Controller of personal data and contact information
This Policy applies to the processing (use) of any personal data performed by the GlobalPharmacia d.o.o. company (hereinafter: Controller) and on behalf of the Controller.
Details of the Controller:
GlobalPharmacia, trgovina, trženje in storitve, d.o.o.
Poklukarjeva ulica 27, Ljubljana, 1000 Ljubljana
Tax No. SI: 97817384
Registration No.: 8507171000
Telephone: +386 6 971 9709
The personal data we process
- Basic contact information (name, surname, phone number, e-mail address);
- Information on the use of our websites (link clicks, the time spent) and data regarding the replies to our e-mail messages (whether the message has been opened, which links you clicked on);
- Information we need to fulfil the contract and deliver the purchased goods (subject of purchase, price, delivery address, time of delivery, method of payment, date of payment, information on claims and invoices issued, etc.).
Legal basis for processing the personal data
We may process your personal data on the following legal basis:
- To fulfil our legal obligations (e.g. issuing an invoice for the purchased goods);
- If your personal data must be processed to conclude or perform a contract you have signed with us or to provide you with an offer;
- If you have given your consent for your personal data to be processed for a certain purpose, whereby you always have the right to revoke your consent (e.g. for customised information on our offer based on customer profiling);
- If we have a legitimate interest to process your personal data.
Purposes for personal data processing
We may use your personal data for one or more of the following purposes:
- Communicating with you regarding the provision of our services and responding to your requests;
- Conclusion of a contract and fulfilment of obligations under the signed contract;
- Commercial communication (sending e-mails, ordinary mail and SMS messages);
- Marketing communication based on customised or individualised offers and messages, user profiles or group classification, each of them receiving marketing communications with a different content. When profiling, we also monitor the activity of an individual (e.g. the time an individual spends on a certain content, their content of interest and opening e-mail messages) and the frequency and value of the past purchases;
- To enforce any legal claim and resolve disputes;
- To conduct statistical analysis on the sale of our goods and the use of our web pages;
How long we keep your personal data and what happens to it afterwards
We store your basic personal data as long as [please indicate, e.g.: you have a status of our registered user on our web pages, you are subscribed to our newsletters, etc.]. The personal data we process on the basis of your consent are kept permanently or until you revoke the respective consent.
We keep information on the invoices for 10 years from the date of the issue.
The data necessary to conclude or perform a contract signed between us are retained for 10 years after the contract has been completed (delivery of goods).
Upon expiration of the retention period, personal data are effectively deleted or anonymised, meaning that they are processed in a way that they can no longer be associated with or attributed to you.
Voluntary nature of submitting the data and consequences of non-submitting
You submit your personal data on a voluntary basis. You are not obliged to submit your personal data, but in this case you may not be entitled to certain services or be able to conclude a contract with us. The data which cause the foregoing consequences if not submitted will be indicated upon each request to obtain your personal data.
Voluntary nature of submitting data and consequences of non-submitting
You submit your personal data on a voluntary basis. You are not obliged to submit your personal data, but in this case you are not entitled to certain services or cannot conclude a contract with us. The data which cause the foregoing consequences if not submitted will be indicated upon each request to obtain your personal data.Who has the access to your personal data
We do not share your personal data or enable their disclosure to any third party (outside the GlobalPharmacia d.o.o. company), except to those who have signed a contract with us, under which certain tasks related to data processing are performed, and who are obliged to comply with the legislation entailing the processing and protection of personal data (i.e. contractual data processors).
Contractual processors are allowed to process personal data only within the framework of our instructions and must not process personal data for their own purposes. They, and their employees, are committed to protect confidentiality of your personal data. Contractual processors do not transfer personal data to third countries (outside the Member States of the European Economic Area, i.e. EU Member States, Iceland, Norway and Liechtenstein).
What are your rights relating to personal data, when can you revoke your consent for processing, and what are the consequences of your revocation
You have the following rights regarding your personal data:
To request from us at any time to provide:
- Confirmation that we process your personal data;
- Access to your personal data and the following information: purpose of processing; types of personal data; users or categories of users who personal data have been or will be disclosed to, in particular users in third countries or international organisations; foreseen retention period of personal data, or, where this is not possible, the criteria that apply to determine the respective period; existence of automated decision-making, including profiling and its associated reasons and also the importance and envisaged consequences of such processing for us;
- One (free) copy of personal data in a format of your choice (if the requirement is provided through electronic communication means and you do not request otherwise, the copy shall be provided in electronic form); we are entitled to charge a fee, taking into account the costs, for any additional copies you require;
- Correction of incorrect personal data;- Restriction of processing, if:
- a. You contest the accuracy of personal data, namely for the period that allows us to verify the accuracy of personal data;b. The processing is unlawful and you oppose to the deletion of personal data and requests the restriction of their use instead;
- c. We no longer need personal data for the purpose of processing, but you require them to initiate, execute or defend legal claims;
- Deletion of all personal data (right to be forgotten) provided that conditions laid down in Article 17 of the General Data Protection Regulation are met, and in particular when you revoke your consent to the processing of your personal data;- Print-out of personal data in a structured, commonly used and machine-readable form, with the right to pass this information on to another controller without us obstructing you;
- To stop using your personal data for direct marketing purposes, including creating profiles;
- That you are not subject to a decision based solely on automated processing, including the profile creating, if the requirements of Article 22 of the General Data Protection Regulation are fulfilled.- The right to file a complaint against us with the Information Commissioner if you believe that the processing of your personal data violates the General Data Protection Regulation.
Procedure for exercising your rights
- You can address your request regarding the exercise of your rights regarding personal data in writing to any of the contacts listed at the top of this document under Personal Data Controller and Contact Information.
- For the purposes of reliable identification in the event of the exercise of personal data rights, we may require additional information from you, and we can only refuse to take action if we can prove that we cannot reliably identify you.
- We must respond to your request to exercise your rights regarding personal data without undue delay and within one month of receiving your request at the latest.
Davčna številka SI: 97817384
Matična številka: 8507171000