Privacy


Pursuant to the law, we pay all due attention to the personal data we collect on OpenProf, including limiting the collection to those essential data necessary for the operation of the system as well as maintaining high standards of storage. With this privacy statement, we want to provide information on the processing of personal data that is in accordance with the requirements of the General Regulation on Personal Data Protection (hereinafter also referred to as the GDPR).

Information on the administrator / data controller

The administrator / data controller of the OpenProf portal is the undertaking Oprof d.o.o., Ulica bratov Učakar 60, 1000 Ljubljana, Slovenia. You can contact the administrator here.

Purposes and data processing

The portal administrator uses the data for concluding and performing contracts in contractual relations with its users. The purpose of personal data processing is evident from the contracts or rules of use of the portal, which govern individual contractual relations. When processing personal data for the purposes of contract performance, the portal administrator will process only those personal data necessary for the conclusion and performance of the contract and the fulfilment of contractual obligations.

In the event of changes or introduction of new services, the portal administrator will update this policy as necessary or amend existing contracts or terms and conditions, or conclude or accept new terms and conditions.

Consent and revocation

In the case of obtaining the user’s consent, the portal administrator will process personal data only for the purposes for which the consent was given. In cases where the processing of personal data is based on consent, the user may revoke this consent at any time in his or her OpenProf profile or by contacting us.

In the event of revocation of the consent, the portal administrator shall cease to process the data collected on the basis of the consent, or shall no longer process them for the purposes for which the consent was given.

Data processing based on legitimate interest

The portal administrator also processes users’ personal data for the legitimate business interests of the undertaking or third parties, for the purposes specified in this policy or in the contract or terms and conditions or other documents governing the individual contractual relationship.

In this case, the legitimate interest of the portal administrator does not automatically prevail over the interests and fundamental rights of users. The portal administrator does not process data in cases where the interests of the user, especially when he or she is a child, prevail over the interests of the portal administrator if he does not have the user’s consent for processing or such processing is not allowed by law or regulations.

When processing personal data based on legitimate interest, the data controller OpenProf processes only the data necessary to achieve the purpose pursuant to the given consent and implements appropriate protective measures for the protection of personal data.

According to the GDPR, the legal basis for direct marketing may also be a legitimate interest. Based on the legitimate interest, the data controller OpenProf processes data for segmentation and user profiling for direct marketing purposes. The portal administrator processes user data and user method of using the OpenProf website.

Objection to data processing

The user has the right to object and may, at any time, object to the data processing for the above purposes. In this case, the portal administrator will, as far as possible, and the reasons and interests of OpenProf do not prevail over the interests and rights of the user, cease processing data for these purposes. The objection can be submitted by the user here.

Types of data

The types of personal data processed by the data controller OpenProf are: name, last name, address and other data that users submit in the forms on the OpenProf website.

Time limits for the retention of personal data

The data controller OpenProf shall store and process personal data for the duration of the contractual relationship, until the settlement and performance of contractual obligations, settlement or statute of limitations of all receivables or for the period for which the user gave consent (valid if the retention period is longer than previously stated).

For all business relationships, the data controller OpenProf must keep invoices and supporting documentation and data for ten years from the end of the year in which the data controller OpenProf complies with tax and financial regulations, as well as legislation and standards governing accounting, bookkeeping and record-keeping relating to a particular business event. Thus, the data controller OpenProf keeps accounts and related billing data and user data for a maximum of ten years from the end of the year to which the account relates.

If the data controller OpenProf anonymises personal data in such a way that it is no longer possible to associate it with a concrete person, it may store and process it without limiting the retention period.

Upon receipt of a request for deletion or restriction of processing, the data controller OpenProf will execute the request by restricting the processing of data only for the purposes specified by law.

Rights of individuals

Users can request:
  • a printout or insight into the data processed by the data controller OpenProf about the user;
  • correction of data in cases where users believe that personal data processed by OpenProf are incorrect;
  • deletion or restriction of the processing of their personal data if they want the data controller OpenProf to stop or restrict the processing of all or part of their personal data.

In addition, users can:
  • object to the processing of personal data on the grounds of legitimate interest or for the purposes of direct marketing;
  • exercise the right to the portability of personal data provided by OpenProf.

Users shall exercise their rights by contacting us. In doing so, the user must properly identify himself or herself and clearly define his or her request in the application in which he or she exercises his or her rights.

Certain rights of users may be restricted in individual cases based on regulations (e.g. a ban on notifying a possible investigation, etc.).

Right of appeal

If the user considers that the data controller OpenProf violates his or her rights in the processing of personal data, he or she may file a complaint here.

Users can also file a complaint with the data protection authority. In the Republic of Slovenia, the authority for the protection of personal data is the Information Commissioner.



Cookies

About cookies

Cookies are small text files that most websites store on devices from which users access the Internet. They are a standard and integral part of web browsers, which also control their storage. Therefore, the storage of cookies can be restricted or disabled within browser settings.

The purpose of cookies is to make the website more user-friendly. We use cookies to customise the content, remember your preferences and log visits. This makes browsing OpenProf more enjoyable, faster and, above all, more efficient.

List of cookies we use