Skip to main content

Personal data protection

Privacy: Data privacy notice by the controller to the data subject on the processing of personal data 

In the Consortium, we recognize the value of your personal data and we work every day to ensure that we can process your personal data appropriately. The Data Controller's Privacy Notice informs you about all new and important developments in the protection of your personal data. 

Please read the following statement carefully before giving your consent to the processing of your personal data. We assure you that your personal data will be processed in accordance with the latest standards and legislation in the field of personal data protection. 

What is personal data? 

Personal data are any data relating to a specific natural person, i.e. an individual, whatever the form in which they are expressed. It is data from which you can be identified. 

Examples of personal data are: an ID number, a tax number, a health insurance number, a telephone number, a vehicle registration number, a personal transaction account number, etc. 

Specific types of personal data are data concerning an individual which reveals his or her racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership and the processing of genetic data, biometric data for the purpose of uniquely identifying an individual, data concerning health or data concerning an individual's sexual orientation, sex life, data concerning convictions, etc. 

How and for how long will we keep your personal data? 

The personal data we collect on the basis of your explicit consent will be stored in an electronic or physical personal data file.  

The personal data collected may be kept in the personal data file until your consent to the processing of your personal data is withdrawn or for no longer than is necessary to achieve the purpose for which your personal data is processed or to comply with legal requirements. 

We will carefully protect all personal data collections using the latest technical security measures. 

Processing and use of your personal data 

In accordance with the Regulation, your personal data may only be managed, collected and processed by the company: 

  • on the basis of your explicit written or electronic consent 
  • if the collection of your personal data is necessary in order to enter into a contract with you  
  • if the collection of your personal data is required by applicable law (e.g. in relation to data contained in an invoice). 

For what purpose do we process personal data? 

The Consortium manages, collects and processes your personal data for which your explicit and written consent is required only within the purposes for which the data was provided to us. 

We undertake not to lend or sell your personal data to any third party without prior notice to you and obtaining your express written consent, and not to process it in any other way incompatible with these purposes. 

Withdrawal of consent to the processing of personal data 

You have the right to withdraw your consent to the processing of your personal data at any time for one or all of the purposes for which you have consented to the processing of your personal data. 

You can withdraw your consent to the processing of personal data by sending a written statement to our address or to the email address available on our website. 

In the event of your withdrawal of consent to the processing of personal data, the Consortium will delete all personal data collected and immediately stop processing it. 

Your rights in the area of personal data protection 

The new Regulation brings you a number of rights in the area of personal data protection, which are: 

  • Right to data removal and rectification of inaccurate personal data. 
  • You have the right to request the controller to amend or complete inaccurate or incomplete your personal data. 
  • You have the right to request from the controller the immediate deletion of personal data processed in relation to you. 
  • In the event of rectification, amendment or erasure of personal data, the controller must inform you without delay of the rectification, amendment or erasure. 

Right to restriction of processing of personal data 

You have the right to request the controller to restrict the processing of your personal data in the event of inaccuracy, unlawfulness, cessation of the purpose of the processing or objection. 

Right to data portability 

You have the right to request the controller to transmit to you the personal data it processes concerning you. You have the right to request the controller to transmit the personal data it processes concerning you to another controller at your request. 

Right to object 

In addition to the right to withdraw consent, if your personal data is used for information or direct marketing purposes, you may at any time request in writing that we cease using your data for this purpose. If you object to processing for marketing purposes, the controller will immediately stop processing your personal data for marketing and information purposes. 

You can request all your rights by writing to the controller or to the controller. You can send your request by post to our address or to the email address accessible on our website. 

Right of access to personal data relating to you 

You have the right to obtain confirmation from the controller as to whether personal data relating to you is being processed and access to personal data relating to you and the following information: the purpose of the processing, the type of personal data relating to you, the users of your personal data, the intended retention period of the personal data, the source of the personal data. 

Personal data breach 

In the event of a breach of your personal data protection and in the event that such a breach of personal data protection would be likely to result in a high risk to your rights and freedoms, we will notify you without delay. 

In the event of a personal data breach, we will notify the competent authority without undue delay and at the latest within 72 hours of becoming aware of the personal data breach. 

Right to file a complaint 

You have the right to lodge a complaint with the competent supervisory authority in the event of a personal data breach against the controller at the Information Commissioner's Office, Zaloška 59, 1000 Ljubljana or at:  .

Important information regarding the processing of your personal data 

We undertake to process all collected data only within the scope of the listed purposes of the management or processing of personal data and in accordance with the Personal Data Protection Act and other relevant sectoral legislation, as well as in accordance with Regulation (EU) 2016/679 on the protection of individuals with regard to the processing of personal data (GDPR).