Privacy policy
Before you start reading the privacy policy, know that behind the legal file below is an honest, well-intentioned company that respects its customers and always tries its best to help them in one way or another in the business field. We can also tell you right from the start that we do not do any bizarre or harmful things with your (personal) data… and that in accordance with the law and the official thoughts below, you can request the deletion of your data or unsubscribe from receiving our messages at any time.
PRIVACY POLICY
GUARDIAN ENTERPRISES d.o.o., registration number 9685774000, with registered office at Štihova ulica 13, 1000 Ljubljana (hereinafter the company), as a data controller, informs you with this notice of the way your personal data is processed and protected.
1. What kind of processing does this notice refer to?
This notice deals with the processing of personal data of visitors to our website donnapro.com.
2. What information do we collect about you?
When you contact us, we collect and process your personal data (for example, information you provide to us by filling in forms on our website (the “Website”) or by phone, email, or otherwise). This includes information you provide when you register to use our website, when you subscribe to our service, place an order on our website, participate in discussions or other social media features, enter a prize draw, participate in a promotion or survey, or complete an application form. The information you provide to us may include your name, address, e-mail address, phone number, personal description and photo, age, date of birth, gender, and any other information defined in each case.
We do not collect or process specific types of (sensitive) personal data (e.g., information about your medical condition, sexual orientation, race, or ethnicity) unless (i) the sensitive personal data is relevant to the particular purpose for which we are processing it; (ii) we are required to do so by law; or (iii) you have separately provided us with your explicit consent. When you voluntarily provide us with personal information (including sensitive personal information) through contact with our website, we will delete such personal data from our systems if we believe that the processing of such data is not necessary for a legitimate purpose, unless you have made such data available to the public. In such cases, we will delete the data from our websites only if required by law or if we do not want to keep them.
Every time you visit our website, we automatically collect the following information:
- Technical Data: This may include the Internet Protocol (IP) address used to connect your computer to the Internet, login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, device type, and mobile device brand. This data may be collected and processed by third-party cookies on our behalf.
- Information About Your Visit: This may include the full Uniform Resource Locators (URL) clickstream to, through, and from our website (including date and time), information about pages viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse movements), and methods used to browse away from the page.
We may also obtain your personal data from third parties, such as business partners, subcontractors, advertising networks, analytics providers, search information providers, or credit rating agencies. Additionally, when visiting and registering on our online platforms, we may obtain your personal data from unaffiliated social media providers (e.g., Facebook, Gmail) if you voluntarily choose to register through their platforms.
3. How do we use your personal data and on what legal basis?
We may process your personal data based on the following legal bases:
- Contractual Necessity: To fulfill a contract we have entered into with you.
- Legal Obligation: To comply with a legal obligation (e.g., under laws governing criminal liability).
- Legitimate Interest: Where necessary for our legitimate interests (or those of a third party) and your interests do not override these.
- Vital Interests: To protect your vital interests or those of others.
- Consent: When you have provided consent for specific processing activities.
We use your personal data for various technical, administrative, and operational purposes, such as:
- Ensuring that content is presented in the most effective way.
- Improving our website, including usability.
- Administering the website, including troubleshooting, data analysis, testing, and research.
- Conducting marketing, including targeted marketing, to show you content that may be of interest.
- Keeping our website safe and secure.
- Measuring or understanding your preferences regarding program content.
- Providing relevant content and advertising.
- Enabling participation in interactive features of our services.
4. Automated Decision-Making and Profiling
We may use automated decision-making or profiling to provide you with tailored services or content. You have the right to request human intervention in any decision made this way and to contest the decision.
5. How and to whom do we disclose your personal data?
We will not sell your personal data to third parties.
Within the company, only a limited number of team members have access to your personal data based on the need to fulfill their work obligations. These team members are bound by confidentiality agreements. We may share your personal data with:
- Service Providers: For administrative, professional, and technical support, including IT, security, and business resources.
- Business Partners, Suppliers, and Subcontractors: For fulfilling any contract we enter into with you.
- Advertisers and Advertising Networks: To select and display relevant advertisements. However, we do not disclose identifiable information; we only provide aggregate data.
- Analytics and Search Engine Providers: To help us improve and optimize our website.
- Government or Law Enforcement Authorities: If required by law or necessary to enforce our rights.
- Affiliates: Including our subsidiaries or ultimate holding company, as needed.
If we transfer your personal data outside the EEA, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.
6. Data Security
We store your personal data on our own servers and on servers hosted by third parties (including cloud-based services). We have implemented appropriate technical and organizational measures to protect your personal data and prevent unauthorized access. For services hosted by third parties, we have entered into agreements that include obligations regarding data security.
While we strive to protect your data, transmission over the Internet is not completely secure. Any data transmission is at your own risk, but we will implement strict security measures upon receipt of your data.
7. Your Rights
You have the right to:
- Request confirmation of whether your personal data is being processed.
- Access a copy of your personal data.
- Request corrections to your personal data.
- Request the deletion of your personal data.
- Request the transfer of your personal data to you or another entity (data portability).
- Object to the processing of your personal data.
- Withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
- Lodge a complaint with the competent data protection authority.
Please note that your rights may be subject to certain limitations under applicable data protection laws.
8. Data Breach Notification
In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant data protection authorities within 72 hours of becoming aware of the breach, as required by applicable law.
9. Retention Periods for Your Personal Data
We retain your personal data for as long as necessary to fulfill the purposes outlined in this notice or as required by law. Specific retention periods are detailed in our Data Retention Policy. If you would like more information about our retention periods, please contact us at [email protected].
10. Data Protection Officer (DPO)
The designated DPO for GUARDIAN ENTERPRISES d.o.o. is CEO Filip Pesek Omerzel.
11. Children’s Privacy
Our website does not knowingly collect personal data from individuals under the age of 18. If we discover that we have collected personal data from a child under 18, we will delete it immediately unless a parent or guardian consents to the processing.
12. Cookies and Social Media Plugins
Our website uses cookies to enhance user experience and distinguish between users. For detailed information about the cookies we use, please refer to our Cookie Policy, which is available at the bottom of each website page.
Our website may include social media features, such as Facebook, LinkedIn, or YouTube buttons. These features may collect information about you and may set a cookie to ensure proper functionality. Data collected through these features is governed by the privacy policy of the respective social media company.
13. Links to Other Websites
Our website may contain links to third-party websites that are not under our control. We encourage you to read the privacy policies of any third-party sites you visit, as we are not responsible for their content, privacy practices, or policies.
14. International Data Transfers
Your personal data may be transferred to and stored at destinations outside the EEA. When this occurs, we ensure that appropriate safeguards are in place, including Standard Contractual Clauses or other legal mechanisms, to protect your data.
15. Right to Lodge a Complaint
If you believe that your data protection rights have been violated, you have the right to lodge a complaint with the relevant data protection authority. In Slovenia, this is the Information Commissioner.
16. Changes to the Privacy Policy
GUARDIAN ENTERPRISES d.o.o. reserves the right to modify these Privacy policy at any time. Clients will be notified of such changes via email, and the updated versions will be made available on our website. The new terms will take effect 30 days after being published online. Continued use of our services after such changes take effect constitutes your acceptance of the updated terms.
17. Contact Us
If you have any questions or concerns regarding the processing of your personal data or if you wish to exercise any of your rights, please contact us via email at [email protected].
We are here to assist you and ensure that your data privacy rights are respected.