COOKIES AND PRIVACY

Dear visitor,

You are on the official website of DAT-CON d.o.o., Cvetlična ulica 52, 3313 Polzela, Slovenia, EU.

The DAT-CON company monitors website visits in order to improve the user experience and monitor website operation. Because of this and in relation to social network access, cookies may be uploaded to your device when you visit the DAT-CON website.

Cookies are small files that store the user’s online settings and preferences through browsers. Almost every website uses them. The web browser downloads them upon your first visit to a website. Upon your next visit to the same site via the same device, the browser can check whether the cookie containing the website name is already present. If the cookie is found, the data from the website is used for communication with the website through the cookie. Consequently, the website receives the information that the user has previously already visited the website. In some cases, the website can adjust the displayed content to the specific user, which may improve the user experience.

The DAT-CON website uses the following cookies:

ESSENTIAL COOKIES

Cookie Domain Validity Description
pll_language www.dat-con.si 1 year The pll _language cookie is used by Polylang to remember the language the user selects when returning to the site and also to obtain language information when it is not available in any other way.
ytidb::LAST_RESULT_ENTRY_KEY youtube-nocookie.com never The ytidb::LAST_RESULT_ENTRY_KEY cookie is used by YouTube to store the last search result entry that the user clicked on. This information is used to improve the user experience by providing more relevant search results in the future.
privacy_embeds www.dat-con.si 60 days Our site sets this cookie to remember users’ consent preferences so that their preferences are taken into account on their subsequent visits to this website. It does not collect or store any personal information of website visitors.

ANALYTICS COOKIES

Cookie   Domain Validity Description
_ga .dat-con.com 2 years Main cookie used by Google Analytics. It makes it possible to distinguish one visitor from another and is deleted two years after installation. The cookie is used by every website that uses Google Analytics, including Google services. Each “_ga” cookie is unique to a specific property and cannot be used to track an individual user or browser on unrelated websites.
_ga_* .dat-con.com 2 years A cookie used by Google Analytics. Used to maintain session state.
_gid .dat-con.com 1 day The _gid cookie installed by Google Analytics stores information about how visitors use the website and at the same time creates an analytical report on the website’s performance. Some of the information collected includes the number of visitors, their source and the pages they visit anonymously.
_gat_gtag_UA_* .dat-con.com 1 minute Google Analytics sets this cookie to store a unique user ID.

MARKETING COOKIES

Cookie   Domain Validity Description
YSC .youtube.com session The YSC cookie is set by Youtube and is used to track views of embedded videos on Youtube pages.
VISITOR_INFO1_LIVE .youtube.com 6 months A cookie set by YouTube to measure bandwidth, which determines whether the user gets the new or old player interface.
VISITOR_PRIVACY_METADATA .youtube.com 6 months YouTube sets this cookie to store the state of the user’s cookie consent for the current domain.
yt.innertube::nextId youtube-nocookie.com never This cookie, set by YouTube, registers a unique ID to store data about which YouTube videos the user has seen.
yt.innertube::requests youtube-nocookie.com This cookie, set by YouTube, registers a unique ID to store data about which YouTube videos the user has seen.

UNCATEGORIZED COOKIES

Cookie Domain Validity Description
__Secure-ROLLOUT_TOKEN .youtube.com 6 months
iU5q-!O9@$ youtube-nocookie.com session
-4335b8c1-79324e40 youtube-nocookie.com session

DAT-CON only uploads non-essential cookies to your device, used to access the site if you consent to this transfer by clicking the “I agree” button in the pop-up box on the website. If no consent is given, DAT-CON will not upload any non-essential cookies, which may result in limited user experience when browsing the DAT-CON website.
By clicking the “I agree” button, you explicitly confirm that you have read and understood the policies of third parties relating to third-party cookies. You agree to have such third-party cookies transferred to your device and confirm that you understand the potential use of the data collected through the above-mentioned third-party cookies.
If you want to block or delete the uploaded cookies, you can do so in your browser settings at any time. Most browsers allow you to accept, reject or delete cookies. Please refer to the browser instructions on how to delete cookies. If you have any problems with blocking or deleting cookies or if you have any other questions regarding this policy, you can contact our technical support at info@dat-con.si or use other published contact details.

PRIVACY POLICY

The purpose of the privacy policy is to inform individuals, customers, users of products or services, colleagues, employees and other persons (hereinafter: “individual”) who interact with the company

DAT – CON d.o.o. (hereinafter: “the company”), on the purposes, legal bases, security measures and rights of individuals regarding the processing of personal data carried out by the company.

We value your privacy, so we always carefully protect your data.

We process personal data in accordance with applicable personal data protection legislation and other legislation that provides us with a legal basis for processing personal data.

Any changes to this document will be posted on our website. By using the website, you confirm that you are familiar with the full content of the privacy policy.

Personal data controller:

DAT – CON d.o.o.

Cvetlična ulica 52

3313 Polzela

email: info@dat-con.com

phone: +386 3 7033 300

Website: www.dat-con.com

Data Protection Officer:

Mrs. Mirjana Lovrek Drofelnik

email: dpo@dat-con.com

phone: +386 51 324 355

Website: /

1) Personal data

Personal data means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as: a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

2) Purposes of processing and grounds for data processing

The company collects and processes personal data on the following legal bases:

  • the processing is necessary for compliance with a legal obligation to which the controller is subject;
  • the processing is necessary for the performance of a contract to which the data subject is a party, or in order to take steps at the request of such a data subject prior to entering into a contract;
  • processing is necessary for the purposes of the legitimate interests pursued by the controller or a third party;
  • the data subject has consented to the processing of his or her personal data for one or more specific purposes;
  • processing is necessary to protect the vital interests of the data subject or another natural person.

At DAT – CON d.o.o. we carry out video surveillance. With the help of video surveillance (cameras are installed around the entrances to the organization), we monitor the entry and exit of premises (based on Article 77 of the ZVOP-2). We also carry out video surveillance for the purpose of protecting individuals (users, employees and visitors) and the property of the organization (based on legitimate interest as defined in point (f) of paragraph 1 of Article 6 of the General Regulation). The recordings are stored for 60 days. We do not carry out video surveillance in a way that would have a specific impact on the processing. Video surveillance also does not allow for unusual further processing, such as transfers to entities in third countries, live monitoring of events, the possibility of audio intervention in the event of live monitoring of events. All information regarding the implementation of video surveillance can be obtained at the telephone number or e-mail address vop@dat-con.com.

The rights of individuals are described in this Privacy Policy.

Implementation of the concluded contract

In cases where an individual concludes a contract with a company, this constitutes the legal basis for the processing of personal data. The company may process personal data for the purpose of concluding and performing the contract, such as selling goods and services, preparing an offer, participating in various programs, etc. If the individual does not provide personal data, the company cannot conclude the contract, nor can the company perform the service or deliver goods or other products in accordance with the concluded contract, as it does not have the necessary data for the performance. On this basis, the company processes only and exclusively those personal data that are necessary for the conclusion and proper performance of contractual obligations.

The legal basis for data processing is a contract. The retention period is until the purpose of the contract is fulfilled or up to 6 years after the termination of the contract, except in cases where a dispute arises between the individual and the company in relation to the contract. In such a case, the company stores the data for 10 years after the finality of the court decision, arbitration or court settlement or, if there was no court dispute, 5 years from the date of a peaceful resolution of the dispute.

Legitimate interest

The Company may also process personal data on the basis of a legitimate interest pursued by it. The latter is not permissible where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data. In the case of the use of a legitimate interest, the Company shall carry out an assessment in accordance with the law.

The company may process personal data of individuals that it has collected from publicly available sources or within the framework of the lawful performance of its activities, including for the purposes of offering goods, services, employment, informing about benefits, events, etc. To achieve these purposes, the company may use regular mail, telephone calls, e-mail and other means of telecommunication. For the purposes of direct marketing, the company may process the following personal data of individuals: name and surname of the individual, permanent or temporary address, telephone number and e-mail address. The company may process the aforementioned personal data for the purposes of direct marketing even without the express consent of the individual. The individual may at any time request the termination of such communication and processing of personal data and cancel the receipt of messages via the unsubscribe link in the received message or send a request by e-mail or regular mail to the company’s address.

The legal basis for data processing is legitimate interest. The data will be processed until you cancel your subscription or until the purpose of the processing has been fulfilled. Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.

 

Processing based on consent or agreement

If the company does not have a legal basis based on law, contractual obligation, legitimate interest or protection of the life of the individual, it may ask the individual for consent or consent. Thus, it may also process certain personal data of the individual for the following purposes, when the individual provides consent for this:

  • residential address and email address (for notification and communication purposes);
  • photographs, videos and other content relating to an individual (e.g. publishing images of individuals on a website for the purposes of documenting activities and informing the public about the company’s work and events;
  • other purposes for which the individual agrees to consent.

If an individual gives consent to the processing of personal data and at some point no longer wishes to do so, they may request the termination of the processing of personal data by sending a request by e-mail or regular mail to the company’s address. The withdrawal of consent does not affect the lawfulness of the processing based on consent before its withdrawal. After receiving the withdrawal or request for deletion, the data will be deleted no later than 15 days. The company may also delete this data before the withdrawal, when the purpose of the processing of personal data has been achieved or if the law so provides.

Exceptionally, the company may refuse a request for deletion for reasons set out in the General Regulation in cases of exercising the right to freedom of expression and information, compliance with a legal obligation to process, reasons of public interest in the field of public health, archiving purposes in the public interest, scientific or historical research purposes, statistical purposes, and the exercise or defence of legal claims.

The legal basis for data processing is consent. The data will be processed until the consent is revoked or withdrawn or until the purpose of the processing is fulfilled. The withdrawal of consent does not affect the lawfulness of processing based on consent before its revocation.

Protection of the vital interests of the individual

The company may process the personal data of the data subject if this is necessary to protect his vital interests. In urgent cases, the company may search for the individual’s personal document, check whether this person exists in its database, examine his medical history or contact his relatives, for which the company does not need the individual’s consent. The above applies if this is necessary to protect the individual’s vital interests.

5) Storage and deletion of personal data

The company will store personal data only for as long as necessary to achieve the purpose for which the personal data were collected and processed. If the company processes data on the basis of the law, it will store it for the period prescribed by law. Some data is stored during the cooperation with the company, while some data must be stored permanently. Personal data that the company processes on the basis of a contractual relationship with an individual is stored by the company for the period necessary to perform the contract and for 6 years after its termination, except in cases where a dispute arises between the individual and the company in relation to the contract. In such a case, the company will store the data for 10 years after the finality of a court decision, arbitration or court settlement or, if there was no court dispute, for 5 years from the date of a peaceful resolution of the dispute. Personal data that the company processes on the basis of the individual’s personal consent or legitimate interest will be stored by the company until the consent is revoked or until a request is made to delete the data. Upon receipt of the revocation or request for deletion, the data will be deleted without undue delay. The company may also delete this data before revocation when the purpose of processing the personal data has been achieved or if so required by law. In the event of exercising the rights of an individual, the company stores the personal data of that individual until a final decision has been made on the matter, and after the final decision has been made in accordance with the final decision in the matter.

Exceptionally, the company may refuse a request for erasure for reasons such as: exercising the right to freedom of expression and information, compliance with a legal obligation to process, reasons of public interest in the field of public health, archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, the exercise or defense of legal claims. After the retention period has expired, the company must effectively and permanently delete or anonymize the personal data so that it can no longer be associated with a specific individual.

6) Contractual processing of personal data and data export

The company may entrust individual processing of personal data to a contractual processor on the basis of a contractual processing agreement. Contractual processors may process the entrusted data exclusively on behalf of the controller, within the limits of its authorization, which is stated in a written contract or other legal act, and in accordance with the purposes defined in this privacy policy.

The contract processors with which the company cooperates are mainly:

  • accounting services and other providers of legal and business advice;
  • infrastructure maintainers (e.g. video surveillance, security services);
  • information systems maintainers;
  • email service providers and software and cloud service providers (e.g. Microsoft, Google);
  • social media and online advertising providers (Google, Facebook, Instagram, etc.).

For the purposes of better oversight and control of contractual processors and the regulation of the mutual contractual relationship, the company also maintains a list of contractual processors, which lists all specific contractual processors with whom the company cooperates.

The company will not under any circumstances provide personal data of an individual to unauthorized third parties. Contractual processors may only process personal data within the framework of the company’s instructions and may not use personal data for any other purposes.

The company as the controller and its employees do not transfer personal data to third countries.

7) Cookies

The company’s website operates using so-called cookies, which are important for providing online services and are used to store data about the status of an individual website, to help collect statistics about users and website visits, etc. When entering the website, only those cookies that are absolutely necessary for the website to function (e.g. for the shopping cart) are downloaded to the device. Other cookies will only be downloaded with the individual’s consent. The individual can change the settings and delete cookies at any time (instructions can be found on the websites of individual browsers).

8) Data protection and data accuracy

The company takes care of information security and infrastructure security (premises and application – system software). Our information systems are protected, among other things, by antivirus programs and a firewall. We have implemented appropriate organizational and technical security measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access, and against other unlawful and unauthorized forms of processing. In the case of the transmission of special types of personal data, we transmit them in encrypted form and protected by a password. The individual is responsible for transmitting their personal data securely and for the data transmitted to be accurate and reliable.

9) Individual rights regarding data processing

The data subject has the right to request access to personal data and the rectification or erasure of personal data or restriction of processing concerning him or her, as well as the right to object to processing and the right to data portability. The individual’s request will be handled in accordance with the provisions of the General Regulation and applicable personal data protection legislation.

All of the above rights and all questions can be exercised by an individual by sending a request to the company’s address. The company will respond to the individual’s request without undue delay, no later than one month after receiving the request. This deadline may be extended by a maximum of two additional months, taking into account the complexity and number of requests, of which the individual will be informed, together with the reasons for the delay. Exercising rights is free of charge for the individual, but the company may charge a reasonable fee if the request is clearly unfounded or excessive, in particular if it is repeated. In such a case, the company may also reject the request. In case of doubt about the identity of the individual, additional information that the company needs to establish the identity may be requested.

In the decision on the individual’s request, the company will also inform the individual of the reasons for the decision and information about the right to file a complaint with the supervisory authority within 15 days of being informed of the decision. The individual may exercise the right to file a complaint with the supervisory authority at: The Information Commissioner of the Republic of Slovenia at the address: Dunajska 22, 1000 Ljubljana (e-mail: gp.ip@ip-rs.si , website: www.ip-rs.si).

The privacy policy is valid from 27. 01. 2025.

Director: Stane Plaskan