When you visit this website nutricosmetics2030.com (”Website”) we take your privacy seriously. This Privacy Policy and Cookie Policy (‘’Policy’’) explains who we are, how we collect, process, use and store your personal data in accordance with legislation of Republic of Slovenia and Regulation (EU) 2016/679 (General Data Protection Regulation-GDPR).

We process personal data only for the purposes for which it was collected and in accordance with this Policy. We take reasonable steps to ensure that the personal data we process is accurate, complete and current, but we depend on you to update or correct your personal data when necessary.

PERSONAL DATA CONTROLLER

Controller of personal data is TOSLA d.o.o., Tovarniška cesta 6e, 5270 Ajdovščina, Slovenia, VAT nr.:
12355992,  registration nr.: 6596886000 (‘’controller’’, ‘’we’’ or ‘’us’’). We do not have Data Protection Officer as we do not process personal data to such an extent that this obligation should be fulfilled, but you can always contact us by e-mail dataprotection@tosla.si.

When do we collect your personal data, what type of data we collect, on what lawful basis we process data

This Website is designed for informative purpose and is not designed to collect any data from you without your knowledge, but we have to ensure that this Website is secured. We process non-personal data when you visit and use our Website. Some of that data is considered as personal data (such as IP address) but mostly that data alone, cannot be used to identify or contact you. We want to continuously improve our Website and your experience, so the information of your use of our Website is very important for us. For that purpose we use cookies and other tracking technologies to automatically collect and analyze data we collect.

When you visit and use our Website, your browser automatically sends data to our server and temporary saves it. The data we collect may include:

Legal basis for personal data processing: personal consent which you can withdraw at any time (Article 6 (1) (a) of GDPR) and our legitimate interests (Article 6 (1) (f) of GDPR) for the purpose of securing, improving and optimizing our Website.

When you send us an e-mail you may provide us with your personal data. We will use your personal data that you provide to us for the purpose of answering your inquiry and to make further contact with you about your regard. The data we collect may include:

Legal basis for personal data processing: your consent (Article 6 (1) (a) of GDPR), our legitimate interests (Article 6 (1) (f) of GDPR), or performance of contract or in order to take steps at the request of the data subject prior to entering into a contract (Article 6 (1) (b) of GDPR).

We do not collect or process other personal data through this Website.

WITH WHOM DO WE SHARE YOUR PERSONAL DATA WITH?

We are not in the business of selling your personal data.  We do share personal data with third parties, which may be processors of your personal data only as set forth in this Policy. We share it with carefully selected business partners that we either control or are our external contractors and that are either subjects to this Policy or that follow practices that are at least as restrictive as those described in this  Policy or we have a data processing contract in accordance with GDPR requirements. We may share it with:

THIRD COUNTRIES

We do not transmit your personal data to third countries, but we use Google Analytics who may forward the collected data to a different country. Please note that Google Analytics might transfer the data outside of the EU/EEA and to a country without the required data protection standards.

CHILDREN DATA

We are committed to protecting the online privacy of children and making the internet safe. Any communication we get that is identified as being from a child under 15 will not be kept by us. We encourage parents or guardians of children under 15 to regularly check and monitor their children’s use of email and other activities online.

AUTOMATED DECISION MAKING AND PROFILING

We do not process personal data for automated decision making and profiling.

HOW DO WE KEEP YOUR PERSONAL DATA SECURE?

We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. These include internal reviews of data collection, storage and processing practices and security measures, as well as physical security measures to guard against unauthorized access to systems where we store personal data. We restrict access to personal data to our employees, service providers and agents who need to know such information in order to operate, develop or improve our services. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations. We use secure socket layer (“SSL”) technology to encrypt and protect the security of your personal data. Therefore, while we strive to protect your personal data, we cannot guarantee its absolute security. We are not responsible for the functionality, privacy or security measures of any other organization.

DATA RETENTION

We store your personal data for as long as is needed for its purpose. We may store anonymized information longer, but only in a way that it cannot be tracked back to you. We store personal data in accordance with applicable law. Retention for personal data may vary depending on the applicable sectoral legislation (eg. tax, accounting legislation). In the case where the applicable sectoral legislation establishes mandatory duration for retention of personal data, we will delete if after the expiration of that mandatory duration. When personal data is no longer needed, we shall delete it using reasonable measures to protect the personal data from unauthorized access or use.

YOUR RIGHTS AS THE DATA SUBJECT

In relation to your personal data that we process, you have the right:

For all stated rights, you may, at any time, contact us

We shall promptly ensure that the request is complied with immediately, but no later than in one (1) month. You will receive requested personal data in a structured, machine-readable and generally applicable way. First copy of your personal data in electronic or hard is free of charge, each additional copy we may charge a fee to cover cost of preparing the copy.

COOKIES AND TRACKING TECHNOLOGY

Cookies are small text files placed on your hard drive. We use cookies or similar technologies (Google Analytics etc.) to personalize your online experience and improve our Website to you. For example, cookies will remember and process the items in your shopping cart on our Website. You can modify your browser settings to control whether your computer accepts or declines cookies. If you choose to decline cookies, you may not be able to use certain interactive features of our Website. Note that you can always go back and delete cookies from your browser; however, that means that any settings or preferences controlled by those cookies will also be deleted and you may need to recreate them. The law states that we can store cookies on your device if they are strictly necessary for the operation of the Website. For all other types of cookies (unnecessary cookies; e.g. analytics cookies), we need your prior informed consent.

Click on the button below, to see the list of cookies that we use. We have listed them so that you can choose if you want to opt-out of cookies or not.

SEE AND MANAGE COOKIES

The cookie dialogue will open at the bottom of the screen. Click SHOW DETAILS to see the list of cookies.

GOOGLE ANALYTICS

On our Website, we have the component of Google Analytics. Google Analytics is a web analytics service. Web analytics is the collection, gathering, and analysis of data about the behavior of visitors to websites. A web analysis service collects, inter alia, data about the website from which a person has come (the so-called referrer), which sub-pages were visited, or how often and for what duration a sub-page was viewed. Web analytics are mainly used for the optimization of a website and in order to carry out a cost-benefit analysis of Internet advertising. The data processing is based on a data processing agreement with Google. You can read more about Google Analytics privacy policy here.

More about Google Analytics: The operator of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States.

MORE ABOUT COOKIES

More information about cookies, including instructions on how to manage cookies in the browser you use, is available at the following links:

If you do not accept our cookies completely, there is a possibility that some parts of our Website will not work properly, or you may need to manually adjust your desired settings each time you visit our Website.

LINKS TO OTHER WEBSITES

Our Website may contain links to third websites. These websites have their own privacy policies, which you should familiarize yourself with, as we do not assume any responsibility for them.

UPDATES TO THIS POLICY

We may amend this Policy from time to time. Use of personal data we collect now is subject to the Policy in effect at the time such personal data is used. If we make changes in the way we collect or use personal data, we will notify you by posting new Policy on Website. You are bound by the changes to the Policy when you use our Website after such changes have been first posted. This Policy was last updated on 1.6.2021.