DATA PROTECTION DECLARATION

Thank you for visiting our website and for your interest in Novak M d.o.o.

Below you will find information on the data that will be processed during your visit of the website and on how these data are used.

I. Name and Contact Details of the Person in Charge of Data Processing and of the Data Protection Officer of the Company

This data processing information applies to data processing by

Novak M d.o.o.
Pod smrekami 5
SI – 1218 Komenda
T: +386 1 5620117
E: info@novak-m.si
Vat ID number: SI70100691
Registration number.: 1638742
Nova Ljubljanska banka d.d., Ljubljana
SWIFT: LJBASI2X
IBAN: SI56 0279 6026 4227 282
District Court of Ljubljani, reg. nr 1/34793/00
Share Capital: 8.736,00 EUR
Main business activity (SDK): 32.500 medical device manufacture

Data Protection Officer of the Company

You can contact us regarding any questions on your personal data processing and your data protection rights via mail on the address mentioned above with the addition « Data Protection Officer » or via e-mail info@novak-m.si.

II. Acquisition and Retention of Personal Data and Type and Purpose of their use

a) When accessing the Website

When accessing the website under https://www.novak-m.com the browser used by your end device will automatically transfer information to the server of our website. This information will be stored temporarily in a so-called lock file. The following information are subject to storage without your help and until automatic deletion:

• IP address of the requesting computer
• date and time of the access
• name and URL of the accessed file
• website from which the access was made (referrer-URL)
• applied browser and eventually the operation system of your computer and the name of your access provider

The above data will processed by us for the following purposes:

• securing an uninterrupted connection to the website
• securing a comfortable use of our website
• analysis of the security and stability of the system and
• further administrative purposes.

The legal basis for the data processing is Art. 6 para 1 sentence 1 GDPR (General Data Protection Regulation). Our justified interest in this data processing follows from the above listed purposes of the data processing. Under no circumstances will the processed data be used for the purpose of drawing conclusion about your identity.

In addition, we apply cookies and service providers for analysis when our website is accessed. For more information see Chapter IV. “Cookies”.)

b) When contacting us by contact form or e-mail

In case you contact us by contact form or e-mail, the data communicated by you, in particular your e-mail address and eventually your name and further contact details, will be stored in order to be able to reply to your inquiry. We will delete the data processed in this regard once their storage is no longer necessary or will limit the processing in case there are statutory duties to store these data. The legal basis for this data processing is Art. 6 para 1 lit. b GDPR (General Data Protection Regulation): the respective data processing serves the purpose of pre-contractual measures taken as a result of your inquiry. For more information regarding contact form, see Chapter V. Tools for analysis, par. c) Google reCaptcha (»I am not a robot«).

c) Newsletter subscription

When you subscribe to our newsletter, your e-mail address, name and surname will be processed. If you subscribed to newsletter only, we will use the data only for sending you our newsletter. Your email address will be processed until you unsubscribe. You can unsubscribe anytime by clicking the marked link in the newsletter or you send us your request to unsubscribe to info@novak-m.si. Legal grounds to data procession is your consent (para 6 (1) a GDPR / Regulations).

III. Transfer of Data to Third Parties

The transfer of data to third parties will not take place except for the reasons specified hereinafter. We will transfer your personal data to a third party only if

• you have expressly consented to such transfer pursuant to Art. 6 para 1 sentence 1 lit. a GDPR.
if the transfer is necessary to safeguard our legal interests or the legal interests of a third party pursuant to Art. 6 para 1 sentence 1 lit. f GDPR unless your personal interests or fundamental rights and liberties or those of another person which require the protection of the personal data, prevail. (eg. external contractors of IT services in order to deal with technical and user problems in individual case;
• in case there is statutory duty to transfer the data pursuant to Art. 6 para 1 sentence 1 lit. c GDPR (eg. external auditor on the grounds of the Companies Act and Auditing Act due to an of company’s business)
• in case it is admitted by law and necessary for the handling or contractual relations with you or the handling of pre-contractual measures pursuant to Art. 6 para 1 sentence 1 lit. b GDPR. (eg. Contracting partner – transport company in order to fulfil the order – delivery)

IV. Cookies

We use cookies on our website. These are small files that are automatically generated by your browser and that will be stored on your end device (laptop, tablets, smartphone etc.) when you access our website. Cookies do not cause any damage to your end device and do not contain virus, trojans or other malware.

In the cookie, information which arises in connection with the specifically used end device will be stored. However, this does not mean that we will automatically obtain knowledge about your identity.

The use of cookies serves the purpose to make our offer more comfortable for you. For this purpose we implement so-called session cookies in order to be able to recognise whether you have already accessed certain pages of our website. The session cookies will be automatically deleted after you have left our website.

Moreover, we use temporary cookies for the purpose of optimizing the user friendliness of our website. These temporary cookies will be stored on your end device for a certain period of time. In case you access our website again, in order to make use of our services, it will be recognised automatically that you have already accessed the website and what sort of inputs and settings have been made by you so that you need not make these again.

Moreover, we apply cookies in order to analyse the use of our website from a statistic point of view and in order to optimize our services. These cookies allow us to recognise automatically that you have already accessed our website when you access it again. These cookies will be deleted automatically after a certain period of time.

The data processed by the cookies are necessary for the above purposes in order to safeguard our own legitimate interests as well as the interests for third parties pursuant to Art. 6 para 1 sentence 1 lit. f GDPR.

Most of the browsers accept cookies automatically. However, you can configurate your browser in a way that no cookies will be stored on your computer or in a way that each time before a new cookie is implemented you are advised thereof. The complete deactivation of cookies may lead to a situation in which you cannot use all the functions of our website.

V. Tools for Analysis

Tracking Tools and reCaptcha function

The below described tracking tools used by us are applied in accordance with Art. 6 para 1 sentence 1 lit. f GDPR. By using these tracking tools, we aim at insuring that our website is shaped according to the needs of the user and is optimized continuously. Moreover, we apply tracking tools in order to capture the use of our website statistically and in order to optimize our services for you. These interests are justified interests in the sense of Art. 6 para 1 sentence 1 lit. f GDPR. Moreover, in accordance with Art. 6 (1) f GDPR / Regulation (legal interest), we use reCaptcha »I am not a robot« function in order to prevent website abuse.
The respective purposes of data processing and data categories can be taken from the respective tracking tools.

a) Google Analytics

We use Google Analytics, a web analyse service provided by Google Inc. (https://www.google.de/intl/de/about/ ), 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter referred to as „Google“) for the purpose of shaping our website according to the needs of the users and for the purpose of continuous optimization of our website. In this context, cookies are used and anonymized user profiles are established. The information on your access to this website like

• browser type/browser version,
• used system software,
• referrer-URL (the website accessed before accessing our website),
• host name of the computer accessing our website (IP address),
• time of the access

that is captured by the cookie will be transferred to a server of Google in the USA and will be stored there. This information will be used to analyse the use of the website, to produce reports on the website activities and to provide further services related to the use of the website and the use of the internet for the purpose of market research and the shaping of this website according to the user’s needs. Moreover, this information may be transferred to third parties if there is a statutory duty to do so or insofar as third parties are processing these data by order of us. Our IP address will by no means be consolidated with other data of Google. The IP addresses will be anonymized so that it is impossible to allocate them to a certain user (IP masking).

You are able to prevent the installation of cookies by making the respective settings in your browser software; however, we would like to point out that in this case it may not be possible to use all functions of this website in full.

You can also prevent the capturing of the data that are related to the use of the website and created by the cookie (including your IP address) as well as the processing of this data by Google by way of downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de ). As an alternative to the browser add-on, in particular for browsers used on mobile end devices, you can also prevent a capturing by Googly Analytics by way on clicking on this link. An opt-out cookie will be established which prevents the future capturing of your data when accessing this website. The opt-out cookie is only valid for this browser and for our website and will be established on your end device. In case you delete the cookies in this browser, you have to establish the opt-out cookie again.

You can find further information on data protection in relation to Google Analytics in Google Analytics’ help (https://support.google.com/analytics/answer/6004245?hl=de ).

b) Google Adwords Conversion Tracking

In order to capture the use of our website statistically and in order to optimize our website, we further use the Google Adwords Conversion Tracking. Google Adwords establishes a cookie on your end device in case you have accessed our website via Google Adwords.

These cookies loose their validity after 30 days and do not serve the purpose of personal identification. In case the user accesses certain pages of the website of the Adwords client and in case the cookie is still valid, Google and the Adwords client can see that the user has clicked on the advert and has been referred to this website.

Each Adwords client receives a different cookie. Therefore, cookies cannot be tracked via the website of Adwords clients. The information captured by way of conversion cookies serves the purpose of establishing conversion statistics for Adwords clients who have opted for conversion tracking. The Adwords clients obtain information on the total number of users who have clicked on their advert and have been referred to a special page tagged by the conversion tracking tack. They will, however, not obtain any information which allows a personal identification of the user.

In case you do not want to participate in the tracking procedure, you can refuse the establishment of the respective cookie, for instance by way of general deactivation of cookies in your browser’s settings. You can also deactivate cookies for conversion tracking by setting your browser in a way that cookies from the domain www.googleadservices.com are blocked. You can find the Google Advice on Data Processing by Conversion Tracking on https://services.google.com/sitestats/de.html.

c) Google reCaptcha (« I’m not a robot »)

When you contact us through the contact form, we use the Google reCaptcha (»I am not a robot «) function, which determines wether the form was filled in by a person or an automized program, In order to prevent website abuse, to retain the safety of our on-line contact forms and to prevent spam mail. The captured information regarding your use of the website (e.g. what pages you visited and the time spent) including your IP adress, are transferred to a server of Google in the USA and will be stored there. You can find additional information regarding reCaptcha on https://developers.google.com/recaptcha.

VI. Google Web Fonts

This page uses so-called Web Fonts provided by Google in order to obtain a uniform representation of fonts. When accessing a website, your browser will download the necessary Web Fonts in your browser cache in order to be able to show texts and fonts correctly. For this purpose, the browser used by you has to connect with the servers of Google. By doing so, Google obtains knowledge of the fact that our website has been accessed from your IP address. The use of Google Web Fonts serves the purpose of a uniform and attractive representation of our online services. This constitutes a justified interest in the sense of Art. 6 para 1 sentence 1 lit. f GDPR. In case your browser does not support Google Web Fonts, a standard front on your computer will be used. You can find further information on Google Web Fonts on https://developers.google.com/fonts/faq and the respective Google Advice on Data Processing on: https://www.google.com/policies/privacy/.

VII. Social Media Plug-Ins

We do not use social media plug-ins on our website.

VIII. Rights of the Person Concerned

You possess the right:

• to receive confirmation from us that your personal data are processed and to review the personal information pursuant to Art. 15 GDPR;
• to demand immediate correction of false or incomplete data pursuant to Art. 16 DSVG;
• to demand the deletion of your personal data pursuant to Art. 17 GDPR unless the data procession is not required for the exertion of the right of free expression and information, for the fulfilment of a legal obligation, for reasons of public interest or for enforcement, exertion or defence of legal claims;
• to demand limitation of the processing of your personal data pursuant to Art. 18 GDPR, if you dispute the correctness of these data, if the procession is illegitimate and if you refuse their deletion and demand limitation of their use, if we do not need these data anymore, but you require these data for enforcement, exertion or defence of legal claims or if you declare objections against the data procession on the basis of legal interest until it is verified that our legal interests prevail yours.
• to demand the provision of your personal data in a structured, established and machine-readable format or to demand transmission to another person responsible pursuant to Art. 20 GDPR;
• to revoke your consent at any time pursuant to Art. 7 para 3 GDPR. As a consequence of this revocation, we are no longer allowed to process the data, to which this agreement relates to, in the future;

You can request to review, update, correct, limit procession or delete your personal data, you can object to the procession of your personal data and you can request a copy of the data processed by sending us a written request to the address Novak M d.o.o., Pod smrekami 5, SI – 1218 Komenda or e-mail info@novak-m.si with the reference “Personal data protection”.
You can withdraw your consent to pesonal data procession fully or partialy, for good or temporarily at any time. you can withdraw your consent in the same way it was given or with a written request sent to to the address Novak M d.o.o., Pod smrekami 5, SI – 1218 Komenda or e-mail info@novak-m.si. The withdrawl of the consent does not affect the personal data procession based on consent before its withdrawl.
If you consider your rights on personal data protection have been violated, you can file a complaint to Information Commissioner, Dunajska cesta 22, 1000 Ljubljana, (01) 230 97 30, gp.ip@ip-rs.si.

IX. Right to Object

You have the right to object the procession of your personal data based on legal interest. In this case, we will stop the procession, unless we can prove urgent legal reasons for it, which prevail the interests, rights and liberties of an individual or for enforcement, exertion or defence of legal claims.
If you want to exert your right to object, please send an email to info@novak-m.si.

X. Data Security

During the access of our website we use the SSL procedure (Secure Socket Layer) in connection with the highest level of encryption that is supported by your browser. In general, it will be a 256-bit-encryption. In case your browser does not support a 256-bit-encryption, we apply the 128-bit-V3 technology. You can see whether a single page of our website is encrypted when the lock symbol in the lower status bar of your browser shows a closed lock.

We also use suitable technical and organizational security measures in order to protect your data against accidental or intentional manipulations, partial or complete loss, destruction and the illegitimate access by third parties. Our security measures are continuously improved according to the technological developments.

XI. Timeliness of this Advice on Data Processing and eventual Changes

The respective current Advice on Data Processing can always be accessed and printed on https://www.novak-m.com. Eventual changes of the Advice on Data Processing become valid when published on https://www.novak-m.com. This advice on data processing is valid from 9.2.2021.

Komenda, 9.2.2021

NOVAK M d.o.o.