Privacy Protection Policy
This Privacy Protection Policy is in force for every user compliant with the Terms and Conditions of the website slogi.si, as well as for the entire website, including its subpages and applications. A user is each legal or natural person who uses or visits the abovementioned website (henceforth: the user).
Personal Data Protection
SLOGI respects the privacy and security of the users’ personal data. We hereby commit to only use your personal data for the purposes that are cited below in the Privacy Protection Policy. Your personal data is meticulously kept in compliance with the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/ES) (henceforth: GDPR) and other legal regulations that regulate the field of personal data protection.
Controller of Personal Data
The controller of personal data gathered on the website slogi.si is the Slovenian Theatre Institute (SLOGI), Mestni trg 17, 1000 Ljubljana (henceforth: the controller).
Data Protection Representative
SLOGI has named a representative for data protection. She is available at firstname.lastname@example.org.
Passing Personal Data to Third Parties, Third Countries, or International Organizations
SLOGI does not pass personal data to third parties, into third countries, or to international organizations.
Exempt from this are the statistical data on the visits and use of the websites that use the web platforms Google Analytics, Twitter, Facebook, YouTube, Instagram, Pinterest, LinkedIn, and the web platform MailChimp for electronic newsletters that contain news, offers, and electronic invitations to events.
The web platforms Google Analytics and MailChimp have their own Terms and Conditions that assure they operate in compliance with the General Data Protection Regulation (GDPR) and confirm that they have obtained the certificate of compliance with the EU-U.S. Privacy Shield Framework.
Types of Personal Data, Legal Standing, and the Purpose of Processing
Based on the users’ consent, SLOGI collects and processes personal data on its site slogi.si.
Processing Based on Consent
An individual user whose personal data is being processed based on consent can give their consent for the processing of personal data separately for each specific purpose. The user to whom the data belongs can revoke their given consent at any time for any of the specific purposes in a simple and easily-accessible manner. To revoke the consent, the user may contact email@example.com.
The SLOGI newsletter serves to inform users of news and offers at SLOGI and to send electronic invitations to SLOGI events or partner events. Based on consent, SLOGI collects and processes the following personal data of each user: the user’s email address, the date and time when they signed up, as well as the IP and location from which the newsletter sign-up was completed.
The user can unsubscribe from the SLOGI newsletter at any time by clicking the marked link in the received electronic message or by sending a notification to firstname.lastname@example.org.
The user may contact SLOGI with an inquiry through the forms on the website slogi.si, which require the following personal data: the user’s email address, the name of their organization and a contact telephone number. SLOGI will use the data to communicate with the user about this inquiry for the time of this communication. If the users do not provide their contact details, SLOGI will have no way of contacting them.
Personal Data Protection
To ensure the protection of personal data, SLOGI performs technical and organizational processes and measures following good practice from the field of information protection or through contracted partners. They do so by: protecting the applicative programming equipment used for processing personal data, preventing unauthorized access to personal data when data is being moved, including the move through telecommunication means and networks, guaranteeing an efficient way of deleting personal data, protecting the offices, as well as the hardware and the software, and enabling access to information about when certain personal data was processed and by whom for the time frame in which the data is stored.
In compliance with the laws that regulate the area of personal data protection, each individual has the following rights:
The Right to Access
An individual to whom the personal data pertains has the right to receive a confirmation from the controller on whether their personal data is being processed. If it is, the individual has the right to access it.
The Right to Rectification
An individual to whom the personal data pertains has the right to demand that the controller rectify any incorrect personal data pertaining to them without unnecessary delays. An individual to whom the personal data pertains has the right to complete the personal data, taking into account the purpose of the processing.
The Right to Erasure (“The Right to be Forgotten”)
An individual to whom the personal data pertains has the right to demand that the controller erase any personal data connected to them without unnecessary delays, and the controller has the duty to erase that data without unnecessary delays.
The Right to Digital Portability
An individual to whom the personal data pertains has the right to receive the personal data connected to them that they have passed to the controller in a structured, widely-used and mechanically-readable form, and the right to pass that data to another controller without being restricted by the controller who was provided with the personal data.
The Right to Object
An individual to whom the personal data pertains has the right to object to the processing of any personal data connected to them based on reasons related to their special position. Personal data is not used for direct marketing, including profile creation.
The Right to Issue a Complaint to the Responsible Authorities
An individual to whom the personal data pertains has the right to issue a complaint concerning the processing of their information directly to the responsible authority – the Information Commissioner of the Republic of Slovenia.
Ways of Asserting an Individual’s Rights
An individual to whom the personal data pertains can assert their rights at any time in compliance with the General Data Protection Regulation by sending a message about a certain assertion of their rights to the data protection representative at SLOGI at email@example.com.
Changes and Validity
SLOGI holds the right to change its Privacy Protection Policy. Any changes will be published on this website.
This Privacy Protection Policy was last updated on December 21, 2018.