Privacy Policy Business Angels Club Slovenia

The purpose of this privacy policy is to inform individuals, parties, users of products or services, associates, employees, and other persons (hereinafter: “individual”) who cooperate with the Business Angels Club Slovenia (hereinafter: “company”) about the purposes, legal bases, security measures, and rights of individuals regarding the processing of personal data carried out by the company.

We value your privacy, so we always carefully protect your data.

We process personal data in accordance with applicable legislation in the field of personal data protection and other legislation that provides us with a legal basis for processing personal data.

Any change to this document will be published on our website. By using the website, you confirm that you are familiar with the entire content of the privacy policy.

Data Controller: Business Angels Club Slovenia
Železna cesta 18
1000 Ljubljana
E-mail: info@businessangels.si
Phone: +386 31 717 367
Website: https://poslovniangeli.si/

1) Personal Data

Personal data means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as: name, identification number, location data, online identifier, or reference to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

2) Purposes of Processing and Legal Bases for Data Processing

The company collects and processes personal data on the following legal bases:

  • Processing is necessary for compliance with a legal obligation to which the controller is subject;
  • Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
  • Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party;
  • The data subject has given consent to the processing of his or her personal data for one or more specific purposes;
  • Processing is necessary to protect the vital interests of the data subject or of another natural person.

Email Notifications, e.g., newsletters

Based on conducting lawful business activities, the company may notify customers, clients, and users of its services at their electronic address about its services, events, training, offers, and other content. An individual may at any time request the termination of such communication and processing of personal data and cancel the receipt of messages via the unsubscribe link in the received message or submit a request by email or regular mail to the company’s address.

The legal bases for data processing are legitimate interest and consent. Data will be processed until the cancellation of message receipt or withdrawal of consent or until the purpose of processing is fulfilled. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

Video surveillance is carried out by contractual processor: Valina upravljanje d.o.o.

Performance of Concluded Contract

In cases where an individual concludes a contract with the company, this represents the legal basis for processing personal data. The company may thus process personal data for the conclusion and performance of the contract, such as the sale of goods and services, preparation of offers, participation in various programs, etc. If an individual does not provide personal data, the company cannot conclude a contract, nor can the company perform the service or deliver goods or other products in accordance with the concluded contract, as it does not have the necessary data for implementation. On this basis, the company processes only and exclusively those personal data that are necessary for the conclusion and proper performance of contractual obligations.

The legal basis for data processing is contract. The retention period is until the fulfillment of the contract’s purpose or up to 6 years after the termination of the contract, except in cases where a dispute arises between the individual and the company in connection with the contract. In such a case, the company retains data for another 10 years after the final court decision, arbitration, or court settlement, or if there was no court dispute, 5 years from the date of peaceful dispute resolution.

Legitimate Interest

The company may also process personal data based on legitimate interest that it pursues. This is not permissible when the interests or fundamental rights and freedoms of the data subject, which require protection of personal data, override such interests. In case of using legitimate interest, the company performs an assessment in accordance with legislation. Processing of personal data of individuals for direct marketing purposes is considered to be carried out in legitimate interest.

The company may process personal data of individuals collected from publicly available sources or within the framework of lawful business activities, also for the purposes of offering goods, services, employment, informing about benefits, events, etc. To achieve these purposes, the company may use regular mail, telephone calls, email, and other telecommunications means. For direct marketing purposes, the company may process the following personal data of individuals: name and surname of the individual, address of permanent or temporary residence, telephone number, and email address. The company may process the stated personal data for direct marketing purposes even without the explicit consent of the individual. An individual may at any time request the termination of such communication and processing of personal data and cancel the receipt of messages via the unsubscribe link in the received message or submit a request by email or regular mail to the company’s address.

The legal basis for data processing is legitimate interest. Data will be processed until the cancellation of message receipt or until the purpose of processing is fulfilled. Cancellation does not affect the lawfulness of processing based on consent before its withdrawal.

Processing Based on Consent

If the company does not have a legal basis demonstrated on the basis of law, contractual obligation, legitimate interest, or protection of an individual’s life, it may ask the individual for consent. Thus, it may process certain personal data of an individual also for the following purposes when the individual gives consent:

  • Address of residence and email address (for notification and communication purposes);
  • Photographs, video recordings, and other content relating to the individual (e.g., publication of individual photos on the website for the purposes of documenting activities and informing the public about the company’s work and events);
  • Other purposes for which the individual agrees by consent.

If an individual gives consent for the processing of personal data and at some point no longer wishes this, they may request the termination of personal data processing with a request by email or regular mail to the company’s address. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. After receiving the withdrawal or request for deletion, data is deleted at the latest within 15 days. The company may delete this data even before withdrawal when the purpose of personal data processing has been achieved or if required by law.

Exceptionally, the company may refuse a request for deletion for reasons from the General Regulation in cases of exercising the right to freedom of expression and information, fulfilling legal processing obligations, reasons of public interest in public health, archiving purposes in the public interest, scientific or historical research purposes, statistical purposes, exercising or defending legal claims.

The legal basis for data processing is consent. Data will be processed until withdrawal or withdrawal of consent or until the purpose of processing is fulfilled. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

Protection of Individual’s Vital Interests

The company may process personal data of an individual to whom the personal data relates if this is necessary to protect their vital interests. In urgent cases, the company may search for an individual’s personal document, check whether this person exists in its database, examine their medical history, or contact their relatives, for which the company does not need the individual’s consent. This applies in cases where it is urgently necessary to protect the individual’s vital interests.

5) Storage and Deletion of Personal Data

The company will store personal data only as long as necessary to achieve the purpose for which the personal data was collected and processed. If the company processes data based on law, it will store it for the period prescribed by law. Some data is stored during cooperation with the company, while some data must be stored permanently. Personal data that the company processes based on a contractual relationship with an individual is stored by the company for the period necessary for contract performance and for 6 more years after its termination, except in cases where a dispute arises between the individual and the company in connection with the contract. In such a case, the company stores data for another 10 years after the final court decision, arbitration, or court settlement, or if there was no court dispute, 5 years from the date of peaceful dispute resolution. Personal data that the company processes based on individual consent or legitimate interest will be stored by the company until consent withdrawal or until a request for data deletion. After receiving withdrawal or a request for deletion, data is deleted without undue delay. The company may delete this data even before withdrawal when the purpose of personal data processing has been achieved or if required by law. In case of exercising individual rights, the company stores personal data of this individual until the matter is finally decided, and after finality, in accordance with the final decision in the matter.

Exceptionally, the company may refuse a request for deletion for reasons such as: exercising the right to freedom of expression and information, fulfilling legal processing obligations, reasons of public interest in public health, archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, exercising or defending legal claims. After the retention period expires, the company must effectively and permanently delete or anonymize personal data so that it can no longer be linked to a specific individual.

6) Contractual Processing of Personal Data and Data Transfer

The company may entrust individual processing of personal data to a contractual processor based on a contractual processing agreement. Contractual processors may process entrusted data exclusively on behalf of the controller, within the limits of their authorization, which is recorded in a written contract or other legal act and in accordance with the purposes defined in this privacy policy.

Contractual processors with whom the company cooperates are mainly:

  • Accounting services and other providers of legal and business consulting;
  • Infrastructure maintainers (video surveillance, security services);
  • Email service providers and software providers, cloud services (e.g., Microsoft, Google);
  • Social network providers and web advertising (Google, Facebook, Instagram, etc.).

For purposes of better overview and control over contractual processors and orderly mutual contractual relations, the company also maintains a list of contractual processors, where all specific contractual processors with whom the company cooperates are listed.

The company will under no circumstances provide an individual’s personal data to third unauthorized persons. Contractual processors may process personal data only within the company’s instructions and may not use personal data for any other purposes.

The company as controller and its employees do not transfer personal data to third countries (outside EU member states plus Iceland, Norway, and Liechtenstein) and international organizations, except to the USA, where relationships with contractual processors from the USA are regulated based on standard contractual clauses (standard contracts adopted by the European Commission) and/or binding corporate rules (adopted by the company and confirmed by supervisory authorities in the EU).

7) Cookies

The company’s website operates with the help of so-called cookies, which are important for providing web services and are used to store data about the state of individual web pages, to help collect statistics about users and website traffic, etc. Upon entering the website, only those cookies that are necessary for website operation (e.g., for shopping cart) are loaded onto the device. Other cookies will be loaded only with the individual’s consent. Settings can be changed at any time by the individual and cookies can be deleted (instructions are found on individual browser websites).

The websites cookies and cookie policy can be found here – Cookie Policy.

8) Data Protection and Data Accuracy

The company ensures information security and infrastructure security (premises and application-system software). Our information systems are protected, among other things, with antivirus programs and firewalls. We have implemented appropriate organizational-technical security measures aimed at protecting personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access, and against other unlawful and unauthorized forms of processing. In case of providing special categories of personal data, we provide them in encrypted form and protected with a password. The individual is responsible for providing their personal data safely and ensuring that the provided data is accurate and reliable.

9) Individual Rights Regarding Data Processing

An individual to whom personal data relates has the right to request access to personal data and correction or deletion of personal data or restriction of processing related to them, as well as the right to object to processing and the right to data portability. The individual’s request is handled in accordance with the provisions of the General Regulation and applicable personal data protection legislation.

All stated rights and questions can be exercised by an individual with a request sent to the company’s address. The company will respond to the individual’s request without undue delay, at the latest within one month of receiving the request. This deadline may be extended by a maximum of two additional months, considering the complexity and number of requests, about which the individual will be informed, along with the reasons for delay. Exercising rights is free for the individual, but the company may charge a reasonable fee if the request is manifestly unfounded or excessive, especially if it is repetitive. In such a case, the company may also refuse the request. In case of doubt about the individual’s identity, additional information needed by the company to determine identity may be requested.

The company will inform the individual in the decision about their request about the reasons for the decision and information about the right to appeal to the supervisory authority within 15 days of being informed of the decision. The right to lodge a complaint with the supervisory authority can be exercised by the individual at: Information Commissioner RS at the address: Dunajska 22, 1000 Ljubljana (email: gp.ip@ip-rs.si, website: www.ip-rs.si).

This privacy policy is valid from 1.6.2025 onwards.

Nina Dremelj, representative
Signature 1.6.2025

Adriatic Investors

Uniting visionaries, empowering startups, and shaping the future of the Balkans—together. We're more than an investment platform—we're a movement designed to ignite innovation across the Eastern Adriatic region.

About

Our Story

Mission & Vision

Leadership Team

Impact Report

Networks

AI Slovenia

AI Albania

AI BiH

AI Croatia

AI Macedonia

Programs

AI Young

International Projects

Startup Guide

Investments

Resources

News & Blog

Events

Media Kit

Contact

© 2024 Adriatic Investors. All rights reserved.
Built by Numen, spletne storitve

Privacy Policy

Cookie Policy

ESG Policy

Terms of Service