English
Slovenščina
English
Slovenščina

Privacy policy

TERMS OF PERSONAL DATA PROTECTION OF UNITED FIBER SLOVENIA

Table of Contents:

1.1. Who do the Terms of Personal Data Protection of United Fiber Slovenia apply to?
1.2. Why is this notice important?
1.3. How do we collect personal data and why?
1.4. What personal data do we collect?
1.5. Special categories of personal data
1.6. Your rights

A. Right to access personal data
B. Right to rectification of personal data
C. Right to erasure of personal data
D. Right to restrict the processing of personal data
E. Right to withdraw consent
F. Right to data portability
G. Right to object
H. Rights related to profiling

I. Right to lodge a complaint with a supervisory authority 1.7. Third-party websites 1.8. Legal entities 1.9. Sharing personal data

A. Third parties
B. Transfers within the group of data controllers
C. Transfers outside the European Economic Area
D. Sale or merger

1. TERMS OF PERSONAL DATA PROTECTION OF TELEMACH SLOVENIA

1.1. Who do the Terms of Personal Data Protection of United Fiber Slovenia apply to?

These Personal Data Protection Terms (“Terms”) apply when Telemach Slovenija d. o. o., headquartered at Brnčičeva ulica 49A, 1231 Ljubljana – Črnuče, registration number 5692229000, VAT number: SI66863627 (“Telemach”, “we”, “us” or “our”) acts as a controller of individuals’ personal data. Further contact details can be found in the section titled “How to contact us”.

These Terms apply to websites including www.telemach.si and any web applications, online platforms and subscriptions, products or services, and social media channels controlled by Telemach where a link to this notice is provided (each referred to as a “Platform” and collectively as “Platforms”).

Telemach supplements these Terms with the General Terms and Conditions for fixed electronic communications services (“GTCf”), the General Terms and Conditions for mobile electronic communications services (“GTCm”) and the General Terms of Use of the TELEMACH prepaid system (“GTU”), (collectively GTCf, GTCm and GTU: “General Terms”).

1.2. Why is this notice important?

Telemach is committed to protecting your personal data in accordance with applicable privacy and data protection legislation.

With these terms, we inform you about the collection, types, processing, use, and sharing of personal data you provide to us personally or through our platforms, in relation to any pre-contractual or contractual relationships, promotions, competitions, offers, or marketing campaigns we conduct, or that you provide for potential employment with us. This notice also describes your data protection rights, including the right to object to certain processing activities conducted by Telemach. More information about your rights and how to exercise them is available in the section titled “Your rights”.

1.3. How do we collect personal data and why?

We may collect your personal data in the following cases:

  • To fulfill our contractual obligations:
    • When registering to purchase or purchasing certain products or services;
    • To verify your identity;
    • If you inform us that you are a disabled user or need customized support, we will record this, but only if you permit us or if required for legal or regulatory reasons;
    • To provide customer service related to our products and services;
    • For billing purposes;
    • To conclude an easement contract or related agreement in the field of real estate use for the establishment, operation, and maintenance of our network and related infrastructure.
  • For our legitimate business interests, which include:
    • Sending marketing and promotional messages, for which no consent is legally required;
    • Processing your feedback and contributions in customer surveys, competitions, offers, or questionnaires;
    • Reviewing your insights to better assist you or investigate your complaints;
    • Preventing fraud;
    • Network security;
    • Obtaining data directly from you or collecting it from public records (AJPES, land registry, land cadastre, etc.) and processing it in accordance with the purpose of building, operating, and maintaining electronic communications networks and related infrastructure.

If you wish to learn more about how we have balanced our legitimate interests and your rights and freedoms, we invite you to contact us using the contact details provided in the section titled “How to contact us”.

  • For compliance, legal, or regulatory purposes:
    • To verify your identity as part of employment verification, including for money laundering regulation purposes, where applicable;
    • To report any activity we suspect violates any applicable law or regulation to the competent authorities;
    • For information security, fraud prevention, and service provision (e.g., managing service abuse);
    • To comply with EU legislation in preventing, investigating, detecting, or prosecuting criminal offenses or enforcing criminal sanctions, including protection against and prevention of threats to public safety.

If we need personal data for compliance with legal or contractual obligations, providing such data is mandatory; if such data is not provided, we will not be able to manage our contractual relationship with you or fulfill our obligations.

  • With your consent:
    • When subscribing to our marketing notifications or our social media pages (promotions, competitions, offers, or communication within marketing campaigns), where you will be given the option to unsubscribe.

The most common consents we collect include:

Telemach collects, stores, uses, and segments the name and surname, address, contact email address, contact phone number, customer number, traffic data, location data that are not simultaneously traffic data, data on electronic communications services and terminal equipment for the purpose of:

(i) Direct marketing – informing about the offer and benefits for Telemach services and its partner companies’ services that do not constitute electronic communications services, via SMS and MMS messages, email, mail, phone, display on the digital TV receiver, Telemach applications, other messaging applications (WhatsApp, Viber, Messenger, Telegram, Signal);

(ii) Direct marketing – informing about the offer and benefits for Telemach’s electronic communications services (also for personalized offers through profiling), via SMS and MMS messages, email, mail, phone, display on the digital TV receiver, Telemach applications, other messaging applications (WhatsApp, Viber, Messenger, Telegram, Signal);

(iii) Informing about prize games organized by Telemach or its partner companies in cooperation with Telemach, via SMS and MMS messages, email, mail, phone, display on the digital TV receiver, Telemach applications, other messaging applications (WhatsApp, Viber, Messenger, Telegram, Signal);

(iv) Conducting surveys via SMS and MMS messages, email, mail, phone, display on the digital TV receiver, Telemach applications, other messaging applications (WhatsApp, Viber, Messenger, Telegram, Signal).

For real estate use, network establishment, and maintenance of telecommunication services infrastructure, Telemach processes data provided by individuals when concluding an easement contract or starting the process for concluding a related agreement: name and surname for individuals/company name and organizational form for legal entities, address/headquarters, subscriber number and other numbering elements used to establish a connection with the individual, and contact phone number, academic, scientific or professional title at the request of the individual, their website address, and other types of personal contacts, email address, tax and registration number, transaction account number.

1.4. What personal data do we collect?

Types of personal data:

We collect your personal information in the following cases:

  • When you purchase or use any of our products or services;
  • When you use our network or other products and services;
  • When you register or begin the process of concluding or purchasing a specific product or service;
  • When you subscribe to newsletters, reminders, or other services;
  • When you give consent for the processing of your data for a selected purpose;
  • When you contact us through various channels or request information about a product or service;
  • When you participate in a competition, draw, event, or survey;
  • When you visit or browse our website or other websites of the United Group;
  • When you consent to other companies sharing information about you;
  • If your information is publicly available;
  • If you are a user of services of a company that comes into our ownership;
  • If you are a property owner and we need to contact you and process your data in relation to the property.

Additionally, we may collect information about you through surveillance systems when you visit our business premises or through other security cameras as part of our security measures and crime prevention measures. For more details, see the surveillance notice.

We use cookies and other techniques, such as web beacons, to collect information about your browsing on our website. For more details, see the notice titled “Cookies”.

Types of personal data we may have include:

Types of personal data we may hold can include:

Category Type of Data
Payment Information Billing address if different from the permanent address (street or settlement – number, postal code, city), transaction account number if you receive e-invoices in online banking, and other financial data necessary for processing payments.
Traffic Data (i) For voice services in the mobile network: the source of communication (e.g., calling number or username), communication destination (e.g., called number), direction of communication (e.g., outgoing, incoming call), time and duration of communication, type of communication or services used (e.g., call, SMS message, MMS message, internet, purchase), diversion information, source country code, destination country code, content of the individual’s service request (if the execution of the service depends on the parameter or content of the request), data needed for billing and payments related to interconnection, unsuccessful communication attempts (e.g., unanswered call);

(ii) For data transmission services and internet access: the amount of data transmitted and the internet access point (the latter two not for fixed services), public IP address data, equipment identity (e.g., MAC);

(iii) For voice services in the fixed network: number of free units consumed (e.g., number of free minutes), originating and terminating network of the service, service area (e.g., domestic, international), applied tariff or price, charged value and recognized discounts, tax, and other data on the performed service;

(iv) For voice services in the mobile network and data transmission services and internet access to point (iii) additionally: location of communication (e.g., base station through which the connection was established, and network operator data where the service was performed), IMSI number, equipment identity (e.g., IMEI, MAC).
Location Data Exact or approximate location data based on GPS, the base station through which the communication was established, Wi-Fi access points, IP addresses, or other sources when location-based services or functions are enabled.
Contact History with Us Notes of your interactions with our contact centers, including calls, live chats, emails, letters, or any other record of communication.
User Account Data Payment dates, subscriptions, user account numbers, and other important data related to your account.
Access Data Passwords, security hints, and other details for authentication purposes used to access your accounts and services.
Demographic and Contact Information from Other Sources Data you have provided yourself (age group, number of users, etc.) and data obtained from public databases, joint marketing partners, social media platforms (including people you are friends with or otherwise connected to), and third parties.
Technical Information Location information, IP address, and MAC address used to connect your computer and/or mobile device to the internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.
Web Browsing Behavior on Our Platforms This includes clickstream data (Uniform Resource Locators – URLs) to, through, and from our platforms or social media channels (including date and time), transfer errors, page visit length, page interaction information (such as scrolling, clicks, and mouse-overs), marketing email interaction (including if and when the email is opened and how many times it is opened); browsing methods away from the page, and any devices used to access our products and services (including brand, model, and operating system, IP address, MAC address, browser type, and mobile device identifiers).
Job Application Information Information from your resume and background that we may receive from your referees, LinkedIn profile, recruitment agency (if any) you work with. More about the processing of personal data of job applicants can be found here.

 

In some of our interactions with you (e.g., when you submit an entry for one of our competitions or make a request), we may ask for additional personal data to help us provide you with the most appropriate response. If you do not provide the requested personal data, your access to services or our ability to assist you may be limited.

1.5. Special Types of Personal Data

In certain instances and as permitted by law, we may collect special types of personal data or data related to criminal convictions and offenses. Special types of personal data include sensitive information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health data, or data concerning an individual’s sex life or sexual orientation.

1.6. Your Rights

Under the General Data Protection Regulation (GDPR) and other EU privacy and data protection laws, you have certain rights. For example, you may be entitled to request a copy of your personal data, its correction, deletion, or restriction of its processing, or to have some of this information transferred to other organizations. In some situations, these rights may be limited, such as if fulfilling your request would reveal personal data about another person or if we can demonstrate that we are legally obligated to process your personal data.

To exercise any of these rights, to obtain more information, or for additional information about your rights or our use of your personal data, please write to us at: [email protected]

If you have unresolved concerns, you have the right to lodge a complaint with the competent EU data protection authority in the country where you live, work, or where you believe a violation has occurred.

Your rights include (subject to legal and regulatory requirements):

A. Right to Access Personal Data

You have the right to confirm whether your personal data is being processed and, if it is, to access the personal data along with certain additional information. Before responding to your request, we may ask you to (i) confirm your identity and (ii) provide additional information to help us better respond to your request. If it does not affect the rights and freedoms of others, we will provide you with a copy of your personal data. In the case of unfounded requests (e.g., if less than 6 months have passed since the last request unless the request is justified under the circumstances), we will charge you for providing personal data according to Telemach’s price list for the service of fulfilling repeated requests for personal data. Telemach allows individuals who are subscribers to access certain types of personal data through the portal telemach.si/account.

B. Right to Rectify Personal Data

If you notify us that your personal data is no longer accurate or is incomplete, we will correct or update it. If we have shared your personal data with others, we will inform them of the correction or update, if possible.

C. Right to Erase Personal Data

We will erase your personal data in certain cases:

  • If you withdraw your consent for processing personal data (if we rely on your consent for processing);
  • If you exercise your right to object to the processing of your personal data (if we rely on our legitimate interest for processing);
  • If the personal data is no longer needed for the purpose(s) for which it was collected;
  • If the personal data must be erased to comply with a legal obligation under the law of the Union or the member state applicable to the controller.

We may refuse to fulfill your request to erase personal data if its processing is necessary to:

  • Comply with a legal obligation applicable to the United Group or any of its affiliates, or to perform a task carried out in the public interest or in the exercise of official authority vested in the United Group or any of its affiliates as a data controller;
  • For purposes of archiving in the public interest, scientific or historical research purposes; or
  • For the establishment, exercise, or defense of legal claims.

Telemach will inform you of the relevant exceptions we rely on when responding to any request for erasure.

D. Right to Restrict Processing of Personal Data

We will restrict the processing of your personal data if:

  • You have contested the accuracy of your personal data, for the period necessary to verify the accuracy of your personal data;
  • It is being processed without an appropriate legal basis, but the individual does not request its erasure;

If the processing is restricted, Telemach will, aside from storage, only process the personal data based on your consent for the establishment, exercise, or defense of legal claims, to protect the rights of another natural or legal person, or for reasons of important public interest.

E. Right to Withdraw Consent

You have the absolute right to withdraw your consent for direct marketing at any time. If you have given us consent for our processing of personal data in the context of the cases or purposes described in these terms and no longer wish for your personal data to be processed in this way, you can withdraw your consent by sending a message to [email protected].

F. Right to Data Portability

You can request that we provide your personal data (which you have provided to us or that we have collected through your activities on our platforms) in a structured, commonly used, machine-readable format and that we transfer it to another controller.

G. Right to Object

You can object to the processing of your personal data when we use the data for direct marketing purposes and when the personal data is processed for scientific or historical research or statistical purposes.

H. Rights Related to Profiling

You have the right not to be subject to a decision based solely on profiling that produces legal effects concerning you or similarly significantly affects you. We will only carry out such decision-making based on your explicit consent. We will always inform you if we conduct such activities using your personal data.

I. Right to Lodge a Complaint with a Supervisory Authority

You have the right to lodge a complaint with the data protection supervisory authority in the EU country where you have your permanent residence, employment, or where you believe a violation has occurred. A list of European supervisory authorities is available here. If you are located in Slovenia, the national data protection authority is the Information Commissioner, Dunajska cesta 22, 1000 Ljubljana, e-mail: gp.ip(at)ip-rs.si.

1.7. Third-Party Websites

If links are provided from our platforms to platforms that do not belong to the United Group, we are not responsible for such websites and do not endorse any third-party websites. These third-party websites are subject to their own terms of use, depending on the owner and data controller of those websites (including privacy notices), and you are responsible for viewing and using each such website in accordance with its terms of use. We are not responsible for how your personal information is handled on such third-party websites.

1.8. Legal Entities

If you are a subscriber who is a legal entity, a sole proprietor, or another organization that enters into a subscription agreement with Telemach on your behalf, and the actual user of the services is a member of such an organization or uses the services based on the authorization of such an organization (hereinafter referred to as “organization”), you are obliged to inform all individuals who, based on the agreement between Telemach and your legal entity, use Telemach’s telecommunications services about these Terms and the purposes for which Telemach and their contractual processors will process their personal data. The organization that has entered into a contract with Telemach for the provision of Telemach’s services is required, if necessary, to obtain all necessary consents from individuals who use Telemach’s services within the organization and which Telemach needs for processing personal data to fulfill the contract. The organization is thus required to ensure the individual’s consent for the use of Telemach services to send certain personal data of the individual to the organization, to process traffic data and location data that are not simultaneously traffic data and are necessary for the provision of additional services, and to obtain all other necessary consents. The organization, as a subscriber of Telemach services, provides Telemach with access to all consents of individuals required by Telemach for personal data processing.

1.9. Sharing of Personal Data A. Third Parties

We share your personal data if we cooperate with external service providers who help us process personal data for the purposes described in this notice. For example, customer management and communication solution providers, aggregated data analytics partners, web hosting providers, audit and compliance partners, field installation contractors, subscription relationship intermediaries, remote sales support service providers, delivery services, billing and debt collection service providers, and goods suppliers, including Telemach affiliates.

The third parties mentioned in this paragraph have appropriate contracts with Telemach for the processing of personal data. Government authorities may obtain individuals’ personal data in cases and through procedures prescribed by law.

Telemach may, in the case of contractual partners from third countries and based on standard data protection clauses and other mechanisms permitted by the General Data Protection Regulation and the Data Protection Act (as amended), transfer personal data to third countries, including countries for which no adequacy decision has been issued, but which Telemach has assessed can ensure an adequate level of personal data protection. All of the above applies to the extent absolutely necessary to provide services.

B. Transfers Among Data Controllers within the Group

Telemach Slovenia is part of a group of companies headed by the parent company United Group BV, located at Spicalaan 41, 2132 JG Hoofddorp, Netherlands.

From time to time, we will share personal data collected by the United Group within the group with their data controllers to provide services or maintain software systems. Any such transfer of personal data will be conducted in accordance with applicable EU data protection and privacy laws.

C. Transfers Outside the European Economic Area

Countries outside the EEA may have privacy and data protection laws that provide a lower level of protection for your personal data processing than the laws applicable in your country. In such cases, our transfers of personal data will be subject to the European Commission’s standard contractual clauses regarding the transfer of personal data outside the European Economic Area or outside a country deemed to provide adequate personal data protection according to EU standards.

D. Sale or Merger

If the United Group or its assets are sold or merged with an entity outside the United Group, some or all of the personal data collected by the United Group may be transferred to the company that acquired the company or its successor.