Privacy Policy

Effective date: February 6th 2019

The website https:/torles.com (hereinafter reffered as “web service” or “website”) is operated by Torles izdelovanje lesenih predmetov Anoton Bešter s.p. (“us”, “we”, or “our”).

This page informs you of our policies about gathering, using and showing of personal data while using the website and the choices that you have as users with your personal data.

We use the users’ data to improve our web service. With using the website, the user agrees with collecting, usage and storage of this data in accordance with this policy. Notions and definitions that are used in this Privacy Policy have the same meaning as in the Terms and Conditions of the website https://torles.com, unless this Privacy Policy states elsewise.

Definitions

Web Service

Web service is the website https://torles.com, managed by Torles izdelovanje lesenih predmetov Anton Bešter s.p.

Personal data

Personal data are data about a specific or identifiable natural person (an individual), which can be directly or indirectly identified through this data.

Usage data

Usage data are data about using the service, which are collected automatically. They are collected by the website or the infrastructure that runs the website and service (e.g. data about the length of the website visit).

Cookies

Cookies are small text documents that are saved on the user’s device (computer or mobile device) by the website. These documents contain a small amount of data that helps with user’s anonymous identification.

Data controller

Data controller is a natural or legal person that alone or with others decides about the purpose of processing personal data and the way of doing it.

Data processor

Data processor is a natural or legal person that processes personal data instead of the data controller. We may use different data processors to ensure better processing of your data.

User

User is an identifiable natural person, an individual, that is using our service and is a source of personal data.

Collection and use of personal data

This website collects several types of data to offer and improve users’ online service.

Types of data collected

Personal data

While using the website, we may collect these personal data:

• Name and surname
• E-mail
• Phone number
• Address and post code, city and country of living
• Cookies and usage data

We will use the personal data for means of marketing, promotions, e-mails and other information that might interest the user based on interests, expressed in the past. The user will always have the possibility of unsubscribing of a certain or all kinds of messages. The user will be able to unsubscribe using the instructions in all messages.

Usage data

We also collect data about the user’s access to the website and the usage of our web service. These data include IP address, the type of browser that is used, the version of it, visited subpages on our website, date and time of the visit, the total time of the visit, duration of the visit of each subpage, identification of user’s specific defices and other diagnostic data.

Tracking Cookies Data

We can use cookies and other tracking technology to track and store information about the users’ activity on our website.

Other tracking technology that can be used are beacons, tags and scripts that collect data about the usage of web service with the purpose of analytics and improvement of the website.

User can their browser to refuse all cookies or notify when a cookie is sent to the website. If a user does this, they might not be able to use some parts of this web service.

Examples of data that are used on this website:

• Session Cookies These are the crucial cookies for website’s ability to work.
• Preference Cookies These cookies are used so the website can store the settings that a user saved on it for themselves.
• Security Cookies These cookies are used for providing security.

Usage of personal data

We use the collected data for different purposes:

• To provide and maintain the website
• To inform the users about changes of the web service
• To enable users to interact with different functions of the website, when they so wish
• To provide users with help and support
• To perform analysis and collect relevant information for improvement of the web service
• To control the usage of our website
• To detect, solve and prevent technical problems
• To deliver news, special offers or information about products to users

Legal basis for Processing Personal Data under the General Data Protection Regulation (GDPR)

General Data Protection Regulation (GDPR) is the legal basis on which we collect and use personal data, described in this Privacy Policy.

We can use user’s personal data because:

• We have to make a contract with the user
• The user gives us their permission
• Is the usage of this data our legitimate interest and does not overstep the rights of users
• We have to process a payment
• We have to comply with the law

Retention of Personal Data

We store personal data just as long as we necessarily need them for purposes, listed in this Privacy Policy.

We store and manage data as long as we are obliged to based on our lawful obligations (e.g. to ensure compliance with the current legislation).

We will also store Usage data for purposes of internal analysis. Usage data are usually stored for a shorter amount of time, except when it is crucial to ensure better security, better functionality of the website and when the legislation prescribes longer storage of this data.

Cross-border transfer of data and its processing

User’s personal data can be transfered and stored on computer systems out of the user’s country, where different laws about storing of personal data may apply.

If the user is not from Slovenia using the web service, they are reminded that their personal data will be transfered to Slovenia and be stored and processed there.

Agreeing with this Privacy Policy, which is followed by the submission of personal data, means also agreeing with this transit of data.

We will do anything in our power to ensure processing of data in accordance with this Privacy Policy and that no transit of personal data will be done into an organization or country that has lower standards of privacy protection than this Policy.

Personal Data Disclosure

Legal requirements

We may disclose your personal data in good faith that it is crucial to do so if:

• We have to comply with the law
• We have to secure and defend our rights or property
• We have to prevent or investigate wrongdoings in connection to the webservice
• We have to ensure security of our users or public safety
• We have to protect against legal liability

Security of personal data

Security of user’s personal data is very important for us. However, we cannot ensure that all transfers across the World Wide Web will be 100% secure. We will use all tools accessible to ensure the maximum possible security for the user’s personal data. We still, however, cannot ensure total security.

User’s data protection rights from General Data Protection Regulation (GDPR)

If the user is a resident of an European Union country, they have certain rights according to the General Data Protection Regulation (GDPR). If the user is not a resident of an EU country, we will treat them the same way and try to provide the same level of rights as for EU citizens, but we cannot guarantee all the rights that are applicable to EU citizens by GDPR.
We are willing to do anything reasonable to enable the user to see, correct, complete or delete their personal data.

A user can order information about their personal data, a claim to change, add or delete some of the data on the addresses that are listed at the end of this Privacy Policy.

A user has following rights under these circumstances:

• A right to access, change or delete the data we store on them
  A user has a right to access, add or delete the personal data that is on their account on the website. If they have any problems and cannot perform those actions, they can turn to us for help. Contacts are listed at the end of this Privacy Policy.
• A right to change.
  A user has a right to change information about the personal data that they sent to us, if the information is incorrect or imperfect.
• A right to objection.
  A user has a right to object to processing of their personal data.
• A right to restriction.
  A user has a right to demand that we restrict the processing of their personal data.
• A right to data portability.
  A user has a right to acquiring a copy of their personal data that we store in a format that is machine-readable and commonly used.
• A right to withdraw consent.
  A user has a right to withdraw their consent, if we relied on their consent to process their personal data.

Before we take action on any of the previously mentioned circumstances to ensure the user’s rights, we may ask you to identify.

In relation to ensure the user’s rights, we will do everything reasonable in our power to grant the user’s wishes. If the user will not be satisfied with the end result, they may file a complaint with the national office of data protection.

Service providers

To ensure the web service, we may include a third party service or offer a third party’s service in our name.

Third party service providers can get access to personal data this way, but only to an extent that is necessarily needed for their service. When providing this service, they are bound to secure and not disclose users’ data. They are also bound to use the personal data of users for no other reason then the one they agreed upon with us.

Analytics

We can use the services of a third party to monitor and analyze the usage of our web service.

Google Analytics

Google Analytics is a Google service that tracks traffic on the website and reports on it. Google uses the collected data to track and monitor the usage of our web service. This data are in shared use with other Google services. Google can use the collected data to prepare and personalize the ads it shows in its advertising network. If the user does not wish to participate in the advertising network option, they can install Google Analytics Opt-out add-on onto their browser. This add-on disables the Google Analytics Javascript (ga.js, analytics.js and dc.js) to share user’s data with Google Analytics:
For more information on Google Privacy Policy, visit https://policies.google.com/privacy .

Payments

The websites enables a payment for bought products or services. In this case, we use a third party service for payment processing.

We do not collect, process or store data about debit cards or other payment tools from our users. This data is forwarded directly to the payment processing providers that are carefully used and verified. Protection of personal data while payment processing is defined by their privacy policies.

Payment processing providers need to meet the standards and rules of PCI-DSS. This is a joint effort of brands like Visa, MasterCard, American Express and Discover that ensures the security of processed data.

Our webservice uses the following third party payment processing providers:

PayPal

Their Privacy Policy is available on https://www.paypal.com/webapps/mpp/ua/privacy-full

Links to other websites

This website may include links to other websites that are not managed by Torles izdelovanje lesenih predmetov Anton Bešter s.p. If the user clicks on a link like this, they may be redirected to a third party website. We advise to always check their Privacy Policy, as it is possible that they deviate from the standards of this website.
We do not have control over the content and the level of privacy on these websites, so we do not take any responsibility about it.

Securing children’s privacy

This website does not contain any content with the target audience of minors.

We do not collect and store minors’ personal data on purpose. If you are a parent or a guardian and your minor sent us their personal data, we kindly ask you to contact us, using the contacts listed below.

If we will discover that we collected and stored data of a minor without th consent of parents or guardians, we will remove them from our servers according to this Privacy Policy.

Changes of the Privacy Policy

We can change this Privacy Policy anytime.

Our users will be informed about the change with a notification on our website.
Furthermore, we will inform users who already consented to the Privacy Policy with an email.

This Privacy Policy is valid since the date noted at the top of this page.

Contact

If you have any questions about this privacy policy, you can contact us via:

• Email [email protected]
• A form on https://torles.com/en/contact/
• The address Torles Anton Bešter s.p., Podrovnik 30, 4201 Zgornja Besnica, Slovenia.