Status: 01.02.2025
We, Interzero d.o.o., take the protection and security of your data very seriously and take care of it in all our business processes. With this data protection notice we want to give you an overview of the aspects of our online services that are relevant to data protection laws. In the following sections we will explain:

– what data we collect when you use our online services,
– for what purpose this data is processed at Interzero,
– what rights and options you have regarding the processing of your data,
– how you can contact us regarding data protection.

When does this Data Protection Notice come into force? This data protection notice applies to the online services provided by Interzero on the domain Interzero.si and on the social network accounts operated by Interzero d.o.o., Beograjska ulica 4, 1000 Ljubljana on Facebook, Twitter, LinkedIn, Instagram and Xing (hereinafter: “Social Network Accounts”). In addition to the above, the online services of the companies in the Interzero Group are subject to their own data protection notices, which can be viewed on their websites.

1. Supervision and personal contact

The controller under the General Data Protection Regulation (GDPR) is Interzero d.o.o. Wherever the word “we” is used in this data protection notice, it shall mean only Interzero Ltd. You can contact Interzero’s Data Protection Officer via info@interzero.si or by post, quoting “Data Protection Officer N/R”.

2. Processing of data when you visit our website
2.1 Automatic collection of access data
You can visit our website without providing any personal data. In this case, only the access data automatically downloaded by your browser will be collected. This will include, for example, your online identification (e.g. IP address, session IDs, device IDs), details of the internet browser and operating system used, the website from which you are visiting our website (i.e. if you are from our website – sites visited via a link), the names of the files requested (i.e. what text, videos, images etc. you have viewed on our websites), your browser’s language settings, error reports, if any, and the time of access. This access data must be processed in order to enable you to visit and easily use our website and to ensure its continued operation and security. This access data will be stored for a short period of time in internal log files in order to obtain statistical information about the use of our website. This enables us to continuously
optimise our website taking into account the usage patterns and technical resources of our visitors, and to address errors and security risks. The information stored in the log files does not allow us to make any direct inferences about you – we only store IP addresses in an abbreviated, anonymised form. The log files are kept for 30 days and are archived after subsequent anonymisation. The legal basis for this type of data processing is Article 6(1)(f) GDPR (balancing of interests based on our legitimate interests as set out above).

2.2. Cookies
We use our own and third-party cookies on our website. A cookie is a standardised text file that is stored by your browser for a certain period of time. Cookies allow information such as language preferences and temporary identifiers to be stored locally and can be recalled by the server that set the cookie on subsequent visits to the website. You can review and delete the cookies that are being used in your browser’s security settings. You can adjust your browser settings to your preferences and, for example, refuse to accept third party cookies or all cookies. Please note that in this case you may not be able to use all the features of our websites. Our cookies serve to make your visit to our website as easy and safe as possible. The legal basis for the related data processing is Article 6, paragraph 1, point (f) GDPR. We use third-party cookies for internet analytics and marketing purposes. You will find more detailed information on this topic in sections 2.5 and 2.6 of this data protection notice.

2.3. Your messages and communications
We collect all the information and data you provide to us through our websites. For example, in various places on our websites, you may send us messages and in some cases files (e.g. PDF documents) through features such as the contact form or contact feature. All information required for these features is marked as such. We will use the information you provide to us solely for the purpose of processing your registration.
We will delete the data collected when its storage is no longer necessary or restrict its processing if there are legal obligations to retain data.
Disclosure of your message to another Interzero group company or to an external third party will only be permitted to the extent necessary for the processing of your application (for example, we will disclose your message to another Interzero group company if it is responsible for processing your request). If you do not want your message to be disclosed to another company, you can indicate this – as a precaution, of course – directly in your message. Your message will then be forwarded to the other company without any information that could identify you (e.g. name, user number or contact details).
The legal basis for the above data processing is Article 6(1)(b) GDPR. If you have consented to the disclosure or processing of data that you have provided to us elsewhere, the legal basis will be Article 6, paragraph 1, point (a) of the GDPR.

2.4. Use of YouTube videos
We use YouTube videos on parts of our websites. YouTube is a video platform operated by Google YouTube LLC, 901 Cherri Ave., San Bruno, CA 94066, USA (“YouTube”). You can stream YouTube videos directly on our websites. They are included in the “extended data protection mode”, which means that if you do not play the videos, no data about you as a user will be transferred to YouTube. Data is only transferred to YouTube if you play videos. We cannot influence this data transfer. If personal data is transferred to the USA, Google and YouTube have joined the EU-US Privacy Shield.
If you visit a website with embedded YouTube videos, YouTube and Google receive the collected access data and thus the information that you have visited a page on our website. This will happen regardless of whether you are logged in to YouTube or Google. If you are logged in to Google, your data will be directly linked to your Google Account. If you do not want them to be linked to your YouTube profile, you must log out before the video is played. YouTube and Google may use your accessible data to create user profiles for marketing, marketing research and to create their own demand-driven websites. You have the right to object to the creation of these user profiles, in which case you must send your objection directly to YouTube. Further information can be found in Google’s privacy policy, which also applies to YouTube.
The legal basis for the above data processing, insofar as we are the controller, is Article 6(1)(f) GDPR (balancing of interests based on our legitimate interest in including video content).

2.5. Analysis tools
2.5.1. Google Analytics
Our website uses Google Analytics, an internet analysis service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Google Analytics uses cookies to collect information about your access when you visit our websites. This access data will be aggregated into pseudonymised user profiles on our behalf and transferred to a Google server in the USA. Prior to this, your IP address will be anonymised. Therefore, we cannot know which user profiles belong to a particular user. We cannot identify you on the basis of the information collected by Google, nor can we determine how you use our websites. In the exceptional
cases where personal data is transferred to the USA, Google has joined the EU-US Privacy Shield. In this way, the processing of data carried out by Google Analytics is subject to an adequacy decision by the European Union Commission, i.e. the level of data protection is determined to be adequate, even if the processing is carried out exceptionally in the United States.
Google will use the data collected by means of cookies to evaluate the use of our websites, to compile reports on such website activity and to provide additional services relating to website and internet usage. For more information on this topic, please refer to the Google Analytics Privacy Policy.
You may object to the above-mentioned creation and evaluation of pseudonymised user profiles by Google at any time. You have various options for this purpose:

(1) You can set your browser to block Google Analytics cookies.
(2) You can adjust your Google Ads settings.
(3) You can install the Google Plug-in, available at tools.google.com/dlpage/gaoptout, at
Firefox, Internet Explorer or Chrome (this option does not work on mobile devices)
(4) You can set the “opt-out” cookie by clicking: Disable Google Analytics.

The legal basis for such processing is Article 6(1)(f) GDPR (balancing of interests based on our legitimate interest in assessing general usage patterns).

2.5.2. Google Tag Manager
Our website uses Google Tag Manager, a service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Tag Manager is used to help manage the website’s tags more efficiently. A website tag is a frame stored in the source code of our website, for example to record the embedding of frequently used website elements (e.g. code for an internet analytics service). Google Tag Manager works without the use of cookies. The data will be partially processed on a Google server in the USA. If personal data is transferred to the USA, Google has joined the EU-US Privacy Shield. The legal basis is Article 6, paragraph 1, point (f) GDPR, which is based on our legitimate interest in the commercial operation of our website. For more information, please see About Google Tag Manager.

2.5.3 Leadinfo:
We use the lead generation service offered by Leadinfo B.V., In addition, Leadinfo sets two of its own cookies to provide visibility into how our visitors use our website and the
tool processes domains from the data entered in the form (e.g. “leadinfo.com”) to link IP addresses to companies and improve its services. For further information, please visit www.leadinfo.com. You have the option to opt-out at this page: www.leadinfo.com/en/opt-out. If you opt-out, Leadinfo will no longer use your data.

2.6. Other tools provided by third parties
2.6.1. Google ReCAPTCHA
We have built in a feature to identify bots, e.g. for entries in web forms (“ReCaptcha”), provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy: https://vvv.google.com/policies/privaci/ , disabling: https://adssettings.google.com/authenticated

2.6.2. Google Maps
We embed maps from Google Maps, a service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy: www.google.com/policies/privacy/, disable:
https://adssettings.google.com/authenticated.

2.6.3. Myfonts
Our website also uses external fonts from Myfonts Inc., 600 Unicorn Park Drive, Woburn, MA 01801, USA (“Myfonts”). These fonts are installed by connecting to a Myfonts server. In order for the fonts to be delivered to your browser, at least your IP address is transferred to the Myfonts server when you visit our website. Other information (e.g. the name of the website visited, the date and time of the query, the type of internet browser used) may also be transferred to Myfonts. If you wish to prevent Myfonts from executing JavaScript codes, you can disable JavaScript in your browser or install a JavaScript blocker (e.g. www.noscript.netorghosteri.com). For more information about Myfonts’ data privacy, please visit the following link: https://vvv.Myfonts.com/info/legal/#Privacy. The legal basis for this data processing is Article 6(1)(f) GDPR (balance of interests based on our legitimate interest in assessing general usage behaviour).

3.Processing of data for social media accounts
Interzero is represented on the following social media networks with its accounts:

– Facebook
– LinkedIn
– Instagram

We use these pages to publish the latest news about Interzero and everything we do, and we also use social media content to communicate directly with our members.
Please note that we have no influence on the data processing carried out by social media. Therefore, please check carefully what personal data and messages you send to us via social networks and, if in doubt, use the other contact methods we offer. Therefore, we cannot be held responsible for the behaviour of the operators of these social networks and their other members.
If you communicate with us via our social network accounts, we will process the data provided by the social network for this purpose (e.g. your name, your profile page and the content of the messages you send us) in accordance with the purpose for which you sent it to us (e.g. service requests, suggestions and reviews). We will delete the data collected in this way when its storage is no longer necessary or restrict its processing if there are legal obligations to retain the data. In the case of public postings on our social media accounts, we will decide in each individual case, after weighing your interests against ours, whether and when we can delete it.
The legal basis for the processing of the above data will depend on the purpose of your communication. If the purpose is to use our customer service or to request the provision of Interzero services, the legal basis will be Article 6(1)(b) of the GDPR. Otherwise, the legal basis will be Article 6(1)(f)(1) GDPR (balance of interests based on our legitimate interest in processing your communication). If you have consented to the processing of the above data, the legal basis will be Article 6(1)(a) GDPR.

4. Disclosure of information
4.1 Principles
We will only disclose your information if:

– you have given your explicit consent to do so in accordance with Article 6(1)(a) of the GDPR
– disclosure is necessary in accordance with Article 6(1)(f) of the GDPR for the establishment, exercise or defence of a legal claim by Interzero and there is no basis for believing that you have a compelling interest in not disclosing your data beyond these concerns
– we have a legal obligation to disclose in accordance with point (c) 1. Article 6(1)(b) of the GDPR
– disclosure is permitted by law and is necessary under Article 6(1)(b) of the GDPR for the performance of a contract to which you are a party or to act on your request prior to entering into a contract.

4.2. Disclosure to external service providers Interzero d.o.o.
Some of the data processing referred to in this privacy notice may be carried out on our behalf by external service providers. In addition to the service providers listed in
this data protection notice, these may include, in particular, data centres where our websites and databases are stored, information technology (IT) service providers who maintain our systems and corporate consultants.
If we disclose data to our service providers, these service providers may only use the data for the performance of their tasks. We have carefully selected and engaged these service providers. They are contractually obliged to comply with our instructions, implement appropriate technical and organisational measures to protect the rights of subjects and are regularly monitored.
If, in addition to this data protection notice, we transfer your data to a service provider located in a country outside the European Economic Area (EEA), we will specifically inform you of this when necessary, as well as of the specific safeguards on which this data transfer is based. If you would like to receive copies of the guarantees confirming the appropriate level of data protection, please contact our Data Protection Officer (see section 1).

5. Storage period
Unless otherwise stated in this privacy notice, we will only keep and use your data for as long as is necessary to comply with our contractual and legal obligations or to fulfil the purpose for which the data was collected. However, after the expiry of the statutory limitation period, we will restrict their processing, i.e. from then on your data will only be used for the fulfilment of our legal obligations.
After that, we will delete your data immediately, unless we still need it before the expiry of the statutory limitation period for the purpose of providing evidence in legal proceedings or for the fulfilment of statutory retention periods. Even after that, we may need to keep your data for accounting purposes. This is our duty to ensure compliance with legal documentation rules. The retention periods prescribed by these laws range from two to ten years.
The legal basis for this type of data protection for the purpose of complying with legal documentation and retention obligations is Article 6, paragraph 1, point c) GDPR.

6. Your rights
To exercise the rights set out below, you can contact our Data Protection Officer (see section 1) at any time:
You have the right to access information about our processing of your personal data at any time. When we provide you with such information, we will explain the processing and provide you with an overview of the data we hold about you.
If the data we have stored is incorrect or no longer up to date, you have the right to rectification.
You can also request the erasure of your data. If, in exceptional cases, such deletion is not possible due to other legal provisions, the data will be blocked so that it is only available for this legal purpose.
You can further restrict the processing of your data, for example if you believe that the data we have stored is incorrect.
You have the right to data portability, which means that we must, if you wish, send you a digital copy of the personal data you have provided to us.

7. Right of withdrawal and objection
To exercise your rights of withdrawal and objection as set out below, it is sufficient to notify us without formal requirements to the contact details set out in section 1.
Withdrawal of consent
In accordance with Article 7(2) of the GDPR, you have the right to withdraw any declaration of consent you have given us at any time. This will result in our inability to continue to process data based on that consent in the future. The withdrawal of your consent will not affect the lawfulness of the processing carried out on the basis of that consent up to the time of withdrawal. Objection to data processing
If we process your data on the basis of legitimate interests pursuant to Article 6(1)(f) GDPR, you have the right to object to the processing of your data pursuant to Article 21 GDPR if there are grounds arising from your specific situation or the complaint must be for direct marketing purposes. In the latter case, you have a general right to object, which we will exercise even if you do not provide reasons.

8. Data security
We maintain appropriate technical measures to ensure data security for our online services, in particular to protect your data against risks during data transmission and against unauthorised reception by third parties. These measures are constantly being amended to reflect the latest technologies. To protect the personal information you enter on our website, we use the Transport Layer Security (TLS) protocol, which encrypts the information you enter.

Changes to this data protection notice
We will update this data protection notice from time to time, for example when we revise our website or if legal or official regulations change.