Privacy Policy

The purpose of the Privacy Policy, including the Personal Data Protection Notice (hereinafter referred to as the “Notice”), is to inform you about which of your personal data we collect, for what purposes, what we do with them, how we ensure their security, and what rights you have regarding the processing of your personal data. We take the protection of your personal data extremely seriously and responsibly. We fully comply with our obligations regarding the lawful, fair, and transparent processing of personal data. We recommend that you carefully review the content of this Notice.

To ensure compliance of this Notice with data protection regulations, SIRIUS DYNAMIC d.o.o. reserves the right to amend or supplement it. We will inform you of any changes in a timely manner through the most appropriate means, such as via email or by publishing them on our website.

Data Controller Information

  • SIRIUS DYNAMIC d.o.o.
  • Pristava 2a
  • Pazin
  • Croatia
  • OIB:68348775818
  • Registration Number: 9037934000
  • Email: istra@sirius.si

Hereinafter referred to as Sirius.

What Personal Data Do We Process?

a) Basic contact details (name, surname, phone number, email address, address, city, region, street, country);

b) Data on the use of our website (clicks on links, time spent) and responses to our email communications (whether the email was opened, which links were clicked);

c) Server data (e.g., date and time of visits, visited subpages, information viewed or searched for, etc.);

d) Device data (information about the computer or mobile device used to access the website, including operating system, model, web browser, etc.);

e) Data on the use of our website;

f) Aggregated data for advertising purposes, such as viewed and purchased products and other activities related to the purchasing process.

Legal Basis for Processing Personal Data

We collect your personal data only when necessary or when you have given your consent. We do not process your personal data unless the purpose and legal basis for processing are adequately justified in accordance with the applicable data protection regulations, including:

Personal Data Protection Act (Official Gazette of the Republic of Slovenia, No. 94/07 – official consolidated text (ZVOP-1));

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (GDPR);

Electronic Communications Act (Official Gazette of the Republic of Slovenia No. 109/12, 110/13, 40/14 – ZIN-B, 54/14 – Constitutional Court decision, 81/15, and 40/17 (ZEKom-1)).

Istra will process your personal data based on the following legal grounds:

Contractual Basis: By visiting our website, you accept and agree to this Notice and enter into a contract with Istra, which serves as the legal basis for processing your personal data. Data is encrypted and transmitted to the server in a secure format, preventing unauthorized interception.

Legal Obligation: Istra processes your personal data based on legal requirements, including:

Prevention of Money Laundering and Terrorist Financing Act (Official Gazette of the Republic of Slovenia, No. 68/16 and 81/19; ZPPDFT-1);

Personal Data Protection Act (Official Gazette of the Republic of Slovenia, No. 94/07 – official consolidated text; ZVOP-1);

Copyright and Related Rights Act (Official Gazette of the Republic of Slovenia, No. 16/07 – official consolidated text, 68/08, 110/13, 56/15, and 63/16 – ZKUASP; ZASP);

Other international treaties and EU regulations that legally require Istra to share personal data with state authorities and other controllers in certain cases to fulfill legal obligations or official duties.

Legitimate Interest for Processing Personal Data

Istra may process personal data based on legitimate interest, such as:

a) For statistical purposes and collecting demographic data and visitor interests;

b) To identify issues with the server and website;

c) To conduct business analyses;

d) For further development of our offerings;

e) To improve or customize services for individuals;

f) To assess the effectiveness of promotional activities and advertising;

g) Based on other legitimate interests.

In certain cases, Istra may process your personal data based on your explicit consent for marketing activities, such as sending newsletters, general updates about offers, promotions, events, or contests, and informing you about services tailored to your personal interests through profiling. Your consent is entirely voluntary and is not a condition for entering into a contract. In these cases, processing is carried out within the scope of the declared purpose and agreed-upon communication methods, and it continues until you withdraw your consent.

Purposes of Personal Data Processing

Your personal data may be used for one or more of the following purposes:

a) Communicating with you regarding the provision of our services and responding to your inquiries;

b) Marketing communication (sending emails and SMS messages);

c) Enforcing legal claims and dispute resolution;

d) Advertising purposes on external websites.

Data Retention Period and Disposal

The retention period for personal data depends on the legal basis and the purpose for which each category of personal data is processed. Personal data is stored only for as long as required or permitted to fulfill the purpose for which it was collected or further processed. Once the purpose is fulfilled, we will retain only the personal data we are legally required to keep or that may be necessary for evidence or defense in case of legal claims. Any other data will be deleted, destroyed, blocked, or anonymized unless the law stipulates otherwise.

Personal data processed for sending offers and notifications is stored until you withdraw your consent or, in any case, for a maximum of five years from the date of consent. After this period, we will ask for your renewed consent.

Invoice data is stored for 10 years from the date of issuance, in accordance with legal requirements.

Once the retention period expires, personal data is effectively deleted or anonymized, meaning it is processed in such a way that it can no longer be linked to you or attributed to you in any way.

Voluntariness of Providing Data and Consequences of Non-Provision

Providing personal data is voluntary. You are not obligated to provide your personal data, but if you choose not to, you will not be able to enter into a contract with us (as we require this information to process and deliver your order). We will specify which data is essential and the consequences of non-provision whenever we collect personal data from you.

Who Has Access to Your Personal Data? Will It Be Shared with Third Parties or Transferred Outside the EU?

We take your privacy very seriously. Your personal data is considered confidential business information of Istra. Employees at Istra process your personal data strictly in accordance with their authorizations and internal policies.

We do not share your personal data or grant access to third parties, except for those who have a written agreement with us, under which they perform specific tasks related to data processing. These contracted processors are obligated to comply with data protection laws and maintain confidentiality. Contracted processors may include:

a) Marketing service providers;

b) Email distribution service providers;

c) Software solution providers, etc.

Contracted processors may only process personal data according to our instructions and are prohibited from processing it for their own purposes. They, along with their employees, are legally bound to protect the confidentiality of your personal data.

Your Rights Regarding Personal Data Processing

You have the right to:

  • Access your personal data;
  • Request correction or deletion of your personal data;
  • Restrict processing of your data or object to it;
  • Request data portability to another data controller (subject to technical feasibility and the policies of the respective data controller).
  • If you withdraw your consent for marketing communications, it does not affect the legality of the processing carried out before the withdrawal.

Istra is not responsible for the accuracy, truthfulness, or timeliness of the personal data you provide. You are responsible for ensuring your personal data is accurate and up to date.

In case of a data breach, we will notify you as required by applicable law.

Exercising Your Rights

To exercise your data protection rights, you may submit a written request using any of the contact details listed in the section Data Controller and Contact Information at the top of this document.

For reliable identification, we may request additional information and will only deny a request if we can demonstrate that we cannot reliably identify you.

We will respond to your request without unnecessary delay and no later than one month from the date of receipt.

Any changes to our privacy policy will be published on this website.

Right to File a Complaint

You may file a complaint regarding the processing of personal data at any time with the Slovenian supervisory authority: Information Commissioner, Dunajska 22, 1000 Ljubljana, Slovenia.

Disclaimer

Istra is not liable for any damages resulting from your submission of incorrect, false, incomplete, or outdated personal data.

If you suspect that your personal data or access credentials (such as usernames and passwords) have been misused or accessed by unauthorized persons, you must notify us immediately.

If a contractual relationship exists between you and Istra, the applicable contract or general terms and conditions will govern liability exclusions and limitations.

Cookies

The legal basis for our cookie notification is the amended Electronic Communications Act (ZEKom-1), published in the Official Gazette of the Republic of Slovenia (Uradni list RS 109/12, 110/13, 40/14 – ZIN-B, 54/14 – odl. US, 81/15, and 40/17). This act, effective since early 2013, introduced new rules for the use of cookies and similar technologies for storing or accessing information on users’ computers or mobile devices.

What Are Cookies?

A cookie is a small text file that is downloaded to a user’s computer when they visit a website. It typically contains the name of the server from which the cookie was sent, the cookie’s lifespan, and its value—a randomly generated unique number.

A cookie itself does not contain or collect information. However, if a server reads it in conjunction with a web browser, it can help improve user-friendly services, such as remembering your username and password for future logins or recalling past purchases or account details. Only the server that sent the cookie can read and use it. On a trusted website, cookies can enhance the browsing experience. However, cookies can also be used in ways that interfere with an individual’s privacy. Cookies are not harmful and are always time-limited.

Purpose of Cookies

Cookies are used to improve website functionality and the user experience. They make interactions between users and websites faster and easier. With cookies, a website can remember user preferences and past experiences, saving time and making browsing more efficient.

Istra Cookies

We use only cookies permitted under the ZEKom-1 law. Our website only uses cookies that are striclly necessary for its operation.

For tracking site visits, we use a system that records only session cookies and does not track your behavior beyond this website or in connection with other sites. By continuing to use this website, you agree to the use of the cookies described below.

Some of the cookies we use are temporary, while others are stored on your device for a set period, even after you leave our website. Temporary cookies help us track visitor numbers, allowing us to evaluate the effectiveness of content display and advertising, leading to continuous website improvement. Stored cookies retain contact details for future visits so you won’t need to log in again, or they adjust content display based on your device.

We also use cookies from external sites, such as Facebook, Twitter, Google, and others. If you do not consent to their use, these cookies will not be installed.

Additionally, we use cookies to analyze how you navigate our website, which content interests you, and how long you stay on the site. Based on this data, we can tailor the website content to your needs.

The data collected through cookies is processed solely for statistical purposes, demographic analysis, server problem detection, website optimization, product notifications, cross-site user tracking, content personalization, and marketing or advertising purposes.

Final Provisions

We recommend that you also read the General Terms and Conditions, published on our website, as they, together with this Privacy and Cookie Policy, form a binding agreement between you and Istra.