Privacy Policy

The controller of personal data collected through the website www.pakt.si is:

AGENCIJA PAKT d.o.o.
Poslovna cona Žeje pri Komendi, Pod hrasti 29
1218 Komenda, Slovenia
Company number: 8347476000
VAT ID: SI96196521

For questions regarding the protection of personal data, contact us at info@pakt.si or by phone at 069 792 170.

Data you provide yourself

On www.pakt.si you can provide us with data via forms:

• Contact form: name, email address, phone number, message content.
• Newsletter sign-up: email address.
• Download of a manual or guide: name, email address.

Submitting data is voluntary. Without it, we cannot provide you with the service related to the form (e.g. respond to an inquiry or send a manual).

Data collected automatically

When visiting the website, the following data is collected automatically, subject to your consent:

• Analytics data: IP address, browser type and version, operating system, screen resolution, pages visited, time of visit, referral source.
• Cookies: unique identifiers for recognising recurring visits and measuring advertising effectiveness. A detailed list is on the Cookies page.

To collect analytics and marketing data we use Google Consent Mode v2. Data from these categories is collected only after you actively consent to the relevant cookie category. Without your consent, analytics and marketing data is not collected.

Data when using embedded content

On some pages, embedded content from third-party providers is available (YouTube videos, Google Maps). This content does not load automatically. It loads only after your active click. When loading, the provider receives your IP address and browser data and may set its own cookies.

We process your data on the following legal bases under Article 6 of the GDPR:

Consent (Art. 6(1)(a) GDPR)

• Sending newsletters and notifications about our services.
• Collection of analytics data (Google Analytics).
• Collection of data for advertising purposes (Google Ads, Meta).
• Loading of embedded content from third parties (YouTube, Google Maps).

You can withdraw consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.

Performance of a contract or pre-contractual measures (Art. 6(1)(b) GDPR)

• Processing of inquiries received via the contact form.
• Sending manuals and guides you have requested.

Legitimate interest (Art. 6(1)(f) GDPR)

• Ensuring the security of the website and preventing abuse.
• Improving the operation and user experience of the website.
• Keeping business documentation and records.

For processing based on legitimate interest we have carried out a legitimate interest assessment (LIA), in which we weighed our interests against your rights and freedoms. You can request the results of the assessment at info@pakt.si.

Legal obligation (Art. 6(1)(c) GDPR)

• Storing data when required by tax or other legislation.

Processing overview

We do not sell your personal data and do not pass it to third parties for their own purposes. We pass data only to processors that process the data on our behalf, on our instructions, and on the basis of concluded data processing agreements.

Categories of processors:

• Hosting provider, which provides the server infrastructure.
• Google LLC (Google Analytics, Google Ads, Google Tag Manager) for visit analytics and advertising measurement.
• Meta Platforms, Inc. for measuring the effectiveness of advertising campaigns.
• Microsoft Corporation (Microsoft Clarity) for user experience analysis, including session recording (mouse movements, clicks, page scrolling).
• YouTube (Google LLC) for the playback of embedded videos.

We may also disclose data when necessary to fulfil legal obligations, enforce court orders or protect our legitimate rights.

Some of our processors (Google, Meta, Microsoft) are based in the United States of America. Data transfer to the USA takes place on the basis of the EU-U.S. Data Privacy Framework (EU-U.S. Data Privacy Framework), confirmed by the European Commission's adequacy decision of 10 July 2023.

In addition, the European Commission's standard contractual clauses (SCC) have also been concluded with the listed processors, providing a back-up safeguard mechanism in case the DPF framework is amended or repealed. If the legal basis for the transfer changes, we will adjust the safeguards accordingly and update this policy.

We keep data only as long as necessary to fulfil the purpose of collection, or as long as required by law.

• Contact inquiries: until the end of communication, then a maximum of 1 year for any further queries.
• Newsletter: until subscription is cancelled (unsubscribe is possible in every message).
• Manual and guide downloads: until the purpose is fulfilled, then a maximum of 1 year.
• Analytics data: in accordance with the default periods of each service (Google Analytics: 14 months).
• Cookies: storage periods are listed on the Cookies page.

After the retention period expires we securely delete or anonymise the data.

Under GDPR and ZVOP-2 you have the right to:

• request access to your data (Art. 15 GDPR),
• request the correction of inaccurate or completion of incomplete data (Art. 16),
• request the erasure of data when there is no longer a legal basis for processing (Art. 17),
• request a temporary restriction of processing (Art. 18),
• receive your data in a structured form or request its transfer to another controller (Art. 20),
• object to processing based on legitimate interests (Art. 21),
• withdraw consent at any time without affecting the lawfulness of processing before withdrawal (Art. 7(3)).

You withdraw consent for sending the newsletter (e-news) by clicking the unsubscribe link in every message sent. You withdraw consent for cookies in the cookie settings, accessible at the bottom of our website or on the Cookies page.

To exercise all other rights, contact us at info@pakt.si. We will respond to your request within 30 days.

If you believe that we are infringing the rules in processing your data, you have the right to lodge a complaint with the Information Commissioner of the Republic of Slovenia:

Information Commissioner of the Republic of Slovenia
Dunajska cesta 22, 1000 Ljubljana
www.ip-rs.si
Email: gp.ip@ip-rs.si
Phone: 01 230 97 30

To protect your personal data from unauthorised access, loss or disclosure, we use appropriate technical and organisational measures:

• SSL/TLS encryption for the transfer of data between your browser and our server.
• Regular updates of software and security patches.
• Restricting access to personal data to authorised persons.
• Encrypted backups.
• Regular review of security procedures and measures.

Our website is not intended for persons under the age of 15 and we do not knowingly collect their personal data. If we discover that we have obtained data of a person under the age of 15 without the appropriate consent of a parent or guardian, we will delete this data immediately (Art. 8 GDPR in conjunction with Art. 112 ZVOP-2).

Our website may contain links to third-party websites. We are not responsible for their privacy practices and data processing. Before submitting personal data to other websites, we recommend that you read their privacy policies.

For the purpose of measuring advertising effectiveness and displaying relevant ads, with your consent we may process data on your behaviour on the website (pages visited, interactions, conversions). This data may be used through Meta Pixel and Google Ads to build audiences and for remarketing, which constitutes a form of profiling under Art. 4(4) GDPR.

No decisions with legal or similarly significant effects on you are made on the basis of this profiling (Art. 22 GDPR). Profiling is intended solely for ad personalisation.

You have the right to object to this profiling (Art. 21 GDPR). You can withdraw consent at any time in the cookie settings or contact us at info@pakt.si.

AGENCIJA PAKT d.o.o. has assessed the need to appoint a Data Protection Officer (DPO) in accordance with Art. 37 GDPR. Given the nature, scope and purposes of processing, the appointment of a DPO is not legally required, as we do not carry out large-scale systematic monitoring of individuals or large-scale processing of special categories of data.

For all questions regarding the protection of personal data, contact us at info@pakt.si or by phone at 069 792 170.

In the event of a personal data breach we will, in accordance with Art. 33 GDPR, notify the Information Commissioner of the Republic of Slovenia of the breach within 72 hours of becoming aware of it, unless it is unlikely that the breach would result in a risk to your rights.

If a breach could result in a high risk to your rights and freedoms, we will inform you directly without undue delay (Art. 34 GDPR), together with a description of the nature of the breach, the possible consequences and the measures we have taken.