Privacy and Cookie Policy

The Privacy and Cookie Policy aims to inform users of the https://www.zds.si website about the purpose of and the basis for the processing of their personal data by the Association of Employers of Slovenia (ZDS) (hereinafter referred to as "the Association"), as well as about their rights. The Association’s Privacy Policy also applies to other means of collecting and processing personal data, such as in relation to the Association membership.

The Privacy and Cookie Policy applies to any person who is, in accordance with the Website Terms of Use laid down on the Association’s website https://www.zds.si/en/legal-notice/, considered to be the user. The Policy applies to the website in its entirety, including all the subpages.

The user is any legal or natural person who uses or visits the https://www.zds.si website (hereinafter referred to as "the user").

By using the website, the user confirms that he/she agrees with the Privacy and Cookie Policy. By continuing to use the website, the user agrees with the changes made to the Policy.

 

I. Personal Data Protection

The Association of Employers of Slovenia (ZDS) respects your privacy and will be using your personal data solely for the purposes specified in the Policy. Your personal data will be protected with great care in accordance with the legislation governing personal data protection (Uredba EU 2016/679 (GDPR) and the Zakon o varovanju osebnih podatkov - ZVOP-1), the Privacy and Cookie Policy, and the internal rules set out by the Association.

 

1. Personal Data Controller

The controller of personal data processed in accordance with the Privacy and Cookie Policy is the Association of Employers of Slovenia (ZDS), Dimičeva ulica 9, 1000 Ljubljana, Slovenia.

2. Personal Data Processor

The contractual processor of personal data on the Association’s website is the company Innovatif d.o.o., Poljanski nasip 6, 1000 Ljubljana, Slovenia. The personal data controller and the personal data processor have defined and set out their mutual relations and obligations by means of a written agreement.

3. Transfer of Personal Data to Third Parties or to Third Countries

The Association does not transfer the collected personal data to third parties or to third countries.

The exception to this rule is when it comes to mailing the Association’s e-news, for which the Association uses the MailChimp online platform, where personal data is stored for the purposes of sending such e-news. The stored personal data includes a first name, a surname, and an email address. MailChimp’s Terms of Use and its Privacy Policy guarantee compliance with the rules of the General Data Protection Regulation (Regulation (EU) 2016/679) and confirm that MailChimp has certified its agreement with the EU-U.S. Privacy Shield Framework.

4. Personal Data Types and Personal Data Processing Purposes

The Association collects and processes personal data on the basis of the consent granted by individuals and on the basis of the Association’s legitimate interest.

4.1. Personal Data Processing on the Basis of Consent

The Association collects and processes individuals’ personal data for the purposes of mailing general notices, specialist magazines and publications, invitations to events, information on changes to legislation and collective agreements, information about new developments regarding the representation of employers’ interests, as well as announcements of trainings organised as part of the Employers’ Academy.

These notices and announcements are sent solely by email.

For this purpose, the Association of Employers of Slovenia collects and processes the following individual’s personal data: a first name, a surname, an email address.

4.2. Personal Data Processing on the Basis of a Legitimate Interest

The Association collects and processes the personal data of individuals, i.e. representatives of legal entities, on the basis of obligations set out by the association establishment agreement, the company statute and a legal entity’s membership application form. Such personal data processing can thus be considered as the processing based on a legitimate interest. Membership is defined on the basis of the statute and the membership application form.

For this purpose, the Association collects and processes the following individual’s personal data: the individual’s first name, surname, email address, telephone number, and position within the company.

5. Personal Data Protection

To ensure the protection of personal data, the Association carries out all the necessary legal, organisational and adequate logistical and technical procedures and measures, either on its own in accordance with the internal rules, or through its contractual partners, by:

  • protecting the premises, the equipment and the system software, including the input/output units;
  • protecting the application software used for personal data processing;
  • preventing unauthorised access to personal data during data transfer, including the transfer using any telecommunication means and networks;
  • guaranteeing an effective method of blocking, disposing of, erasing and anonymising personal data;
  • allowing to subsequently find out when individual items of personal data were used and entered into the database and who did this. This can be done for the period during which individual items of data are stored.

6. Personal Data Retention Period

The individual’s personal data obtained on the basis of consent may be processed and retained for as long as there is a purpose for which they were obtained or until the individual’s consent has been withdrawn.

The individual’s personal data processed on the basis of a legal entity’s membership application form may be processed and retained for 5 years after the legal entity resigned membership or after termination of the position occupied by the legal entity’s representative as a member of the Association.

7. Individual’s Rights

In accordance with the applicable legislation governing personal data protection, the individual is entitled to withdraw the given consent at any time, and also to request access, rectification, restriction of personal data processing or erasure of personal data by informing us about this in writing by mail addressed to Združenje delodajalcev Slovenije g.i.z., Dimičeva ulica 9, 1000 Ljubljana, Slovenia, or by emailing osebnipodatki@zds.si. The above address can also be used to make a complaint concerning the processing of the individual’s personal data.

The individual may also lodge a complaint concerning the processing of his/her personal data directly with the competent supervisory authority, i.e. the Information Commissioner of the Republic of Slovenia.

8. Personal Data Protection Violations

In the event of personal data protection violations, the Association will act in accordance with the applicable law and will promptly implement all internal and external measures (technical, organisational) to protect the individual's rights and interests. The Association will also inform each of the affected persons, as well as the competent supervisory authority in the Republic of Slovenia.

 

II. Cookie Policy

Cookies are small text files used on websites to make the user experience more efficient.

By law, cookies may be stored on your device if they are strictly necessary for the website to work. For all other types of cookies, your consent is required.

Different types of cookies are used on this website. Some cookies are used at the request of third parties appearing on our site.

The following cookies are used to ensure that all the website functions are available:

  • Strictly necessary cookies are required as they make the website functional by allowing basic functions such as page navigation and access to secure website areas. Without these cookies, the website site is unable to work properly.
  • Statistics cookies are cookies needed for tracking visits to the website in order to improve the user experience.
  • Marketing cookies anonymously collect information about your website visits. Their purpose is to display ads that are relevant and interesting to each individual user.

An exact description and the expiry period of each cookie are provided in the table below.

Strictly Necessary Cookies:

Strictly necessary cookies make the website functional by allowing basic functions such as page navigation and access to secure website areas. Without these cookies, the website site is unable to work properly.

Cookie name Service Validity Description
_iCD2 www.zds.si 1 year Used to store the user’s decision regarding cookies. The validity of a cookie is determined by the user.
PHPSESSID www.zds.si session Stores session values on accompanying websites.
card-shop www.zds.si 10 days -

 

Statistics Cookies:

Statistics cookies help website owners understand how visitors use and interact with the website by collecting and reporting information anonymously.

Cookie name Service Validity Description
_ga Google Analytics 2 years Used to distinguish users.
_ga_(container-id) Google Analytics 2 years Used to persist session state.
NID Google 6 months The NID cookie contains a unique ID Google uses to remember your preferences and other information, such as your preferred language (e.g. English), how many search results you wish to have shown per page (e.g. 10 or 20), and whether or not you wish to have Google’s SafeSearch filter turned on.

 

III. Validity

The Privacy and Cookie Policy of the Association of Employers of Slovenia will be amended and updated as needed, in which case users will be informed about it accordingly.

The Policy is published on the website https://www.zds.si and came into effect on 25 May 2018.