PERSONAL DATA SECURITY: Data Controller's Statement to the Data Subject on the Processing of Personal Data
At our Association, we are aware of the value of your personal data and we work every day to ensure that we can process your personal data appropriately. The Data Controller's Privacy Notice informs you about all the new developments and important aspects of the protection of your personal data.
Please read the following statement carefully before giving your consent to the processing of your personal data. We assure you that your personal data will be processed in accordance with the latest standards and legislation in the field of personal data protection.
What is personal data?
Personal data is any information relating to a specific natural person, that is to say, an individual, regardless of the form in which it is expressed. It is data from which you can be identified.
Examples of personal data are: an ID number, a tax number, a health insurance number, a telephone number, a vehicle registration number, a personal transaction account number, etc.
Specific types of personal data are data concerning an individual which reveals his or her racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership and the processing of genetic data, biometric data for the purpose of uniquely identifying an individual, data concerning health or data concerning an individual's sexual orientation, sex life, data concerning convictions, etc.
How and for how long will we keep your personal data?
The personal data we collect on the basis of your explicit consent will be stored in an electronic or physical personal data file.
The personal data collected may be kept in the personal data file until your consent to the processing of your personal data is withdrawn or for no longer than is necessary to achieve the purpose for which your personal data is processed or to comply with legal requirements.
We will carefully protect all personal data collections with the latest technical security measures.
Processing and use of your personal data
In accordance with the Regulation, your personal data may only be managed, collected and processed by the Association.
on the basis of your explicit written or electronic consent
if the collection of your personal data is necessary in order to conclude a contract with you
if the collection of your personal data is required by applicable law (e.g. For which purposes we process personal data
Your personal data, for which your explicit and written consent is required, is managed, collected and processed by the Association only within the scope of the purposes for which the data was provided to us.
We undertake not to lend or sell your personal data to any third party without prior notification and obtaining your explicit written consent, and not to process them in any other way incompatible with these purposes.
We undertake not to lend or sell your personal data to any third party without prior notice to you and obtaining your explicit written consent, and not to process it in any other way incompatible with these purposes.
Withdrawal of consent to the processing of personal data
You have the right to withdraw your consent to the processing of personal data at any time for one or all of the purposes for which you have consented.
You have the right to withdraw your consent by using the statement for withdrawal of consent to the processing of personal data located at the end of this information.
You should send a written declaration to withdraw your consent to the processing of personal data to our address or to the email address available on our website.
In the event of your withdrawal of consent to the processing of personal data, the Association will delete all personal data collected and immediately stop processing it.
Your rights in the area of personal data protection
The new Regulation brings you a number of rights in the area of personal data protection, which are:
Right to erasure/deletion and rectification of inaccurate personal data
You have the right to request the controller to correct or complete inaccurate or incomplete personal data concerning you.
You have the right to request from the controller the immediate erasure of personal data processed in relation to you.
In the event of rectification, amendment or erasure of personal data, the controller must inform you without delay of the rectification, amendment or erasure.
Right to restriction of the processing of personal data
You have the right to request the controller to restrict the processing of your personal data in the event of inaccuracy, unlawfulness, no longer being processed for the purpose of the processing or if you object to the controller processing your personal data.
Right to data portability
You have the right to request the controller to provide you with the personal data it processes concerning you.
You have the right to request the controller to transfer the personal data it processes concerning you to another controller at your request.
Right to object
In addition to the right to withdraw consent, if your personal data is used for the purposes of communication or direct marketing, you may at any time request in writing that we cease using your personal data for this purpose. If you object to processing for marketing purposes, the controller will immediately stop processing your personal data for marketing and information purposes.
You can request all your rights by writing to the controller or to the controller. You can send your request by post to our address or to the email address accessible on our website.
Right of access to personal data relating to you
You have the right to obtain confirmation from the controller as to whether personal data relating to you are being processed and access to personal data relating to you and the following information: the purpose of the processing, the type of personal data relating to you, the users of your personal data, the intended retention period of the personal data, the source of the personal data.
Personal data breach
In the event of a breach of your personal data protection, and where it is demonstrated that such a personal data breach is likely to result in a significant risk to your rights and freedoms, we will notify you immediately.
In the event of a personal data breach, we will notify the competent authority of the personal data breach without undue delay and no later than 72 hours after becoming aware of the personal data breach.
Right to complain
In the event of a personal data breach against the controller, you have the right to lodge a complaint with the competent supervisory authority at the following address: the Information Commissioner, Dunajska cesta 22, 1000 Ljubljana, or at: gp.ip@ip-rs.si.
Important information regarding the processing of your personal data
We undertake to process all collected data only within the scope of the listed purposes of the management or processing of personal data and in accordance with the Personal Data Protection Act and other relevant sectoral legislation, as well as in accordance with Regulation (EU) 2016/679 on the protection of individuals with regard to the processing of personal data (GDPR).