Privacy and data protection policy
I. PROTECTION OF PERSONAL DATA
Thank you for visiting our website. The Triglav National Park Public Institute respects your privacy and will only use your personal data for the purposes of education and training, advice and information, consent, recruitment and the smooth running of the work of the TNP Public Institute. Your personal data will be carefully protected in accordance with the applicable legislation governing the protection of personal data (the General Data Protection Regulation (GDPR)) and other legal provisions governing the protection of personal data.
1. PERSONAL DATA CONTROLLER
The controller of the personal data processed in accordance with these rules is the Triglav National Park, Ljubljanska cesta 27, 4260 Bled.
Our vision for the protection of privacy or personal data:
The Triglav National Park Public Institute is committed to high standards of information security, privacy and transparency, and the protection of personal data.
2. THE DATA PROTECTION OFFICER
The Data Protection Officer of the Triglav National Park Public Institution is Saša Kocijančič, who can be contacted by telephone on 04 280 40 06 and by e-mail at povop@maifence.com or at Kidričeva cesta 55, 4000 Kranj.
Data subjects may contact the Data Protection Officer themselves on any matter relating to the processing of their personal data and the exercise of their rights under the rules governing the protection of personal data.
3. TRANSFER OF PERSONAL DATA TO THIRD PARTIES OR TO THIRD COUNTRIES
The Triglav National Park Public Institute does not transfer the personal data collected to third parties or to third countries.
The exception to this is statistical data on visits to and use of the website, for which the web platforms Google Analytics and MailChimp are used, which in their General Terms of Use and Privacy Policy ensure compliance with the rules of the General Data Protection Regulation (GDPR) and confirm that they have obtained a certificate of compliance with the EU-U.S. Privacy Shield Framework (EU-U.S. Privacy Shield Framework).
The Triglav National Park Public Institute uses the MailChimp web platform for sending newsletters, which stores personal data of individuals for the purpose of sending newsletters, namely first name, surname and email address. The General Terms of Use and Privacy Policy of the MailChimp platforms are available here: https://mailchimp.com/legal/privacy/. The MailChimp online platform ensures compliance with the requirements of the General Data Protection Regulation (EU Regulation 2016/679) and has been certified as compliant with the EU-U.S. Privacy Shield Framework.
Google Analytics allows users to arrange their own preferences for the processing of their data using the Google Analytics tool. Google Analytics allows users to arrange their own preferences for the processing of their data using the Google Analytics tool. The Triglav National Park Public Service uses the MailChimp web platform to send newsletters, which stores personal data about individuals for the purpose of sending newsletters, namely first name, surname and email address.
4. LEGAL BASIS, TYPES OF PERSONAL DATA AND PURPOSES OF PROCESSINGE
The Triglav National Park processes personal data of individuals on the basis of or within the following limits:
a.) legal basis:
- Triglav National Park Act (Official Gazette of the Republic of Slovenia, No. 52/10, 46/14 - ZON-C and 60/17)
- The Labour Relations Act (Official Gazette of the Republic of Slovenia, No. 21/13, 78/13 - corrected, 47/15 - ZZSDT, 33/16 - PZ-F, 52/16 and 15/17 - Decree of the US),
- the Act on Labour and Social Security Records (Official Gazette of the RS, No 40/06; ZEPDSV),
- and on the basis of other international treaties, EU regulations and national laws that require the Public Institute Triglav National Park to provide personal data of individuals to state authorities and other controllers in certain cases for the fulfilment of its or their legal obligations or competences.
b.) on the basis of consent:
In certain cases, the Triglav National Park asks individuals to give their consent to the processing of their personal data (collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, adaptation or combination, restriction, erasure or destruction), where the processing of such data is necessary for purposes other than those specified in the legal basis, such as the use of an e-mail address to facilitate communication, the publication of photographs in publications, on a website and for publicising events, participation in surveys, the recording of various educational and promotional broadcasts, etc. In these cases, the processing of personal data shall be carried out within the scope of the personal data, the purpose and the agreed communication channels, as permitted by the individual's declaration, until the purpose is fulfilled or until revocation.
Thus, the Triglav National Park Public Institute processes the personal data of interested individuals on the basis of consent for the purpose of sending e-alerts about events in the Triglav National Park or the Julian Alps Biosphere Area and notifications from the Triglav National Park.
These notifications are sent via the e-mail address provided by the individual when giving his/her consent to subscribe to the e-newsletter.
For this purpose, the Triglav National Park collects and processes the following personal data from the individual: name, surname, e-mail address.
The data subject may withdraw the consent given at any time in the manner set out in point 7 of this Policy.
c) Contracts:
The Triglav National Park Public Institute processes personal data of employees and other individuals in the context of and for the purpose of the performance of various agreements and contracts.
d) Legitimate interest:
The Triglav National Park Public Institute processes personal data on the basis of legitimate interest for the purpose of reducing the risks of intrusions into its website (ensuring information security, reducing the risks of unauthorised access to important business information, personal data and information system).
5. VALIDITY OF STORAGE
The Triglav National Park Public Institute will process personal data to the extent necessary to fulfil the purposes of the processing and for as long as it is necessary to achieve the pursued objective.
It will thus process personal data until the purpose has been fulfilled or within the limitation periods for the obligations that may arise from the processing of such personal data, in particular when the processing of personal data is necessary in the context of the conclusion or performance of a contract, except in cases where the retention period for personal data is required by law. In the latter cases, the Triglav National Park Public Institute shall store the data in accordance with the legal requirement.
6. RIGHTS OF THE INDIVIDUAL
The individual may withdraw the consent at any time and has the right to request access to, rectification, restriction of processing or erasure of personal data by notifying us in writing by post to the address of the Public Institute is the Triglav National Park, Ljubljanska cesta 27, 4260 Bled or by e-mail: triglavski-narodni-park@tnp.gov.si. The data subject may also lodge an objection to the processing of his or her personal data at the address indicated.
The individual may also lodge a complaint concerning the processing of his/her personal data directly with the competent supervisory authority, i.e. the Information Commissioner of the Republic of Slovenia.
7. ACTION TO BE TAKEN IN THE EVENT OF INFRINGEMENTS
In the event of a personal data breach, the Triglav National Park Public Institution or an authorised person shall, without undue delay or at the latest within 72 hours of becoming aware of the breach, notify the Information Commissioner of the breach, unless the personal data breach is unlikely to jeopardise the rights and freedoms of individuals.
In the event that a personal data breach is likely to result in a high risk to the rights and freedoms of data subjects, the Triglav National Park Public Service or an authorised person shall, without undue delay, notify the data subject that a personal data breach has occurred and provide him or her with all necessary information in accordance with Article 34 of the GDPR.
8. USE OF COOKIES
Cookies are small text files used by websites to make the user experience more efficient.
By law, we can store cookies on your device if they are strictly necessary for the website to function. For all other types of cookies we need your permission.
This site uses different types of cookies. Some are used at the request of external sites that appear on our site.
The following cookies are used to ensure that all the functions of the website work:
- Cookies requested make the website usable by enabling basic functions such as navigating the site and accessing secure areas of the website. Without these cookies, the website will not function properly.
- Statistics cookies are cookies that we need to monitor your visit to the website in order to improve the user experience.
- Marketing cookies collect information about your visits to websites on an anonymous basis. The purpose is to serve ads that are relevant and interesting to the individual user.