PRIVACY POLICY
COMPANY INFORMATION
Celjski sejem d. d.
Company for organising fairs, sports, cultural, and entertainment events, and catering services.
Dečkova cesta 1, Celje 3000
Tax ID: SI51469243
Registration Number: 5159636000
TRANSACTION ACCOUNTS
NLB d.d.
IBAN: SI56 0223 4001 2540 790; SWIFT BIC: LJBASI2X
NOVA KBM d.d.
IBAN: SI56 0400 1005 0327 954; SWIFT BIC: KBMASI2X
NOVA KBM d.d.
IBAN: SI56 0483 5000 3398 840; SWIFT BIC: KBMASI2X
Addiko Bank d.d.
IBAN: SI56 3300 0000 0531 163; SWIFT BIC: HAABSI22
DELAVSKA HRANILNICA d.d.
IBAN: SI56 6100 0000 6498 280; SWIFT BIC: HDELSI22
Executive director: Robert Otorepec
E-mail: [email protected]
The proprietor and operator of the website and shop ce-sejem.si / shop.ce-sejem.si, Celjski sejem d.d., Dečkova cesta 1, 3000 Celje (henceforth referred to as “the provider”), agrees to protect personal data collected during registration with due diligence in compliance with the Personal Data Protection Act (ZVOP-1-UPB1). Data collected by the provider for business purposes will be used only for:
sending codes to receive e-business tickets,
providing instructional materials,
sending (proforma) invoices,
notifying recipients of events and benefits,
providing any other required correspondence.
The user is also responsible for the protection of their personal data, specifically by ensuring the security of their user name and password, as well as the appropriate computer security. The provider is not responsible for the accuracy of user-entered data.
PROTECTION OF PERSONAL DATA
GENERAL
The supplier promises to maintain the privacy of users of its website and webstore as well as the confidentiality of their personal data. The provider will only use the personal information gathered to deliver the services it offers. The provider will take all necessary precautions to safeguard users of the website/store against any violations or abuses because he respects their privacy and the confidentiality of their personal data.
In some cases, the provider must transmit the user’s personal data to the company in order to fulfil its contractual obligations to the user.
PARTNERS OUTSIDE THE COMPANY
The provider maintains permanent protection for the collected personal data in compliance with the General Data Protection Regulation (GDPR), the Electronic Communications Act (Official Gazette of the RS, No. 109/12, 110/13, 40/14 – ZIN-B, 54/14 – odl. US, 81/15 and 40/17) and the Personal Data Protection Act (Official Gazette of the RS, No. 94/07) (ZVOP-1).
USAGE OF PERSONAL DATA
The provider collects, manages, processes, and stores the following user data to provide its services:
name and last name
mailing addresses for potential ticket or material delivery
businesses or legal entity title (if the user is a legal entity)
tax identification number (if the user is a legal entity)
email address,
password (encrypted)
phone number
additional data that the user voluntarily provides in online forms
additional data that the user subsequently voluntarily adds to his profile
The provider assumes no responsibility for the accuracy, completeness, or timeliness of the data entered by users.
With the exception of contractual providers, with whom the provider has a personal data protection agreement and who are contractually obligated to adhere to the same personal data protection standards as the provider, the provider does not disclose the data to third parties.
The provider collects personal data with the express consent of individuals. It preserves the consents along with their contents and the information from the form that was used to get them.
Personal data collections are stored by the provider in the Republic of Slovenia; they are not exported to other countries.
PURPOSE OF USE
The sole purpose of the personal data gathered via the websites www.ce-sejem.si and www.shop.ce-sejem.si is to fulfil service requests pertaining to the provider’s operations.
The user grants permission to the provider to process and store the forwarded personal data in compliance with the Personal Data Protection Act by participating in prize games or ordering newsletters via email. By providing consent, the user permits the provider to process the personal data collected for the the purposes of sampling, surveying and statistical processing of data, for determining the use of services, adjusting the offer and segmentation, for market research, informing about the offer, news and benefits, for sending news via e-mail, phone number and other advertising material, informing users about the services of the website www.ce-sejem.si and the provider, as well as related persons and for other forms of use of the provided data to which the user of the website specifically consents. The collected data will not be shared with third parties.
The provider may use the designated data for its own purposes up until the consent is withdrawn by a request to have personal data deleted from the database. When managing personal data, the individual has the option of viewing and updating data in the database upon request.
IMPLEMENTATION OF PRIVACY POLICY
Using the Personal Data Protection Policy, the provider governs how personal data is protected in compliance with the Personal Data Protection Act.
Every employee of the company, whether on a contract or regular basis, who has access to personal and other user data is aware of the obligations outlined in the Personal Data Protection Policy, including the need to protect such data. They have a duty to follow these guidelines regarding the privacy of website visitors and the confidentiality of personal data. Even if the relationship with the provider is terminated, the obligation to protect personal and other data remains in effect forever.
Users who have registered may cancel their registration at any time and stop using the website. They can do this by submitting a written notice of registration revocation. The user must pay off any outstanding debts related to purchases made on the website before receiving a statement of registration revocation. Even after registration is cancelled, the provider will uphold this privacy policy’s guarantees of the privacy of users of the website and the confidentiality of their personal data.
CHILD SAFETY
Advertising messages will be clearly identifiable (age-appropriate) and separate from games and competitions. All correspondence meant for younger audiences will be age-appropriate and refrain from taking advantage of their trust, inexperience, or sense of loyalty. If someone is known or suspected to be a child, the provider will not accept orders from them without the express consent of their parents or legal guardians.
The provider will not gather any personal data about children without the express consent of their parents or legal guardians. Similarly, the provider shall not disclose to third parties any data obtained from children, with the exception of parents or guardians. The provider may not provide unrestricted access to products or services that are harmful to children.
INFORMATION AND ERASURE RIGHTS
You have the right to access information about the personal data we hold about you and the right to have that data deleted. If you have any questions about the erasure, processing, or use of your data, please contact us at [email protected] or send us a request by regular mail.
Notifications: When you subscribe to receive notifications, your email address, phone number, and name will be used—with your consent—for promotional purposes until you unsubscribe. Only if you check the box during ordering that permits subscription to notifications are you subscribed to receive them.
By sending an email to [email protected] or selecting the “Unsubscribe” link found at the bottom of promotional emails, you can unsubscribe from the notifications database at any time.
Every individual whose provider collects, stores, and processes their personal data has the following rights over that data:
Right to be forgotten – if an individual no longer wants their personal data held and processed by the processor and provided that there are no legal reasons for their further retention, they can request the processor to delete their data at any time.
Right to know how long personal data is retained.
Right to request correction, deletion, or lodge a complaint.
Right to portability – if desired, an individual can request the processor to provide them with personal data related to them that they have provided to the provider in a structured, commonly used, and machine-readable format.
Right to remedy and sanctions – an individual has the right to lodge a complaint with the supervisory authority, as well as the right to legal remedies against the decision of the supervisory authority or in case of non-action by the supervisory authority, the right to compensation and liability.
Right not to be subject to measures based solely on profiling, analysis, or predictions using automated processing means.
Right to withdraw consent – an individual has the right to withdraw consent for further processing of personal data, especially in the case of direct marketing.
PROCEDURE FOR ASSERTING RIGHTS
I am aware that written requests for the assertion of rights regarding personal data may be made to the provider at [email protected], which is the email address provided above.
I am aware that the provider may ask for further information from me in order to ensure reliable identification in the event that I want to assert my rights regarding personal data. The provider may only deny action if he is unable to reliably identify me.
I am aware that, within a month of receiving my request, the provider is required to promptly respond to me in order to grant my requests for rights regarding the aforementioned personal data.
Until consent is withdrawn for the provider to store and process an individual’s personal data, the provider keeps the information. The user has the option to request that their personal data be quickly and permanently deleted from the provider, or they can withdraw their consent to receive electronic communications by sending a written request to [email protected].
ADDITIONAL
In compliance with laws governing the protection of personal data, the provider is dedicated to safeguarding users’ personal data when using its website. Unless required by law, governmental authorities, or in good faith that such action is necessary for legal proceedings or other government agencies, as well as to protect and enforce the legitimate interests of the company, the provider will never, under any circumstances, disclose personal or other data of the user to any third party without the user’s express permission or grant a third party access to the user’s personal or other data.
All personal and other data provided by the user when signing up on the website, as well as when ordering products, including the content of orders, will be safeguarded in accordance with regulations governing personal data protection. The provider will not use this data in any manner that would harm the user or any other involved party. The user’s data will not be used by the provider for sending promotional emails or other unwanted promotional materials unless explicitly subscribed to by the user or expressly consented to. The provider may use the data in anonymized summary form for statistical analysis purposes. The confidentiality of personal and other data of users will not be violated in any form.
MARKETING VIA ELECTRONIC COMMUNICATIONS
For managing the e-mail marketing subscriber list and sending e-mails to our subscribers, we use SqualoMail. SqualoMail is a third-party provider that may process your data using industry-standard technologies to help us track and improve our e-mail communications.
SqualoMail’s privacy policy is available at www.squalomail.com/sl/lastnosti/pogoji-poslovanja. You can unsubscribe from our e-mail communications by clicking the unsubscribe link at the end of each newsletter.