The purpose of the Personal Data Protection Policy is to inform individuals, service users, collaborators, employees, and other persons (hereinafter: “individual”) who cooperate with EA ELEKTRONIKA proizvodnja, storitve, trgovina d.o.o., Koroška cesta 52, Maribor, 2000 Maribor (hereinafter: “the company”) about the purposes, legal bases, security measures, and the rights of individuals regarding the processing of personal data carried out by our company.
We value your privacy, therefore we always carefully protect your data.
We process personal data in accordance with European legislation (Regulation (EU) 2016/697 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter: “General Regulation”)), applicable Slovenian personal data protection legislation, and other legislation that provides us with a legal basis for processing personal data.
The Personal Data Protection Policy contains information on how our company, as the controller, processes personal data that it receives from an individual on the basis of legal grounds.
1) Controller
The controller of personal data is the company:
EA ELEKTRONIKA proizvodnja, storitve, trgovina d.o.o.
Koroška cesta 52, 2000 Maribor, Slovenia
VAT number SI: 52054942, Registration number: 1550071000
e-mail: narocila@eaelektronika.si
phone: 02 – 252 708 78 or 040 – 708 388
2) Data Protection Contact Person
Individuals to whom personal data relate may contact the data protection contact person regarding any questions related to the processing of their personal data and the exercise of their rights in accordance with the General Regulation:
Franci Visnovič
Koroška cesta 52, 2000 Maribor
e-mail: f.visnovic@eaelektronika.com
phone: 040 -708 388
3) Personal data
Personal data means any information relating to an identified or identifiable individual; an identifiable individual is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that individual.
4) Purposes and legal bases for data processing
The company collects and processes your personal data on the following legal bases:
processing is necessary for compliance with a legal obligation to which the controller is subject;
processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party;
the data subject has consented to the processing of their personal data for one or more specific purposes;
processing is necessary in order to protect the vital interests of the data subject or of another natural person.
4.1) Compliance with a legal obligation
On the basis of statutory provisions, the company processes data about its employees as permitted by labor and social security legislation. For employment purposes, the company processes in particular the following types of personal data on the basis of legal obligations: first and last name, gender, date of birth, personal identification number (EMŠO), tax number, place, municipality and country of birth, citizenship, residence, etc.
4.2) Performance of a contract
When an individual concludes a contract with the company, this constitutes the legal basis for the processing of personal data. We may process personal data for the conclusion and performance of a contract, such as the sale of goods and services, membership in benefits clubs, participation in events, trainings, promotions, etc. If the individual does not provide personal data, the company cannot conclude the contract, nor can it perform the service or deliver the goods in accordance with the concluded contract. On the basis of carrying out lawful activities, the company may inform individuals and users of its services at their email address about its services, events, trainings, offers, and other content. The individual may at any time request termination of such communication and the processing of personal data and unsubscribe from receiving messages via the unsubscribe link in the received message, or by sending a request by e-mail to narocila@eaelektronika.si or by regular mail to the company’s address, EA ELEKTRONIKA proizvodnja, storitve, trgovina d.o.o., Koroška cesta 52, Maribor, 2000 Maribor.
4.3) Legitimate interest
The company may also process personal data on the basis of legitimate interest that it pursues. This is not permissible where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data. In cases where legitimate interest is used, the company always performs an assessment in accordance with the General Regulation. Processing of individuals’ personal data for the purposes of direct marketing is considered to be carried out under legitimate interest. The company may process personal data of individuals collected from publicly available sources or within the framework of lawful performance of activities also for the purposes of offering goods, services, employment, information about benefits, events, etc. To achieve these purposes, the company may use regular mail, phone calls, email, and other telecommunication means. For direct marketing, the company may process the following personal data of individuals: first and last name, permanent or temporary address, phone number, and email address. The company may process the stated personal data for direct marketing purposes even without the individual’s explicit consent. The individual may at any time request termination of such communication and processing of personal data and unsubscribe from receiving messages via the unsubscribe link in the received message, or by sending a request by e-mail to narocila@eaelektronika.si or by regular mail to the company’s address, EA ELEKTRONIKA proizvodnja, storitve, trgovina d.o.o., Koroška cesta 52, Maribor, 2000 Maribor.
4.4) Processing based on consent
If the company does not have a legal basis arising from law, contractual obligations, or legitimate interest, it may ask the individual for consent. In this way it may process certain personal data of the individual for the following purposes when the individual gives consent:
residential address and email address for the purposes of notifications and communication;
photographs, video recordings, and other content relating to the individual (e.g., publication of individuals’ photos on the company’s website) for the purpose of documenting activities and informing the public about the company’s work and events;
other purposes agreed to by the individual through consent.
If an individual gives consent to the processing of personal data and later no longer wishes this, they may request the termination of the processing of personal data by sending a request by e-mail to narocila@eaelektronika.si or by regular mail to the company’s address, EA ELEKTRONIKA proizvodnja, storitve, trgovina d.o.o., Koroška cesta 52, Maribor, 2000 Maribor. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
4.5) Processing is necessary to protect the vital interests of the data subject
The company may process personal data of the data subject insofar as it is necessary to protect their vital interests. In urgent cases, the company may look for the person’s identification document, check whether this person exists in its database, review their case history, or contact their relatives, for which the company does not need the individual’s consent. This applies where it is strictly necessary to protect the vital interests of the data subject.
5) Retention and deletion of personal data
The company will retain personal data only for as long as necessary to achieve the purpose for which the personal data were collected and processed. If the company processes the data on the basis of law, it will retain them for the period prescribed by law. Some data are retained for the duration of cooperation with the company, while other data must be retained permanently. Personal data that the company processes on the basis of a contractual relationship with an individual are retained for the period necessary to perform the contract and for 6 years after its termination, except in cases where a dispute arises between the individual and the company in connection with the contract. In such a case, the company retains the data for 10 years after the final court decision, arbitration, or court settlement, or, if there was no court dispute, 5 years from the date of amicable resolution of the dispute. Personal data that the company processes on the basis of the individual’s consent or legitimate interest will be retained until withdrawal of consent or a request for deletion of data. After receipt of the withdrawal or the request for deletion, the data are deleted no later than within 15 days. The company may also delete these data before withdrawal if the purpose of processing personal data has been achieved or if required by law.
Exceptionally, the company may refuse a request for deletion for reasons under the General Regulation, such as: exercising the right to freedom of expression and information, compliance with a legal obligation of processing, reasons of public interest in the area of public health, purposes of archiving in the public interest, scientific or historical research purposes or statistical purposes, or the establishment, exercise or defense of legal claims. After the retention period expires, the company must effectively and permanently delete or anonymize personal data so that they can no longer be linked to a specific individual.
6) Contractual processing of personal data and data export
The company may, for individual processing of personal data, entrust a processor on the basis of a data processing agreement. Processors may process entrusted data exclusively on behalf of the controller, within the limits of its authorization as set out in a written contract or other legal act, and in accordance with the purposes defined in this privacy policy.
The company’s processors are mainly:
accounting services and other providers of legal and business consulting;
infrastructure maintainers (video surveillance, security services);
IT system maintainers;
email service providers and providers of software and cloud services (e.g., Arnes, Microsoft, Google);
social network and online advertising providers (Google, Facebook, Instagram, etc.).
For better oversight and control over processors and the orderliness of mutual contractual relationships, the company also keeps a list of processors, where all specific processors with whom the company cooperates are listed.
The company will not under any circumstances disclose an individual’s personal data to third unauthorized persons. Processors may process personal data only within the company’s instructions and may not use personal data for any other purposes.
The company as controller and its employees do not transfer personal data to third countries (outside the member states of the European Economic Area – EU member states and Iceland, Norway, and Liechtenstein) or to international organizations, except to the USA, whereby relationships with US processors are governed on the basis of Standard Contractual Clauses (model contracts adopted by the European Commission) and/or Binding Corporate Rules (adopted by the company and approved by supervisory authorities in the EU).
7) Cookies
The company’s website operates with the help of so-called cookies. A cookie is a file that stores website settings. Websites store cookies on users’ devices used to access the internet for the purpose of recognizing individual devices and the settings used by users when accessing. Cookies allow websites to recognize whether a user has already visited the website. In advanced applications, they can be used to appropriately adjust individual settings. Their storage is under the full control of the browser used by the individual—the individual can limit or completely disable cookie storage as desired.
Cookies are essential for providing user-friendly online services. They are used to store data about the state of a particular website, help collect statistics about users and website visits, etc. With the help of cookies, we assess the effectiveness of the design of our website.
The company’s website uses the following cookies:
COMPANY | COOKIE NAME | PURPOSE | DURATION |
COMPANY | language | Selected language pack for the website | 1 month |
COMPANY | currency | Selected site currency | 1 month |
COMPANY | QSEA | Cookie policy consent | 1 year |
COMPANY | OCSESSID | User session identification | Until the end of the session |
COMPANY | __stripe_sid | Fraud prevention | 30 minutes |
Google Analytics | _ga | Page view statistics | 2 years |
Google Analytics | 1P_JAR, CONSENT, NID | Page view statistics | 2 years |
Google Analytics | _gat | Page view statistics | 1 day |
Individuals can delete cookies stored by the browser (instructions are available on the respective browser’s website).
8) Data security and data accuracy
The company ensures information security and the security of its infrastructure (premises and application system software). Our information systems are protected, among other things, by antivirus programs and a firewall. We have implemented appropriate organizational and technical security measures intended to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access, and against other unlawful and unauthorized forms of processing. In cases where special categories of personal data are transmitted, we transmit them in encrypted form and protected by a password.
The individual is responsible for providing their personal data securely and ensuring that the data provided are accurate and reliable. The company will strive to ensure that the personal data it processes are accurate and, where necessary, up-to-date, and may occasionally contact the individual to confirm the accuracy of personal data.
9) Rights of the individual regarding data processing
In accordance with the General Regulation, the individual has the following personal data protection rights:
They may request information on whether we hold their personal data and, if so, which data we hold, on what basis we hold them, and why we use them;
they may request access to their personal data, which enables them to receive a copy of the personal data held by the company and to verify whether the company processes them lawfully;
they may request the correction of personal data, such as the correction of incomplete or inaccurate personal data;
they may request the deletion of their personal data when there is no reason for further processing or when they exercise their right to object to further processing;
they may object to further processing of personal data where the company relies on legitimate business interests (including in the case of a third party’s legitimate interest), where there are reasons relating to the individual’s particular situation; the individual has the right to object at any time if the company processes personal data for direct marketing purposes;
they may request restriction of processing of their personal data, which means suspension of personal data processing, for example, if the individual wants the company to establish accuracy or to verify the reasons for further processing of personal data;
they may request the transfer of their personal data in a structured electronic format to another controller, where this is possible and feasible;
they may withdraw the consent they gave for the collection, processing, and transfer of their personal data for a specific purpose; upon receipt of notice that they have withdrawn their consent, the company will stop processing personal data for the purposes originally accepted, unless the company has another lawful legal basis to do so lawfully.
If an individual wishes to exercise any of the above rights, they may send a request by e-mail to narocila@eaelektronika.si or by regular mail to the company’s address, EA ELEKTRONIKA proizvodnja, storitve, trgovina d.o.o., Koroška cesta 52, Maribor, 2000 Maribor. The company will respond to a request relating to the individual’s rights without undue delay and in any event within one month of receiving the request. If, considering the complexity and number of requests, this period is extended (by a maximum of two additional months), you will be informed. Access to the individual’s personal data and the exercise of rights is free of charge for the individual. However, the company may charge a reasonable fee if the data subject’s request is clearly unfounded or excessive, particularly if it is repetitive. In such a case, the company may also refuse the request. In the case of exercising rights under this title, the company may need to request certain information from the individual to help verify the individual’s identity, which is a security measure to ensure that personal data are not disclosed to unauthorized persons.
When exercising rights under this title, the individual may use the Information Commissioner’s form available on their website. Link to: https://www.ip-rs.si/fileadmin/user_upload/doc/obrazci/ZVOP/Zahteva_za_seznanitev_z_lastnimi_osebnimi_podatki__Obrazec_SLOP_.doc
If an individual believes that their rights have been violated, they may contact the supervisory authority (the Information Commissioner) for protection or assistance. Link to: https://www.ip-rs.si/zakonodaja/reforma-evropskega-zakonodajnega-okvira-za-varstvo-osebnih-podatkov/kljucna-podrocja-uredbe/prijava-krsitev/
If an individual has any questions regarding the processing of their personal data, they can always contact our company by e-mail at narocila@eaelektronika.si or by regular mail to the company’s address, EA ELEKTRONIKA proizvodnja, storitve, trgovina d.o.o., Koroška cesta 52, Maribor, 2000 Maribor.
10) Publication of changes
Any changes to our Personal Data Protection Policy will be published on the company’s website: https://www.eaelektronika.com/. By using the website, the individual confirms that they accept and agree with the entire content of this personal data protection policy.
The Personal Data Protection Policy was adopted by the responsible person of the company on 4 December 2020
In Maribor, on 4 December 2020 Responsible person of the company Franci Visnovič
How to disable cookies?
There are several ways to manage and control your cookie settings. Remember that by deleting or blocking cookies, all or some of the websites you visit (or their functions) may not work properly or as efficiently.
If you disable a particular cookie or delete all cookies, your preferences will not be saved and you will receive a cookie notice every time you visit our website. Nevertheless, you can manage your cookie settings in your web browser as well as on third-party websites that place a cookie on
your device through our websites.
Disabling cookies in your web browser
Most modern web browsers provide general information about cookies and allow you to view all your cookies, allow you to delete all or individual cookies, and allow you to block or allow cookies for all websites or individually selected websites. You can also usually disable
individual third-party advertising cookies.
If you change your cookie settings in your web browser, unless you delete or block each cookie individually, the changes will apply to all websites you visit, not just our websites.
You will also need to adjust your cookies separately for each browser.
Information about cookies in a web browser is usually found in the ‘Help’ section. Below are links to the ‘Help’ section in some of the most commonly used web browsers:
- Microsoft Internet Explorer - http://support.microsoft.com/kb/196955
- Mozilla Firefox - http://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-yourcomputer?redirectlocale=en-US&redirectslug=Cookies
- Google Chrome - http://support.google.com/chrome/bin/answer.py?hl=en&answer=95647
- Apple Safari - http://www.apple.com/support/safari/
- Opera - http://www.opera.com/browser/tutorials/security/privacy/
- Google Android - http://support.google.com/android/?hl=en
- Windows Phone - http://www.microsoft.com/windowsphone/en-us/howto/wp7/web/changingprivacy-and-other-browser-settings.aspx
- Blackberry -http://docs.blackberry.com/en/smartphone_users/deliverables/32004/Browser_settings_32784_11.jsp