Last modified: 14 June 2024
This Privacy Policy outlines the manner in which Špica International, sistemi za avtomatsko identifikacijo d.o.o., Pot k sejmišču 33, Ljubljana, 1231 Ljubljana-Črnuče, Slovenia (hereinafter referred to as Špica) obtains, stores and uses your personal data. This Privacy Policy enters into effect on 1 July 2024.
This Privacy Policy applies to (i) the use of the following websites managed by Špica:
(hereinafter: the Website or Websites), (ii) the organization of Špica’s events and registration for such events, (iii) signing up to receive newsletters and information about Špica’s services, (iv) receiving information via Špica’s social channels and apps, (v) filling in the various contact forms available on Špica’s Website, (vi) downloading online catalogues, white papers, and other information from Špica’s Website, (vii) using the E-Learning Portal, (viii) using the Support Portal, (ix) using Špica’s online store, (x) conducting e-marketing campaigns, and (xi) using any other online or offline service, whether current or future (points “i” to “xi” collectively referred to as the Services).
Be sure to read our Privacy Policy thoroughly.
The Controller of your Personal Data is Špica International, sistemi za avtomatsko identifikacijo d.o.o., Pot k sejmišču 33, Ljubljana, 1231 Ljubljana-Črnuče, Slovenia.
Should you have any questions, please contact us by sending an e-mail to gdpr@spica.com or by calling us at +386 1 568 08 00.
We obtain your Personal Data when you provide such Personal Data to us, for example, by means of your using our Website and its functions, by contacting us directly by e-mail, telephone, in writing or via social media, by ordering Services, by using any of our websites or by any other means by which you provide us with Personal Data.
The types of information we collect about you may include information such as:
We may also obtain your Personal Data from certain publicly available sources, including (but not limited to) public online databases, business directories, media publications, social media, websites and other publicly available sources.
We may use your Personal Data for one or more of the following purposes:
Based on your explicit consent for the purposes of e-advertising, to inform you about our Services, news, events, to offer you our Services, and other forms of e-advertising.
Where processing of your Personal Data is based on your consent, you may withdraw your consent at any time by emailing us at gdpr@spica.com . The effective date of such cancellation shall be 30 working days from the date on which we receive your request.
Your Personal Data is stored by Špica on Špica’s own servers or on the servers of our IT service providers located in the EU. However, your Personal Data may also be processed outside the European Economic Area.
Spica will process your Personal Data to the extent that is relevant and limited to what is necessary for the purposes for which the Personal Data is processed, namely the purpose(s) for which we process your Personal Data, for example, whether it is necessary to continue to retain such data in order to continue to fulfil our obligations under our contract with you or for our legitimate interests; whether we have any legal obligation to continue processing your data, such as any record keeping obligations imposed by applicable law; and whether we have a legal basis to continue processing your Personal Data, such as your consent.
For more information about where and for how long your Personal Data is stored, and for more information about your rights to erasure and portability of your Personal Data, please contact us at gdpr@spica.com .
We have adopted appropriate technical and organisational measures to safeguard your Personal Data and to protect it against any unauthorized or unlawful use or processing, and against accidental loss or destruction of, or damage to, your Personal Data, including:
Špica has a valid and regularly verified IS0 27001 certificate, which is an internationally recognized standard in the field of information security.
We would like to remind you that the transmission of information (including Personal Data) over the internet is not always completely secure and if you provide any information to us over the internet (whether by e-mail, through our Website or by any other means), you do so entirely at your own risk. We cannot be held liable for any costs, expenses, loss of profit, damage to reputation, liability or any other form of loss or damage incurred by you as a result of your submission of information over the internet.
We use the analytics tool Google Analytics 4 from the US company Google LLC on our Websites. Google Analytics 4 processes technical information stored on your mobile device, such as device type (e.g. iPhone 6), operating system (e.g. iOS 8.4), provider name (e.g. Telekom), as well as events that occur on our Website (e.g. viewing certain pages, time spent on a page, interactions with elements of a page), by means of device identifiers, which enables us to analyze the use of the Website by individual users in order to improve the functionalities of the Website and thereby provide you with a better user experience.
Google Analytics 4 collects all data from devices located in the European Union (based on IP geolocation) via domains and servers in the EU before transmitting it to Analytics servers for processing. This ensures that EU users’ data is processed in accordance with European data protection laws and regulations. More about this: https://support.google.com/analytics/answer/12017362?hl=en
The use of Google Analytics 4 is based on GDPR Article 6(1)(f). We have a legitimate interest in optimising the performance of our services or in better managing our customer relationships.
In addition to Google Analytics 4, we also use Google reCAPTCHA, Google AdSense, Google Remarketing, Google AdWords and Google Conversion Tracking. For more information on the use of these tools, please see our Cookie Policy.
We use the Google Maps web mapping service via API. It is operated by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. To use Google Maps, it is necessary to store your IP address. This information is usually transferred to a Google server in the US and stored there. The provider of this website has no influence on this data transmission. For transfers outside the EU, the following verified mechanisms apply, as described HERE .
The use of Google Maps is in the interest of making our Website attractive and to make it easier to locate the places you specify to us on the Website. This is a legitimate interest under Article 6(1)(f) GDPR. For further information on how we handle user data, please refer to the Google data protection statement at https://policies.google.com/privacy?hl=sl .
We use the Microsoft Clarity analytics tool, provided by Microsoft Corporation, a company based in the USA, on our websites.
In addition, we use this data for website optimisation, fraud/security purposes and advertising. For more information about how Microsoft collects and uses your data, please visit the Microsoft Privacy Statement HERE .
This tool allows us to analyse user interactions on our website. It provides insights into how users navigate our website and engage with our content. MS Clarity collects data such as clicks, scrolls and form submissions to give us an overview of the user experience on our website.
Website usage data is captured using first-party and third-party cookies and other tracking technologies to determine products/services popularity and online activity.
MS Clarity uses device identifiers to process technical information stored on your mobile device, such as device type, operating system, provider name, as well as events that occur on our website (e.g. viewing certain pages, time spent on the page, interactions with page elements).
We have signed the EU Standard Contractual Clauses (SCC) with the company, which provide specific safeguards for the transfer of personal data outside the EU. You can read more about it at: https://learn.microsoft.com/en-us/compliance/regulatory/offering-eu-model-clauses
The processing of your data for the purposes of managing the labels is based on your consent (Article 6(1)(a) of the GDPR).
We use the Segment analytics tool provided by Segment.io, Inc.
Segment collects data from a variety of sources, such as device identifiers, i.e. unique identifiers associated with your device, including IDFA (Identifier for Advertisers) for Apple devices or AAID (Google Advertising ID) for Android devices; technical details about your device, such as device type (e.g. iPhone 6), operating system (e.g. iOS 8.4), and the name of your mobile service provider (e.g. Vodafone); and app usage data, which includes information on how you interact with apps (My Hours, All Hours and others), including events such as starting and stopping timekeeping, generating reports, and utilizing other app functionalities.
We use the data collected by Segment to analyse how users use our apps, to identify areas for improvement and develop new features, to personalise the user experience, and to send targeted ads and promotions.
We have entered into EU Standard Contractual Clauses with Segment.io, Inc. concerning the transfer of personal data outside the EU. You can read more about the international transfers HERE .
You can learn more about the Segment Privacy Policy at https://segment.com/docs/legal/privacy/ . By using our services, you consent to the processing of data by Segment in the manner described above.
The use of Segment services is carried out on the basis of Article 6(1)(f) of the GDPR. We have a legitimate interest in optimising the performance of our services or in better managing our customer relationships. We need your consent to collect your personal data through cookies.
On our websites, we use the Hotjar online marketing tool provided by Hotjar Ltd, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta ("Hotjar"). It is an analytical tool that helps us monitor your use of our website, e.g. to see how you navigate our website. The aim is to optimise your experience as a guest of our website and make our offer even more attractive. Hotjar uses cookies. For further information regarding the cookies used by Hotjar, please visit: www.hotjar.com/cookies .
In addition, we have implemented a Hotjar-tracking-code on our website that allows us to collect the following information: (i) device-specific data (IP address of your device - which is collected and stored in an anonymous way, device screen size, device type (unique device identifiers) and browser information, country as a geographic location, selected language for displaying the website and (ii) login data (relating to the domain, pages visited, country as a geographic location, selected language for displaying the website, date and time of website visits). In general, your data will only be collected in an anonymous form, no personal associations will be made. If you register with our services, your Hotjar data will not be associated with your personal data. Hotjar also uses third-party services such as Google Analytics and Optimizely.
For further information regarding the Hotjar Privacy Policy, please visit: www.hotjar.com/privacy . In the future, you can opt-out of any collection and storage of your data by Hotjar at: www.hotjar.com/opt-out .
Hotjar cookies are stored on the basis of Article 6(1)(f) of the GDPR. We have a legitimate interest in analysing user behaviour on our website in order to optimise both our offer and our advertising.
We use the Intercom tool provided by Intercom Inc. 98 Battery Street, Suite 402, San Francisco, CA 94111, USA to send email messages and for Live-Chat functionality regarding our Cloud Services and to manage customer relationships on websites. We transmit the following data:
your email address,
your name and surname,
your phone number,
contact details of technical contacts.
We have concluded EU Standard Contractual Clauses with Intercom Inc. for international data transfers from outside the EU to the USA. For more information, please click HERE .
You can learn more about data processing at: https://www.intercom.com/help/en/articles/1385437-how-intercom-complies-with-gdpr .
You can learn more about the Intercom Privacy Policy at: https://www.intercom.com/terms-and-policies#privacy .
Intercom also uses cookies stored on your computer that enable user analysis. The cookie-based data about your last visit to our cloud platform is transferred to Intercom's servers in the USA and stored there. Intercom will not combine your IP address with other data stored about you.
The data of interested parties who contact us via Live-Chat is completely deleted after 9 months. Any interested party who contacts us after their data has been deleted is considered a new interested party.
You can disable the use of these cookies by using a setting on your browser software. This may interfere with some of our website services (e.g. Live-Chat).
The use of the Intercom service is carried out on the basis of Art. 6(1)(f) of the GDPR. We have a legitimate interest in optimising the performance of our services or in better managing our customer relationships. However, your consent is required to install Intercom cookies.
On our websites, we use the ActiveCampaign platform provided by ActiveCampaign, 1 N, Dearborn, Chicago, IL 60607, USA, for sending newsletters, where the following data is stored: email address and first and last name. This data is stored by ActiveCampaign on its servers in the USA.
ActiveCampaign strives to ensure the highest level of security for the data we store through various physical, technical and organisational measures, such as encrypting online connections, preventing unauthorised access, using secure passwords and preventing intrusions. The ActiveCampaign service monitors the delivery performance of sent emails by collecting data on open rates, link clicks, email clients and browsers, approximate location, IP address, logins and unsubscribes, and failed email deliveries. This data will be kept for a maximum of 6 months after unsubscribing from receiving emails.
The ActiveCampaign Privacy Policy is available at: https://www.activecampaign.com/privacy-policy/ .
We have concluded EU Standard Contractual Clauses (SCC) with ActiveCampaign.
We have signed a contract with ActiveCampaign on the processing of personal data, in which the latter undertakes to process the users' data in accordance with our instructions and not to disclose it on to third parties.
The implementation of the newsletter is based on your consent in accordance with Article 6(1)(a) of the GDPR. The use of the ActiveCampaign service is based on Article 6(1)(f) of the GDPR. We have a legitimate interest in choosing technology providers that offer tools that help us optimise our business and also offer a user-friendly way of sending newsletters that also meets your expectations.
We have implemented social plugins from social networks so you can easily share what interests you with your colleagues and connections on social media. Our website may contain social plugins for external social networking websites such as Facebook, Instagram (collectively: "Meta"), x.com ("X") and LinkedIn.com ("LinkedIn").
Each time you visit our website containing the plugin, your browser will establish a direct connection to Meta, X and LinkedIn servers. In this process, the servers of Meta, X and LinkedIn will recognise which of our websites, apps or content you are currently visiting.
If you are a member of Meta, X and/or LinkedIn and you are logged in while visiting our website, Meta, X and/or LinkedIn will assign this information to your personal user account. By interacting with one of the plugins, e.g. by clicking the like button and/or the X button, this information will be sent directly via your browser to Meta, X and/or LinkedIn, where it will be stored in your personal user accounts.
The information you share from our website will be shared with Meta, X and LinkedIn.
We would like to emphasize that, as the provider of this website, we have no knowledge of the content of the transferred data or its use by Meta, X and Linkedin. We also have no control over the data collected by Meta or LinkedIn through the plugin, nor the extent of such data collected by Meta or LinkedIn. We also have no knowledge of the content of the data provided to Meta or LinkedIn. Please see their privacy policies for details of their data collection practices and your rights and preferences.
We use plugins from YouTube, which are managed by Google. The operator of the website is You Tube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit our website that contains the YouTube plugin, a connection is established with the YouTube servers. YouTube is thereby informed about the website you have visited.
If you are signed in to a YouTube account, YouTube allows you to link your browsing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account.
YouTube helps us make our website attractive. This is a legitimate interest under Article 6(1)(f) of the General Data Protection Regulation ("GDPR").
For further information on the handling of user data, please refer to the YouTube Data Protection Statement at: https://www.youtube.com/static?template=privacy_guidelines .
To track the business usage of our website, we use the Snitcher tool operated by Snitcher B.V., Deventerstraat 21, 7311 BH Apeldoorn, The Netherlands. We transmit the following data: Your IP address and information about visits to the site (pages viewed, referral source, time of visit).
Snitcher collects data about visitors to our website on its infrastructure hosted on AWS (Amazon Web Services) located in Frankfurt, Germany (eu-central-1). All data collected is encrypted both during transmission and during storage. Snitcher processes your IP address and compares it to its own database to verify the company behind the visit and their geographic location. All visitor data is then aggregated at the company level. Snitcher does not share visitor IP addresses and we only provide publicly available corporate data that complies with GDPR exemptions.
Snitcher uses cookies stored on your computer that enable user analysis. The cookie-based data about your last visit to a subpage of our website is transmitted to and stored on Snitcher's servers in Frankfurt. Snitcher will not combine your IP address with other data stored about you.
Our legal basis for using Snitcher is legitimate interest according to Article 6(1)(f) of GDPR. We have a legitimate interest in optimizing the performance of our Website and better managing our customer relationships.
You can disable the use of these cookies by using a setting on your browser software. This may interfere with the operation of some of our website services. Your consent is required to use Snitcher cookies.
We use Calendly, a service provided by Calendly, LLC based in the USA, to conduct online meetings and arrange appointments. Calendly and its affiliated companies operate a global server infrastructure. The data processed when using the Calendly service may be transferred outside the European Economic Area and is subject to the laws of the country where Calendly servers are located. Calendly processes meeting participant data based on the type of participation and use of the service.
Calendly is certified under the EU-U.S. Data Privacy Framework (EU-U.S. DPF ).
We have entered into a personal data processing agreement with Calendly, which commits Calendly to comply with EU data protection rules.
The data collected by using the services is described HERE .
The use of Calendly services is based on Article 6(1)(f) of the GDPR. We have a legitimate interest in optimising the performance of our services or in better managing our customer relationships.
Payments for products and services offered on the website are made through Stripe, Inc., 354 Oyster Point Boulevard, South San Francisco, California 94080, USA. If you purchase our products or services, your purchase will be made through an SSL encrypted website operated by Stripe and the data provided will be stored on Stripe servers in the USA.
For international transfers from outside the EU to the US, we have concluded EU standard contractual clauses with Strike. For more information, please click HERE .
You can learn more about Stripe’s privacy policy at: https://stripe.com/en-si/legal/privacy-center in https://stripe.com/legal/dpa .
The use of Stripe services is based on Article 6(1)(f) and Article 6(1)(b) of the GDPR. We have a legitimate interest in optimising the performance of our services or in making payment for our services.
We use the GoToWebinar service of the Irish provider LogMeIn Ireland Limited (hereinafter: LogMeIn). LogMeIn and its affiliated companies operate a global server infrastructure.
The data processed in the context of webinars may be transferred outside the European Economic Area and is therefore subject to the laws and regulations of the country in which LogMeIn servers are located, as LogMeIn processes the data of the webinar participants in the context of webinars depending on the type of participation in the webinar.
LogMeIn or its US subsidiary LogMeIn USA, Inc. We have concluded EU standard contractual clauses with LogMe. You can learn more about how we process data at: https://www.goto.com/-/media/pdfs/trust---resource-center/goto-international-data-transfers-faq-pdf.pdf
You can learn more about the LogMeIn Privacy Policy at: https://www.logmeininc.com/legal/privacy
The use of GoToMeeting services is carried out on the basis of Article 6(1)(f) of the GDPR. We have a legitimate interest in optimising the performance of our services or in better managing our customer relationships.
For the purpose of effective and secure customer relationship management, we use one of the leading and more advanced Microsoft Dynamics CRM software tools from Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (hereinafter: Microsoft).
Microsoft has received numerous certifications in information security and compliance with data protection legislation. Your data is stored exclusively on our servers, but this does not exclude the possibility that specialized experts from another country may from time to time access the stored data for the purposes of maintenance, troubleshooting, upgrades and other forms of technical support. Such access to data from other countries is based on Microsoft’s Standard Contractual Clauses. You can read more about Microsoft's Standard Contractual Clauses at:
www.microsoft.com/en-us/TrustCenter/Compliance/EU-Model-Clauses .
We have entered into a Personal Data processing agreement with Microsoft, which commits Microsoft to comply with EU data protection rules. You can read more about Microsoft’s privacy policy at: www.privacy.microsoft.com/en-us/privacystatement .
The use of Microsoft CRM services is carried out on the basis of Article 6 (1) (f) of the GDPR. We have a legitimate interest in optimising the performance of our services or in better managing our customer relationships.
For internal communications within ŠPICA, we use the Slack communication tool from Slack Technologies, 500 Howard Street, San Francisco, CA 94105, USA (hereinafter: Slack Technologies). For this reason, Personal Data of customers, users and employees or contractors may be transferred to Slack Technologies servers located outside the European Economic Area.
We have entered into a Personal Data processing agreement with Slack Technologies, in which Slack Technologies commits to comply with EU data protection law. As regards international data transfers, we have concluded a data transfer agreement with the company in question, with so-called Standard Contractual Clauses, whereby Slack Technologies commits itself to ensure that international transfers of Personal Data are carried out in accordance with EU data protection rules.
The processing of Personal Data via Slack is carried out on the basis of our legitimate interest within the meaning of Article 6(1)(f) of GDPR.
Regarding the use of Cookies, please refer to our Cookie Policy, which is available at: https://www.spica.si/piskotki .
Should we transfer your Personal Data outside the European Economic Area, we will do so after carefully reviewing the appropriate legal bases and safeguards, such as:
Please note the following rights regarding your Personal Data that you may exercise by sending an e-mail to gdpr@spica.com :
You also have the right to file a complaint with the supervisory authority (in the Republic of Slovenia: the Information Commissioner). Their contact details are available here: www.ip-rs.si/ .
For further information on your rights in relation to your Personal Data, including certain limitations that apply to some of these rights, please see GDPR, Articles 12 to 23, available here:
www.eur-lex.europa.eu/legal-content/SL/TXT/?uri=CELEX:32016R0679 .
You have the following rights in relation to your personal data, which you can exercise in the same way as in the previous section (your rights in relation to your personal data):
You can also exercise your right to object to the use or processing of your Personal Data for direct marketing purposes by:
Whenever you object to direct marketing from us by a method of communication other than marketing communications you have received from us, you must provide us with your name and sufficient information to enable us to identify you in relation to the communications you have received (for example, if you have received a text message from us and you wish to unsubscribe by e-mail, you may be asked to provide us with your telephone number in that e-mail).
Changes to our Privacy Policy
We may change our Privacy Policy from time to time. If we make any changes, we will notify you. If you continue to access our Website on or after this date, you agree to be bound by the new version of our Privacy Policy.
Should we intend to use your Personal Data for a new purpose, we will provide you with information about that purpose and any other relevant information before we use your Personal Data for that new purpose.
Changes to your Personal Data
Please inform us of any changes to the Personal Data we hold about you so that the information we hold about you can be accurate and up-to-date.