DATA PROTECTION RULES IN USE ONLINE PLATFORM

!

Last Updated: October 30, 2019

 

1. INTRODUCTION

We work with your data legally, fairly, safely and transparently for you. We are aware of your responsibility because you have entrusted us with your personal information. Therefore, below are all key information regarding data processing, our obligations and your rights in accordance with the General Protection Regulation data (English abbreviation: GDPR).

The controller of personal data is the company FEDEO d.o.o., Lesično 5C, 3261 Lesično, Slovenia. We are available for all questions by e-mail (admin@pokupo.si).

The processing of personal data is supervised by our external authorized person for data protection (English card: DPO), which constantly monitors compliance treatments with applicable regulations and international standards, assesses the effects processing of personal data and cooperates with supervisory authorities. For everyone questions or assistance in exercising your rights is after the transitional available at the registered office of our company, by phone or emails.

2 TYPES OF DATA

The company FEDEO for the management of online sales and online stores processes data:

  • about users (username, password);
  • the device from which you use the online stores (eg data on device, operating system, hardware and software versions, language of use and the like);
  • about your interests and purchases (information about products, date and time purchase, amount, method of payment, issued invoice and the like);
  • - log data (eg connection date and time, internet protocols, fault or crash data).

To ensure a friendly and useful visit to our websites and using our online services experience we process different types data.

We collect content, communication and other data that you provide or post while using our websites. We also collect data:

  • about the device you are accessing (eg operating system, versions hardware and software, language of use);
  • about the network and connection you are accessing (eg IP number, language, time zone);
  • additional data from devices, if you allow us to do so (eg GPS and related location, camera, photos, contacts);
  • log data (eg date and time of visit, internet protocols, fault or crash data).

When you are not logged in with your user account, we collect and stored marked with unique identifiers (e.g. cookies) that are linked with the device or browser you are using. Easier that way we ensure that the settings are maintained during browsing sessions.

Once you are logged in with your username and account information we collect and store along with other data from your user account and protect them as personal data.

3. PURPOSES AND USE OF DATA PROCESSING

We process personal data for the following purposes and in accordance with yours consent to cancellation or our legitimate interests of the operator or third parties at a specific time when necessary.

We process users' personal data for the purpose of our contract relationships, providing a friendly, secure and efficient website shopping and the security of orders and payments.

We process data for the provision, maintenance and development of our websites sites and services and to ensure the information security of users, services and infrastructure. We also process data for the purpose of friendly and useful visit to our websites and services (eg tailored to you contents).

Your consent for those purposes which are not part of legal obligations or contractual relationship, express in different ways: by visiting ours websites, by confirming or rejecting cookies and the like. Yours consent can be changed or revoked at any time through the use of our website or by sending a message to our contacts (see the first section).

We process your data as a controller. For certain services you can in accordance with the applicable regulations, we hire contract processors (our subcontractors) for which we fully guarantee. We do not pass on the data to others operator. We process the data on the infrastructure that is physically located on territory of the European Union where strict European rules on protection apply personal data, including the General Data Protection Regulation (GDPR).

We do not transfer data to third countries (countries outside the European Union) or international organizations.

We may also process your data if processing is necessary due to legitimate interests that we pursue as a manager or a third party person, except where such interests are outweighed by your interests or fundamental rights and freedoms which require the protection of personal data. Processing time is related to statutory deadlines (eg limitation periods and the like).

As a manager, we operate digitally, but all decisions regarding contractual relationships and other decisions with legal or related effects accepted by our employees with appropriate information support. We perform comprehensive measures to protect your rights and freedoms and legitimate interests. You always have at least the right to personal intervention of the operator, to expressing one's position and challenging the decision.

4. TRANSPARENCY OF PROCESSING AND YOUR RIGHTS

We strive to provide you with all the necessary information about the processing of yours data and all your rights and obligations in this area. Much of the data protection decisions are left to each individual. We are different people and so are our privacy decisions. So we will with handle your data exactly as you wish. _You can edit your selection in your user profile.

The Constitution of the Republic of Slovenia and the valid European and Slovenian regulations guarantee you a range privacy and personal data protection rights, in particular next:

  • the right to be informed about the processing of your personal data (the text you are reading is part of the exercise of this right of yours);
  • the right of access to personal data means that you have rights from us as the manager get confirmation whether they are being processed in relation to you personal data and, where applicable, access to such personal data data and additional information (processing purposes, data types, data users, the existence of rights and possibilities for appeal, sources data, possibly automated decision-making or special profiling);
  • the right of correction means that you have the right to achieve that angle the operator corrects inaccuracies without undue delay personal information about you; having regard to the purposes of the processing, you also have the right to complete incomplete personal data, including the submission of a supplementary statement;
  • The right to erasure, also called the "right to be forgotten" means that you have the right to achieve that as a manager without unnecessary without delay, we will delete personal information about you if it is met prescribed conditions (processing is no longer required, withdrawal of consent and absence of other legal basis, substantiated contract, illegal processing, deletion required by applicable regulations and the like);
  • the right to restrict processing means the right to achieve that angle the controller restrict the processing of your data if you dispute accuracy of the data or if you have lodged an objection or if it is processing illegal or if the processing is no longer necessary for the controller but for enforce, enforce or defend your legal claims;
  • the right to portability means the right to receive personal information about you that you have provided to us as an operator, v structured, commonly used and machine-readable form, and the right, to pass this information on to another controller without giving you permission to do so obstructed in any way (applies to data that we process automatically on the basis of consent or contractual relationship);
  • the right to object means, may be against certain types of processing your personal data (public interests, legitimate interests of the controller, marketing purposes) whenever you object and we have to prove legitimate interests for processing or to cease processing (always in in the case of marketing);
  • Automatic processing and profiling rights means that for you a decision based solely on automated processing does not apply, including profiling that has legal or similar effects in in relation to you, unless absolutely necessary, prescribed or not agree.

In exercising all your rights or in obtaining additional information or our external commissioner will be happy to help you clear up your dilemmas data protection officer (English card: DPO), who is after you transitional available at the company's headquarters (Lesično 5C, 3261 Lesično) or by e-mail (admin@pokupo.si).

Support page: https://support.pokupo.io/

If you believe that your rights or personal data protection regulations have been violated you can appeal to the competent state authority. This is the case in Slovenia Information Commissioner of the Republic of Slovenia (Zaloška 59, 1000 Ljubljana, telephone: 01 230 97 30, fax: 01 230 97 78, e-mail: gp.ip@ip-rs.si).

5. How we protect your personal data

We know how important it is to protect and manage your personal data. This section sets out some of the measures we have in place.

  • We apply physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personal data;
  • We protect the security of your information while it is being transmitted by encrypting it;
  • We use computer safeguards such as firewalls and data encryption to keep this data safe;
  • We only authorise access to employees and trusted partners who need it to carry out their responsibilities;
  • We regularly monitor our systems for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security;
  • We will ask for proof of identity before we share your personal data with you; and
  • We will reveal only the last four digits of your payment card number when confirming an order.

Whilst we take appropriate technical and organisational measures to safeguard your personal data, it is important that you keep your login details and devices protected from unauthorised access.

The personal data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by companies operating outside the EEA who work for us or for one of our service providers. If we do this we ensure that your privacy rights are respected in line with this Policy. The most common way we do this is to put in place a specific type of contract, a copy of this type of contract can be found here.

6. How long we use personal data for

We will not keep your personal data longer than we need to, the duration depends on several factors, including:

  • Why we collected it in the first place;
  • How old it is;
  • Whether there is a legal/regulatory reason for us to keep it;
  • Whether we need it to protect you or us

7. Cookies and similar technologies

We and our partners use cookies and similar technologies, such as tags and pixels (“Cookies”), to personalise and improve your customer experience as you use our Websites and Mobile Apps and to provide you with relevant online advertising. This section provides more information about Cookies, including how we use them and how you can exercise your choices about our use of Cookies.

7.1. How we use cookies

Cookies are small text files containing a unique identifier, which are stored on your computer or mobile device so that your device can be recognised when you are using a particular website or mobile app. They can be used only for the duration of your visit or they can be used to measure how you interact with services and content over time. Cookies help to provide important features and functionality on our Websites and Mobile Apps, and to improve your customer experience. Cookies can also be used help us to detect fraudulent activity or to prevent security breaches and so we may record information about your device within the cookie.

7.2. Your choices when it comes to Cookies

You can use your browser settings to accept or reject new Cookies and to delete existing Cookies. You can also set your browser to notify you each time new Cookies are placed on your computer or other device. You can find more detailed information about how you can manage Cookies through your browser’s help function.

If you choose to disable some or all Cookies, you may not be able to make full use of our Websites. For example, you may not be able to add items to your shopping basket, proceed to checkout, or use any of our products and services that require you to sign in.

Cookies work differently on Mobile Apps as they are coded into the App itself and will use a unique identifier created by your mobile device for use for advertising activities. You can turn off or reset this advertising identifier through your mobile device’s privacy settings.