Privacy statement TMTS d.o.o.

Data privacy has a special significance for the company TMTS d.o.o. (hereinafter: the company). The company undertakes to process your personal data in accordance with the EU General Data Protection Regulation (hereinafter: the GDPR), the relevant laws as well as with the adopted fundamental data protection principles thereof. For this purpose, the company has adopted several internal acts and documents in this regard.

If you have accessed or been posted to our website www.tmts.si, you shall find information regarding the processing of your personal data, the controller of which is the company TMTS d.o.o., in this privacy notice.

Insofar as you wish to make use of certain services of our company, for instance about our website, processing of personal data may become necessary. You are then, in the sense of the data protection provisions, a relevant party, respectively a relevant person.

During the processing of personal data, i.e. the name, the address, the telephone number, or the e-mail address of a relevant person, we always take the guidelines of the GDPR and the respective valid country-specific basic data protection provisions into consideration. If there is no legal basis for processing personal data, we generally obtain consent for the necessary processing from the person concerned.

With this privacy notice, we would like to provide information to the individuals about the type, scope and purpose of the personal data collected, utilised and processed by us. Further, those individuals concerned have certain rights and they are entitled to explained.

The TMTS d.o.o. maintains diverse technical and organisational measures, to secure as far as possible, extensive protection of the processed personal data. Even so, a transfer of personal data via Internet can, in principle, have security flaws, so that hundred percent security cannot be guaranteed. For this reason, every individual shall give us his/her personal data in other ways (i. e. not through websites), e. g., over the phone, mail or e-mail.

1. Terms and Definitions

Terms and definitions used below follow the definitions contained in paragraph 1 of Art.4 of the GDPR.

2. Contact

2.1. The Controller

The controller in terms of GDPR and Personal Data Protection Act is:
TMTS d.o.o.
Lom pod Storžičem 53A
4290 Tržič
Tel.: +386 (0)4 59 1702

Controller’s representative is company‘s director, as it is apparent on pages of AJPES.

Persons concerned may contact us at any time on any questions and suggestions relating to the protection of personal data at laser@tmts.si or by telephone or by mail to the above address.

If a person concerned contacts us per contact form of the website or per e-mail, we save this voluntarily provided information for processing of the enquiry, as well as in case of subsequent questions arising. We only save and use further personal data if the person concerned agrees or if this is permissible without consent by law.

2.2. Security in contact

In the framework of the valid personal data protection laws and technical possibilities, we take maximum care of the safety of the personal data of the persons concerned. Personal data entered into the website are transmitted to us coded via the encoding system SSL (Secure Socket Layer).

For the securing of your personal data we maintain technical and organisational safety measures which we continually adapt to the status of technology. Nevertheless, we cannot prevent the availability being disturbed or interrupted at certain times. The severs utilised by us are carefully regularly secured.

3. What kind of personal data do we collect, for what purposes and consequences, if data are not provided?

For the purposes and basis set out below, we may collect and use the following of your personal data:

  • name, surname and contact details of the contact person (address, phone number, e-mail) based on your contacting us or your inquiry; concluding and executing contract for the supply of our goods and delivery thereof and in connection to our business (distribution of goods) in the market;
  • video clip of an individual.

We process your personal data connected to the performance of the goods orders or, in order to carry out our business activities, in particular to implement the order and deliver the ordered goods to the destination, for the purpose of complaint, servicing and repairing of our products and services. We need this information for the above reasons and without them our contractual relationships or business cannot be implemented or it can be significantly difficult or less quality and / or professional.

We also process personal data of applicants for employment (in particular contact information, CV, photography, birth data, etc.), which are sent to us on their own initiative with or without a call. This information is obtained and processed for the purposes of the procedure for selecting and employing a candidate for work. If the candidate sends us information on his/her own initiative, we will immediately delete them. Data can also be processed electronically. This shall especially apply in cases where the applicant submits the relevant documents electronically, via e-mail or through the online form on the website. If a contract is concluded with a candidate, the information transmitted shall be processed for the purpose of the employment. If the candidate does not conclude an employment contract, the application dossier shall be deleted two months after the rejection of the candidate, if there is no statutory obligation on our side which is contrary to the deletion.

4. How do we obtain and use your personal data?

Personal data can be obtained directly from you (when you contact us – request by mail, e-mail or phone or through the website or using it), from the companies you perform work for or you are performing in their sphere and are with us in a contractual relationship or contact. Your (contact) personal data can also be obtained from other companies within the TMTS group based on appropriate legal basis.

Your personal data can also be obtained from publicly accessible databases and/or authorities based on appropriate legal basis.

The area around our office building is under video surveillance to ensure safety of people and property. This area is appropriately marked. According to this, we collect personal data of our visitors (individual’s video clip, date of recording, time (duration) of the clip) that are kept for a limited period of time and are accessible only to authorized persons. For more details see company’s internal documents.

5. Use of personal data

5.1 Your personal data is used by our employees or persons who perform work for us in the framework of their duties and powers, bound by the obligation to protect personal data as confidential.

5.2 Transmission of personal data outside the company – within the TMTS

Companies within the LPKF group perform certain tasks centrally and use common services (which represents a legitimate interest in the transmission of data), and consequently personal data can also be processed by these companies.

Personal data can also be used by companies within the LPKF group for their own purposes, e. g. necessary contacts due to business conducted by companies in the LPKF group.

The relations between the companies of the LPKF group are regulated in a way to ensure an adequate level of personal data protection (with the adopted technical and organizational measures for the security of personal data).

5.3 External service providers

To meet our contractual and legal duties we collaborate with selected external service providers (accounting services, external professional service for safety at work, occupational medicine, IT maintenance services, storage, …).

5.4 Transmission of data to other users

We shall, based on statutory provisions, provide your personal data on request to other recipients who have a legal basis for such a request. These are primarily state bodies (such as tax authorities, courts, police, …) and other holders of public authority.

We may also provide your personal data to our lawyers, internal and external auditors, tax and other consultants for the performance of their services in accordance with our agreement with them.

6. Legal basis for the processing of personal data

Insofar as we obtain consent for processing procedures from the person concerned, Art. 6 para 1 lit. (a) of the EU-General Data Protection Regulation (GDPR) serves as legal basis.

In the processing of personal data, which is necessary for the fulfilment of a contract whose contract party is the person concerned, Art. 6 para 1 lit. (b) GDPR serves as legal basis. This also applies to processing procedures that are necessary for the execution of measures precedent to the contract.

Insofar as processing of personal data in respect to the fulfilment of a legal obligation which our company is subject to, Art. 6 para 1 lit. (c) GDPR serves as legal basis.

In case of vital interests of the person concerned or another individual make processing of personal data necessary, Art. 6 para 1 lit. (d) GDPR serves as legal basis.

Is the processing for the protection of a justified interest of our company or a third party necessary and the interests, basic rights and basic freedoms of the person concerned do not outweigh the first-named interest, then Art. 6 para 1 lit. (f) GDPR serves as legal basis.

7. Erasure of personal data and duration of retention

Personal data shall be kept until the expiry of the time limits determined by the law, considering specific purpose of the processing. Deadlines can range from 5 years or more.

Personal data we collect based on your consent are kept the shortest possible period, as long as there exist a purpose for their collection or until the consent is withdrawn. The withdrawal of the consent does not affect the lawfulness of the processing that was carried out based on the consent until its withdrawal.

Certain personal data are also kept for the purpose of demonstrating compliance with your requirements (see section Individual’s rights).

8. Notes in reference to the use of this website

8.1. Cookies

Our website uses cookies. Cookies are text data that are saved via, or by, the browser of the IT system of the person concerned. If he calls up our website, a cookie may be saved on the user’s operating system. This cookie contains a characteristic sequence of symbols that makes the explicit identification of the browser possible upon repeated call-ups of the website.

Some elements of our website require that the calling browser can also be identified after a changing of page.

Legal basis for the processing of personal data under utilisation of cookies is legitimate interest or consent.

The purpose of the usage is to simplify the use of websites for the person concerned. Some functions of our website cannot be offered without the use of cookies. For these, it is essential that the browser is recognised even after a change of page.
Cookies are saved on the IT system of the person concerned and transferred by him to our website. Therefore, he also has full control over the use of cookies. Through an alteration of the settings in the browser, the person concerned may deactivate or limit the transfer of cookies. Already saved cookies can be deleted at any time. This can also happen automatically. If cookies for our website are deactivated, there is a possibility that not all functions of the website can be used fully.

Moreover, we use cookies on our website which make an analysis of the surf-behaviour of the user possible.

The data obtained in this manner is pseudonymised through technical precautionary measures. Therefore, an allocation of the data to the calling user is no longer possible. The data are not saved together with other personal data of the user.

Upon calling our website, the user is informed about the use of cookies for purposes of analysis and his consent to process the personal data in connection with this is obtained. In connection with this, reference to this personal data protection statement is also made.

Legal basis for the processing of personal data under utilisation of cookies for analytic purposes, is consent in this regard.

The use of analysis cookies serves the purpose of improving the quality of our website and its contents. Through the analysis cookies we come to know how the website is used and can so constantly improve our offer.

8.2. Collection of general data and information

We collect information about the person concerned if he/she uses this website. We automatically acquire information about their usage behaviour and their interaction with us and register data about their IT system (computer or mobile device). We collect, save and use data on every access to our online offer (so called server log files). The access data includes name and URL of the called data, date and time of the call, transferred data volume, report on the successful call (HTTP response code), type of browser and browser version, operating system, referrer URL (means the previously visited site), IP address and the requesting provider.

We use this protocol data, without correlation to the person concerned or other profile creation, for statistical assessments for the purpose of the company, security and the optimisation of our online offer, but also for the anonymous collection of the number of visitors to our website (traffic), as well as to the scope and type of usage of our website and services, equally for purposes of accounting, to measure the number of clicks received by our co-operating partners. Based on this information we can provide personalised and location-relevant contents and analyse the data traffic, search and repair errors and improve our services. We reserve the right to belatedly review the data if, based on concrete evidence, the suspicion of illegal usage exists. We save IP addresses for a limited time in the log files, if this is necessary for security reasons or for the service period or the account of a service, i.e. when the person concerned makes use of one of our offers. We save IP addresses when we have a solid suspicion of a felony in connection with the use of our website.

8.3. Links/relocation to the website of third parties

We, as offerors of the contents are, in accordance with applicable law, responsible for “own contents” which we provide for usage, according to the general laws.

From these own contents, cross-references (“Links”) to the “alien” content made available by other providers must be differentiated.
Upon the first linking, we have initially checked the alien content, whether a responsibility under criminal law will be caused.

We do review the links to alien contents regularly, but not constantly for changes. If we ascertain or are notified by third parties that a provided link cause a responsibility under criminal law, we will delete the link.

9. Rights of the data subject
9.1 Right to access and rectification of inaccurate personal data

You have the right to obtain confirmation as to whether or not your personal data are being processed, which personal data are being processed, access to such personal data and information on the purpose of processing, users, retention periods and other information contained in this statement.

You have the right to obtain the rectification of your inaccurate personal data.

9.2 Right to obtain erasure of personal data

When the processing of your personal data is based on your consent, you have the right to withdraw your consent at any time in writing. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

You have the right to obtain erasure of your personal data on the following grounds:

  • your personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
  • your personal data have been unlawfully processed;
  • your personal data have to be erased for compliance with a legal obligation under EU law or Slovenian law.

The right to erasure shall be restricted in the event the processing of personal data is necessary as provided in Article 17 of the GDPR.

9.3 You have the right to obtain restriction of processing of your personal data in accordance to Article 18 of the GDPR.

8.4 Right to data portability

You have the right to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format as well as the right to transmit those data to another personal data controller in accordance to your requirements, within the limits and under conditions provided by law (if the processing of your personal data is subject to consent or agreement, and if personal data is processed automated and if technically feasible).

9.5 Right to object the processing based on a legitimate and / or justified interest

You have the right to object on grounds relating to your particular situation, at any time to processing of your personal data based on legitimate and/or justified interest, which also includes direct marketing, as explained above. We will cease to process such personal data unless we prove the necessary legitimate grounds for processing that prevail over your interests, rights and freedoms, or for the enforcement, exercise or defence of legal claims.

9.6 Right to withdraw your consent

When the processing of personal data is based on your consent, you have the right to withdraw your consent at any time in writing. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

9.7 Right to lodge a complaint with the supervisory authority

An individual has the right to lodge a complaint with the supervisory authority, in particular in the Member State in which he/she is located, where his/her post is located or at the location where the alleged offense was concealed, or if he/she considers that the processing of his/her personal data is illegal.

Supervisory authority in Slovenia is:
Information Commissioner
of the Republic of Slovenia
Dunajska cesta 22
1000 Ljubljana
Telefon: 01 230 97 30
Faks: 01 230 97 78
E-pošta: gp.ip(at)ip-rs.si

9.8. The rights of data subjects may be restricted in accordance with Article 23 of the GDPR.

10. Existence of automatic decision-finding

An automated decision-finding on the basis of the acquired personal data does not take place.

11. Validity, amendments and updates to this Data protection statement

This statement may be amended or updated at any time, whereby the latest valid version shall always apply, as shall be seen from the date of adoption of the latest valid version.

The latest valid version of this statement shall always be published on this website.

This Data protection statement is valid from 25.05.2018 onwards.