This document constitutes the confidentiality policy implemented by the D PARTNER d.o.o. (Ltd), hereinafter referred to as “the company.” The protection of your privacy and your personal data is of primary importance to the company. This confidentiality policy was drawn up in order to ensure respect of European Regulation 2016/679 of 27 April 2016 on the protection of natural person with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation – GDPR).
What does the “processing of your data” cover and who is responsible for this?
The company only collect and use personal data which is necessary in the context of our activities, and which enables us to offer quality services. We are therefore the liaison person for you, and the supervisory authorities (e.g. “the Data Protection Authority”), for all questions regarding the use of your data. For some services, we use specialist third parties, which, in some cases, act as sub-contractors. They are therefore obliged to follow our instructions, and respect our confidentiality policy. We make sure that these sub-contractors only receive data which is strictly necessary for performing their part of the contract. We may also be involved, in the role of sub-contractor to other legal entities. In such case, those entities are the Controllers for the personal data. So we follow their instructions.
Which data is covered by our policy?
The data covered by this policy is the personal data of natural persons i.e. data which directly or indirectly allow a person to be identified.In this context of your relationship and interactions with the company, we may be obliged to collect several different types of personal data, such as:
identification and contact data (e.g. your title, name, address, date and place of birth, National Register number, account number, telephone number, email address, IP address and occupation);
- family situation (e.g. marital status, number of children);
- bank, financial and transaction data (e.g. bank details, account numbers, data relating to transfers including communication, and, in general all data recorded during your bank transfers);
- data relating to your behaviour and habits relating to use of our channels (e.g. website) and our products;
- data relating to your preferences and interests, communicated directly or indirectly by you e.g. through participation in our events, surveys, etc.;
- data resulting from your interactions and our dedicated pages on social media networks (e.g. LinkedIn, Facebook).
We never process data relating to your racial or ethnic origin, your political opinions, your religion, your philosophical beliefs or trade union membership, you genetic data, your sex life or sexual orientation, unless we are obliged to by legislation or this arises from your use of our products and services.
GUIDING PRINCIPLES FOR THE PROCESSING OF PERSONAL DATA
When processing personal data in the context of the management and the performance of our undertakings, we respect, amongst others, the following principles:
- legitimate processing of data: we process personal data in a legitimate manner in the context of our activities;
- specified purposes and limitation of purposes: we collect and process personal data for the legitimate purposes specified bellow;
- minimisation of data processing: we limit processing of personal data to which is necessary in the context of our activities;
- limitation of processing and storage: we will not process and store data longer than necessary for the performance of our activities;
- security measures: we take the necessary and appropriate technical and/or organisational measures to ensure the security of personal data.
WHEN IS YOUR PERSONAL DATA COLLECTED?
The data which we use in order to verify or improve our databases may be collected either directly from you, or obtained from the following sources:
- from publications/databases made available by official authorities;
- our client companies or our service providers;
- websites/pages from social media networks containing information made public by you (e.g. your website or social network);
- databases made public by third parties.
Some of our data may also be collected by the company, in particular:
- when you become a client or a supplier;
- when you visit our building or request a visit;
- when you register to use our on-line services (at each identification or use);
- when you complete forms and contracts submitted by us to you;
- when you use our services and products after signing a contract;
- when you subscribe to our newsletters;
- when you contact us via the various different channels made available to you;
- when your data is published or transmitted by authorised third parties or professional suppliers of data.
ON WHAT GROUNDS, AND WHY DO WE USE YOUR PERSONAL DATA?
We process your personal data for various purposes. At each processing, only data which is relevant to the intended purpose is processed. In general, we use your personal data:
- in the context of performance of a contract or taking precontractual steps;
- to comply with provisions of laws and regulations to which we are subject;
- for reasons falling under the legitimate interest of the company (see illustrations below). When performing this type of processing, we take care to maintain the balance between this legitimate interest and respect of your privacy;
- when we have obtained your consent.
The company process personal data for purpose including, but not limited to:
- assisting you and responding to your request;
- ensuring proper performance of the agreements concluded;
- operating the financial and accounting management of the company;
- providing proper management of clientele, equipment, after-sales services and suppliers;
- creating usage profiles, and provided you have indicated your consent to this; performing information and/or promotional activities for products and services, those of company and/or its business partners;
- improving existing services (or those in development) via surveys of clients or potential clients, statistics, tests, comments addressed directly to us by you – or published by you on our websites;
- the respect of legal and regulatory obligations, including responses to official requests from duly authorised public authorities or judicial authorities;
- detecting and preventing abuse and fraud: we process and manage contact and security data (card reader, password, etc.) in order to validate, monitor and ensure the security of transactions and communications via our remote services;
- ensuring the supply of services through use of sub-contractors;
- following up our research and development activities;
- improving the quality of our personal service for clients and partners;
- performing direct marketing activities relation to services of the company;
- ensuring the security of our premises and infrastructure, and that of the person in these areas.
WHO HAS ACCESS TO YOUR DATA, AND TO WHOM IS IT TRANSFERRED?
Only authorised users have access to your personal data, in order to achieve the aforementioned purposes. Authorised users means persons who, in the context of their post withing the company, and in the context of the activities performed, are authorised to process personal data on the basis of instructions from the company.
In order to achieve the aforementioned purposes, the company divulges your personal data to:
- external auditor;
- registered auditor;
- legal advisor;
- financial consultant;
- other professional and/or service providers/advisors;
- banking institution, insurance companies/funds;
- IT companies or service providers for programme software and the storage of electronic data (servers, etc.);
- judicial and administrative authorities, or police departments.
HOW LONG DO WE STORE YOUR DATA?
We store your personal data for the longest necessary for respect of the applicable provisions of laws and regulations, or a different period taking into account operating constrains such as the proper keeping of accounts, efficient management of relations with clients and partners, and responses to legal claims or claims of authorities.
SECURITY AND CONFIDENTIALITY
The company undertakes to adopt the necessary and appropriate technical, physical, and organisational measures to protect personal data from unauthorised access, unlawful and unauthorised processing, loss or accidental damage, and unauthorised destruction. These measures are regularly assessed, and, if necessary, updated in order to guarantee maximum protection of the personal data of data subjects.
In the event of breach or data leak, as described bellow, we will take the necessary/appropriate steps to establish its extend and consequences to terminate it as quickly as possible, and, where applicable, limit its impact on data subjects.
WHAT ARE YOUR RIGHTS?
According to the applicable regulation , you have several different rights:
- the right to request access to personal data (A)
- the right to rectification (A)
- the right to erasure of data (A)
- the right to object to processing (B)
- the right to request restriction of the processing (B),
- the right to data portability (C).
- Right to Access, Rectification, and Erasure
Each data subject has the right to request access. If a data subject exercises this right, the company is obliged to supply him/her information concerning this, including:
- providing a description and a copy of the personal data;
- informing the data subject of the reasons for which the company process this data.
If data is incorrect or incomplete, the data subject can request that it be rectified.
In certain circumstances, the data subject may, in compliance with the data protection regulation, request the erasure of personal data concerning him/her, amongst others, if the personal data is no longer necessary for the purposes for which it was collected or processed. However, the company may refuse to erase this data, for example, for the introduction, exercise or proof of legal claims.
To ensure that your data is kept completely up to date, please notify us of any change (e.g. change of marital status, or home address).
- Right to Object to and Restrict Processing of Your Data, and Right to Withdraw Your Consent
You have the right to object to some processing of your personal data which we may wish to perform. In particular, you have the right to object to use of your data for direct marketing purposes, without having to justify this. You can also request restriction of the procession of your data.
- Your request must be dated and signed.
- For cases other than objection to direct marketing purposes, you must have serious, legitimate grounds, relating to your particular situation, for objecting to the processing. If the objection is justified, the processing in question can no longer involve this data.
However, you cannot object to processing which is necessary for the performance of a contract concluded with you, or in order to take steps at your request prior to entering into a contract; nor can you object to compliance with any legal or regulatory provision to which we are subject.
If you have given consent for the procession of your personal data, you have the right to withdraw this consent at any time.
- Right to Portability
Where necessary, and provided this is applicable, the data subject may ask to receive certain personal data supplied by him/her to the company in the context of the management and performance of its activities, and to transfer this data to a different Controller. If this is technically possible, the data subject may request to transfer this data directly to a different Controller.
According to the regulation, you have the right to lodge a compliant with the relevant Supervisory Authority.
TRANSFER OF DATA OUTSIDE THE EEA
In the case of international transfers emanating from the EEA to a third country for which the European Commission has made an adequacy decision granting that country a level of protection of personal data equivalent to that provided by the legislation of the EEA, your personal data will be transferred to this basis.
Transfers to countries outside the EEA for which the European Commission has not made an adequacy decision, are performed by us, either on the basis of a derogation applicable to the situation (e.g. in the case of international payment, the transfer is necessary for performance of the contract); or on the bases of the fact that the recipient of the data has agreed to process the personal data in accordance with the “Standard Contractual Clauses” drawn up by the European Commission for Controllers or sub-contractors.
To obtain a copy of these texts or to find out how to obtain one, send a written request to e-mail email@example.com or to the company address (Levičnikova cesta 22, SI-8310 Šentjernej).
BREACH OF PERSONAL DATA
MENTION OF BREACHES RELATING TO PERSONAL DATA
In the performance of their function, authorised users must take care to avoid incidents (deliberate or not) which may adversely affect the privacy of data subjects. In the event of a breach of personal data, appropriate measures are taken as quickly as possible, in order to minimize the risk of damage to data subjects, and to the company (damage of reputation, sanctions imposed, etc.). In all cases, all authorised users, and all other persons who consult, use or manage company information, must immediately report each security breach and incidents linked to the security of information to the CEO and title of the email expressly indicates that this is a highly urgent message concerning a possible breach linked to personal data. The information must contain a full and detailed description of the incident, including the identity of the person reporting it (surname, first name, address, email address (where applicable) and telephone number), the type of incident, and the number of persons concerned.
SURVEY AND RISK ANALYSIS
In principle, the company will commence an investigation within 24 hours of the incident or breach being detected by the company or reported by a sub-contractor, authorised user, recipient, data subject or third party. The investigation will indicate the nature of the incident, the type of data targeted and whether specifically personal data is impacted (and, if so, the data subjects and the amount of personal data affected). The investigation will determine whether or not it is a breach of personal data. In the event of a breach, a risk analysis will be performed to establish (what may be) the possible consequences of the breach, and, in particular, the (possible) impact for data subjects. The company will then decide, based on the nature of the breach, whether or not an obligation exists to notify the Data Protection Authority and/or the data subject.
DOCUMENTATION OF BREACHES
All breaches will be documented in a register. The register shall contain a detailed explanation of the main cause of the incident and its contributing factors, the timescale of events, the remedial action taken, recommendations and lessons learned, in order to identify areas requiring improvement. The recommended changes to the system and procedures shall be documented and implemented as quickly as possible.
We will examine the action taken to handle the breach recorded in the report.
HOW TO INSPECT THIS POLICY, AND CHANGES TO IT?
In this world of constantly evolving technologies, we will regularly update the Confidentiality Policy. We invite you to inspect the latest version of this document on our websites, and we will notify you of all significant changes on our websites, or via our usual means of communication.
HOW TO CONTACT US
You can contact the CEO at the email firstname.lastname@example.org or by letter to the postal address: D Partner d.o.o., Levičnikova cesta 22, 8310 Šentjernej, Slovenia.
This Confidentiality Policy is applicable from 21 January 2023.
THIS POLICY APPLIES TO COOKIES
This policy applies to cookies and other technologies used on the public electronic communication services published by FN Herstal that are user-accessible via a connection terminal (computer, tablet, smartphone, etc.), from the following addresses among others: fnherstal.com, fnherstal.eu, fnherstal.be.
FN Herstal may, at any time and without prior notice, but subject to the issue of a special notice, make changes to all or part of this cookies policy relating to the services published by FN Herstal.
Cookies are non-executable text files placed on your computer or device by us or by a third party (advertiser, advertising agency) when you browse our Services, unless blocked by you. The data we collect as you browse and use our Services is for our attention.
Other trackers and similar technologies
We may also use other, similar technologies on our sites, such as tags and/or web beacons. This takes the form of, for example, bits of code included in a web page’s HTML code that can detect when a user visits our Services. They communicate with servers for purposes such as those indicated below.
TYPES OF COOKIES AND SIMILAR TECHNOLOGIES USED BY OUR SERVICES
Some cookies collect information about browser and/or terminal settings such as display resolution, choice of language, security settings, etc. Being able to tailor the layout of our Services to your settings is a vital feature in delivering full Service usability.
Session cookies store information entered by you on our forms when signing up for one of our Services.
Analytics cookies compile statistics about the number of visits and how our Services are used. This allows us to create statistical reports on visitor numbers, displays, advertising in our advertising areas and how visitors interact with these areas. They also enable us to track billing to third-party advertisers who use our Services.
HOW USERS CAN BLOCK COOKIES
Browser configuration options
You should be aware that any preferences will be lost if you delete cookies and many websites will not work properly or you will lose some functionality. Moreover, without these cookies, online advertisements you encounter will be less relevant to you and your interests. We do not recommend turning cookies off when using our website for these reasons.
You can however change your browser options at any time to allow or block the use of cookie files on your terminal or access to the browsing data contained in or related to these files. Cookie files may be stored temporarily in a dedicated space on your terminal if your browser settings allow cookies files to be kept on your terminal.
Further information and assistance may be found on the help page of the browser you are using:
- Internet Explorer™
To change the “share” cookie settings for social networks, please visit the following pages:
- Facebook: https://www.facebook.com/help/360595310676682/
- Twitter: https://support.twitter.com/articles/20171379-twitter-prend-en-charge-la-desactivation-du-suivi-dnt#
- Google +: https://support.google.com/accounts/answer/61416?hl=en
To change your analytics and statistical cookie settings, please visit the following pages:
- Google Analytics: https://tools.google.com/dlpage/gaoptout?hl=en
Users should note that this list is not exhaustive. For practical advice about these options and how to delete cookies from your terminal according to the browser you use, you should read following: https://www.cnil.fr/en/rights-and-obligations
Cookies are small text files that can be used by websites to make a user’s experience more efficient.
The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission.
This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages.
You can at any time change or withdraw your consent from the Cookie Declaration on our website.
Please state your consent ID and date when you contact us regarding your consent.
Your consent applies to the following domain: dpartner.si
Your current state: Allow all.
Cookie declaration last updated on 23rd January 2023.
Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies..
Used to detect the browser version used by the user and present a notification if the current browser version is outdated.
Stores the user’s cookie consent state for the current domain
This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website.
HTML Local Storage
This cookie is used to distinguish between humans and bots.
HTML Local Storage
Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.
This cookie is used to determine the preferred language of the visitor and sets the language accordingly on the website, if possible.
Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
Registers a unique ID that is used to generate statistical data on how the visitor uses the website.
Used by Google Analytics to throttle request rate
Registers a unique ID that is used to generate statistical data on how the visitor uses the website.
Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.
Used by Google AdWords to re-engage visitors that are likely to convert to customers based on the visitor’s online behaviour across websites.