We work with your data legally, fairly, safely and transparently for you.
We are aware of your responsibility because you have entrusted us with your personal information.
Therefore, below are all key information regarding data processing,
our obligations and your rights in accordance with the General Protection Regulation
data (English abbreviation: GDPR).
The controller of personal data is the company FEDEO d.o.o., Lesično 5C, 3261
Lesično, Slovenia. We are available for all questions by e-mail (email@example.com).
The processing of personal data is supervised by our external authorized person for
data protection (English card: DPO), which constantly monitors compliance
treatments with applicable regulations and international standards, assesses the effects
processing of personal data and cooperates with supervisory authorities. For everyone
questions or assistance in exercising your rights is after the transitional
available at the registered office of our company, by phone or
2 TYPES OF DATA
The company FEDEO for the management of online sales and online stores processes
- about users (username, password);
- the device from which you use the online stores (eg data on
device, operating system, hardware and software versions,
language of use and the like);
- about your interests and purchases (information about products, date and time
purchase, amount, method of payment, issued invoice and the like);
- - log data (eg connection date and time, internet protocols,
fault or crash data).
To ensure a friendly and useful visit to our websites and
using our online services experience we process different types
We collect content, communication and other data that you provide or
post while using our websites. We also collect data:
- about the device you are accessing (eg operating system, versions
hardware and software, language of use);
- about the network and connection you are accessing (eg IP number, language,
- additional data from devices, if you allow us to do so (eg GPS and
related location, camera, photos, contacts);
- log data (eg date and time of visit, internet protocols,
fault or crash data).
When you are not logged in with your user account, we collect and
stored marked with unique identifiers (e.g. cookies) that are linked
with the device or browser you are using. Easier that way
we ensure that the settings are maintained during browsing sessions.
Once you are logged in with your username and account information
we collect and store along with other data from your user
account and protect them as personal data.
3. PURPOSES AND USE OF DATA PROCESSING
We process personal data for the following purposes and in accordance with yours
consent to cancellation or our legitimate interests of the operator or
third parties at a specific time when necessary.
We process users' personal data for the purpose of our contract
relationships, providing a friendly, secure and efficient website
shopping and the security of orders and payments.
We process data for the provision, maintenance and development of our websites
sites and services and to ensure the information security of users,
services and infrastructure. We also process data for the purpose of friendly and
useful visit to our websites and services (eg tailored to you
Your consent for those purposes which are not part of legal obligations or
contractual relationship, express in different ways: by visiting ours
websites, by confirming or rejecting cookies and the like. Yours
consent can be changed or revoked at any time through the use of our
website or by sending a message to our contacts (see the first section).
We process your data as a controller. For certain services you can
in accordance with the applicable regulations, we hire contract processors (our
subcontractors) for which we fully guarantee. We do not pass on the data to others
operator. We process the data on the infrastructure that is physically located on
territory of the European Union where strict European rules on protection apply
personal data, including the General Data Protection Regulation (GDPR).
We do not transfer data to third countries (countries outside the European Union) or
We may also process your data if processing is necessary due to
legitimate interests that we pursue as a manager or a third party
person, except where such interests are outweighed by your interests or fundamental rights and freedoms which require the protection of personal data. Processing time
is related to statutory deadlines (eg limitation periods and the like).
As a manager, we operate digitally, but all decisions regarding
contractual relationships and other decisions with legal or related effects
accepted by our employees with appropriate information support. We perform
comprehensive measures to protect your rights and freedoms and legitimate interests.
You always have at least the right to personal intervention of the operator, to
expressing one's position and challenging the decision.
4. TRANSPARENCY OF PROCESSING AND YOUR RIGHTS
We strive to provide you with all the necessary information about the processing of yours
data and all your rights and obligations in this area.
Much of the data protection decisions are left to each individual.
We are different people and so are our privacy decisions. So we will with
handle your data exactly as you wish. _You can edit your selection in
your user profile.
The Constitution of the Republic of Slovenia and the valid European and Slovenian regulations guarantee you a range
privacy and personal data protection rights, in particular
- the right to be informed about the processing of your personal data
(the text you are reading is part of the exercise of this right of yours);
- the right of access to personal data means that you have rights from
us as the manager get confirmation whether they are being processed in relation to you
personal data and, where applicable, access to such personal data
data and additional information (processing purposes, data types,
data users, the existence of rights and possibilities for appeal, sources
data, possibly automated decision-making or special
- the right of correction means that you have the right to achieve that angle
the operator corrects inaccuracies without undue delay
personal information about you; having regard to the purposes of the processing,
you also have the right to complete incomplete personal data,
including the submission of a supplementary statement;
- The right to erasure, also called the "right to be forgotten" means that
you have the right to achieve that as a manager without unnecessary
without delay, we will delete personal information about you if it is met
prescribed conditions (processing is no longer required, withdrawal of consent and
absence of other legal basis, substantiated contract, illegal
processing, deletion required by applicable regulations and the like);
- the right to restrict processing means the right to achieve that angle
the controller restrict the processing of your data if you dispute
accuracy of the data or if you have lodged an objection or if it is processing
illegal or if the processing is no longer necessary for the controller but for
enforce, enforce or defend your legal claims;
- the right to portability means the right to receive personal
information about you that you have provided to us as an operator, v
structured, commonly used and machine-readable form, and the right,
to pass this information on to another controller without giving you permission to do so
obstructed in any way (applies to data that we process automatically
on the basis of consent or contractual relationship);
- the right to object means, may be against certain types of processing
your personal data (public interests, legitimate interests of the controller,
marketing purposes) whenever you object and we have to prove legitimate
interests for processing or to cease processing (always in
in the case of marketing);
- Automatic processing and profiling rights means that for you
a decision based solely on automated processing does not apply,
including profiling that has legal or similar effects in
in relation to you, unless absolutely necessary, prescribed or not
In exercising all your rights or in obtaining additional information or
our external commissioner will be happy to help you clear up your dilemmas
data protection officer (English card: DPO), who is after you transitional
available at the company's headquarters (Lesično 5C, 3261 Lesično)
or by e-mail (firstname.lastname@example.org).
Support page: https://support.pokupo.io/
If you believe that your rights or personal data protection regulations have been violated
you can appeal to the competent state authority. This is the case in Slovenia
Information Commissioner of the Republic of Slovenia (Zaloška 59, 1000 Ljubljana, telephone: 01 230
97 30, fax: 01 230 97 78, e-mail: email@example.com).
5. How we protect your personal data
We know how important it is to protect and manage your personal data. This section sets out some of the measures we have in place.
- We apply physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personal data;
- We protect the security of your information while it is being transmitted by encrypting it;
- We use computer safeguards such as firewalls and data encryption to keep this data safe;
- We only authorise access to employees and trusted partners who need it to carry out their responsibilities;
- We regularly monitor our systems for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security;
- We will ask for proof of identity before we share your personal data with you; and
- We will reveal only the last four digits of your payment card number when confirming an order.
Whilst we take appropriate technical and organisational measures to safeguard your personal data, it is important that you keep your login details and devices protected from unauthorised access.
The personal data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by companies operating outside the EEA who work for us or for one of our service providers. If we do this we ensure that your privacy rights are respected in line with this Policy. The most common way we do this is to put in place a specific type of contract, a copy of this type of contract can be found here.
6. How long we use personal data for
We will not keep your personal data longer than we need to, the duration depends on several factors, including:
- Why we collected it in the first place;
- How old it is;
- Whether there is a legal/regulatory reason for us to keep it;
- Whether we need it to protect you or us
7. Cookies and similar technologies
Cookies are small text files containing a unique identifier, which are stored on your computer or mobile device so that your device can be recognised when you are using a particular website or mobile app. They can be used only for the duration of your visit or they can be used to measure how you interact with services and content over time. Cookies help to provide important features and functionality on our Websites and Mobile Apps, and to improve your customer experience. Cookies can also be used help us to detect fraudulent activity or to prevent security breaches and so we may record information about your device within the cookie.
7.2. Your choices when it comes to Cookies
You can use your browser settings to accept or reject new Cookies and to delete existing Cookies. You can also set your browser to notify you each time new Cookies are placed on your computer or other device. You can find more detailed information about how you can manage Cookies through your browser’s help function.
If you choose to disable some or all Cookies, you may not be able to make full use of our Websites. For example, you may not be able to add items to your shopping basket, proceed to checkout, or use any of our products and services that require you to sign in.
Cookies work differently on Mobile Apps as they are coded into the App itself and will use a unique identifier created by your mobile device for use for advertising activities. You can turn off or reset this advertising identifier through your mobile device’s privacy settings.