On Friday, May 25th, 2018, the new European directive has come into force, ie. The General Data Protection Regulation (hereinafter: GDPR), which aims to enable individuals to better control personal data and to unify and raise the level of protection of personal data in the EU. Because in the Republic of Slovenia the new Personal Data Protection Act (ZVOP-2) has not yet been adopted, stricter rules of the GDPR apply, which requires, inter alia, your explicit, unequivocal and concrete consent for sending you invitations and other information.
2. The personal data controller
The controller of personal data processed in accordance with the applicable legislation and GDPR is company Simarine d.o.o., Ulica Škofa Maksimilijana Držečnika 6, 2000 Maribor.
3. Protection of personal data and retention
Simarine d.o.o. in accordance with the GDPR and the applicable legislation provides adequate protection and protection of the personal data of our clients. We store your personal information safely and we have taken all precautions to protect your personal information from loss, misuse, and tampering. We will not forward your information to third parties to the extent that exceeds the permitted limits or your consent or consent. Your personal information will be retained until your cancellation or only as long as it is necessary to achieve the purpose for which they were collected. If there is no fixed retention period or if the retention period fixed for the storage of personal data expires, personal data is blocked or deleted in accordance with the requirements of the GDPR.
Simarine d.o.o. process your personal information received on the basis of your application on the web form (name and surname, e-mail address) with the intention of sending you e-news. Personal data received from your site on the basis of the purchase of a product on our website is processed exclusively for the purpose of implementing the sales contract. So, If you choose a direct payment gateway to complete your purchase, then Simarine stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards. Your purchase transaction data is stored only as long as it is necessary to complete your purchase transaction. After that, your purchase transaction information is deleted. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Terms of Service.
We will store and protect personal data in a way that will not cause any unwarranted disclosure of data to unauthorized persons. At the same time, we undertake not to provide personal information to a third party without obtaining the written consent of the individual, except for the contracted processors.
You can revoke your consent regarding the use or processing of your personal information at any time. For this purpose, you can send us your request at any time by e-mail: firstname.lastname@example.org or by post to the address mentioned in point 2.
From website visitors we collect information, by using Google Analytics, about which pages you visit on our website, how often, how long you stay there, etc. Based on this information, we can see how many visitors visit our website, which parts of the website are most interested in them, whether they have any problems when visiting, or, if they are very interested in our website, we try to display our ads when they visit the website (so-called remarketing).
Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.
_session_id, unique token, sessional, Allows Simarine to store information about your session (referrer, landing page, etc).
_ simarine _visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
_ simarine _uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
5. Integration of the Trusted Shops Trustbadge
Following an order, the Trusted Shops Trustbadge is incorporated into this web page in order to display our Trusted Shops trustmark for buyers and the eventually collected reviews, as well as the Trusted Shops product offer.
In balancing the various interests, this serves to safeguard our legitimate prevailing interests in an optimised marketing of our offer. The trustbadge and the services advertised are an offer of Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Köln.
Whenever a trustbadge is called up, the web server automatically stores a so-called server log file which contains, for example, your IP address, the date and time of retrieval, the data volume transferred and the requesting provider (access data), and documents the retrieval. This access data will not be evaluated and will be automatically overwritten seven days after your visit to the page.
Other personal information will only be transferred to Trusted Shops if you decide, after completing an order, to use Trusted Shops products or have already registered for their use. In this case, the contractual agreement between you and Trusted Shops applies.
6. Individual rights and in case of violations
Every individual has the right to revoke consent, the right to insight, the right to be informed regarding his / her personal data, the right to correct and amend his personal data, the right to restrict or delete of his personal data and the right to transfer, by informing us in writing by post to the address referred to in point 2 or via e-mail email@example.com. At the address indicated, an individual may also submit an objection concerning the processing of his personal data. However, an individual may also submit an objection of the processing of his personal data directly to the competent supervisory authority, i.e. Information Commissioner of the Republic of Slovenia or demand a judicial protection.
Simarine d.o.o, on May 25, 2018