Skip to content Skip to footer

PRIVACY POLICY

The privacy policy of the polonie-dream.com website and online store complies with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals in the processing of personal data and on the free flow of such data and on the repeal of Directive 95 /46/EC (hereinafter the General Regulation on the Protection of Personal Data) and the legislation of the Republic of Slovenia and includes the following information:
  • contact information of the Back to the Horse Institute and the contact of the authorized person for data protection,
  • legal bases and purposes of personal data processing,
  • the types of personal data collected,
  • the use of cookies and related technologies,
  • managing privacy settings,
  • transmission of personal data,
  • retention periods of personal data,
  • protection of personal data,
  • the rights of individuals in relation to personal data, including the right to appeal,
  • changes to the privacy policy.
  • 1. Manager and contact

    Controller of personal data:
    Full name: Back to the horse, Institute for development, research and education in horse riding and in the field of activities and therapy with the help of horses
    Short name: Back to the Horse Institute
    Address: Starošince 37b, 2326 Cirkovce
    Business account: SI56 0252 8026 0261 474 (opened at NLB)
    Registration number: 6304508000
    Tax number: SI87752123
    Taxpayer: YES
    Email: info@nakonju.si

    (hereinafter also "nakonju.si" or "manager").

    Your questions regarding this Privacy Policy, the confidentiality of your personal data, the method of processing or your requests regarding the exercise of rights in relation to personal data will be answered by the responsible person and/or authorized person for data protection at us. You can contact the authorized person for data protection via the above address or via e-mail info@nakonju.si.
    2. LEGAL BASIS AND PURPOSES OF PROCESSING

    The website and store nakonju.si collects, records, edits, stores, transmits and otherwise processes personal data we have about you, based on various legal bases and for the purposes defined later in the document.

    2.1 Processing on the basis of a contract

    The nakonju.si website and store processes personal data for the exercise of rights and obligations from concluded contracts, namely:
    • contracts for the sale/purchase of products - submitted personal data of buyers in the online store at polonie-dream.com;
    • contracts for the use of services - personal data of service subscribers (e.g. registration to receive e-news, inquiry sent to an e-mail address).
    In the context of exercising rights and fulfilling contractual obligations, the operator processes the personal data of individuals for the purposes of identifying the individual, concluding a contract (although the contract for the sale of products between the operator/seller and the buyer in the online store is concluded at the moment when the seller sends the buyer an email confirming the order received ("confirmation of the placed order"), it is considered that in this case the provided personal data is processed on the basis of a contractual legal basis also for the purpose of concluding a contract), for communication with you (notification of changed general conditions, new version of the website, sending e-newsletters and advertisements to which you have subscribed, etc.), to provide user support (e.g. elimination of technical problems), and in the case of a purchase, for the purpose of order execution (delivery, delivery of products, issuing invoices, resolving potential customer claims (complaints , guarantees)), sending notifications to individuals in connection with the execution of orders and any other purposes necessary for the execution of the order, for the preservation of purchase history (only registered users), for the implementation of possible recovery procedures and for own accounting and tax needs.

    Storage of the text of the contract and accessibility to the text of the contract
    The Zazaj na konja Institute will NOT store the text of the contract between the seller and the buyer, and at the same time it will NOT be accessible to the consumer later. Contracts are concluded by placing an order and making a payment, in Slovenian and other languages that can be used on the website.
    2.2 Processing based on legal obligations - purposes

    The nakonju.si website and store processes personal data on the basis of legal obligations that apply to the online store (e.g., in particular, tax regulations, storage of invoices, storage of prize winners' data, processing of refunds and warranty claims, etc.).

    2.3 Processing based on legitimate interests - purposes
    The operator of the nakonju.si website and store can process personal data based on the legitimate interests it pursues, except when such interests are overridden by the interests or fundamental rights and freedoms of the individual to whom the personal data relates, which require the protection of personal data. When it comes to the further processing of data collected about an individual, the controller performs an assessment in accordance with the General Data Protection Regulation. Such continued use of data in pseudonymized or aggregated (combined) form, for example, replaces the legal use of data for marketing and other business or technical analyzes of the website and store. As an additional measure in some forms of further processing of traffic data, deletion of certain data may also be used.

    On the basis of a legitimate interest, the controller can process personal data to the extent necessary and proportionate to ensure the operation of online services, in particular with the aim of preventing unauthorized access to your user account, spreading malicious codes, preventing fraud or other misuse of websites or mobile applications, as well as to protect their intellectual property rights in connection with online services.

    On the basis of legitimate interests, the controller may also process your personal data for the purposes of preventing abuse, asserting claims or defending against claims in administrative and judicial proceedings.
    2.4 Processing based on consent (consent) - purposes
    The controller processes personal data based on the consent for the processing of personal data, which the individual provides to the controller for the following purposes:
    1. for the purpose of direct marketing - receiving notifications. Notifications contain current offers, benefits and/or invitations to events of the operator and its business partners, invitations to participate in prize games and competitions, as well as useful tips, news and reminders from the world of sports and healthy lifestyle;
    2. to perform marketing analyzes and customer segmentation and to provide customized product and service offers;
    3. for the purpose of participating in prize games.

    Depending on the provided personal data, you can receive notifications and customized offers by e-mail to the provided e-mail address or in printed form to the provided address.

    You can revoke your consent at any time or change: by clicking the 'unsubscribe' button located at the bottom of the email. Where the consent includes direct marketing based on an individual's profile, the controller may classify individuals into segments based on the use of the nakonju.si website and store for the purposes of customized service and product offers.

    3. PERSONAL INFORMATION WE COLLECT
    The controller collects various data about you, including personal data, with which you can be directly or indirectly identified (identified), if you or others decide to share this personal data on the website of the controller. We receive data in several ways, including shopping in an online store, signing up for e-newsletters (direct marketing), visiting a website. The operator collects data about your use of the services we offer.

    Personal data we collect:
    1. basic personal data such as: first and last name, email address, residential address (street, street number, postal code, city, country), delivery address (street, street number, postal code, city, country), telephone number;
    2. purchase information and payment method;
    3. we collect technical information from your browser, computer or mobile device when you access nakonju.si services.
    4. COOKIES
    When you use our online services, cookies are loaded on your computer. In general, cookies and related technologies work by assigning a unique number to the browser or device that has no meaning outside nakonju.si.

    The operator nakonju.si uses these technologies to customize the experience and to help provide content that is specific to your use.

    You can find the list of cookies used by the website on this link.

    You can use the settings on your browser or mobile device to manage the collection of information through cookies or related technologies. The operator undertakes to enable you to manage privacy and sharing, but does not assume responsibility for missed "Do Not Track" signals via a web browser. Rejecting cookies may result in some features of the offered services not being available to you.
    5. PERSONAL DATA RETENTION PERIOD
    We keep personal data for as long as is necessary to provide our services, or longer if there are legal obligations.

    Data related to payment for purchases in online stores and related contact information about individuals may be kept for the purpose of fulfilling contractual obligations until full payment of services or until the possible expiration of the statute of limitations in relation to an individual claim, which may be up to five years by law. In accordance with tax regulations, issued invoices are kept for 10 years after the end of the year in which the invoice was issued.

    We keep personal data obtained on the basis of consent until the consent is revoked, but for a maximum of 5 years.

    Information about you that is no longer necessary for the purposes for which it was collected or otherwise processed may be anonymized and combined with other non-personally identifiable information to obtain insight into statistical information that is commercially useful to the controller, such as for example, usage statistics of the services we offer. This personal data is anonymized and does not offer a link to identifiable individuals.
    6. PROTECTION OF PERSONAL DATA
    We implement several technical and organizational measures to ensure the security of personal data during collection, transmission and storage. The administrator strives to adequately protect your personal data, but we do not guarantee the complete security of the personal data you provide to us, and we are not responsible for the theft, destruction, loss, intentional or accidental disclosure of your personal data or information about you. The operator observes generally accepted standards for the protection of received information both during transmission and after its receipt, but no method of electronic transmission or storage guarantees 100 % security, therefore the operator cannot guarantee complete security either. The website uses SSL (Secure Sockets Layer) technology, which ensures encryption of personal and credit card information. The operator cooperates with a company that ensures the security of our services and your personal data. The operator's servers are additionally protected using firewalls and other technologies to ensure data security.

    The user himself is also responsible for the protection of data by ensuring the security of his mobile device or computer and the appropriate software (anti-virus) protection of his electronic device. To ensure the effectiveness of these measures in preventing unauthorized access to your personal data, you should be aware of the security features available to you through your browser. Use a browser that allows you to set security features before transmitting your personal or credit card information over the Internet. Please note that if you are using a browser that does not support the use of SSL technology, such transfer of personal data may be risky.

    Most browsers provide notification if you are on a website that does not provide a secure connection, or if you are sending data via an unsecured connection. The administrator recommends that you enable these functions of your browser, which will help to protect your personal data. You can also track the address you are on (URL). Secure web addresses start with https:// instead of http://, along with the secure connection symbol used by your browser (usually such a symbol is a lock at the beginning of the web address). Such a symbol indicates the use of secure communication with the server. Please also check the details (validity) of the security certificate of the site where you are located.
    7. FUNCTIONS OF SOCIAL MEDIA AND THIRD PARTY PAYMENT SERVICE PROVIDERS
    The website uses features of social networks (Facebook, Instagram) and payment service providers (Stripe, PayPal, etc.) operated by third parties.

    These functions can:
    a.) collect data (name and surname, email address, telephone number, postal address, date of birth, payment information – credit/debit card number, expiry date, CVV/CVC number and name of the cardholder, your IP address, pages you visit on our website) and

    b.) set cookies or use similar technologies that enable the proper functioning of individual functions.

    If the user is logged into his user account with a third party, the third party will be able to connect data about his visit to our websites through his user account. Similarly, a third party may record a user's interactions with these features even when visiting e.g. Facebook or Instagram page of the Back to the Horse Institute. An individual's interactions with these features are governed by the privacy policy of the third party providing the feature. If you want to learn more about the collection and processing of personal data by a third party, read its (relevant) Privacy Policy.
    8. LINKS TO OTHER WEBSITES

    The website may contain links to other websites operated by third parties. We caution you to review the privacy and security policies of those external websites when visiting these links. In any case, the user should check the privacy policy of these external websites before providing them with personal information.

    9. PRIZE GAMES

    Based on your written consent, the administrator of the prize game collects and processes the following personal data: first and last name, postal address, e-mail address, date of participation, selection of the winner, prize, answer to the question. The controller processes such personal data in order to be able to organize the prize game, inform the winner, hand over the prize, conduct the event, fulfill its legal obligations and for marketing purposes in accordance with the given consents.

    10. LIMITATION OF LIABILITY

    The administrator undertakes to protect personal data and information about you, but no connection via the Internet can be 100 % safe and cannot guarantee the complete security of the data you provide to us. You provide us with your personal data at your own risk.

    11. OTHER USERS OF PERSONAL DATA
    The operator will not forward the user's personal data to third parties without written consent or submission of authorization by the user. The exception only applies to:

    a) EXTERNAL CONTRACTORS who process data exclusively on behalf of, for the account of, according to the instructions and under the control of the controller (e.g. service providers who provide services for the controller and from whom the controller orders certain items when this is necessary for the performance of the contract; printers , advertising agencies, IT services, accounting services and administrative administrators); the manager carefully selects them and monitors their work;

    b) STATE AUTHORITIES, based on their reasoned written request for the needs of managing a specific procedure.

    The above companies may be located in countries outside the European Union (hereinafter: "third countries"), where the level of personal data protection may not be as comprehensive as in the European Union. The administrator undertakes to ensure that, in the case of data transfer to third countries, appropriate measures are taken to protect the user's personal data (e.g. by concluding agreements on the transfer of personal data that include standard provisions on data protection adopted or approved by the European Commission ).
    12. RIGHTS OF INDIVIDUALS
    The administrator ensures the realization of the rights of individuals to whom personal data refer. Individual requests regarding the exercise of rights are sent to the email address info@nakonju.si or by post to Zavod Nazaj na konja, Starošince 37b, 2326 Cirkovce.

    The individual is obliged to submit proof of identity and/or address to the request. The operator will respond to your request in accordance with applicable regulations.

    The individual has the following rights in relation to personal data:
    12.1 Right to access data

    An individual can at any time request that the administrator confirm whether data relating to him is being processed, and if so, enable access to personal data and provide information regarding the processing of his personal data (e.g. on the purpose of processing, type of personal data, users , to whom personal data has been or will be provided, the expected data retention period, technical and organizational measures for data protection, etc.).

    12.2 Right to erasure

    In accordance with the conditions, as specified in more detail by the applicable regulations, the individual can at any time request that the controller grant him the right to delete personal data (ie the right to be forgotten).

    12.3 The right to restriction of processing

    In accordance with the conditions, as specified in more detail by the applicable regulations, the individual may at any time request that the controller grant him the right to limit the processing of personal data.

    Please note that we may not be able to provide a full service in the event of a restriction on the processing of certain personal data.
    12.4 Right to Data Portability

    An individual may at any time request that the controller enable him to provide personal data in a structured, commonly used and machine-readable format to the individual or transfer it to the controller at the individual's choice (if technically feasible), under the conditions specified in more detail by applicable regulations.

    12.5 Right to object
    Insofar as the controller does not process personal data on the basis of legitimate interests, as presented above, the individual may in certain cases object to such processing. The controller will stop processing this personal data, unless it judges that it has justified and legitimate reasons for continuing the processing or if the processing is necessary for legal reasons.

    Objection to the processing of personal data for direct marketing purposes can also be done by revoking the consent to receive notifications by clicking on the 'unsubscribe' button located at the bottom of the email or to follow the instructions in each notification sent.

    12.6 Cancellation by consent

    An individual can revoke consent at any time, in cases where he has given consent for a specific purpose of processing your personal data.

    The revocation of consent does not affect the legality of the processing of personal data, which was carried out until its revocation.
    12.7 Right to appeal to a supervisory authority

    An individual has the right to file a complaint with the Information Commissioner of the Republic of Slovenia if he believes that his personal data is being processed in violation of the applicable regulations governing the protection of personal data. The complaint procedure with the supervisory authority is published on Web site of the supervisory authority.

    13. CHANGES TO THE PRIVACY POLICY
    The administrator reserves the right to change this Privacy Policy at any time. The obligation to notify about the change is fulfilled by the appropriate publication of the current version of the Privacy Policy on the website. Amendments to the Privacy Policy shall enter into force on the date of publication, unless the applicable regulations stipulate otherwise. Continued use of the website and services after receiving the notification means that the user agrees to the changes to the Privacy Policy.

    If you do not agree with the Privacy Policy, please stop using our online services and cancel the given consents.
    en_USENG