utii.eu

The protection of Personal Data is a high priority for us. We want users to know when which data is processed by us, on what basis and for what purpose.

What is Personal Data?

Personal Data is all information that relates to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly (in particular by means of an association with an identifier such as a name, an identification number, location data or an online identifier).

What law applies?

In principle, we will only use your Personal Data in accordance with the applicable data protection laws, in particular Slovenia`s Data Protection Act (ZVOP-2) (“DPA”), the EU`s General Data Protection Act (“GDPR”) and only as described in this Privacy Policy.

The person responsible (“Data Controller”)

The person responsible for the processing of Personal Data is:

UTII,

Uroš Korene sp,

Mačkovec 9,

8361 Dvor,

Slovenia

Please contact us using info@utii.eu or utii.si or write us to the above address, if you have any questions.

Purpose and legal basis of processing

In accordance with the DPA and the GDPR we need to have both a purpose and a legal basis to process Personal Data. The purposes are:

• the provision of the website and its functions and contents,
• responding to contact requests and communicating with users,
• providing our services, and
• security measures.

Of course, we can only do that if we have at least one of the following legal bases or in other words lawful reasons to do so. Unless specifically described below, we typically link the above purposes to one of the following:

• Consent: you have given clear consent to process Personal Data for a specific purpose. (Art. 6(1)(a) GDPR)
• Contract: the processing is necessary for a contract or because you have asked us to take specific steps before entering into a contract. (Art. 6(1)(b) GDPR)
• Legal obligation: the processing is necessary for us to comply with the law (not including contractual obligations). (Art. 6(1)(c) GDPR)
• Legitimate interests: the processing is necessary for our legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect your Personal Data which overrides those legitimate interests. (Art. 6(1)(f) GDPR)

General Principles

1. Security

Our website uses SSL or TLS encryption to ensure the security of data processing and to protect the transmission of confidential content, such as orders, login data or contact requests that you send to us.

You can recognize an encrypted connection if the address line of your browser contains a “https://” instead of a “http://” and also has a lock symbol. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

We have also implemented numerous security measures (“technical and organizational measures”) to ensure the most complete protection of Personal Data processed through this website.

Nevertheless, internet-based data transmissions can always have security gaps, so that absolute protection cannot be guaranteed. And databases or data sets that include Personal Data may be breached inadvertently or through wrongful intrusion.

Upon becoming aware of a data breach, we will notify all affected individuals whose Personal Data may have been compromised, and the notice will be accompanied by a description of the action being taken to reconcile any damage as a result of the data breach. Notices will be provided as expeditiously as possible after which the breach was discovered.

1. Retention and Storage

We will retain your Personal Data as necessary in connection with the purposes described in this Privacy Policy, and in accordance with Slovenia`s Statutory Retention Periods and other applicable laws for up to 10 years.

1. Minors

Persons under the age of 18 should not transmit any Personal Data to us without the consent of their parents or legal guardians. We do not request Personal Data from minors and children and do not knowingly collect such data or pass it on to third parties.

1. Automated decision-making

Automated decision-making including profiling does not take place.

1. Do Not Sell

We do not sell your Personal Data.

1. Special Category Data

Unless specifically required and consent is obtained, for a particular service, we do not process Special Category Data.

1. Social Media

We are present on social media on the basis of our legitimate interest. If you contact us via social media platforms, we and the relevant social media platform are jointly responsible for the processing of your data and enter into a so-called joint controller agreement. The legal basis for the use of the relevant social media platform is our legitimate interest, your consent or, in the case of a (pre) contractual relationship with us, the initiation of a contractual service, if any.

1. Marketing

Insofar as you have also given us your consent to process your Personal Data for marketing and advertising purposes, we are entitled to contact you for these purposes via the communication channels you have given your consent to.

1. International Transfer

In the course of our website operation, we process data. We usually do not transfer Personal Data to countries outside Slovenia and the EEA. However, if we do, we ensure that processing of your Personal Data is governed by Processing Agreements that include Standard Contractual Clauses to ensure a high level of data protection.

1. Sharing and Disclosure

We will not disclose or otherwise distribute your Personal Data to third parties unless this is a) necessary for the performance of our services, b) you have consented to the disclosure, c) or if we are legally obliged to do so e.g., by court order or if this is necessary to support criminal or legal investigations or other legal investigations or proceedings at home or abroad or to fulfill our legitimate interests.

Data Processing

1. Access to the website

Every time the website is accessed and every time a file is retrieved, data about this process is processed for a limited time in a log file for backup purposes and, with your consent, also for statistical purposes. On the basis of our legitimate interest in a secure website, we are entitled to store this log file to protect against attacks on our website beyond the time of your visit. This data is used to initiate legal and criminal prosecution in the event of attacks on the communications technology. In detail, the following data is processed about each access/retrieval:

• domain/appearance called up
• IP address (automatically deleted after 90 days at the latest)
• date and time
• HTTP method (e.g. GET/POST)
• Resource that was accessed (URLUniform Resource Locator)
• HTTP protocol version
• Referrer URLUniform Resource Locator (referring website/address)
• Browser (user agent sent along, usually browser type, version and language, operating system, device type, model and brand)

1. Use of cookies

Our Use of cookies sits in line with Slovenia`s Acts ZEKom-1, ZEPT, and ZVOP-2 which collectively implement the Privacy and Electronic Communications Directive and of course the EU`s Privacy and Electronic Communications Regulations (“PECR”).

1. What is a cookie?

A cookie is a small data record that is stored on your terminal device and contains data such as personal page settings. This data record is generated by the web server with which you have established a connection via your web browser and sent to you. In general, we use cookies to analyze interest in our website and to improve the user-friendliness of our website.

In principle, you can also access our website without cookies. However, if you wish to use our website to their full extent or comfortably, you should accept those cookies that enable the use of certain functions or make the use more comfortable. The purposes of the cookies we use can be found in the overview below.

By using our website, you agree to the use of cookies if they are accepted according to your browser settings. Most browsers are set by default to accept all cookies. However, you have the option of setting your browser in such a way that cookies are displayed before they are stored, only certain cookies are accepted or rejected, or cookies are generally rejected. Google Chrome, Microsoft Internet Explorer and Edge, Mozilla Firefox, Apple Safari, Opera Web. If you would like a comprehensive overview of all third-party accesses to your Internet browser, we recommend that you install specially developed plug-ins for this purpose.

Further, when you visit our website for the first time, you will be presented with a pop-up cookie setting window. This pop-up is a consent tool and allows you to indicate your preferences regarding cookies. You can accept or reject them or view this policy before giving your consent to cookies or rejecting them. This allows you to make an informed decision about the cookies we use. You are free to accept or reject cookies but note that browsing our website may be less user-friendly and relevant content may be affected after you reject them.

Regardless of your initial decision, you may from time to time withdraw your consent or adjust your preferences through browser control settings, clearing your cookie folder, or by changing your preferences in our Pop-Up Consent Tool.

1. Lifetime of Cookies

Cookies have a lifetime. Some cookies are deleted when you close your browser. Others (for example, those with login details) can remain on your device for years if you do not delete them. You can delete cookies at any time. Click on one of the links below to go to your browser’s user manual. After deleting cookies, you may need to log in again to some websites or specify your preferences.

• Why does Utii.eu or utii.si use cookies?

Utii.eu or utii.si uses cookies on the website to operate the website, to measure visits to the website, to provide social media functionality and to enable advertising and targeted advertising. We use the following categories of cookies:

• Essential cookies: these cookies are essential for the website to function and cannot be disabled in our systems. They are usually set in response to your actions when you request a service, such as changing your privacy settings, when you sign in or when you fill out a form. You can set your browser to notify you of these cookies or to block them. However, blocking them will cause parts of the website to stop working. These cookies do not store personally identifiable information.

• Functional cookies: These cookies enable the website to provide improved functionality and personalization. They are set either by us or by third parties whose services we have added to our pages. If you do not allow these cookies, these services may not function properly.

• Analytics or performance cookies: These cookies allow us to count visits and track traffic flows so that we can measure and improve the performance of our website. They help us to know which pages are most and least popular and to see how visitors move around the site. All the information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies, we will not know when you have visited our website and will not be able to monitor its performance.

• Advertising cookies: These cookies may be set by our advertising partners on our website. They may be used by these companies to profile your interests and show you relevant advertising on other websites. They do not directly store personal information but are based on the unique identification of your browser and internet device. If you do not allow these cookies, you will receive less targeted advertising.

Google Analytics

We use Google Analytics to analyze usage data. Google Analytics uses specific cookies (_gat_gtag_UA_251679991_1, _ga_BDJHXLLDHB and _gid) for this purpose. The information stored in the cookie about your use of this website is transmitted to a Google server in the USA and stored there. We use the usage data collected with the help of Google Analytics to evaluate and statistically analyze the use of our website by its visitors. The data collection and processing is carried out on the legal basis of our legitimate interest in the optimization of our website including evaluation and analysis. You can object to the data collection by Google Analytics following this link http://tools.google.com/dlpage/gaoptout and Google’s Privacy Policy can be found here https://policies.google.com/privacy

1. Hosting

To provide our website, we use the services of Neoserv operated by Avant.Si doo who processes all data to be processed in connection with the operation of this website, including logfiles on our behalf. The legal basis is our legitimate interest.

1. Contacting us

Personal Data is processed depending on the contact method. In addition to your name and e-mail address, IP address or telephone number, we usually collect the context of your message which may also include certain Personal Data. The Personal Data collected when contacting us is processed for the purpose of dealing with your request and the legal basis is your consent. The use of your IP address takes place exclusively in the context of law enforcement and security measures in compliance with our legal requirements.

1. Account Registration

If you register, we will request mandatory and, where applicable, non-mandatory data in accordance with our registration form (Full Name, Email Address, Account Type, Profile Picture, and chosen Password, and business-related data if you are a vendor). The entry of your data is encrypted so that third parties cannot read your data when it is entered. The basis for this storage is our legitimate interest and to fulfill our contractual obligations.

1. When using our services

We process the data of our registered users in order to be able to provide our contractual services as well as to ensure the security of our services and to be able to develop it further. This includes in particular our support, correspondence with you, invoicing, fulfillment of our accounting and tax obligations. Accordingly, the data is processed on the basis of fulfilling our contractual obligations as well as to fulfill our legal obligations.

Some of the data you choose to provide may be considered non-Personal Data and/or “special” or “sensitive” in certain jurisdictions, for example your racial or ethnic origins, sexual orientation, and religious beliefs. By choosing to provide this data, you consent to our processing of that data.

Where any Personal Data relates to a third party, you represent and warrant that the Personal Data is up-to-date, complete, and accurate and that you have obtained the third party’s prior consent for our collection, use and disclosure of their Personal Data for the Purposes. You agree that you shall promptly provide us with written evidence of such consent upon demand by us.

Unless otherwise specified the purposes of processing are contractual performance and service, contact requests and communication, office and organizational procedures, administration, and response to requests, visit action evaluation. The legal basis for the data processing is the fulfillment of our contractual obligations and, in individual cases, the fulfillment of our legal obligations as well as your consent.

You may withdraw your consent and request us to stop using and/or disclosing your personal and special category data by submitting your request to us in writing.

When you make or receive payment, your payment related data will be processed via the payment service providers PayPal, Inc. or Stripe Inc.. Payment data will solely be processed through Stripe or Stripe as selected by you, and we have no access to any Payment Data you may submit. The legal basis for the provision of a payment system is the establishment and implementation of the user contract for the use of the service.

1. Contacting others

Of course, we also process your chats and communications with other users as well as the content you publish, as necessary for the operation of the services. In addition to the information, you may provide us directly, we receive information about you from others. Users may provide information about you as they use our services, for instance as they interact with you or if they submit a report involving you.

We also share some users’ information with service providers and partners who assist us in operating the services. You share information with other users when you voluntarily disclose information on the service (including your profile). Please be careful with your information and make sure that the content you share is stuff that you’re comfortable being visible. The legal basis for the data processing is the fulfillment of our contractual obligations and, in individual cases, the fulfillment of our legal obligations as well as your consent.

1. Newsletter

If you have consented to receive our newsletter, we will use your e-mail address and, if applicable, your name to send you information about promotions, services, and news. You can revoke your consent to receive the newsletter or to the creation of personalized user profiles at any time with effect for the future. You will find the unsubscribe link at the end of each newsletter. Same as with the Service Notifications mentioned above, our newsletters are sent by MailPoet on our behalf.

Integration of third-party providers, services, and content

We use content or service offers of third-party providers on the basis of our legitimate interests in order to integrate their content and services. This always requires that the third-party providers of this content are aware of your IP address, as without the IP address they would not be able to send the content to your browser. We use the following providers and would like to ask you to review their privacy policies, and which contain further information on the processing of Personal Data and so-called opt-out measures, if any.

• Fonts: Google Font API by Google LLC,

• Tag Management: Google Tag Manager and Google Site Tag by Google LLC,
• Analytics and Tracking: Google Analytics by Google LLC,

• Content Management System (CMS): WordPress by Automattic Inc
• eCommerce System: WooCommerce by Automattic Inc

Your Rights and Privileges

1. Privacy rights

Under the DPA and GDPR, you can exercise the following rights:

• Right to information
• Right to rectification
• Right to object to processing
• Right to deletion
• Right to data portability
• Right of objection
• Right to withdraw consent
• Right to complain to a supervisory authority
• Right not to be subject to a decision based solely on automated processing.

If you have any questions about the nature of the Personal Data we hold about you, or if you wish to request the erasure or rectification of Personal Data we hold about you, or to exercise any of your other rights as a data subject, please contact us.

1. Updating your information

If you believe that the information, we hold about you is inaccurate or that we are no longer entitled to use it and want to request its rectification, deletion, or object to its processing, please do so by contacting us.

1. Withdrawing your consent

You can revoke consents you have given at any time by contacting us. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

1. Access Request

In the event that you wish to make a Data Subject Access Request, you may inform us in writing of the same. We will respond to requests regarding access and correction as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will let you know in writing within thirty (30). If we are unable to comply with your request, we will tell you why (except where we are not required to do so under the respective legal regulations mentioned above).

1. Complaint to a supervisory authority

You have the right to complain about our processing of Personal Data to a supervisory authority responsible for data protection.

Changes

We may update this Privacy Policy from time to time. If we make changes to this Privacy Policy or materially change our use of your Personal Data, we will revise the Privacy Policy accordingly. This Cookie Policy was last updated on Monday, 17 April 2024.

Questions

We encourage you to periodically review this Privacy Policy to be informed of how we use and protect your Personal Data. If you would like to contact us regarding our privacy practices for any reason, please use info@utii.eu or info@utii.si or write to us at the above address.