
  • the right to be forgotten (deletion of data),
  • the right to restrict processing,
  • the right to object.  

 
The right to access data

Individuals have the right to obtain confirmation from the Company whether their personal data is  being processed by the Company. Individuals also have the right, where applicable, to access their personal data and additional information relating to the processing of personal data.

Upon the request of the Individual, the Company provides a copy of personal data being processed.

The right to rectify or change data

Individuals have the right to have the Company correct personal data concerning them without delay. Individuals have the right to add incomplete personal data, including the submission of new application forms, taking into account the purposes of the processing.

Upon the request of the Individual, the Company provides a copy of the Individuals personal data being processed.

The right to be forgotten (deletion of data)

Individuals have the right to have the Company delete all personal data relating to them without delay, and the Company has the obligation to delete the personal data without undue delay:

  • where personal data is no longer necessary for the purposes for which it was were collected or otherwise processed,
  • when the Individual revokes the consent, which is the basis for data processing and there is no other legal basis for further data processing,
  • when the Individual objects to the processing on the basis of the legitimate interest of the Company and there are no overriding legal reasons for their processing,


The right to restrict processing

Individuals have the right to restrict processing of their data where:

  • The individual disputes the accuracy of the data, for a period that allows the controller to verify the accuracy of personal data,
  • The processing is illegal and the Individual opposes the deletion of personal data and instead requests a restriction on the use of data.


The right to object

Individuals have the right to object to the processing of personal data at any time, for any reasons, that relates to their personal data, its use or processing by the Company or a third party.

An individual may send a complaint regarding the processing of personal data to the Company’s by email or by post. An individual may also file a complaint at the Company’s registered office.

Also, each Individual has the right to lodge a complaint directly with the Information Commissioner of the Republic of Slovenia (Slovenian Information Commissioner, Zaloška 59, 1000 Ljubljana), if the Individual considers that the processing of personal data is in violation of Slovenian regulations or EU regulations.

The Company has taken appropriate technical and organizational measures to protect the personal data of Individuals and protect them from unauthorized or illegal use or processing of personal data and against accidental loss or destruction or damage to personal data of the Individual, including:

  • the principle of minimum data and processing on an anonymised basis, whenever possible,
  • training of employees in the Company on the importance of confidentiality and maintaining the privacy and security of data of Individuals,
  • a commitment to take appropriate disciplinary action to enforce employee privacy responsibilities,
  • careful and responsible selection of third party processors,
  • using secure servers to store personal information.


The Company points out that the transfer of information (including personal data) via the Internet is not always completely secure, and if an Individual provides any information via the Internet (either by email, or via the Homepage or in any other way), it does so at its own risk. The Company assumes no responsibility or any costs, or damage to reputation, or any other form of loss or damage suffered by the Individual as a result of the transmission of data over the Internet.

Google Analytics

The Homepage uses Google Analytics operated by Google, Inc., 901 Cherry Ave., San Bruno, CA 94066, USA. Google Analytics uses cookies to analyze how visitors use the website. The usage data generated by the cookie, including the user’s IP address, which is provided to Google and stored in the United States. Google uses this information for the purpose of analyzing website usage. Based on this information, it prepares usage reports. Google may transfer the collected data to third parties to the extent required by law or to the extent that third parties process the data for Google. Google does not associate the collected data with the user’s IP address, which ensures that the data is completely anonymous.

Google Maps

The Homepage uses the Google Maps mapping service operated by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. If an Individual wants to use Google Maps, it is necessary to save the Individual’s IP address. This information is usually transferred to Google’s servers in the United States and stored there. The company has no influence on this data transfer. The use of Google Maps is in our legitimate interest to make the Homepage more attractive and to make it easier for Individuals to find and access the Company’s headquarters. This is a legitimate interest in accordance with Art. 6 (1) (f) GDPR. Further information on the handling of user data can be found in the Google Privacy Statement.

Facebook Pixel

The Homepage uses Facebook Pixel operated by Facebook, Inc., Hacker Way (6,075.46 mi) Menlo Park, CA 94025, USA. Facebook Pixel uses cookies to analyze how visitors use the website. The usage data generated by the cookie, including the user’s IP address, is provided to Facebook and stored in the United States. Facebook uses this information for the purpose of analyzing website usage and advertising effectiveness. Based on this information, it prepares reports on the use and effectiveness of advertising. Facebook may pass the collected data to third parties to the extent required by law or to the extent that third parties process data for Facebook.

Cookies are data files that are sent from a website to a browser in order to record information about the use of the Homepage. The company uses cookies and similar technologies on the Homepage.

Some or all of the cookies used by the Company on the Homepage may be rejected by the Individual by changing the browser settings, but this may reduce the Individual’s ability to use the Homepage or some or all of its functions. For more information on cookies, including how to change your browser settings, visit allaboutcookies.org.

In addition to the Privacy Policy, the General Terms and Conditions are also observed.

Validity: 15.7.2021