At R.U.R., business consulting and research company, LLC (hereinafter referred to as: “R.U.R.” or “we” or “company”), we respect your right to privacy and strive for the highest level of protection of your personal information. In providing our services through our website, via email or by telephone contact, as well as in our business operations and provision of services, we are therefore committed to act in accordance with laws and regulations which define the protection of personal data, particularly in compliance with the applicable Personal Data Protection Act, the Electronic Communications Act and the General Data Protection Regulation of the EU (GDPR).
Personal data controller
R.U.R., poslovno svetovanje in raziskovanje, LLC
1230 Domžale, Slovenija
M: +386 31 650 041
What is personal data?
The term “personal data” refers to such information, which directly or indirectly, may define you as an individual, where “indirectly” means in combination with other information, such as your name, postal address, email address, telephone number, identification number, location data or other identifiers.
Purposes of data collecting and processing
We need your personal data:
– to respond to the inquiry you submitted on our website www.rur-svetovanje.com; for this purpose, we collect the following data from you: first and last name or title, e-mail address and information about the content of the request;
– for the preparation of an offer, the conclusion of a contract and the fulfillment of its obligations under the contractual relationship; for this purpose, in addition to identification and contact information, we also obtain information about the transaction account and tax number;
– to communicate (via email, post or phone), if you have registered for an event (education, conference). We process the personal data entered when registering for the event for the purpose of keeping records of the participants, communication related to the registration, course, content and location of the event, as well as for sending material and informing you about the topics that might be of interest to you based on the content of the event.
All personal data you provide to us will be treated confidentially and will be used only for the purposes for which it was provided. If there is a need for further processing of your data for another purpose, we will contact you in advance and request your consent.
If you do not want to provide us with your personal data, we cannot respond to your inquiry, prepare an offer and conclude a contract with you or perform the service.
Legal basis for the processing of personal data
The company collects and processes your personal data on the following legal bases:
We process your personal data for the purpose of concluding a contract and in order to fulfill our obligations from the contractual relationship in compliance with applicable legislation (e.g. tax law, labour law …)
Within the scope of the exercise of contractual rights and performance of contractual obligations, the company processes your personal data for the following purposes: for identification of the data subject, preparation of an offer, conclusion of a contract, for the provision of ordered services, notification of any changes, additional details and instructions for the use of services, for solving possible technical problems, objections or complaints, billing services and for other purposes necessary for the implementation or conclusion of a contract between the company and the individual.
In order to ensure the proper conclusion and implementation of the contract, that you concluded with the controller, we process all the necessary data, such as: your identification and contact information, taxpayer – tax number, transaction account and similar information.
Thus, we can also use your personal data (residential address, email address, telephone number), which you provide to us via the filled-in contact form on our website, by phone or regular mail to inform you about services, events, educations, conferences and other contents that might be of your interest based on your past cooperation with us. You may object to the processing of your personal data for direct marketing purposes at any time.
Other legitimate interests may include fraud prevention, enforcement of claims in administrative and judicial proceedings, network and information security and similar.
We can also process your personal data on the basis of your explicit consent, which you have given us for specific purposes:
If you have consented to the processing of your personal data and at some point you no longer want it, you can request the termination of processing your personal data by sending a request by email to email@example.com or by regular mail to the company’s address.
Withdrawal or change of consent applies only to the personal data processed on the basis of your explicit consent, whereby we will take into account your most recent valid consent.
The revocation of consent does not release you from your valid contractual relationship with us.
Users and processors of personal data
Within the controller, only those employees and contractual partners, who need it due to their function or position or work tasks have access to your personal data.
We do not transmit your personal data or provide information about it to third parties (beyond the controller), except to those who have a written contract with us, on the basis of which they perform certain tasks related to data processing and are obliged to comply with the legislation regarding the processing and protection of personal data (the so-called contractual processors). Processors to whom we provide personal data are:
Processors shall process personal data only within the framework of our instructions and authorizations and shall not process personal data for their own purposes. They are obliged, as well as their employees, to protect the confidentiality of your personal data.
Contractual processors of personal data do not transfer data to third countries (outside the European Economic Area Member States: EU Member States and Iceland, Norway and Liechtenstein).
We may disclose your personal data to third parties, e.g. to the police or other public authorities if it relates to criminal investigations or if we are otherwise obliged to disclose such data by law or a decision of a public authority.
Transfer of data to third countries and international organizations
We store personal data collections in the territory of the European Union and do not generally transfer them to third countries. If we transfer your personal data to third countries, we will do so after carefully reviewing the legal bases and safeguards applied by that third country (binding rules, codes of conduct, standard contractual clauses and other similar mechanisms).
In accordance with the principle of responsibility, every transfer of personal data to third countries will be carried out by the controller after careful consideration and with the requisite level of prudence.
Retention period of personal data
The company R.U.R. will retain your personal data only as long as it is necessary to fulfill the purpose for which the personal data was collected and processed.
When personal data is processed on the basis of law, it will be retained for the period prescribed by law. In this case, some data is kept for the duration of cooperation with the company, while some data must be kept permanently.
Personal data processed on the basis of the conclusion or execution of a contract may be stored for the purpose of fulfilling contractual obligations until required for the conclusion and execution of the contract and the exercise of rights and obligations from the concluded contract or until the expiration of the statutory deadline for the enforcement of legal protection of contracting parties (from one to five years).
Issued invoices are stored for 10 years after the end of the year to which the invoice refers, which is in compliance with the provisions of the law governing value added tax.
The personal data that the company processes on the basis of personal consent or legitimate interest will be retained until the consent is revoked or until the data deletion request. After receiving the revocation of consent or the deletion request, the data will be deleted within one month at the latest. The company can delete this data even before revocation, when the purpose of personal data processing has been achieved or if required by law.
After the retention period, we effectively delete or anonymize personal data, which means that it is processed in such a way that it can no longer be linked to you.
Manner of personal data protection
Company R.U.R. carefully safeguards your personal data and has to this end introduced appropriate technical and organizational security measures to protect it from accidental or unlawful destruction, loss, amendment and unauthorized disclosure or access to your personal data that has been transferred, retained or otherwise processed.
Automated decision making
In our company, all decisions in connection with contractual relationships and other decisions with legal or similar effects are made by our employees with appropriate information support.
Your rights regarding personal data
The Constitution of the Republic of Slovenia, and valid European and Slovenian regulations provide you with numerous rights regarding privacy and the protection of personal data, in particular the following:
We will provide information regarding measures in connection with the processing of your personal data that were adopted at your request in accordance with Articles 15 to 22 of the GDPR without undue delay and in any event within one month of receiving such a request. That period may be extended exceptionally for a maximum of two additional months taking into account the complexity and number of requests. We will inform you in such cases within one month from the receipt of a request, and state the reasons for a delay. If you submit your request by electronic means, we will provide information by electronic means, unless you request otherwise.
Whenever a breach of the protection of personal data occurs and whenever it is likely that a breach will result in a high risk to your rights and freedoms, the controller will inform you without undue delay that such a breach has occurred.
The state body responsible for handling breaches of personal data protection regulations is the Information Commissioner of the Republic of Slovenia, Dunajska cesta 22, 1000 Ljubljana, telefon: 01 230 97 30, email: firstname.lastname@example.org.
When exercising all your rights or when obtaining additional information, we are available to you via email: email@example.com or telephone: +386 31 650 041.
These terms and conditions of personal data protection are continuously accessible at the controller’s registered office and on its website www.rur-svetovanje.com, last updated on December 20, 2022. Changes to the terms and conditions will be published on our website.