Free shipping to 🇸🇮 for orders above 100 EUR

Facebook Instagram

Privacy policy

1. GENERAL

The provider Sebastjan Šoba s.p., Videm 18L, 1262 Dol pri Ljubljani Slovenia undertakes to protect the confidentiality of personal data and the privacy of users of the Nommos online shop. The provider will use the personal data collected exclusively for the provision of the services offered. The provider respects the confidentiality of personal data and the privacy of the users of the online shop and promises to treat the users’ personal data in accordance with this Policy, the applicable legislation and in accordance with the users’ wishes. The provider will take all necessary steps to protect them from any violations and misuse.

The provision of the user’s personal data to the provider is necessary in certain cases in order for the provider (which in this case acts as a personal data processor) to fulfil its contractual obligations towards the user. The provider protects the personal data collected in accordance with the Personal Data Protection Act of Republic of Slovenia (ZVOP-1), the Electronic Communications Act of Republic of Slovenia and the General Data Protection Regulation (GDPR).

Personal data is information that identifies a user (e.g. first name, last name, email address or postal address).

For the purposes of providing the services offered by the provider, the provider collects, manages, processes and stores the following user data:

  • the name and surname of the user or the name of the company or legal entity (if the user is a legal entity)
  • the tax number of the legal entity (if the user is a legal entity)
  • the address of the user and the delivery address, if different from the address of the user
  • contact details (e-mail address, telephone number)
  • purchase history in the online shop

The provider is not liable for the correctness, completeness and up-to-datedness of the data entered by the user.

The provider does not pass on the data to third parties, except to contractors with whom the provider has concluded a contract on the protection of personal data and who are contractually bound to the same standards of protection of personal data as the provider.

The provider collects personal data with the explicit consent or consent of individuals. Consents shall be stored together with their content and the content of the form by which they were obtained.

The provider shall keep the personal data collections within the territory of the Republic of Slovenia and shall not export them to other countries.

2. PURPOSE OF THE PROCESSING OF PERSONAL DATA

The provider processes personal data for the following purposes:

2.1. Product orders and delivery

In the event that the user decides to purchase the provider’s products, the provider requires certain personal data of the user to fulfil the order, without which the provider would otherwise not be able to perform its obligations under the sales contract. The data collected for this purpose are stored by the provider on the basis of a contractual relationship, and are kept by the provider for 10 years after the end of the year in which the user placed the last order, in accordance with the provision on the retention of invoices pursuant to Article 86 of the Value Added Tax Act of republic of Slovenia (hereinafter referred as the “ZDDV-1”).

For this purpose, the following personal data are processed: the name and surname of the user (or the company and business address if the user is a legal person), the address of the user and the delivery address if different from the address of the user, the contact details of the user (e-mail address and telephone number).

2.2. Product returns, complaints

The data collected for this purpose are stored by the provider on the basis of the contractual relationship (purchase of products) made by the user with the provider, as the provider cannot otherwise fulfil its legal obligations arising from the withdrawal of the buyer from the contract and/or warranty claims of the buyer arising from material defects. In accordance with the provision on the retention of invoices pursuant to Article 86 of the ZDDV-1, the provider shall keep personal data for 10 years after the end of the year in which the user made the last order.

For this purpose, the following personal data is processed: the name and surname of the user (or the company and business address if the user is a legal entity), the address of the user and the delivery address if different from the user’s address, the contact details of the user (email address and telephone number), the user’s purchase history in the online shop.

2.3. Marketing communication

The provider collects consent from individuals for the purpose of personalized marketing communications relating to discounts, offers, news, events and other content through various communication channels (e.g. e-mail, SMS (including Viber, Whatsapp), social networks, browser notifications, website information). Personal data for this purpose is processed until the consent is withdrawn and is retained for a maximum period of one year after the withdrawal of consent, unless there is another legal basis for the processing.

The following personal data are processed for this purpose: name and surname, address, telephone number, e-mail.

The data subject may, at any time, by submitting a written request to [email protected], notify the provider of the withdrawal of consent to the processing of the above-mentioned personal data for the purposes of marketing communications.

2.4. Statistical processing of data for the purposes of internal analysis and strategies

the provider uses the data of past purchases for the purposes of internal analyses and the preparation of strategies on the basis of legitimate interest. Most of the analyses are carried out on the basis of anonymised and pseudonymised data. If the user does not want such processing, he/she can request the deletion of his/her personal data at any time. For the purposes of statistical processing and analysis, the data are kept for as long as the personal data are kept for the purpose for which they were collected.

3. THE RIGHTS OF INDIVIDUALS WITH REGARD TO THE PROCESSING OF PERSONAL DATA

The data subject has the following rights with regard to the processing of personal data, as set out in applicable law:

  • Right to be forgotten – if the data subject no longer wishes to have his/her personal data stored and processed by the provider (processor) and provided that there are no legitimate grounds for their continued storage, he or she may, at any time, request the processor to delete his/her data.
  • Right of access to personal data – the data subject may check with the provider whether it is processing any of his/her personal data and obtain information about which personal data the provider is processing and for what purpose.
  • Right to rectification – the data subject has the right to request the rectification of incomplete or inaccurate personal data.
  • Right to restriction of processing of personal data.
  • Right to data portability – the data subject may request from the provider (processor) the transfer of his/her personal data in a structured electronic format to another controller, insofar as this is possible and feasible.
  • Right to object – the data subject may object to further processing of his/her personal data.
  • Right to withdraw consent – the data subject has the right to withdraw consent to further processing of personal data, in particular in the case of direct marketing.

If an data subject wishes to exercise any of the rights listed above, he/she may communicate this to the provider by email at [email protected]. For the purposes of identification in the exercise of the rights, the provider reserves the right to request additional information from the individual, and may refuse to act in the event that the individual cannot be reliably identified. In accordance with applicable law, the provider shall reply to the individual as soon as possible and at the latest within one month of receipt of the request.

The supervisory authority responsible for the protection of personal data in Slovenia is the Information Commissioner of the Republic of Slovenia (“IP RS”). You may submit a complaint about the processing of your personal data at any time through the communication channels published on their website https://www.ip-rs.si.

11 July 2022

Nommos® All rights reserved 2022

Follow us

Questions?

[email protected]

© 2022 Nommos.

Want some cookies?

This site uses cookies. By continuing to use this site, you consent to the use of cookies.

Continue
More about cookies