Privacy Policy
We hereby inform you that the service provider ENTECH MS d.o.o. (headquarters: Slovenia, Kidričeva cesta 101, Škofja Loka, 4220 Škofja Loka, registration number: 76147100) processes your personal data in the following ways and for the following purposes.
During data processing, we act in accordance with applicable legislation – particularly Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR).
This privacy policy covers the following website: https://entech-ms.si
We reserve the right to change this privacy policy at any time, and the changes take effect upon publication.
Data Controller
- Name: ENTECH MS d.o.o.
- Headquarters: Slovenia, Kidričeva cesta 101, Škofja Loka, 4220 Škofja Loka
- Email: info@entech-ms.si
- Phone number: +386 (0) 40 273 241
Legal Bases for Data Processing
- Performance of a contract (Article 6(1)(b) GDPR)
- Compliance with legal obligations (Article 6(1)(c) GDPR)
- Legitimate interests of the controller or third party (Article 6(1)(f) GDPR)
- Consent of the individual (Article 6(1)(a) GDPR)
- Public interest or exercise of official authority (Article 6(1)(e) GDPR)
- Fulfillment of accounting and tax obligations (e.g., Article 6(1)(c) GDPR, other relevant national legislation)
- Enforcement of legal claims or defense (Article 6(1)(f) GDPR)
Data Processed During Website Use:
| Processed data | Purpose of processing |
| order fulfillment, contact forms, newsletters, remarketing, technical, analytics | |
| name | order fulfillment, contact forms, newsletters, technical, analytics |
| IP address | order fulfillment, remarketing, technical, analytics |
| phone number | order fulfillment, remarketing, technical |
| address | order fulfillment, technical, analytics |
| device | remarketing, technical, analytics |
| behavior | remarketing, technical, analytics |
| browser | remarketing, technical |
| purchase history | remarketing, technical |
| search terms | remarketing |
| location | technical |
| device fingerprint | technical |
Hosting Provider Information
Data is processed and stored with the following hosting provider for service operation.
- Provider name: Webtasy Hosting Platform
- Address: Dunajska cesta 110, 1000, Ljubljana, Slovenia, SI-1000 Ljubljana, Slovenia
- Email: abuse@webtasy.com
- Website: https://webtasy.com
Data Processors
We use external data processors to perform certain data processing tasks. Data processors may process data only in accordance with the contract concluded with us and applicable law.
- Pappiga– Pappiga, web and mobile solutions
Purpose: technical.
Scope of processed data: email, name, device, behavior, IP address, phone number, address, location, browser, purchase history, device fingerprint. - Google Pay– Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Purpose: analytics.
Scope of processed data: email, name, device, behavior, IP address, address.
Remarketing Activities
As part of the service provider’s marketing activities, we may work with external partners (e.g., displaying ads). We only share data with these partners with the explicit consent of the individual.
- Google Ads– 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”
Processed data: email, device, behavior, IP address, phone number, browser, purchase history, search terms. - YouTube Ads– 901 Cherry Ave, San Bruno, CA 94066, USA; “Google LLC”
Processed data: email, device, behavior, IP address, phone number, browser, purchase history, search terms.
Cookies
While browsing the website, so-called cookies may be stored on the user’s computer. These cookies contain technical information, and their main purpose is to provide convenient, customized browsing. However, the website may also use cookies for analytics, remarketing, or media elements.
Essential
Essential cookies and services enable basic functions and are necessary for the proper functioning of the website. These cookies and services do not require user consent under GDPR.
Required
These cookies and services are necessary for the proper functioning of the website, but their use requires user consent. These may include, but are not limited to: payment gateways, captcha services, embedded booking services.
Analytics
Statistical cookies collect information about usage, allowing us to understand how visitors interact with our website.
Marketing
Marketing services use third parties to display personalized advertisements. They do this by tracking visitors across different websites.
Media
These cookies and services are necessary to display certain media elements, such as embedded videos, maps, social media posts, etc.
Other Services
This category includes all cookies, domains, and services that do not fall into other specific categories or have not been clearly categorized.
Cookies Used on this Website
| Cookie name | Purpose |
|---|---|
| mhcookie | essential |
| sbjs_session | analytics |
| wp-wpml_current_language | essential |
| __stripe_mid | essential |
| __stripe_sid | essential |
| PHPSESSID | essential |
| wp-wpml_current_admin_language_* | essential |
| wp-settings-* | essential |
| wp-settings-time-* | essential |
| sbjs_udata | analytics |
| sbjs_current | analytics |
| sbjs_current_add | analytics |
| sbjs_first | analytics |
| sbjs_first_add | analytics |
| sbjs_migrations | analytics |
| wordpress_logged_in_* | essential |
| wordpress_test_cookie | essential |
| asenha_tab | essential |
Users can control or disable the use of cookies in their browser settings; however, this may affect some website functions.
Minors’ Data
Our service is not specifically intended for minors under 16 years of age. If we collect and process data of minors, we do so only if the law prescribes parental/guardian consent or permission.
Parents and guardians can request changes or deletion of all recorded data about themselves or minors under their supervision at any time.
Contact Forms
Forms on the website record data that the user voluntarily provides, and we use them for contact or case handling.
- name
News and Marketing Communication
By subscribing to our news or other marketing communications, you agree to receive notifications (promotions, news, etc.) to the contact details provided. You can unsubscribe or withdraw your consent at any time.
Data processed in case of newsletter subscription
- name
Data Retention Periods
We store data only for the necessary period or for the deadlines prescribed by applicable legislation. After this, the data is deleted or anonymized.
Disclosure of Data to Third Parties
We disclose your data to third parties only if you have explicitly given consent for this or if required by law or an authority’s order.
Data Security Measures
During data processing, both the data controller and data processor use organizational and technical protective measures that take into account modern technological possibilities and the nature of data processing (purpose, scope, circumstances) as well as various levels of risk faced by individuals. These measures are intended to maintain data protection proportionate to the risks, continuously.
These measures may include data encryption, ensuring the availability, confidentiality, and integrity of systems and services, and ensuring sufficient resilience. We pay special attention to restoring the availability and access to data as soon as possible in the event of a physical or technical incident.
By regularly reviewing and testing security measures, we ensure that the assurances are not merely theoretical but in practice actually provide an adequate level of protection. We store data in such a way that unauthorized persons cannot access it; to this end, paper documents are stored in a closed, secure environment, and electronic data is accessible only to persons with properly arranged access rights.
We also ensure that data can be deleted in a way that prevents its recovery when the storage period ends or for any other reason requiring deletion. In the case of paper documents, destruction is carried out using a specialized shredder or by involving an external partner specialized in this. When decommissioning or destroying electronic media, we also ensure that data is irreparably removed.
Protection of Paper Documents
We provide physical protection for printed data to ensure safe, dry storage and appropriately locked spaces. Only authorized persons have access to these documents. If paper documents are also digitized, they are subject to the rules for digital processing. Anyone handling data must not leave the work area without ensuring that the materials entrusted to them are locked and protected against unauthorized access.
The building and premises where paper records are located have appropriate fire and property protection systems, reducing the possibility of physical damage.
Information Protection
Computers and mobile devices involved in data processing are equipped with appropriate antivirus protection and access control. To protect electronically stored information, we use updated backup and archiving solutions that ensure the availability of these backups if necessary.
Only authorized persons with specific levels of authority can connect to the central server. Computers used for work and data stored on them are protected with passwords and other access protection measures against unauthorized access.
Data Protection Incident Management and Reporting
If an event occurs that endangers personal data through unauthorized access, damage, or loss, we take immediate action to further protect the affected data and mitigate damage. If the situation indicates that the incident poses a significant risk to the rights or freedoms of individuals, we will notify the affected individuals without undue delay, explaining in an understandable way the nature of the incident and the measures we have taken or intend to take to address it.
Notification of affected individuals may be omitted if we have previously implemented security solutions (e.g., encryption) that make personal data incomprehensible to unauthorized persons, or if further measures significantly reduce the likelihood of risk. In some cases, public notification may be sufficient instead of direct notification if individual notification would require disproportionate effort.
In accordance with applicable regulations, if a data protection incident occurs that may cause a risk to the rights and freedoms of individuals, the data controller reports this to the competent supervisory authority within 72 hours after becoming aware of it. If the report is submitted after this period, the reasons for the delay must also be stated.
User Rights
As a data subject (user), you have the following rights regarding the processing of your personal data:
- Right of access (Article 15 GDPR)
You can find out whether we store data about you, and if so, which data, and you can request information about the purpose, legal basis, and other relevant circumstances of data processing. - Right to rectification (Article 16 GDPR)
You have the right to request correction or completion of inaccurate or incomplete data. - Right to erasure (“right to be forgotten”) (Article 17 GDPR)
If the data is no longer needed or if the legal conditions for deletion are met, you can request that it be deleted as soon as possible. - Right to restriction of processing (Article 18 GDPR)
In some cases, you can request that we only store the data and not use it otherwise (e.g., if you dispute the accuracy of the data but do not want to delete it immediately). - Right to data portability (Article 20 GDPR)
You have the right to receive the data we have about you in a machine-readable form or request that we transfer it to another service provider if technically feasible. - Right to object (Article 21 GDPR)
You can object to further processing of your personal data if you believe that our legitimate interests (or any other legal basis) do not sufficiently justify such processing.
To exercise these rights, contact us (email: info@entech-ms.si). We strive to respond to received requests as quickly as possible. We will usually respond within one month of receiving your request, but if necessary – e.g., if the request is complex – we may extend this period by an additional two months. We will inform you of the reasons for the extension during this initial one-month period.
If we are unable to fulfill your request, we will notify you of this and the reasons for it within the above-mentioned period. In this case, you have the right to file a complaint with a supervisory authority or seek judicial protection.
Complaints and Legal Remedies
If you believe that there has been a misuse of your personal data, you can file an official report at the following contact details:
- Email: info@entech-ms.si
- By mail: Slovenia, Kidričeva cesta 101, Škofja Loka, 4220 Škofja Loka
We thoroughly investigate reported complaints and inform you of the results of our investigation and any measures taken. If the law does not prescribe a specific deadline for handling complaints, we review at least once every three years how the complaint investigation and our process meet the purpose of data processing and applicable legal requirements.
You also have the right to file a complaint with the competent data protection authority:
- Authority name: Information Commissioner
- Address: Dunajska cesta 22, 1000 Ljubljana, Slovenia
- Phone: +386-1-230-9730
- Email: gp.ip@ip-rs.si
Date of last update: August 6, 2025