Privacy

PROTECTION OF PERSONAL DATA

Privacy Policy

In the company Arctur d.o.o. we are aware of the importance of personal data, therefore we put a lot of attention and effort into this area. We take the security and data protection very seriously in order for your personal data to be properly protected and managed. The statement by the controller informs the individual about the processing of personal data about all the important issues in the field of personal data protection.

Before giving consent to the processing of personal data, carefully read the statement. Company Arctur d.o.o. ensures that your personal data will be processed in accordance with the latest standards and laws in the field of personal data protection. Your trust means a lot to us, so we guarantee that we will handle your personal data with utmost care.

What is personal data

Personal data is any data relating to a particular natural person, that is, an individual, depending on the form in which they are expressed. It is information that can identify you.

Examples of personal data are: ID number, tax number, employee number, e-mail, health insurance number, phone number, vehicle registration number, personal transaction account number ...

Specific types of personal data are information about an individual revealing his racial or ethnic origin, political orientation, religious or philosophical beliefs or union membership, and the processing of genetic data, biometric data for the purposes of unique identification of the individual, health related information or data relating to with an individual's sexual orientation, sex life, information on convictions ...

Operator and Processor: Arctur d. o. o., Industrijska cesta 1A, 5000 Nova Gorica, Slovenia, EU

Data Protection Officer: Martina Murovec - Arctur d.o.o.

How and how long will your personal information be stored?

The personal data we collect on the basis of your explicit consent is stored in an electronic or physical database of personal data (depending on the form of the acquired personal data) that are adequately insured and accessible only to authorized employees of Arctur d.o.o.

The personal information you provide to us is stored only within the European Union and is not transmitted to third countries or international organizations.

Collected personal data may be kept in a personal data collection until there is a legitimate basis, until your consent is revoked in the processing of personal data, the fulfilment of a contractual obligation, or for as long as is necessary to achieve the purpose for which they are processed or meet legal requirements.

What types of personal data are processed?

The company collects the following types of personal information:

  • Name and surname
  • Address
  • Mail
  • E-mail
  • IP
  • location

Processing and using your personal information

Your personal information can be managed, collected and processed only:

  • on the basis of your explicit written or electronic consent
  • if collecting your personal information is necessary in order to be able to conclude a contract with you
  • if the collection of personal data is required by applicable legislation (eg regarding data on the issued account).

For what purposes we process personal information in the 4PM application

Your personal information, for which your explicit and written consent is required, is managed, collected and processed for the following purposes only:

  • Creating a user account
    We will use your personal information to create a user account.
  • Sending emails to sign in to the app
    We will use your personal information to send emails to sign in to the 4PM application.
  • Notifying important improvements or other relevant information to users
    We will use your personal information to inform you about improvements to your app or other relevant information for users.

We undertake not to lend or sell your personal data to a third party without prior notice and obtaining your explicit written consent, and we will not process them in any other way that is incompatible with these purposes.

Your rights in the field of personal data protection

Right to correct inaccurate personal information

You have the right to request from your administrator who manages user accounts to correct or supplement inaccurate personal information related to you.

Right to delete personal data

You have the right to request immediate deletion of personal data of individuals who are processed in the 4PM application.

Send the request for the deletion or anonymization of your personal data to your application administrator.

If user data relates to other data in the application, this data can be anonymised in order to keep the data consistent. Anonymization means the processing of personal data in such a way that the data can no longer be attributed to a particular individual. Anonymous personal information will be displayed so that it will be impossible to identify you.

Right to limit the processing of personal data

You have the right to require from the controller to limit the processing of your personal data in the event of their inaccuracy, illegality, termination of the purpose of the processing or the submission of an objection.

Right to object or obtain personal data

You can request all rights from your administrator in an email.

The right to access personal information relating to you

You are entitled to obtain from the controller the confirmation that personal data and access to personal data relating to you are processed in relation to you: the purpose of the processing, the type of personal data relating to you, the users of your personal data, the estimated period of retention of personal data and a source of personal information.

The right to transfer your information

You have the right to request the supply or export of the personal data that is processed in relation to you.

You have the right to request that personal data processed in connection with you be forwarded to another administrator at your request.

Exporting personal data from an application is done as a system file (SQL, CSV ...).

Right to object or to obtain personal data

You can request all rights from your administrator in an email.

The right to access personal information related to you

You are entitled to obtain from the controller the confirmation that personal data and access to personal data relating to you and the following information are processed: the purpose of the processing, the type of personal data relating to you, the users of your personal data, the estimated period of retention of personal data and a source of personal information.

Breach of personal data protection

In the event of a breach of the protection of your personal information, and in case this would indicate that such a violation of the protection of personal data could cause a high risk to your rights and freedoms, we will notify you without delay.

In the event of a violation of the protection of personal data, we will notify the competent authority without undue delay, but no later than within 72 hours after becoming aware of the violation of the protection of your personal data.

Right to appeal

You have the right to file an appeal with the competent supervisory authority in the event of a violation of the protection of personal data against the controller at the following address: Information Commissioner, Zaloška 59, 1000 Ljubljana or at: gp.ip@ip-rs.si.

Important information regarding the processing of your personal information in the 4PM application

We commit ourselves to processing all collected data only in the context of the aforementioned management purposes, processing of personal data and in accordance with the Personal Data Protection Act and other relevant sectoral legislation as well as in accordance with Regulation (EU) 2016/679 on the protection of individuals with regard to the processing of personal data (GDPR).

Remote ISL Help

For the implementation of remote user assistance, which is accessible from 4PM and on the website, we use the ISL Pronto system. When establishing a claim, the following personal information is collected in ISL Pronto:

  • name
  • e-mail
  • location
  • IP address
  • conversation transcript

Other integrated services on the website

  • Youtube,
  • Google Analytics
  • Mailchimp

 

Security mechanisms

Log-in to 4PM

4PM does not store users' user passwords. All passwords must be safe enough. The password must be complex enough: it consists of at least 8 characters and contains at least one large printed letter and at least one number.

Registration of new users

Insights and access to data can be individually tailored. User group settings allow your administrators to customize their new users. User access is activated by the application administrator, which ensures that new users have the appropriate level of access to the data.

User management and access control

Administrators have the ability to manage the rights of users to view and process personal data on three levels:

  • application (user groups)
  • projects (project applications)
  • groups of projects (project rights).

Information security and compliance

4PM is a cloud-based service (SaaS), hosted on Arctur's server infrastructure in the EU. With a number of security mechanisms, access control and technical solutions, data security is ensured.

Organizational security:

  • protected premises, equipment and system software,
  • prevention from unauthorized access to the space where the technical equipment is located,
  • fire protection and counter-safety protection of technical equipment,
  • adequacy of the space in which the technical equipment is located,
  • regular reviews the operation of the technical equipment

Technical security:

  • the implementation of the control of physical access and access to data located on technical equipment,
  • locking the rooms where the equipment is located,
  • preventing access to personal data located on technical equipment of premises maintenance, customers and other visitors,
  • preventing the use of passwords to people who have not been directly assigned a password or for a purpose not specified in this agreement.

ISO 9001: 2008 - Quality management system

In case of questions, confusion, exercise of your rights in the field of personal data, contact the company's contact person:

ARCTUR Computer Engineering d.o.o.,

Industrijska cesta 1A,

5000 Nova Gorica, Slovenia, EU

e-mail:

phone: +386 5 3029070

company website: www.arctur.si

live chat