Name of the service provider: MENDOTA INVEST, nepremičninska družba, d. o. o.
Registered seat of the service provider: Tivolska cesta 50, 1000 Ljubljana
E-mail address of the service provider: email@example.com
Authority keeping the registry in which the service provider is registered: District Court Ljubljana
Registration number of the service provider: 8323984000
Tax number of the service provider: SI 23767707
Name, registered seat and contact details of the webhosting service provider: FUTURA DDB d.o.o.
The information contained in this website is of a general nature and provided for informational purposes only. Whilst MENDOTA INVEST, nepremičninska družba, d. o. o. has used reasonable endeavours to ensure that the information on this website is materially correct, MENDOTA INVEST, nepremičninska družba, d. o. o. makes no guarantee or warranty in this regard. The information contained herein might not necessarily be comprehensive, complete, accurate or up to date and may change without notice. On the basis of the above, any visitors of this website should not rely on the information contained herein as statements or representations of fact, but must satisfy themselves by inspection, searches, enquiries, surveys or otherwise as to their accuracy. MENDOTA INVEST, nepremičninska družba, d. o. o. cannot be held responsible for any loss or damage, including without limitation, direct, indirect or consequential loss or damage, or any loss of profits resulting from direct or indirect actions based upon the content of this website. The images shown and references to design, architecture, use and areas of the properties indicated on this website are approximate only and subject to the necessary planning, building regulations and/or other consents to be obtained, and therefore, such information is subject to change without notice and cannot be deemed and relied on as final and accurate. The content of this website (including any information, illustration, photos, design, etc.) is subject to copyright protection, and any unauthorised use thereof shall qualify as an infringement of the applicable laws.
Date of publication: 28.02.2022
This Policy sets out the principles of the processing of the personal data provided by the users of the Website and provides information for the data subjects on the processing of their personal data.
When establishing the provisions of the Policy, we paid particular attention to the provisions of Regulation 2016/679 of the European Parliament and of the Council (the “GDPR”) and other laws applicable to the protection of personal data (Personal Data Protection Act -ZVOP-1 and Electronic communication Act- ZEKom-1).
The data controller
The Company processes your personal data and, as a data controller, is liable for their lawful processing. You can contact us using the contact details provided below:
Name of the company: MENDOTA INVEST, nepremičninska družba, d. o. o.
Postal address: Tivolska cesta 50, 1000 Ljubljana
Company registration number: 8323984000
E-mail address: firstname.lastname@example.org
Phone number: 059 377 780
Brief introduction of our data processing activities
In the course of the operation of the Website, we collect the following type of information about our visitors: aggregate statistical data used to track site usage.
Like most web publishers, we aggregate data when users visit our Website, and depending on their functionality, we use statistics cookies (also known as performance cookies). By using performance cookies we collect information on how our visitors use the Website (e.g. which and how many sites were visited, on which part of the Website the visitor clicked, how long the sessions were, what kind of error message the visitor received, etc.), as well as in order to count how many people come to the site, which countries they come from, which pages they view, etc. This is to ensure that we develop the Website (the available services, functions, etc.) in accordance with the demands of our visitors, so that we are able to provide a high quality, user-friendly experience and better value to our users based on their news consumption patterns.This data collection process does not enable us to discern who you are, only that a computer with a specific number is accessing the web server. These cookies are assigned at random with each newly created visitor session, and are deleted after the visitor leaves the site.
The Website uses the Google Analytics webanalytic services. Google Analytics uses performance cookies in order to help analyzing the use of the Website.
What kind of personal data we record?
A software analysing website hits runs on the Website and receives the following automatically generated data of our visitors:
- IP address of the visitor;
- date of the visit;
- data of the visited sites;
- type of browser used;
- preferences of the visitor.
The Website records these data. According to the provisions of the GDPR, the IP-address of the visitor qualifies as personal data.
For what purpose we collect your personal data
- to facilitate the customization of the services rendered by the visitors of the Website, to use its comfort functions;
- to prepare statistics, analyses regarding the number of visitors of the Website and the preferences of the visitors.
The legal basis of the processing
The lawfulness of processing the personal data specified under section 4 is based on your consent as a data subject, in accordance with article 6 (1) a) of the GDPR. The processing is based on freely given consent in each case. You are entitled to withdraw your consent anytime.
In the case of cookies the consent is given by visiting the Website and by using its contents. By deleting the cookies from your computer and by adjusting the settings of your browser to block cookies you can withdraw such consent.
Term of the processing
Session cookies are deleted automatically by closing the browser. In the case of other type of cookies we process your personal data until achieving the goal intended by the usage of the certain type of cookies.
Personal data is not transferred to third countries or international organizations.
The processing of personal data by data processor is governed by a contract according to Article 28 of GDPR.
Your rights and your right to remedies
Your right as a data subject in connection with the processing of your personal data
Right to information and access to personal data
You are entitled to obtain from the Company confirmation as to whether personal data concerning you are being processed, and, where that is the case, to access to the personal data and the following information:
- the purposes of processing;
- the categories of personal data concerned;
- the recipients or categories of recipient to whom the personal data have been or will be disclosed (in particular the data processors);
- the envisaged period for which the personal data will be restored;
- your rights in relation to the processing of your personal data;
- where the personal data was not collected from you, any available information as to their source;
- information regarding automated decision-making.
Under the applicable legislation we provide the information on the processing of your personal data free of charge. We respond to your request in writing within a month. However, if such request is manifestly unfounded or excessive, in particular because of its repetitive character, the Company may either, taking into account the administrative costs of providing the information or communication or taking the action requested: charge a reasonable fee; or refuse to act on the request.
If, after paying the fee, it turns out that the processing was unlawful, or upon your request we are obliged to correct your data, we will reimburse you the fees already charged.
If, despite our best efforts to protect your personal data, someone unlawfully gains access to, changes, transmits, publishes, erases, destroys or causes unintended erasure or injury to your personal data or otherwise processes them unlawfully, we, upon your request, will inform you about the conditions of such incident, including the date, the possible effects and our measures to prevent or to mitigate the consequences.
Right to rectification
If the data we process are not correct, we will rectify them upon your request without undue delay. You are also entitled have incomplete personal data completed, including by means of providing a supplementary statement.
Right to erasure
The Company erases your personal data without delay, if:
- the personal data are no longer necessary in relation to the purpose of sending the newsletter;
- the personal data have been unlawfully processed;
- the personal data have to be erased for compliance with a legal obligation concerning the Company;
- the person exercising parental authority over a children under 16 has not consented to the processing;
- where the Company has made the personal data public.
You are also entitled to request the erasure of your personal data by withdrawing the consent you previously gave to us. However, in such case we may refuse to further provide you certain services and/or certain services will not be available to you hereinafter.
Instead of erasing, we block your personal data if you request so, or it can be assumed that erasure would have an impact on your legitimate interests. We do not process blocked data for the above purposes. We only process blocked data for the purpose that excluded the possibility of erasure.
Right to restriction of processing
Data processing may be restricted if:
- you contest the accuracy of the personal data, for a period enabling the Company to verify the accuracy of the personal data;
- the processing is unlawful and you oppose the erasure of the personal data and requests the restriction of their use instead;
- the Company no longer needs your personal data for the purposes of the processing, but you require them for the establishment, exercise or defence of legal claims;
- you have objected to processing, pending the verification whether the legitimate grounds of the Company override yours.
For the duration of the evaluation of your objection, but not more than for 5 days the Company suspends the processing, assesses the merits of your objection and makes a decision, about which the Company informs you without delay.
If the objection is justified, the Company restricts your data, i.e. only restoring as a means of processing can be carried out as long as
- you consent to the processing;
- your data is necessary for enforcing your legal claims;
- processing becomes necessary in order to the defend the rights of a natural or a legal person; or
- processing is ordered by law in the public interest.
If you requested your personal data to be restricted, the Company will notify you prior to the lifting of the restriction.
Right to data portability
You have the right to receive the personal data concerning you, which you have provided to the Company, in a structured, commonly used and machine-readable format (e.g. .doc or .pdf) and have the right to transmit those data to another controller without hindrance from the Company.
What happens and what can you do if we reject your request?
If the Company rejects your request for the correction, restriction of erasure of your personal data, within 1 month of receiving your request we will inform you in writing why we could not comply with your request and we will inform you about your possibilities of judicial remedy and that you may submit an appeal to the Information Commissioner. If you agree, we will send our reply via e-mail.
What are your rights if you think the data processing is unlawful?
If you have some concerns regarding the lawfulness of the data processing, you have the right to object to it. Your objection should include a request for us to stop processing your data and to erase them.
If you object to the processing of your data, the Company will examine the reasons of your objection within one month and will make a decision, regarding which the Company notifies you in writing.
If we find your objection to be valid, we stop every data processing operation, block the data concerned and inform about the objection and the following measures taken everyone to whom we transmitted the personal data concerned by the objection. These recipients should also take the necessary actions for your objection to prevail. If you disagree with our decision or if the Company fails to comply with the abovementioned one month deadline, you may turn to the courts.
What are the legal remedies available to you?
If you find that during the processing of your data our Company breaches the provisions of the GDPR, it is your right as a data subject to lodge a complaint before a supervisory authority (i.e. before any public authority set up by any of the EU member states in accordance with section 51 of the GDPR), in particular in the member state of your habitual residence, place of work or place of the alleged infringement. In Slovenia the supervisory authority set up in accordance with section 51 of the GDPR is the Information Commissioner.
In accordance with the GDPR, a supervisory authority concerned means a supervisory authority which is
by the processing of personal data because:
a) the controller or processor is established on the territory of the Member State of that supervisory authority;
b) data subjects residing in the Member State of that supervisory authority are substantially affected or likely to be substantially affected by the processing; or
c) a complaint has been lodged with that supervisory authority.
In connection with the data processing carried out by the Company, under points a) and b) mentioned above, the supervisory authority concerned is the Authority, given that the Company is established in Slovenia and the data subjects affected by the processing are predominantly residing in Slovenia. Accordingly, in the sections below we inform you about complaint procedure of the Authority. However, please note that given the reasons mentioned above, you nevertheless have the right to lodge a complaint before any supervisory authority set up by one of the EU member states, not just before the Authority.
Notification to the Authority
Compliance with data protection legislation is supervised by the Information Commissioner. If you find that our data processing does not comply with the applicable law, or there is an imminent danger of non-compliance, you can lodge a complaint before the Authority through the following contacts:
Name of the authority: Informacijski pooblaščenec
Postal address: Dunajska cesta 22, 1000 Ljubljana, Slovenija
E-mail address: email@example.com
Phone number: 01 230 97 30
For further information regarding data protection go to the website of the Authority: https://www.ip-rs.si/
Please note that in the case of a personal data breach (i.e. a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed), the Company shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the Authority. If the personal data breach is likely to result in a high risk to the rights and freedoms of data subjects, the Company shall communicate the personal data breach to you as a data subject without undue delay.
Judicial proceedings for pursuing claims
In case you consider that his rights determined by the GDPR, ZVOP-1 or ZVOPOKD or any other legal act applicable to the protection of personal data, have been violated due to the processing of your data, which is not in accordance with the law, you may request judicial protection before the competent court.
Annex 1: Brief summary of the Company’s processing
Brief summary of the Company’s processing
|Purpose of processing||Improving the site and providing better value to the users based on their news consumption patterns|
|Lawfulness of processing||Consent of the data subject in accordance with article 6 (1) a) of the GDPR|
|Term of processing||Until leaving the website|