SCOPE OF APPLICATION
This Policy applies to the use, storage, collection and processing of personal data that the company Citizensl receives from the User, when the latter browses and uses the functionality of the website https://citizensl.com/en/, as well as establishes the obligations of the website Administration for nondisclosure and ensuring the protection of confidentiality of personal data, which the User provides at the request of the Administration of the website when making requests for using the Company's services through online forms or other means of online communication. онлайн-коммуникации.
- Company", "Controller", "we", "us/us" or "our/our/our/our" means the company “Citizensl”, which is a limited liability company incorporated and operating under the laws of Slovenija, located in Slovenija, Maribor, Partizanska cesta 6.
- "Website" means the website at the address https://citizensl.com/en/, which is an optimized web-based information resource for the provision of migration, legal and other related services, which is designed to optimize the interaction between the Users and the Company, and which has the functionality to receive the User's requests for the Company's services.
- "Website Administration" means employees of the company Citizensl and/or other persons, authorized by the Company and acting on its behalf, who carry out the processing of personal data.
- "User" means a person, who has access to the website using the Internet and using the website for the purpose of generating applications for the services of the Company, among other purposes.
- "Personal data" means any information relating to a directly or indirectly defined or identifiable individual (the subject of personal data).
- "Processing of personal data" means any action (operation) or a set of actions (operations) performed with or without the use of automation means to personal data, including the collection, recording, systematization, accumulation, storage, clarification (update, change), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.
- "Confidentiality of personal data" means a mandatory requirement for the operator or other person, who has the access to personal data, to prevent their dissemination without the consent of the personal data subject or availability of other legitimate grounds.
- "Cookies" means a small piece of data, sent by a web server and stored on a user's computer, which the web client or web browser sends to the web server each time in an HTTP request, when trying to open a page of the relevant website.
The Administration of the Website respects the User's right to privacy and confidentiality of their personal data obtained through the use of the Website, and takes all measures necessary to maintain its confidentiality and security, including the use of generally accepted standards of technological and operational protection from possible loss, improper use, modification or destruction of personal data.
The User is solely responsible for the validity and accuracy of the data he/she provides, when making an application on the Website and filling out various electronic forms, posted on the Website. The Administration does not verify the accuracy of the personal data provided by the User on the Website.
TYPES OF PERSONAL DATA COLLECTED AND ITS PROCESSING
- Name and Surname of the User;
- Phone number of the User;
- Country of residence, city;
Some data, such as IP address, domain name, country of IP registration, type and version of browser and operating system, URL-address, by which the User came to the Website, can be collected and found automatically, when the User visits the Website, by using tracking technologies (cookies) in accordance with this Policy.
The Company may also receive information about the User from other sources, websites or social media, including, but not limited to, when the User interacts with the Company by those means or accessing the Company's social media content. The relevant information, that the Company may receive in such way, is governed by the privacy settings, policies and/or procedures of the relevant social media resource, and the Company strongly encourages all Users to learn about these policies and procedures before using them.
All personal information, including information that allows the identification of the User, is provided by the Users of the Website on a purely voluntary basis. All data which the User provides on the Website during registration or when filling out forms (Name, phone number, e-mail, city and country of residence, etc.) are kept confidential and are not disclosed.
Processed personal information of the User can be used for the following purposes:
- Logins - to verify the legitimacy of access to the functionality of the Website during authorization, as well as for the administration of the User's account;
- First and Last Name - to confirm registration on the Website, as well as to interact and communicate with the Administration of the Website, as well as to provide the User with legal and other services that the User requests;
- Country of residence, city - to analyze and determine the specifics of providing the User with services in accordance with the laws of the User's country of residence;
- E-mail and phone number - to maintain communication with the User, to inform the User about the order of cooperation, to send the User legal news, other important information or materials that may interest the User, as well as other information that the Company considers necessary for providing quality services to the User.
Also, the Company and/or Website Administration may use the collected information to answer inquiries from the User, to provide the User with legal and other Company services requested by the User, to maintain a client database, perform customer analysis in order to improve the quality of services; prevent, detect and investigate potentially illegal or unlawful actions, including fraud; for business purposes of the Company, including customer data analysis, billing, efficiency evaluation, and other purposes.
INFORMATION DISCLOSURE AND DATA TRANSFER
The Company and/or the Website Administration may transfer information that does not allow to identify the User in cases when it is allowed by applicable law.
By using the Website, making an application, as well as filling out various electronic forms posted on the Website, the User provides their consent to the fact,that their data may be transferred to third parties only for the purpose of properly providing the selected services to the Company.
The Company and/or the Website Administration may transfer the data:
- to financial and banking institutions for billing, settlement and to provide the User directly with the Company's selected services.
- to websites that contain links to the Website. If a User is directed to the Website from another website, we will provide certain information about Users to those websites, that have provided links to us. We do not limit our use of User's confidential information to such Web sites, and we encourage you to independently review the privacy policies of the websites from which you linked to our Website;
- to our third-party service providers, that provide services on behalf of the Company, such as web hosting companies, email service providers, analytics service providers, event hosting service providers and information technology providers.
- to service providers, consultants, potential transaction partners or other third parties in connection with the consideration, negotiation or completion of a transaction in which we acquire or merge with another company or we sell, liquidate or transfer all or part of our assets.
- to law enforcement authorities, other government agencies or third parties (within or outside the jurisdiction in which you reside) as may be permitted or required by the laws of any jurisdiction that may apply to us; as contractually required; for immigration requirements; or as we believe reasonably necessary to provide legal services. In these circumstances, we make reasonable efforts to notify you before we disclose information that could reasonably identify you, unless prior notice is prohibited by applicable law or is impossible or reasonable in the given circumstances.
- officials, employees, representatives and agents of the Company and/or the Website Administration, for the purpose of providing a quality service.
CROSS-BORDER DATA TRANSFER
Given that the Company's offices are located in different countries, providing the information set forth in the INFORMATION DISCLOSURE AND DATA TRANSFER section may sometimes involve a cross-border transfer of data to other jurisdictions. For example, if a user is located outside of the European Economic Area (EEA) and the User's information is processed by the Company's offices located in the EU. In this case, we use standard clauses in agreements approved by the European Commission or other appropriate guarantees to permit data transfers within the EEA or other countries and jurisdictions. Standard clauses of the agreements are obligations between the companies transferring personal data to protect the confidentiality and security of User data.
RETENTION PERIOD OF PERSONAL DATA
Generally, the term of processing and storage of personal data is 3 years from the date of the User's last activity on the website or termination of the Company's services. The specified period is usually necessary to comply with applicable tax laws, resolve disputes and enforce agreements or other legal obligations.
In practice, the Company deletes or anonymizes information after three years have passed since the end of the cooperation with the User and the provision of services to him/her, except if:
- there is a need to keep information about the User in accordance with the law, in order to comply with the requirements established by law regarding data retention;
- there is a need to store the information about the User in order to prove the Company's compliance with the law;
- there is a lawsuit or dispute requiring the Company to retain the information until the resolution of the lawsuit or dispute;
- there is a need to retain the information to comply with legitimate Company business interests, such as preventing fraud and enhancing the safety and security of Users.
According to European regulations, the retention period for personal data is generally 6 to 10 years (e.g. for contracts, notices and business letters). To the extent permitted or required by law, the Company restricts the processing of User data instead of deleting it (e.g. by restricting access to it). This applies in particular to cases where data may still be needed to fulfill a contract or a claim, or to defend against legal action, or where such retention is required or permitted by law. In these cases, the period of validity of the processing restriction depends on the relevant period of limitation or retention. The data will be deleted after the expiry of the respective limitation or retention period.
Taking care of the security of personal data of Users and ensuring their rights and legitimate interests, the Company considers it necessary to set forth and inform Users, who have provided access to their personal data by giving direct consent to its processing, of their rights as well as the rights of Users in cases, where the basis for processing personal data is the conclusion of a contract in which the User is a party, and processing of personal data is necessary to perform it.
- Data access rights.
The user has the right to know and ask whether personal data is being processed, the purpose of the processing, which personal data is being processed, the categories of personal data, who the data subject is, the storage period of personal data, etc.
- The right to withdraw their consent to the processing of personal data
The user has the right to withdraw their consent to the processing, storage of personal data at any time by submitting an appropriate request.
- The user's right to request the deletion of their personal data
The User may request the deletion of their personal data in order to prevent it from being disseminated or transferred to third parties, if the purposes for which the data were processed are reached, the User has withdrawn their consent to the protection of personal data, the personal data were processed unlawfully, in other cases arising from European Union law and the national legislation of the countries subject to the Regulations. Such a request may be sent to the Company in any form, with the Company notifying the User of the irrevocable deletion of their personal data.
- Right to restrict the processing of personal data
The User has the right to request the restriction of data processing if the accuracy of personal data is disputed by the User, personal data have been processed unlawfully and the User does not wish to delete them, or in other cases stipulated by the Regulations and the legislation of the relevant jurisdictions.
- The right to data portability
The User has the right to receive their personal data in a structured, machine-readable form, i.e. in electronic form, free of charge and without restriction. Thus, the user has the right to obtain their personal data in electronic form without delay. This right also includes the User's ability to transfer their personal data from one company to another.
- The right to correction of personal data.
The user has the right at any time to request a change in the information about their personal data by sending an appropriate request.
- The right to object to the processing of personal data
The user has the right to object at any time to the processing of personal data, if the data is processed for direct marketing purposes. If the user raises this objection, the personal data is not subject to further processing.
- Right to complain to the supervisory authority
The User shall have the right to complain to the Authority in the event of a breach of the Regulations. The supervisory authority is a body established under the national law of the particular state, whose competence includes monitoring the implementation of the Regulation, protection of the rights and freedoms of natural persons in relation to the processing and free flow of personal data in the territory of the European Union.
The Company is constantly working to improve the security of personal data of Users, improving the current and finding innovative ways to process data in order to ensure its safety and compliance with the requirements of the legislation. Therefore, the Company reserves the right to change and improve this Policy from time to time, which will be notified to the Users by posting the changes in the Policy publicly on the Website. We strongly recommend to get periodically acquainted with possible changes of this Policy in the respective section of the Website.