I. General Provisions

  1. The administrator of personal data under Art. 4 point 7 of the European Parliament and of the Council (EU) 2016/679 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter " GDPR ") is POT MED KROŠNJAMI POHORJE, D.O.O., SI83762795, headquartered Poljanski Nasip 6, 1000 Ljubljana (hereinafter the " Administrator ").
  2. Contact details of Administrator are
  3. Personal data means any information relating to an identified or identifiable natural person; an identifiable natural person is an individual who can be identified directly or indirectly, in particular by reference to a specific identifier, such as name, identification number, location data, network identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of individuals.
  4. Administrator didn't appoint Commissioner for Personal Data Protection.

II. The legal reason for processing of personal data

  1. Legal reasons for processing of personal data are
  • the contract between you and the Administrator according to Art. 6, paragraph. 1 point. b) GDPR
  • Administrator legitimate interest in providing direct marketing (especially for sending commercial messages and newsletters) in accordance with Art. 6, paragraph. 1 point. f) GDPR (hereinafter referred to as "justified concern")
  • Your consent to processing for the purpose of providing direct marketing (especially for sending commercial messages and newsletters) in accordance with Art. 6, paragraph. 1 point. a) GDPR in conjunction with § 7 para. 2 of Act no. 480/2004 Coll., on certain information society services in the event that there is no ordering goods or services (the "Consent").
  1. By the Administrator no automatic individual decision under Art. 22 GDPR. With such processing have provided his / her express consent.

III. Purpose processing, categories, sources and recipients of personal data

legitimate reason



source of data

Recipients of personal data (processors)

performance of the contract

To send a gift certificate and a contact form

Personal information of clients (kontantní data, address)

The form of a gift voucher, contact form

Mailing service, delivery company

legitimate interest

Ensure proper functionality of the web

Cookies (technical)

Login to User Account

Hosting services, subcontractors


Providing direct marketing (especially for sending commercial messages and newsletters)

E-mail and name

Registration form to newletteru

Mailing Services, subcontractors


Profiling for targeted direct marketing

Cookies, information about a viewed page

Visiting and using this site

Mailing Services, subcontractors

legitimate interest

Normal traffic analysis, error detection and fraud prevention server and server attacks

Third-party cookies. Web browsing data.

Movement to the site, register and create anonymized user ID, display the error page

Google Analytics web hosting services and any other analytical services


Obtaining Demographic reports on traffic statistics

Cookies third-party demographic data (age, gender, interests, interest in buying and other categories) - 26 months

DoubleClick cookie, Android Advertising ID, etc.

Google Analytics


Viewing social networking widgets

Third Party Cookies

Registration on Facebook

Google Analytics

IV. Retention time

  1. Unless the preceding paragraphs stated otherwise, the administrator keeps personal data
  • the time necessary to exercise the rights and obligations arising from the contractual relationship between you and the administrator and claims of the contractual relations (for a period of 15 years from the termination of the contractual relationship).
  • until such time as it is revoked consent to the processing of personal data for marketing purposes when personal data are processed on the basis of consent.
  1. After the period of retention of personal data manager personal information deleted.

V. Cookies

  1. If in Section III. the personal data given cookies, pay for their treatment of the following rules.
    • Rules for the use of cookies or block any user can set up your Web browser, which expresses its consent to their treatment. You can look for instructions on blocking cookies .
    • The user can set permissions or reject all or only some cookies (ie. Third party cookies). Disabling cookies may have a negative impact on the usability of web sites and services.
    • On this site, visitors who agree with the placement of cookies in your browser settings via the appropriate behavior for each browser cookies placed information from the following companies:
  2. If you dispute the processing of technical cookies are necessary for the functioning of the website, in which case you can not guarantee full functionality and compatibility of websites.

VI. Recipients of personal data (administrative subcontractors)

  1. Administrator intends to transmit personal data to a third country (to a country outside the EU) or international organization. Recipients of personal data in third countries are providers of mailing services, analytical tools and services for direct marketing.

VII. Your rights

  1. Under the conditions set out in GDPR you have
  • the right of access to their personal data pursuant to Art. 15 GDPR,
  • the right to correct personal data pursuant to Art. 16 GDPR or processing restrictions pursuant to Art. 18 GDPR,
  • the right to erasure of personal data pursuant to Art. 17 GDPR,
  • the right to object to the processing according to Art. 21 GDPR,
  • right to data portability under Art. 20 GDPR,
  • the right to withdraw consent to the processing in writing or electronically to the address or e-mail administrator referred to in Art. III of these conditions.
  1. You also have the right to file a complaint with the Office for Personal Data Protection in the event that you think was violated your right to privacy.

VIII. Terms of security of personal data

  1. The Administrator declares that he has taken all appropriate technical and organizational measures to protect personal data.
  2. The Administrator has taken technical measures to protect the data storage and storage of personal data in paper form, especially ...
  3. The Administrator declares that personal data can be accessed only by authorized person.

IX. Final Provisions

  1. Sending an order from the online order form or by completing the request form, you confirm that you are aware of / and conditions and privacy that you accept in its entirety.
  2. You agree to these terms by checking the approval through an online form. By checking the consent you acknowledge that you are aware of / and conditions and privacy that you accept in its entirety.
  3. The administrator is entitled to change these conditions. The new version of the Terms privacy publish on its website and also will send you a new version of these terms to your e-mail address you provide to the Administrator.

These conditions come into force on 9 Sep 2019.