OUR COMMITMENT TO YOU

Kovintrade d.d. Celje takes the protection of your privacy very seriously. We appreciate your trust when you give us your information, because we know it is not given lightly.

We will not compromise your privacy. We design our websites and services with your privacy in mind. We involve experts from a variety of fields, including legal, security, technology, product design and others, to make sure that every decision is made with your privacy in mind.

We strive for transparency in the way we process your data. As we use the same online services as you, we know that privacy policies often do not provide enough information and contain overly complex terminology. That's why we take a different approach: our Privacy Statement and other documents are written in plain language. In fact, we want you to read our policies and understand our privacy practices.

We work hard to keep your data secure. We have teams working to keep your data secure. We are constantly updating our security procedures and investing in efforts to improve data security.

PRIVACY STATEMENT

Welcome! Here is the Privacy Statement of Kovintrade d.d. Celje. Thank you for taking the time to read it.

We value your trust and we will do our best to maintain it at all times. We want to make sure you understand what information we collect, why we collect it, how we use it and your choices about the information. This Privacy Statement describes our privacy practices in plain language, using as few legal and technical terms as possible.

This Privacy Statement will enter into force on 25 May 2018.

1. WHO WE ARE

The company responsible for your information under this Privacy Statement is:

Kovintrade d.d. Celje

2. SCOPE OF THIS PRIVACY STATEMENT

This Privacy Statement applies to all websites, applications, online shops, events and other services operated by Kovintrade d.d. Celje. For simplicity, in this Privacy Statement we refer to all of these as “services”. To make it even clearer, all these services contain a link to this Privacy Statement.

Some services may also have their own separate privacy policy. If a service has a specific privacy policy, then that policy applies, not this Privacy Statement.

3. THE DATA WE COLLECT

It probably goes without saying that we cannot send you newsletters and the like if you do not trust us with your personal data. We also collect information in the course of your use of the Services, such as how you access the Services. If you would like further information, more detailed information is available below.

Information provided by you

You choose to give us certain information when you sign up to our newsletter. This includes:

When you sign up to our newsletter, you provide us with your login details as well as some basic information that is necessary for the service to work.

When you take part in surveys or focus groups, you give us insight into your views on our products and services, and the answers to our questions and statements.

When you choose to participate in promotions, events or competitions, we collect information that you use to register and enter.

If you contact us, we collect the information you provide when you do so.

Notice to individuals regarding video surveillance

Information we collect when you use our services

When you use our Services, we collect information about which features you have used, how you have used them and the device you use to access our Services. See below for more information:

Application data

We collect information about your activity using our services, such as how you use them (e.g. the date and time you logged in, which features you used, the searches, clicks and pages you were shown, the addresses of the websites you were directed to).

Information about the device

We collect information from and about your devices that you use to access our services, including:

Hardware and software data, such as IP address, device ID and type, device and application settings, application crashes, advertising IDs (e.g. Google AAID and Apple IDFA, which are randomly generated numbers that you can reset on your device settings), browser type, version and language, operating system, time zone, identifiers associated with cookies and other technologies used to uniquely identify your device or browser (e.g. IMEI/UDID and MAC address);

Other data with your consent

If you give us permission, we may collect information about your geographical location (latitude and longitude) in different ways depending on the service and device you use, including GPS, Bluetooth and Wi-Fi connections. The collection of your geolocation data may take place in the background, even when you are not using the Services, provided that you give us your explicit consent to such collection. If you do not give us permission to collect your geolocation, we will not collect it.

4. COOKIES AND OTHER SIMILAR DATA COLLECTION TECHNOLOGIES

We may use cookies and similar technologies (e.g. web beacons, pixels) to recognise you and/or your device and may allow others to do so. You can read our Legal notice on cookies for more information on why we use them (e.g. to verify your identity, to remember your preferences, to analyse trends and traffic, to measure the effectiveness of advertising campaigns, to enable the use of social networking features) and how you can better control their use, through your browser settings and other tools.

Some web browsers (including Safari, Internet Explorer, Firefox and Chrome) have a “Do Not Track” (“DNT”) feature that tells the website that the user does not want their online activity tracked. If a website responding to a DNT signal receives a DNT signal, the browser may prevent the website from collecting certain information about the browser user. Not all browsers have the DNT option and the DNT signal is not uniform. For this reason, many companies have decided not to respond to the DNT signal for the time being.

5. HOW WE USE YOUR DATA

The main reason we use your data is to provide and improve our services. In addition, we need your information for your security. To find out more about the different reasons why we use your data and to see practical examples, read on.

To provide you with services

To provide customer support and respond to your requests

To send newsletters

To communicate about services, including order management and invoicing

To provide you with relevant offers and adverts

To manage sweepstakes, competitions, discounts and other offers

To develop, display and monitor content and ads tailored to your interests on our services and other sites

To communicate with you by phone, social media or mobile device about products or services that we think may be of interest to you

To improve our services and develop new services

To manage focus groups and surveys

We conduct research and analysis of user behaviour to improve our services and content (e.g. we may decide to change the look and feel, or make a significant change to a feature based on user behaviour)

Developing new features and services (e.g. we may decide to offer a new feature based on user interest and demand).

To prevent and detect fraud and other illegal or unauthorised activities

We deal with actual and alleged misconducts

We analyse data to better understand these activities and design appropriate countermeasures

We keep fraud data to prevent fraud attempts from happening again

Ensuring legal compliance

Compliance with legal requirements

Assistance to law enforcement authorities

To exercise or enforce our rights, for example our Legal notification in relation to the website

We rely on the following legal basis for processing your data as described above:

Providing our services to you: In most cases, the reason for processing your data is the performance of a contract you have entered into with us. For example, when you use our services to purchase a product.

Legitimate interests: We may use your data if we have a legitimate interest in doing so. For example, we analyse user behaviour to improve our offer, suggest offers we think may be of interest to you and process data for administrative, fraud prevention and detection or other legal purposes.

Consent: From time to time, we may ask for your consent to use your data for certain specific purposes. You may withdraw your consent at any time by contacting us at the address given at the end of this Privacy Statement.

6.HOW WE SHARE YOUR DATA

Because we aim for service excellence, we share some user data with service providers and partners who help us manage our services and, in some cases, with legal authorities. Read on for more details on how we share data with others.

With our service providers and partners

Our services are managed and developed with the help of external partners. These external partners help us with a variety of tasks, including hosting and maintenance, analytics, customer support, marketing, advertising, payment processing and security.

We may also share information with partners who help us distribute and advertise our services. For example, we may share limited information about you in a masked, non-human readable form with our advertising partners.

Before we start working with a particular service provider or other partner, we carry out a thorough vetting process. All our service providers and partners must agree to our strict confidentiality conditions.

For corporate transactions

We may transfer your information when there is a merger, sale, acquisition, divestiture, restructuring, reorganisation, dissolution, bankruptcy or other change in ownership or control of all or part of our business.

When required by law

We may disclose your information if reasonably necessary: (i) to comply with a legal process, such as a court order, subpoena or search warrant, law enforcement or governmental investigation, or other legal request; (ii) to assist in the prevention or detection of crime (subject to applicable law); or (iii) to protect the safety of any person.

To exercise your legal rights

We may also share information: (i) if disclosure would mitigate our liability in actual or threatened litigation; (ii) as necessary to protect our legal rights and the legal rights of other users, business partners, and other interested persons; (iii) to enforce our agreements with you; and (iv) to investigate, prevent, or otherwise take action against illegal activity, suspected fraud, or other wrongdoing.

With your consent or at your request

We may ask for your consent to share your data with third parties. In this case, we will explain why we want to share the data.

We may use and share non-personal information (non-personally identifiable information, such as device information, general demographic information, general behavioural information, geolocation information in a form that is not personally identifiable), as well as personal information in a masked, non-humanly readable form, in the circumstances described above. We may also share this information with third parties (primarily advertisers) to develop and deliver targeted advertisements on our services (websites or apps), via email, and to compile analyses and reports about the advertisements you see. This data may be linked to other non-personal data or to personal data in a disguised, non-human readable form collected from other sources. More information about our use of cookies and similar technologies can be found in our Cookie Legal Notice.

7. CROSS-BORDER DATA TRANSFERS

The sharing of the data referred to in Chapter 6 sometimes involves the cross-border transfer of data, for example to the US or other jurisdictions. To give an example: the service allows users to be located in the European Economic Area (“EEA”) but their personal data is transferred to countries outside the EEA. We use standard contractual clauses approved by the European Commission or other appropriate safeguards to allow the transfer of data from the EEA to other countries. Standard Contractual Clauses are commitments between companies that transfer personal data and oblige them to protect privacy and secure data.

8. YOUR RIGHTS

We want you to be in control of your data, which is why we have provided you with the following tools:

Access/update data in the service. Our tool helps you to access, correct or delete the information you provide to us that is directly related to you in the context of the Service. If you have any questions about tools and settings, please contact our customer service team here.

Device permissions. Mobile platforms have permission systems for certain types of device data and notifications, such as location services. You can change your device settings to allow or deny the collection of data or the display of notifications. If you choose to do this, some services may no longer work.

We want you to know your privacy rights. Here are some key points to remember:

Review your data. Applicable privacy laws may give you the right to inspect the personal data we hold about you (depending on the jurisdiction, this may be referred to as a right of access, a right of portability or otherwise). You can request a copy of your personal data by submitting a request here.

Update your data. If you believe that the information we hold about you is incorrect or that we no longer have the right to use it, or if you would like to request correction, deletion or refusal of processing, please contact us: gdpr@kovintrade.si

For your protection and the protection of all users, we may ask you to provide proof of identity before we can fulfil your request.

Please note that we may refuse requests for certain reasons, including that the request is unlawful or may violate another user's trade secrets, intellectual property or privacy. We may also not be able to comply with certain requests to opt-out of processing of personal data if this would mean that the request would prevent us from providing services to you.

Responsibility. In certain countries, including the European Union, you have the right to lodge a complaint with the relevant data protection authority if you have concerns about how we process your personal data. The data protection authority with which you can lodge a complaint may be chosen according to your place of residence, place of work or place of establishment.

9. PROTECTION OF YOUR DATA

We take great care to prevent unauthorized access, alteration, disclosure or destruction of your personal data. As with all technology companies, we do take steps to protect your data, but we make no promises and you cannot expect that your personal data will be safe at all times.

We regularly monitor our systems to identify potential vulnerabilities and attacks and regularly review our data collection, storage and processing procedures to update our physical, technical and organisational measures.

We may prevent you from using part or all of the Services without prior notice if we suspect or detect a security risk.

10. HOW LONG WE KEEP YOUR DATA

We will only keep your personal data for as long as is necessary for legitimate business reasons (as described in section 5 and as permitted by applicable law:

we are required to keep the data in accordance with applicable law (some "traffic data" is kept for up to one year, taking into account the legal obligation to keep the data);

we must retain the information as evidence of compliance with applicable law (e.g. consent documents with privacy statements and other similar consents are kept for five years);

there is a pending case, claim or dispute that requires us to retain relevant information until the matter is finally resolved; or

data must be retained for legitimate business interests, such as fraud prevention and improving user security.

Please note that although our systems are designed to delete data in accordance with the above guidelines, we cannot promise that all data will be deleted within a certain period of time due to technical limitations.

11. PRIVACY FOR CHILDREN

Our services are aimed at users who are at least 16 years old. We do not allow users under the age of 16 to purchase or use our Services and we do not knowingly collect information from anyone under the age of 16. If you suspect that a user is under the age of 16, please report it to us at gdpr@kovintrade.si.

12. CHANGES TO THE PRIVACY STATEMENT

As we are always looking for new and innovative ways to offer our services, this statement may change over time. We will inform you before we implement any material changes so that you have time to review the changes.

13. HOW TO CONTACT US

If you have any questions about this Privacy Statement, you can contact us at:

gdpr@kovintrade.si