Privacy Policy
Thank you for visiting our website
With this Privacy Policy, Chemets d.o.o., a production, service and trade company, Delavska cesta 24, Šenčur (hereinafter “CHEMETS d.o.o.”) determines the rights and obligations of users of the website (hereinafter “user”), where it is important that CHEMETS d.o.o. respects and protects all obtained personal data from the user in accordance with the applicable law and undertakes that all personal data obtained via or through the use of the website will be carefully protected and used exclusively for the purposes for which they were provided. The term “user” refers to both female and male users.
This Privacy Policy is a constituent part of the Terms of Use, which are available on the website: www.chemets.si. CHEMETS d.o.o. reserves the right to change the Privacy Policy at any time, without prior notice. Users are bound by this Privacy Policy and the Personal Data Protection Act, valid at the time of visiting or using this website.
In accordance with Regulation (EU) 2016/679 of the European Parliament and of the European Council from the 27th of April 2016 on the protection of individuals with regard to the processing of personal data and with regard to the free movement of such data as well as repealing Directive 95/46/ES (hereinafter the General Data Protection Regulation), the following information is covered:
- company contact information as well as contact details of the authorised person for data protection,
- the purpose, background and types of processing of different types of personal data of individuals,
- including profiling the personal data of individuals,
- the transmission of data to third parties and to third countries,
- the time of retention of individual types of personal data,
- the rights of individuals with regard to the processing of personal data, and
- the right to file a complaint regarding the processing of personal data.
Where appropriate, provisions relating to individuals shall also apply to questions of confidentiality and trust in the communication of users who are legal persons.
PURPOSES OF PROCESSING PERSONAL DATA
The user consents or allows CHEMETS d.o.o. to collect, manage, maintain, control or otherwise process personal data which relates to him or her with each access to the website or use of the website, in accordance with this Privacy Policy, the Terms of Use and the applicable Personal Data Protection Act.
User-related data includes, but is not limited to, data obtained by CHEMETS d.o.o. in connection with the user’s access to the website, their first name, surname, address, telephone numbers, payment information, and data to access their CHEMETS d.o.o. account and/or data that the user him or herself provides to CHEMETS d.o.o.. CHEMETS d.o.o. is the copyright holder with regard to content and information generated through the use of the website. The user guarantees that user names and passwords will be protected from their side and that unauthorised access will be prevented to unauthorised persons. CHEMETS d.o.o. also collects non-personal data,
comments, videos and other posts published by the user on the website.
CHEMETS d.o.o. may collect data within the context for the purposes of:
- Registering and activating an account,
- Technical and customer support,
- Order processing,
- Product and service upgrades,
- Marketing activities,
- Access to CHEMETS d.o.o. services on third-party pages,
- Other purposes necessary for the use of services, and
- Job applications.
Processing on the basis of a contract:
The company processes the personal data of individuals for the purposes of growth and business development.
Within the framework of exercising rights and the fulfilment of contractual obligations, the company processes the personal data of individuals for the following purposes:
- the growth and development of marketing,
- the growth and development of the business,
- the selection, testing and control of appropriate
marketing and other solutions for business
development.
According to the GDPR of CHEMETS d.o.o., data is processed on the basis of several possible legal bases:
Processing by virtue of the law:
The company processes the personal data of individuals for the purposes of concluding, executing, monitoring or terminating contractual relations.
Processing data is any kind of data processed for the purposes of transferring communication over an electronic communications network or charging for it.
Other purposes of processing may also stem from the legislation in force, such as border crossing notices in accordance with the rules on national roaming arrangements.
Processing on the basis of legitimate interest undertaken by the company:
The company may also process data on the basis of legitimate interest undertaken by the company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the individual, to whom the data relates, which require the protection of personal data, in particular where the data relates to a child. In the case of the further use of data collected on the individual, the company shall carry out an assessment in accordance with the General Data Protection Regulation.
Such further use of data in a pseudonym-based manner or in aggregate form, for example, represents the lawful use of such data for marketing or other business or technical analyses by the company.
The deletion of certain data may also be used as an additional measure for certain forms of further obtained data.
An individual may object to processing.
On the basis of legitimate interest, the company may contact individuals for the purposes of improving their services and determine their satisfaction with these services or the user experience, also in cases where this is not strictly necessary for the performance of the contract. Due to weighing this interest with the interests of the individual, the company will not contact those individuals who objected to this again.
The company maintains aggregated data in relation to traffic, including data in relation to hosting, for the purposes of determining the predominant domestic use or the predominant domestic presence of the individual in Slovenia, for a period of six months. In accordance with legitimate interest, the company may process personal data to the extent only that it is strictly necessary and proportionate to ensure the continuity of operation, network or information security, i.e. the ability of the network or information system to prevent, at a certain level of trust, accidental events or illegal or malicious acts that jeopardise the availability, authenticity, integrity and confidentiality of stored or transferred personal data and the security of related services offered or accessed through networks and systems. This could, for example, include preventing unauthorised access to electronic communications networks, the spreading of malicious codes and the prevention of ‘denial of service’ attacks as well as damage to computer and electronic communication systems. This may include the processing of network diagnostic data (technical data or readings from equipment) as well as historical data in diagnostic tools that could allow for the re- identification of the individual.
The company has a legitimate interest in anonymising or aggregating the data until the expiry of the legal retention period and further using it for analysis and research for the purposes of marketing, network planning and the like.
Other legitimate interests may include the prevention of abuse, the enforcement of claims or defence against claims in administrative and judicial proceedings. Legitimate interest also includes the legal verification of an individual’s solvency.
In the case of suspected abuse, the company may process data on individuals to an appropriate and proportionate extent for the purposes of identifying and preventing possible fraud or abuse, and may, if appropriate, pass this data on to some other persons, e.g. business partners, the police, the public prosecutor’s office or other competent authorities. For the purposes of preventing future abuse or fraud, data on the history of identified abuses are provided.
The company reserves the right to provide information on the fulfilment of contractual obligations of individuals (invoice payment data) is processed to ensure a higher quality of its services.
Processing on the basis of consent to the processing of personal data:
Data processing may be based on consent given by the individual to the company. Consent may, for example, relate to notification of the offer and services, preparation of the offer, customised individual user habits or the provision of value-added services. Notification is carried out through channels selected by the individual in the consent. Notification by use of an email address involves forwarding the email address to an external processor in order to display the company’s advertising messages while browsing the web.
The individual, to whom the personal data relates, may at any time withdraw or change his or her
consent in the same way that the consent was given or in another way as defined by the company, while the company reserves the right to identify the client. The withdrawal or change of consent refers only to data processed on the basis of the consent. The last given consent of the individual received by the company is held as valid. The possibility of revoking consent does not constitute resignation in terms of the business relationship the individual has with the company.
Consent may be given by a parent, guardian or custodian of a minor who, in accordance with the applicable legislation, cannot provide consent him or herself. Such consent remains valid until a parent, guardian or custodian or the child him or herself, acquires, revokes or changes this right in accordance with the applicable legislation.
Where consent involves direct marketing based on an individual’s profile, the company may perform individualised profiling.
Profiling may result in an offer or information about the company’s offer, but in no way does it create a legal obligation to the individual. Profiling for the purposes of direct marketing may involve the use of a date of birth.
Data for which consent has been given is processed in the absence of revocation for up to three years after the termination of the business relationship with the company.
CHEMETS d.o.o. will provide all information exclusively to those who must have it in order to process orders and provide their services, to those who are under a non-disclosure obligation and only to its employees, server maintainers, external e-mail providers and other affiliates and / or third parties, persons who, in accordance with the applicable regulations, have a basis for obtaining, processing, transmitting or storing personal data within these regulations, the personal consent of the user or, those who are in a contractual relationship. The user agrees that CHEMETS d.o.o. may provide the collected data to those business partners, server maintainers, external providers of electronic communications and other capital-related companies and / or third parties who, in accordance with applicable regulations, have a basis for obtaining, processing, transmitting or storing personal data within these regulations, a user with personal consent or are in a contractual relationship. Some of these contractual partners and related parties may be located outside the user’s country of residence and by visiting the website, the user agrees to the transfer of data to and from these persons. The same applies in the event of a takeover of CHEMETS d.o.o. – the data can be transferred to the new owners. Data will be stored exclusively for as long as the law allows, and in cases of rejection in relation to advertised jobs, the data will be stored in the candidate database for another 2 years, unless the user explicitly requests the deletion of it.
If credit card information is provided to CHEMETS d.o.o., this information will be encrypted via SSL technology and stored with AES-256 encryption. Although no method or rather the transfer of data is 100% secure, CHEMETS d.o.o. shall do all it can and follow the PCI-DDS requirements.
The website, www.chemets.si, uses the following cookies:
- Google Analytics cookies for analytical purposes;
- Facebook cookies for repeat marketing and advertising;
- Google cookies for repeat marketing and advertising;
- ‘Add this’ cookies to display buttons for sharing on social media and pop-ups as well as exposures;
- Cookies as marketing automation tools to monitor user activities on the website.
More about cookies.
CHEMETS d.o.o. is not responsible that the content of the website is correct and accurate, but that it can only serve as information.
The sole responsibility for the authenticity of personal data and contact information is assumed by the user, who is also responsible for the security of access to his or her own personal data. The user may revoke the permission to process his or her own personal data at any time. At the same time, the user confirms that he or she was made aware of the fact that he or she has the right to view, transcribe, copy, supplement, correct, block and delete the personal data relating to him or her (in accordance with the applicable Personal Data Protection Act) – unless this right is limited by applicable regulations. CHEMETS d.o.o. in this case, will immediately do all that is necessary to meet this requirement. If the user has any questions regarding this Privacy Policy, he or she can contact the authorised person for personal data protection at info@chemets.si.
Whenever a user accesses the website, general, non- personal data (search engine users, number of visits, average time of visit to the website, pages visited) are automatically recorded. This information is used by CHEMETS d.o.o. to improve content and usability and this information is not subject to further processing and is not passed on to third parties.
Because the company’s website, www.chemets.si, uses and links to certain links and other external websites (hereinafter “external pages”) that are not directly linked to the company, CHEMETS d.o.o. assumes no responsibility for the protection of data on external websites and advises the user to read the Privacy Policy on those external websites. CHEMETS d.o.o. is not liable for any damage resulting from the use of external sites or the purchase of goods through external sites. In the event of any reports or claims under this title, the user should contact the operator of those external sites.
CHEMETS d.o.o. stores your information only as long as necessary to provide its services. CHEMETS d.o.o. may store the data longer, but only in such a way that it is no longer possible to be associated with you. It keeps data on payments only as long as is necessary for the exercise of rights arising from payments and complaints.
Some services may allow a user to post or share their content. In such a case, the user retains the intellectual property rights to the content published or shared and granted by CHEMETS d.o.o. – the right to use that content for the purposes of providing or improving its services. With each publication, the user guarantees that he or she is the holder of all intellectual property rights with regard to the published content or that he or she has all the necessary permission for the publication.
CHEMETS d.o.o.’s pages may allow or contain dialog, forums, communication between users and the like, and the user undertakes not to use or abuse these methods of communication for the purposes of publishing immoral content, inciting hate speech, publishing content that violates any rights of third parties, the publication of any content that may have signs of crime, content that contains viruses, for the collection of information about other users, for corrupt practices and the like. CHEMETS d.o.o. is not obliged to control such communication, but has the right to check published materials and communication and, as a result, may restrict or disable the user’s access to that communication.
CHEMETS d.o.o. reserves the right to disclose all communications and publications where required by law and to withdraw any publications at any time without providing any reason.
RIGHTS OF THE INDIVIDUAL
The right to access data
An individual, to which personal data relates, has the right to obtain confirmation from the company whether personal data is processed in relation to him or her and, where applicable, access to that personal data and additional information relating to the processing of personal data, including:
- processing purposes;
- types of personal data users or categories of users to whom the personal data has been or will be disclosed, in particular to users in third countries or international organisations;
- whenever it is possible, the planned period of retention of personal data or, if this is not possible, the criteria used to determine this period,
- the existence of the right to require the manager to rectify or delete that personal data or to restrict the processing of that personal data in relation to the individual to whom that data relates, or the existence of a right to object to such processing; the right to lodge a complaint with a supervisory authority;
- whenever the personal data is not collected from an individual, all available information in connection to their source;
- the existence of automated decision-making, including profiling, and meaningful information in relation to the reasons for it, as well as the importance and foreseeable consequences of such processing.
Upon the request of the individual, the company provides a copy of his or her personal data being processed. For additional copies of the data requested by the individual to whom the data relates, the company may charge a reasonable fee subject to administrative costs.
The right to rectification
The individual to whom the data relates has the right to have the company correct inaccurate personal data concerning him without undue delay. The individual to whom the personal data relates, has the right to supplement incomplete personal data, including the submission of a supplementary statement, taking into account the purposes of the processing.
The right to be erased (“right to forget”)
The individual to whom the personal data relates has the right to have the company delete the personal data concerning him or her without undue delay, and the company has the obligation to delete the personal data without undue delay:
- whenever the personal data is no longer required for the purposes for which they were collected or otherwise processed, whenever the individual revokes consent, which is the basis for data processing, no other legal basis for processing exists;
- whenever the individual objects to processing on the basis of the legitimate interest of the company, but where there are no overriding legitimate reasons for its processing;
- whenever the individual objects to processing for the purposes of direct marketing;
- whenever personal data must be deleted in order to fulfil a legal obligation in accordance with EU law or Slovenian legal order; in the case of information relating to the offering of services to information-based organisations, incorrectly collected from a child, which in accordance with applicable law;
- such data cannot be given.
- Whenever it has to do with a case of directory or otherwise published data, the company shall take reasonable steps, including technical measures, to inform the managers of such personal data that the individual to whom the personal data relates requests
them to delete any links to such personal data or
copies thereof.
The right to restricted processing
The individual, to whom the personal data relates, has the right to have the company limit the processing whenever:
- an individual disputes the accuracy of the data, that being for a period that allows the company to verify the accuracy of personal data;
- the processing is illegal and the individual opposes the erasure of personal data and, instead, requires a restriction on its use;
- the company no longer needs the personal data for the purposes of processing, but
- the individual, to whom the personal data relates, needs to assert, enforce or defend legal claims;
- an individual has filed an objection in relation to the processing until it is verified that the legal reasons for the manager prevail over the grounds of the individual to whom the personal data relates.
The right to data portability
The individual to whom the personal data relates, has the right to receive the personal data related to him held by the company in a structured, commonly used and machine-readable form, and the right to pass this data on to another controller without it being obstructed by the company to which the personal data was provided from when the processing is based on the consent of the individual or a contract and where the processing is carried out by automated means.
The right to object
An individual, to whom personal data relates, has the right to object to the processing of personal data at any time, for reasons related to his or her special situation, if based on legitimate interests pursued by the company or a third party. The company ceases to process personal data, unless it proves that it has necessary reasons for processing that outweigh the interests, rights and freedoms of the individual to whom the personal data relate, or to assert, enforce or defend legal claims. When personal data is processed for direct marketing purposes, the individual to whom the personal data relates has the right to object at any time to the processing of the personal data relating to
him or her for the purposes of such marketing, including the creation of profiles insofar as such direct marketing is concerned. To the extent that the direct marketing is based on consent, the right to object may be exercised by revoking the personal consent given.
The right to file a complaint concerning the processing of personal data
An individual may send a complaint regarding the processing of personal data to the e-mail address, info@chemets.si, or by post to the address of CHEMETS d.o.o.. Delavska cesta 24, Šenčur. An
individual can also file a complaint at the company’s point of sale.
Also, each individual to whom the personal data relates has the right to lodge a complaint directly with the Information Commissioner if he or she considers that the processing of personal data in relation to him or her violates Slovenian or EU regulations in the field of personal data protection.
If the individual has exercised the right of access to data with the company and after receiving the decision of the company considers that the personal data received is not the personal data requested or that he has not received all the requested personal data, before filing a complaint to the Information Commissioner, he or she can file a reasoned complaint to the company within 15 days. The company must decide on the appeal as a new request within five working days.
COMMUNICATION
The provider may contact the user by means of communication from afar only if the user does not explicitly object to this. Advertising e-mails must be clearly and unambiguously marked as advertising messages, and the sender must be clearly visible.
The wish of the user not to receive advertising messages must be unconditionally taken into account.
The company’s advertising emails will contain the following elements:
- they will be clearly and unambiguously labeled as advertising messages,
- the sender will be clearly visible,
- various campaigns, promotions and other marketing techniques will be designated the same, as well as the conditions for participation in them,
- the way to unsubscribe from receiving advertising messages will be clearly presented,
- CHEMETS d.o.o. will clearly respect the wishes of the user not to receive advertising messages. In the event of a change to your data, you can request that they be corrected at any time by emailing info@chemets.si.
If you no longer wish to receive marketing and promotional materials, let us know immediately and hit the “unsubscribe” option.
If you want to completely remove your personal data from the CHEMETS d.o.o. system, send a request to info@chemets.si and state which data you want to have permanently deleted. Chemets d.o.o. will comply with your request no later than within 10 working days.
EXCLUSION OF LIABILITY
Websites are set up and maintained with the utmost care. Despite this, CHEMETS d.o.o. cannot guarantee the timeliness, accuracy or correctness of all information on all pages. All information on the website is subject to change without prior notice.
Nor is the company liable for any damage that may be, directly or indirectly, caused by the use, malfunctioning and/or inaccessibility of these sites.
In the case that these websites are referenced or linked to others owned or operated by third parties, CHEMETS d.o.o. assumes no responsibility for the content or correct operation of these websites.
COPYRIGHT
© Copyright 2020 CHEMETS d.o.o.
All text, images, graphics, animations and other documents contained on the website are within the legal framework subject to copyright or other forms of intellectual property protection.
The content of these web pages may not be copied, distributed, altered or otherwise reproduced, except for with the written consent of CHEMETS d.o.o. which actively asserts its intellectual property rights to the fullest extent permitted by law.