Heba d.o.o.’s personal data protection statement.

HEBA d.o.o. respects your right to privacy and strives for the highest level of protection of your personal data. Therefore, in providing our services through this website, we are obliged to act by the laws and regulations defining the protection of personal data, especially by the current Personal Data Protection Act, Electronic Communications Act, and the EU General Data Protection Regulation. This privacy statement aims to inform you of the purposes for which your personal information will be obtained, how it will be used, what your rights are about the information we hold about you, and how to exercise these rights.

We are committed to carefully protecting your personal information obtained through the e-newsletter subscription form, namely:

  • We will use your e-mail address to send our e-newsletters and information on current calls and tenders.
  • We will use your e-mail address to send e-news and information on current tenders unless you unsubscribe.
  • We will not pass on your e-mail address to third parties, except to contractual partners, if this is necessary for the distribution of e-news.

You can request the following at any time:

  • Unsubscribing by clicking on the link in the received email. Upon deregistration, we will temporarily move your e-mail address to the deregistered user register, where we will keep it for a maximum of 6 months to prevent errors and unintentional logins, and then delete it permanently.
  • You can request the correction of your personal data by sending a written request to info@7samurai.eu.
  • Arrange the permanent deletion of personal data we hold about you by sending a written request to info@7samurai.eu.
  • Arrange the export and access to personal data we hold about you by sending a written request to info@7samurai.eu.

We store your email address in the Mailchimp email service of The Rocket Science Group LLC. The Rocket Science Group LLC complies with the requirements of the EU-US Privacy Shield and strives for maximum security of stored data through a variety of physical, technical, and organizational measures, such as encrypting Internet links, preventing unauthorized access, using secure passwords, and preventing intrusions.

Mailchimp monitors the delivery of sent emails by collecting data on open messages, clicks on links, email clients and browsers, approximate location, IP address, logins, and logouts, and failed email delivery. This information is kept for a maximum of 6 months from the time you unsubscribe from receiving emails.

Data administration

The administrator of your personal data is HEBA d.o.o., Ulica Petra Podleska 12, 2000 Maribor, Slovenia.

Categories of personal data and the purpose of data processing

Website visitor

Every time you visit the website of HEBA d.o.o., the log file of the web server is automatically stored on the web server (e.g., IP number – a number that identifies an individual computer or other devices on the web; browser version, time of visit). We process this information in order to obtain statistics on visits to our website. More information about this can be found via the link About cookies at the bottom of the website.

HEBA d.o.o. does not process the data collected in this way separately and does not link it to other data.

As a visitor of our website, you can also subscribe to receive notifications and information about our services.

This information is processed with your consent, and you may revoke your consent to receive messages at any time. For more information about your direct marketing rights, see “Your rights”.

We use Google Analytics for the needs of house analytics. The data we provide is anonymized so that the operator of the analytical tool cannot identify the person to whom the data relates.

On our website, you can also subscribe to receive notifications and information about our services. Additional information about your rights is available under “Your rights”. All personal information you provide to us will be treated confidentially and will only be used for the purposes for which it was provided. If there is a need to further process your data for another purpose, we will ask for your consent in advance.

Data users

All data collected based on the above legal basis will be used in accordance with the purpose for which it was collected and will not be passed on to third parties without your consent.

Within the framework of legal competencies, your personal data is disclosed to the following data users:

  • postal service providers, shipping service providers, file and data destruction service providers;
  • postal service providers, shipping service providers, file and data destruction service providers;
  • administrator and webmaster of the website.

With your consent, the administrator also passes the collected personal data to its contractual processors, who process this data exclusively within the framework of the administrator’s instructions and authorizations and who are obliged to ensure an adequate level of personal data protection by a written contract with the administrator.

Retention period

We only store your data for as long as it is necessary to fulfil the purpose for which the individual data was collected and used, namely:

  • web server log files are stored for 12 months;
  • based on a signed contract, all data related to business cooperation (contracts, etc.) are kept for 5 years after its conclusion or, in some cases (e.g., accounting or tax data) for 10 years, where the retention period is specified as such. During this time, data processing is limited;
  • your contact information for direct marketing purposes is processed until your cancellation.

How to protect your data

The administrator will protect the obtained data in accordance with the applicable legislation on personal data protection and in accordance with internal acts. He or she will provide adequate organizational and technical protection. Under no circumstances will the administrator pass on or disclose the obtained data to third parties.

After the cessation of the need for data management, i.e., after fulfilling the purpose for which the data was obtained, the data is permanently destroyed or deleted.

Your rights

The data subject may at any time request that HEBA d.o.o.:

  • confirm whether or not data relating to the data subject is being processed;
  • provide access to personal data (i.e., for perusal or copying);
  • provide information regarding the processing of this data (e.g. on the purpose of processing, type of personal data, users to whom personal data has been or will be provided, expected data retention period, technical and organizational measures for data protection, etc.);
  • enable the correction of inaccurate personal data concerning the data subject and enable the data subject to supplement incomplete personal data;
  • enable the right to have personal data deleted (i.e., the right to be forgotten);
  • enable the right to limit processing;
  • enable the right to object to the processing of data if it is based on the legitimate interest of the administrator, including profiling;
  • enable the right to data portability and provide the data subject with data in a commonly used and machine-readable form;
  • enable the right to revoke consent where personal data is processed based on consent, whereby the revocation of consent does not affect the lawfulness of the processing of data carried out before its revocation;
  • provide additional information on the data subject’s right to appeal to a competent supervisory authority.

At the request of the data subject, HEBA d.o.o. will, in accordance with applicable law, provide him or her with other information regarding the subject’s personal data that the company processes.

HEBA d.o.o. vows to respond to the requests of the data subject without undue delay, and no later than within the legally prescribed deadlines.

Data Administrator Contact Information

We will answer questions about the confidentiality of your data, how data is collected and processed, or your requests to exercise rights about your data via the following contact information:

Contact person: Boštjan Jerman

Telephone number: +386 40 569 001

Email: info@7samurai.eu

Final Provisions

We reserve the right to adapt the Privacy Policy, if necessary, to the actual situation and legislation in the field of personal data protection. For this reason, we ask you to check the current version before each transfer of personal data to be informed of any changes and additions.

Maribor, June 16, 7. 2022