BeeIN, d. o. o., Kranj, Ljubljanska cesta 24a, 4000 Kranj (hereinafter: “BeeIN” or “controller”), is dedicated to responsibly handling the personal data of our clients, potential clients, BeeIN website visitors and any natural persons who reveal their personal information when contacting us (hereinafter: “users”), so we are implementing this Personal Data Protection Policy (hereinafter: “Policy”) to inform our users in a transparent, easy to understand way using plain language about the purpose, the legal ground for the processing of their personal data and their rights regarding the processing, as they are afforded to them under the Personal Data Protection Act (ZVOP-1, Official Gazette of the Republic of Slovenia no. 94/2007) and the Regulation (EU) 2016/679 of the European Parliament and Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter: “General Data Protection Regulation”).
Terms, such as “controller”, “processing”, “restriction of processing”, “processor”, “profiling”, “pseudonymisation”, “third party” and “company”, used in this Policy have the meaning as stipulated in the General Data Protection Regulation.In accordance with the General Data Protection Regulation, the Policy covers the following areas:
- Contact details of the controller and of the data protection officer,
- Purposes and legal basis for processing various types of users’ personal data, including profiling the users’ personal data,
- Recipients of the personal data, contractual data processing and the transfer of personal data to third countries,
- Storage period for different categories of personal data,
- Security of the personal data,
- Users’ rights regarding the processing of their personal data,
- Procedure to exercise users’ rights regarding personal data processing,
- The right to submit a complaint about personal data processing.
2. Contact details of the controller and of the data protection officer
The controller of the users’ personal data is BeeIN, d. o. o., Kranj, Ljubljanska cesta 24a, 4000 Kranj.
3. Personal data
Personal data constitutes any information that identifies you as an identified or identifiable natural person. The user is identifiable when they can be directly or indirectly determined, especially using an identifier, such as the name, identification number, location data, an online identifier or by stating one or more factors specific to the user’s physical, physiological, genetic, mental, economic, cultural or social identity. In accordance with the purposes stated in the following chapters of the Policy, the controller collects the following personal data:
- Basic information on the user (full name, title, occupation and other information about the employer),
- Contact information and information about the user’s communication with the controller (e-mail, telephone number, date, time and contents of the postal or e-mail communication, date, time and duration of phone calls),
- Data about attendance at events organised by BeeIN (information on the event you attended, date and place of the event),
- Channel and campaign – manner of gaining the user’s consent or the source through which the user came into contact with the controller (website and advertising campaign or promotion),
- Data on the user’s use of the controller’s website (dates and hours of visits to the site, visited pages or URLs, duration of time spent on a website, number of visited pages, total time spent on the website, performed settings on the webpage) and usage data on received messages (e-mail, SMS) from the controller,
- Data from voluntarily filled in forms on the controller’s website, e.g. for prize contests,
- Other data the user voluntarily submits to the controller when requesting certain services that demand such data.
The controller does not collect or process the user’s personal data without their expressed consent, i.e. when ordering products or services, subscribing to e-newsletters, participating in a prize contest etc., when there is a legal basis for the collection of the personal data, the processing is necessary to execute contractual obligations or when the processing is necessary for legitimate interested pursued by the controller (hereinafter: “legitimate interest”).
4. Basis for processing and purpose of processing
BeeIN will process your personal data for one of the purposes listed below based on the following legal basis:
- Your consent or agreement,
- For compliance with the legal obligations of the controller,
- Legitimate interest,For compliance with the contractual obligation of the controller
BeeIN will process your personal data solely for the purposes, for which they were collected and will not process them for purposes that are not compatible with the purposes, for which they were collected. BeeIN collects only that personal data from the user that is vital for achieving a set purpose.
Processing based on consent or agreement
Based on your written consent, BeeIN will process your personal data for the following purposes:
- Sending e-mails for the purpose of informing about new whitepapers and case studies, additions to BeeIN portfolio, and invitations to industry events BeeIN is attending,
- for monitoring the user’s reading of sent e-mails, including which e-mail you opened or did not open, which links you clicked (which contents you read), how long you were reading them or surveyed certain contents,
- for segmenting users based on the factors from the previous paragraph and for further sending adapted (individualised) e-mails, which means different users can receive e-mails with different contents for the purpose of a better (more relevant) informing and achieving a higher level of response to the received e-mails,
- for the purposes of analysing the user’s pattern-of-life on the website: from where the user came to the website (source of the traffic), for monitoring their activities on the website, which websites they visited, which contents they downloaded or viewed,
- for segmenting users based on the facts from the previous paragraph and further sending adapted (individualised) messages through multichannel communication, which means different users can receive messages with different contents for the purpose of a better (more relevant) informing of individuals and reaching a higher level of user enthusiasm,
- for all other purposes for which you expressly agree in cooperating with the controller.
Any time you give consent for the processing of your personal data, the consent can be withdrawn at email@example.com.
Processing is necessary for completing BeeIN’s legal obligations
Your personal data is also processed when required of us by the law. One example of such processing is processing your personal data for the purposes of judicial or administrative processes.
Processing based on legitimate interest for which BeeIN strives
The controller can also process data based on legitimate interest, except when this interest is overruled by interests or basic rights and freedoms of the user to whom the personal data requiring data protection applies. In the case of using legitimate interest, the controller’s judgement always complies with the General Data Protection Regulation.
In certain cases, BeeIN can, for further processing of your personal data based on legitimate interest that was collected based on one of the aforementioned legal basis (consent, contract), implement certain safeguards for the protection of your personal data, such as pseudonymisation, encryption, processing in an aggregated form and/or deleting certain categories of personal data.
BeeIN will process your personal data based on a legitimate interest for the following purposes:
- marketing, business and other technical analyses, such as analysing and determining which organisations the event attendees are coming from and what functions they perform in these organisations, for keeping records of how many and which events a user attended, for keeping records of awarded receipts, certificates and licences of event attendees.
- Preventing fraud, ensuring safety, submitting claims or defence of legal claims in court proceeding or administrative procedures. This allows the controller to process your personal data in cases of suspicion of fraud in an appropriate and proportional scope for the purpose of identifying and stopping potential fraud and deceit and can, if appropriate, forward the data to the police, the Prosecutor’s Office or other competent authority.
- Direct marketing, including creating user profiles, based on legally acquired personal data. The stated processing can be objected to in accordance with the chapter Right to Object in this Policy.
Processing to fulfil contractual obligations of BeeIN
In certain cases, processing personal data is vital for the execution of the controller’s contractual obligations. If the user does not provide the necessary personal data, the controller is unable to finalise a contract with the user or perform services.
The controller will process your personal data to perform contractual obligations for the following purposes:
- Business Cooperation Agreement,
- Carrying out activities stated in the cooperation agreement (consulting, preparing marketing and sales strategies, implementing marketing and sales campaigns, process informatisation),
- Communicating with contracting parties and other contact persons for the purposes of executing an activity stated in the cooperation agreement,
- To sign up a user to an event organised by BeeIN, including for awarding certificates, receipts and licences to event attendees.
5. Recipients of personal data, contractual data processing and transfer of personal data to third countries (countries that are not members of the European Union or the European Economic Area)
Your personal data can be accessed solely by BeeIN employees and authorised processers of personal data.
BeeIN will never forward your personal data to unauthorised third persons.
By using BeeIN websites and other services, you agree that BeeIN may entrust individual tasks about your personal data to the processers listed below. The listed processers can process your personal data exclusively in the name and in accordance with BeeIN’s written instructions, within the limits of the authorisation, as stated in the agreement between BeeIN and the processor, and in accordance with the purposes as stated in the Policy. The processors of your personal data may under no circumstances use your personal data to pursue any kind of personal interest.
6. Personal data storage period
The controller will not process personal data longer than necessary to achieve the purposes for which the personal data was collected and further processed.
The personal data processed by BeeIN is processed in compliance with the agreement and is stored by BeeIN for the period that is necessary to complete the contract and for 5 years after its completion, except in cases when a disagreement arises about the contract between you and the controller. In that case, BeeIN keeps that data for 5 years after the finalised court judgements or arbitration decisions or settlement, or in the case of no litigation, for 5 years after the dispute has been resolved peacefully.
The personal data processed by BeeIN based on the law is stored by BeeIN for the legally determined duration of time.
The personal data processed by the controller based on your personal consent or legitimate interest are kept by BeeIN permanently until you withdraw your consent or submit a request that the processing be terminated. BeeIN will delete such data before they are withdrawn only if the purpose of the processing of the personal data has been achieved or if it is determined by the law.
After the storage duration period has elapsed, BeeIN will effectively and permanently delete or anonymise your personal data so that it can no longer be traced back to you.
7. Personal data protection
BeeIN is dedicated to protecting your personal data. They prevent any unauthorised access to it, their use and their revelation with the following measures:
- The data is protected with the workspace, equipment and system software, including input-output units,
- The data is protected by application software that is used for processing personal data,
- BeeIN prevents unauthorised access to personal data during their transfer, including forwarding using telecommunication means and networks,
- BeeIN enables an effective way of blocking, destroying, deleting or anonymising personal data after the purpose, for which they were collected, ceases,
- BeeIN enables later detection of when individual data that had been entered into the personal data database were used, forwarded or otherwise processed and by whom.
Unauthorised access to personal data, their use and revelation is prevented by BeeIN with the following safety technologies and procedures:
- Controlling physical access,
- Locking rooms, closets, computers,
- Storing carriers of personal data in secured rooms,
- Preventing office maintenance workers, clients and other visitors of the controller’s offices from having any consultation with the personal data,
- Preventing password use to persons who have not been directly assigned to the stated purpose,
- Limiting data transfer by the employees,
- Controlling the number of copies and data transfer,
- Limiting, documenting and securing the transfer of the data through telecommunication networks,
- Preventing insight into the data to persons whose employment contract has been terminated,
- Strictly separating their data from the data of any other possible controllers.
8. Users’ rights in personal data protection
In accordance with the General Data Protection Regulation, BeeIN guarantees you the following rights relating to personal data protection, which are further elaborated in the following chapters of the Policy:
- Right of access to the data,
- Right to rectification,
- Right to erasure (“right to be forgotten”),
- Right to restriction of processing,
- Right to data portability,
- Right to object.
Right of access to the data
You have the right to obtain confirmation from BeeIN as to whether or not they are processing your personal data, and, where that is the case, you have the right to access your personal data and the following information about personal data processing:
- the purposes of the processing,
- the categories of personal data,
- the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations,
- where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period,
- the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the user or to object to such processing,
- the right to lodge a complaint with a supervisory authority,
- where the personal data are not collected from the user, any available information as to their source,
- the existence of automated decision-making, including profiling, and meaningful information about the reasons for it, as well as the significance and the envisaged consequences of such processing for the user.
Based on your request, BeeIN will provide you with a free copy of your personal data undergoing processing. For any further copies you request, BeeIN will charge a reasonable fee based on administrative costs.
Right to rectification
You have the right to obtain from BeeIN without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
Right to erasure (“right to be forgotten”)
You have the right to obtain from BeeIN the erasure of personal data concerning you without undue delay and BeeIN shall have the obligation to erase your personal data without undue delay where one of the following grounds applies:
- the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed,
- you withdraw consent on which the processing is based, and where there is no other legal ground for the processing,
- you object to the processing pursuant the controller’s legitimate interest and there are no overriding legitimate grounds for the processing,
- you object to the processing for the purposes of direct marketing,
- the personal data have to be erased for compliance with a legal obligation in accordance with EU or Slovenian State law.
Where BeeIN has acted in accordance with the Policy and has made your personal data public, BeeIN shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that the user has requested the erasure of any links to, or copy or replication of those personal data.
Right to restriction of processing
You have the right to obtain from BeeIN the restriction of processing of your personal data where one of the following applies:
- you contest the accuracy of the personal data, for a period enabling the controller to verify the accuracy of your personal data,
- the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead,
- when BeeIN no longer needs the personal data for the purposes of the processing, but you required them for the establishment, exercise or defence of legal claims,
- you have objected to processing, pending the verification whether the legitimate grounds of the controller override yours.
Right to data portability
You have the right to receive personal data concerning you, provided by BeeIN, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from BeeIN to which the personal data have been provided, when:
- the processing is based on consent or agreement and
- the processing is carried out by automated means.
Right to object
On grounds relating to your particular situation, you have the right to object, at any time to processing of your personal data, if your objection is based on legitimate interests pursued by BeeIN or a third party. BeeIN shall no longer process the personal data unless they demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims. Where personal data are processed for direct marketing purposes, you have the right to object at any time to processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing. If the direct marketing is based on consent, the right to object can also be achieved by withdrawing the personal consent.
9. Procedure to exercise rights
All the aforementioned claims on exercising rights regarding your personal data can be addressed in written form at the e-mail address firstname.lastname@example.org or by post to the address BeeIN, d. o. o., Kranj, Ljubljanska cesta 24a, Kranj.
If you submit your claim, in accordance with the previous paragraph, using electronic means, the information, where possible, will be provided to you in electronic means, unless you request otherwise.
The controller can, for the purposes of reliable identification in cases of claiming rights on personal data, request additional information from you that is necessary to confirm your identity, and may decline acting in accordance with this chapter only in the event that they cannot reliably identify you.
The controller will respond to your request exercising your rights regarding your personal data without undue delay in no more than a month after receiving the claim. BeeIN can extend the deadline to comply with the rights for no more than two additional months, taking into account the complexity and number of claims. If BeeIN extends the deadline, they will inform you about the extension within one month of receiving the claim, including the reasons for the delay.
If your claims regarding this chapter are obviously unfounded or excessive, especially when repetitive, BeeIN can:
- charge a reasonable fee based on administrative costs of forwarding the information or the claim or of processing the claim,
- decline to act on the claim.
10. Right to lodge a complaint regarding personal data processing
You can send any potential complaint regarding the processing of your personal data to the e-mail address email@example.com or by post to the address BeeIN, d. o. o., Kranj, Ljubljanska cesta 24a, Kranj.
You have the right to lodge your complaint directly to the Information Commissioner, if you believe processing your personal data is infringing on Slovenian State or EU rules on personal data protection.
11. Policy validity
This Policy enters into force on 1 September 2021 and can be changed or amended at any time.