PRIVACY POLICY

This Privacy Policy governs the collection, storage and processing of personal data that I-BIN, research and development, d.o.o. collects from you when you use the websites i-bin.eu, ibin.si and i-bin.si (hereinafter: the website). A user is any legal or natural person who uses or visits the said website (hereinafter: the user). The controller of personal data within the meaning of the EU General Data Protection Regulation and the applicable Slovenian legislation on the protection of personal data is I-BIN, research and development, d.o.o., Vrtojba, Mednarodni prehod 2b, 5290 Šempeter pri Gorici, (hereinafter: the controller).

In addition to the Privacy Policy, we ask you to also familiarize yourself with the Cookies page, which discloses which cookies we collect and for what purposes.

We will use personal data collected on the website only as specified in this Privacy Policy. Below you will find information about how we use your personal information, for what purposes your personal information is used, with whom we share it and what control and information rights you have.

By using the Website, you consent to the collection, use and disclosure of your information (including personal data) in accordance with this Privacy Policy. We receive and/or may ask you to provide your information (including personal data) whenever you interact with us or use the Website. As detailed below, we share your information (including personal data) with third parties as specifically defined below and use it in ways that are consistent with this Privacy Policy. Your information (including personal data) may be used together with other information to provide and improve products, services and content.

SUMMARY OF OUR PROCESSING ACTIVITIES

The following summary provides you with a quick overview of the processing activities carried out on our Website. You can find more detailed information in the sections below.

  • When you visit our website for informational purposes only, only limited personal data will be processed to provide you with the website.
  • If you send us a message using the contact form, further personal data will be processed as part of such services: the name of the contact person and the email address.
  • Your personal data will only be used for the purposes of your inquiry, message or question.
  • Your personal data may be disclosed to third parties located outside your country of residence, where different data protection standards may potentially apply.
  • We have implemented appropriate safeguards to protect your personal data, which we only keep for as long as necessary.
  • In accordance with the legislation applicable to you, you may be entitled to exercise certain rights in relation to the processing of your personal data.

 

DEFINITIONS

Personal data: means any information relating to an identified or identifiable natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Processing: means any operation or set of operations which is performed upon personal data or upon sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

INFORMATIONAL USE OF THE WEBSITE

If you visit our website for informational purposes, i.e. without providing personal data in any form, we may automatically collect information about you, which will contain personal data only in limited cases and will be automatically recognized by our server, such as:

  • the website from which you were directed to our website;
  • the date and time of your requests;
  • the type of device, screen resolution and browser version;
  • your internet service provider;
  • information about your operating system, including language settings;
  • information about the offers you have visited on our website.

We use this information only to help us provide efficient services (e.g. to adapt our website to the needs of your device) and to compile broad demographic data for anonymous aggregate use.

The personal data we automatically collect is necessary to provide the website and for our legitimate interest in ensuring the stability and security of the website.

Personal data collected automatically is immediately anonymized and all personally identifiable information is appropriately deleted.

COOKIES

We use cookies on our website to analyze the use of our website internally, in order to provide you with the most attractive website possible. For more information about cookies and related technologies, please visit our Cookies page.

WEB ANALYTICS

We use web analytics services to collect information about the use of this website for statistical analysis.

General Tracking Information

Web analytics tools collect information such as:

  • device and browser information (operating system information, mobile device identifier, mobile operating system, etc.);

o IP address;

o website access; URL clickstream (chronological order of our website pages that you have visited);

o geographical location;

o time of visit;

o referring website, application or service from which you were directed to our website.

We only use the information we receive from web analytics tool providers to determine the most useful information you are looking for and to improve and optimize the website. We do not combine the data collected by such tools with personal data.

Depending on the provider of the web analytics tools, the data obtained about your use of the website may be transferred and processed in third countries, e.g. in the United States of America. For further information on the potential risks of cross-border data transfers, please see the section “Cross-border data transfers” of this Privacy Policy. The tools in question only collect the IP address assigned to you on the date of your visit to our website, but not your name or other identifying data. The providers of such tools will use this data to evaluate your use of the website, to compile reports on website activity and to provide other services related to website use.

The legal basis for such data processing is our legitimate interest in analyzing traffic on our website and in improving the user experience and optimizing the website in general.

DATA EXCHANGE

Your personal data will only be disclosed to third parties to the extent necessary for the fulfillment of our contractual relationship. The legal basis for the transfer of your personal data is Article 6(1)(b) and (f) of the EU General Data Protection Regulation and represents our legitimate interest in the implementation of our general terms and conditions or other contracts concluded with you.

For the purpose of describing our services and for other legitimate purposes, we may disclose anonymous aggregated statistical data about website users to potential partners, advertisers and other reputable third parties, but such data will not contain any personal data.

We may disclose your personal data to our contractors who assist us in providing the services we offer via the website. Such a transfer will always be based on a personal data processing agreement, as a result of which our contractors will use your personal data only to the extent necessary to perform their functions and will be contractually obliged to process your personal data only on our behalf and in accordance with our requirements.

CROSS-BORDER DATA TRANSFER

As part of the data exchange activities described above, your personal data may be transferred to other countries (including countries outside the European Economic Area (EEA)) that may have different data protection standards than the country in which you reside. Please note that data processed in a foreign country may be subject to foreign laws and may be accessible to foreign governments, courts, law enforcement authorities and regulatory agencies. Notwithstanding the above, we will endeavour to take reasonable steps to maintain an adequate level of data protection when sharing your personal data with such countries.

In the event of a transfer outside the EEA, such transfer is protected by either the Privacy Shield or the EU Model Contractual Clauses. For further information on these safeguards, please contact us at info@i-bin.si.

SECURITY

We have implemented reasonable state-of-the-art security measures under our control to protect against the loss, misuse and alteration of personal data. For example, our security and privacy policies are regularly reviewed and improved as necessary, and only authorized personnel have access to personal information. While we cannot guarantee or warrant that loss, misuse, or alteration of information will never occur, we use all reasonable efforts to prevent it.

You should note that the transmission of information over the Internet is never completely secure. We cannot guarantee the security of any information you transmit through our website, even though it is in transit over the Internet, and any transmission is at your own risk.

DATA STORAGE

We strive to keep our processing activities with respect to your personal data as limited as possible. If no retention periods are specified in this Privacy Policy, your personal data will be stored only for as long as we need them to fulfill the purpose for which we collected them and, if necessary, for as long as legally required data retention periods require.

INDIVIDUAL RIGHTS REGARDING DATA PROCESSING

If you have any questions regarding our Privacy Policy or the processing of your personal data, you can contact us without hesitation. Write to us at info@i-bin.si. We will inform you based on your request – in writing and in accordance with applicable law.

In accordance with the provisions of the EU General Data Protection Regulation, you have the following rights as an individual:

Right to withdraw consent: If you as an individual have consented to the processing of your personal data (for one or more specific purposes), you have the right to withdraw this consent at any time, without affecting the lawfulness of the data processing carried out on the basis of the consent until its withdrawal. Consent can be withdrawn by a written statement sent to the controller to one of the contacts listed on the website. Withdrawal of consent to the processing of personal data does not have any negative consequences or sanctions for the individual. However, it is possible that the controller may no longer be able to provide the individual with one or more of its services after withdrawal of consent to the processing of personal data, if these are services that cannot be provided without personal data.

Right of access to personal data: As an individual, you have the right to obtain from the provider (personal data controller) confirmation as to whether personal data concerning you are being processed and, where this is the case, access to personal data and certain information (on the purposes of the processing, on the types of personal data, on the users, on the retention periods or criteria for determining the periods, on the existence of the right to rectification or erasure of data, the right to restriction and objection to processing and the right to lodge a complaint with a supervisory authority, on the source of the data if the data were not collected from you, on the existence of automated decision-making, including profiling, the reasons for it and the significance and consequences of such processing for you, and other information in accordance with Article 15 of the EU General Data Protection Regulation.

Right to rectification of personal data: As an individual, you have the right to obtain from the provider without undue delay the rectification of inaccurate personal data concerning you. As an individual, you have the right, taking into account the purposes of the processing, to have incomplete data completed, including by providing a supplementary statement.

Right to erasure of personal data (“right to be forgotten”): As an individual, you have the right to obtain from the provider without undue delay the erasure of personal data concerning you, and the provider must erase the data without undue delay where one of the following reasons exists:

  • the data is no longer necessary for the purposes for which it was collected or otherwise processed;
  • you withdraw your consent and there is no other legal basis for the processing;
  • you object to the processing and there are no overriding legitimate grounds for the processing;
  • the data have been processed unlawfully;
  • the data must be erased for compliance with a legal obligation under EU law or the law of a Member State to which the provider is subject;
  • the data have been collected in connection with the provision of information society services.

However, as an individual, you do not have the right to erasure of data in certain cases described in Article 17(3) of the EU General Data Protection Regulation.

Right to restriction of processing: As an individual, you have the right to obtain from the provider restriction of processing where one of the following applies:

  • you contest the accuracy of the data for a period enabling the provider to verify the accuracy of the data;
  • the processing is unlawful and you oppose the erasure of the data and request the restriction of its use instead;
  • the provider no longer needs the data for the purposes of the processing, but you require them for the establishment, exercise or defence of legal claims;
  • you have lodged an objection to the processing, pending verification of whether the legitimate grounds of the provider override your grounds.

 

Right to data portability: As an individual, you have the right to receive the personal data concerning you, which you have provided to the provider, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the provider to whom the personal data were provided, where:

  • the processing is based on consent or a contract and
  • the processing is carried out by automated means.

As an individual, you have the right to have your personal data transferred directly from one controller (provider) to another, where technically feasible.

Right to object to processing: As an individual, you have the right, on grounds relating to your particular situation, to object at any time to processing of personal data which is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the provider (point (e) of Article 6 (1) of the EU General Data Protection Regulation) or which is necessary for the legitimate interests pursued by the provider or a third party (point (f) of Article 6 (1) of the EU General Data Protection Regulation), including profiling based on such processing. The provider shall cease processing the personal data unless it demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims. Where personal data are processed for marketing purposes, the individual has the right to object at any time to processing of data concerning him or her for such marketing purposes, including profiling to the extent that it is related to such direct marketing. Where the individual objects to processing for direct marketing purposes, the data shall no longer be processed for those purposes.

Where the data are processed for scientific or historical research purposes or statistical purposes, the individual shall have the right, on grounds relating to his or her particular situation, to object to processing of data concerning him or her, unless the processing is necessary for the performance of a task carried out for reasons of public interest.

Right to lodge a complaint with a supervisory authority: Without prejudice to any other (administrative or other) legal remedy, you as an individual have the right to lodge a complaint with a supervisory authority, in particular in the country of your habitual residence, place of work or alleged infringement (in Slovenia this is the Information Commissioner), if you consider that the processing of personal data concerning you infringes the provisions on the protection of personal data.

Without prejudice to any other (administrative or extrajudicial) remedy, you as an individual have the right to an effective remedy against a legally binding decision of the supervisory authority in relation to it, as well as in the event that the supervisory authority does not handle your complaint or does not inform you of the status of the case or the decision on the complaint within three months. The courts of the Member State in which the supervisory authority is established shall have jurisdiction over proceedings against the supervisory authority.

An individual may address all requests relating to the exercise of rights in relation to personal data in writing to the controller, namely to one of the contacts listed on the websites I-bin.eu, ibin.si and i-bin.si.

For the purposes of reliable identification in the event of exercising rights in relation to personal data, the provider may request additional information from the individual, and may refuse to take action only if it proves that it cannot reliably identify the individual.

The provider must respond to the request of an individual exercising his or her rights in relation to personal data without undue delay and at the latest within one month of receiving the request.

Right to lodge a complaint with a supervisory authority Without prejudice to any other administrative or legal remedy, you, as a data subject, have the right to lodge a complaint with a supervisory authority, in particular in the Member State in which you have your habitual residence, your place of work or the alleged infringement, if you consider that the processing of personal data concerning you infringes the EU General Data Protection Regulation. The supervisory authority with which the complaint is lodged will inform you, as the complainant, of the status of the case and the decision on the complaint, including the possibility of a legal remedy under Article 78 of the EU General Data Protection Regulation. As an individual to whom personal data is related, you have the right to file a complaint to the following address: Republic of Slovenia, Information Commissioner, Dunajska cesta 22, 1000 Ljubljana, telephone: 01 230 97 30, e-mail address: gp.ip@ip-rs.si.

CONTACT INFORMATION

Please send any questions, concerns or comments about this Privacy Policy or any requests regarding your personal data by e-mail to info@i-bin.si. The data you provide when contacting us will be processed to handle your request and will be deleted once your request has been fulfilled. However, we may limit the processing of the relevant information in accordance with the statutory retention periods.

AMENDMENTS TO THE PRIVACY POLICY

The Controller reserves the right to adjust the Privacy Policy from time to time to actual circumstances and legislation in the field of personal data protection, if necessary. For this reason, we ask you to check the current version before each submission of personal data in order to be aware of any changes and amendments. We will also inform you in advance of any changes that significantly affect the processing of your personal data in an appropriate manner (e.g. by notice on our website, by e-mail). The date of the latest Privacy Policy is recorded in the document.

________________

Vrtojba, April 2025