Privacy Statement

Personal Data Protection

We recognize the importance of personal data protection and respect your privacy, which is why we take all necessary measures for the lawful processing of personal data.

Data Controller Information:
PLADENT d.o.o.
Poslovna cona Žeje pri Komendi, Pod hrasti 18, 1218 Komenda
Email: masa@pladent.si
Phone: 01 834 56 96

Personal Data We Process:
We process personal data such as:
Name, surname, email address, phone number; for customers, also billing and delivery address and transaction account number.

We follow the principle of proportionality and collect/process only the data necessary to fulfill the purposes for which the data is being processed.

Legal Basis for Processing Personal Data:

– Law: We process certain data to comply with legal obligations. These personal data must be retained and processed as stipulated by law. For example, personal data required by law to be listed on invoices.

– Consent: We process personal data based on consent solely for pre-defined purposes (e.g., to inform you about offers). Consent can be revoked at any time, but revocation does not affect the lawfulness of processing carried out before the revocation.

– Contract: We process personal data necessary for the fulfillment of contracts. If an individual does not provide the required data, we cannot conclude a contract with them.

– Legitimate Interests: We process certain data to ensure or protect legitimate interests. For example, processing personal data of individuals entering the controller’s premises where video surveillance is conducted.

Purpose of Processing Personal Data:
Personal data are primarily processed to fulfill legal and contractual obligations. Other purposes are either expressly pre-defined (and clearly stated upon obtaining consent) or derive from the nature of the contract.

Retention Period of Personal Data:
We retain all personal data in accordance with applicable law. Retention periods vary depending on the type of personal data, purpose, and legal basis for processing. Personal data obtained based on consent are stored until the purpose for which they were collected is fulfilled or until the consent is revoked. Data for which the retention period has expired is deleted, anonymized, or destroyed so they can no longer be used.

Personal data processed based on contracts are retained during the contract’s validity or as long as necessary to fulfill the contract (including warranty and limitation periods). Personal data listed in documents for recording business events (e.g., issued invoices) are kept for 10 years after the end of the year to which they relate.

Categories of Personal Data Users:
When we share your personal data with third parties (users, contracted processors, competent authorities), they may only process your personal data to the extent necessary to achieve the purpose for which the data was shared. Access to your personal data by third parties is limited in accordance with the principle of proportionality. All these entities are required to comply with applicable laws and demonstrate a valid legal basis for obtaining the data.

We may share your personal data with:
– Contracted processors (e.g., accounting services, IT system maintenance)
– State authorities/institutions where there is a legal basis (e.g., tax authorities, courts)

Personal data are not transferred to third countries.

Automated Decision-Making and Profiling:
Automated decision-making, including profiling, is not performed.

Individual Rights:
Individuals have all the rights under data protection legislation:
a) Right of access: Individuals can request information about whether their personal data is being processed and various details about the processing.
b) Right to rectification: Individuals can request that their personal data be corrected.
c) Right to erasure (right to be forgotten): Individuals can request the deletion of their personal data if they are no longer needed for the purposes they were processed, if they object to the processing, if the processing was unlawful, or if required by EU or national law.
d) Right to restriction of processing: Individuals can request the restriction of processing if the processing is unlawful, if they contest the accuracy of the data, if the controller no longer needs the data, but the individual needs them for legal claims.
e) Right to object: Individuals can object to the processing of their personal data by the controller.
f) Right to data portability: Individuals can request an export of their data in a suitable format.

Before processing any request to exercise data protection rights, we reserve the right to verify the identity of the individual making the request. These rights are exercised in accordance with Article 23 of the GDPR and must not contradict applicable legislation.

Revocation of Consent:
Individuals can revoke their consent for data processing at any time, either entirely or for specific purposes. Revocation does not affect the lawfulness of processing carried out before the revocation.

Right to Lodge a Complaint:
If an individual believes their data protection rights have been violated, they can file a complaint with the supervisory authority – the Information Commissioner (address: Dunajska 22, 1000 Ljubljana, email: gp.ip@ip-rs.si, phone: 012309730, website: www.ip-rs.si).

In our operations, we take all necessary actions to protect and ethically handle your personal data.

For further information on our personal data protection policy, please contact us.