Izjava o varstvu osebnih podatkov
IDRIJA UNESCO GLOBAL GEOPARK
SECURITY OF PERSONAL DATA: Statement of the controller to the individual on the processing of personal data
In our company, we are aware of the value of your personal data, so we strive every day to be able to ensure the proper processing of your personal data. The controller’s statement to the individual on the processing of personal data informs you about any new developments and important sections in the field of protection of your personal data.
Please read the following statement carefully before giving consent to the processing of personal data. We guarantee that your personal data will be processed in accordance with the latest standards and legislation in the field of personal data protection.
Personal data is any data relating to a specific natural person, i.e. an individual, regardless of the form in which they are expressed. This is information that can be used to identify you.
Examples of personal data are: identity number, tax number, health insurance number, telephone number, vehicle registration number, personal transaction account number …
Specific types of personal data are data about an individual that reveal his or her racial or ethnic origin, political beliefs, religious or philosophical beliefs or union membership and the processing of genetic data, biometric data for the purpose of uniquely identifying an individual, health data or data relating to the individual’s sexual orientation, sexual life, data on convictions …
The personal data that we collect on the basis of your explicit consent will be stored in an electronic or physical personal data file.
The personal data collected may be kept in the personal data file until your consent to the processing of personal data is revoked or for a maximum period of time as necessary to achieve the purpose for which your personal data is processed or to meet legal requirements.
All personal data files will be carefully protected with the latest technical security measures.
In accordance with the GDPR, your personal data may only be managed, collected and processed by the company:
Your personal data, which requires your explicit and written consent, is managed, collected and processed by the company only for the purposes for which the data was provided to us.
We undertake not to lend or sell your personal data to a third party without prior notice and obtaining your express written consent, and we will not process them in any other way incompatible with these purposes.
You have the right to revoke the given consent to the processing of personal data at any time for one or all purposes of the processing of personal data with which you have consented.
You send a written statement to revoke the consent to the processing of personal data to our address or to the e-mail address available on our website.
In the event of your revocation of consent to the processing of personal data, the company will delete all collected personal data and immediately stop processing them.
The new regulation brings you a number of rights in the field of personal data protection, which are:
The right to delete/forget and correct inaccurate personal data
You have the right to ask the controller to correct or supplement inaccurate or incomplete personal data regarding you.
You have the right to request from the controller the immediate deletion of personal data processed in connection with you.
In the event of correction, addition or deletion of personal data, the controller must notify you without delay of the correction, addition or deletion.
The right to limit the processing of personal data
You have the right to require the controller to restrict the processing of your personal data in the event of their inaccuracy, illegality, termination of the purpose of processing or filing an objection.
The right to the portability of your data
You have the right to ask the controller to provide you with personal data that it processes in relation to you.
You have the right to require the controller to pass on the personal data it processes in relation to you to another controller at your request.
Right to object
In addition to the right to revoke consent, in the case of the use of your personal data for the purposes of notification or direct marketing you can, at any time, request in writing the cessation of the use of your data for this purpose. In the event of an objection to the processing for marketing purposes, the controller will immediately stop processing your personal data for the purpose of marketing and information.
You can request all rights with a written request to the operator. Send the request by mail to our address or to the e-mail address available on our website.
The right to access personal information about you
You have the right to obtain confirmation from the controller whether personal data is processed in relation to you and access to personal data concerning you and the following information: purpose of processing, type of personal data concerning you, users of your personal data, envisaged retention period, source of personal data.
In the event of a breach of the protection of your personal data and in the event that it is demonstrated that such a breach of personal data protection could pose a significant risk to your rights and freedoms, we will notify you immediately.
In the event of a personal data breach, we will notify the competent authority without undue delay, but no later than 72 hours after learning of the personal data breach.
In the event of a breach of personal data protection, you have the right to lodge a complaint against the controller with the competent supervisory authority at the address: Information Commissioner, Zaloška 59, 1000 Ljubljana or at: gp.ip@ip-rs.si.
We undertake to process all collected data only within the listed management purposes or processing of personal data and in accordance with the Personal Data Protection Act and other relevant sectoral legislation as well as in accordance with Regulation (EU) 2016/679 on the protection of individuals with regard to the processing of personal data (GDPR).