Privacy Policy

This Privacy Policy applies to each user of the TRL MAG website and its domain trlmag.com.

A user is any legal or natural person who uses or visits the website (“User”).

By using the Website, the User confirms that he/she agrees to the Privacy Policy.

Protection of personal data

GS Gold d.o.o. respects the privacy and security of personal data. We undertake to use personal data only for the purposes set out in this Privacy Policy. We protect personal data carefully and in accordance with the General Data Protection Regulation (Regulation (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC) (hereinafter referred to as “GDPR”), as well as with other legal regulations governing the protection of personal data.

1. the controller of the personal data

The controller of the personal data collected on the above-mentioned websites, which is processed in accordance with the internal Personal Data Protection Policy, is GS Gold, d.o.o., Ulica gledališča BTC 2, 1000 Ljubljana, Slovenia (hereinafter referred to as the “Controller”).

2. Transfer of personal data to third parties, third countries or international organizations

GS Gold, d.o.o. does not transfer personal data to third parties, third countries or international organizations, except in cases where the data subject has given us explicit permission to do so.

The exceptions to this are statistics on visits to and use of websites for which the online platforms Google Analytics, Outbrain, Midas, Live net life (LNL), Ad you like (AYL), Smart ad, Google Ad Sense, Adbeat, Content Exchange, Iprom, Teads, Twitter are used, Facebook, YouTube, Instagram, Pinterest, SoundCloud, and the Mailchimp web platform for sending email notifications about current games and promotions, email notifications about news and offers and email invitations to GS Gold d. o.o.

The GS Gold, d.o.o. website participates in the Slovenian national measurement of website traffic (MOSS). The measurement for MOSS is carried out by Fistnet, d.o.o. (Dotmetrics), which collects data on website traffic for the purpose of the survey. More information about Dotmetrics’ privacy policy can be found here.

3. Types of personal data, legal bases and purposes of processing

GS Gold, d.o.o. collects and processes personal data on the basis of the consent of individuals, the conclusion of contracts or for the performance of pre-contractual activities, the legitimate interests pursued by us and the fulfilment of legal obligations to which we are subject.

3.1 Processing based on consent

The data subject whose personal data is processed on the basis of consent may give his or her consent to the processing of personal data on a case-by-case basis.

The data subject may withdraw the consent given for each individual purpose at any time in a simple and easily accessible manner.

3.1.1 Sending of newsletters, notifications, promotions, etc.

  • Sending electronic notifications about current GS Gold, d.o.o. sweepstakes and promotions;
  • electronic notification of GS Gold, d.o.o. news and offers;
  • sending electronic invitations to GS Gold, d.o.o. events.

On the basis of consent, GS Gold, d.o.o. collects and processes the following personal data of the individual for each purpose separately: first name, surname, e-mail address, street address, house number, post code, city and telephone number.

3.1.2 Participation in prize draws

By participating in the prize draw, the individual gives consent to GS Gold, d.o.o. for the processing of personal data for the purposes of the prize draw, including the notification of prize winners.

For the purpose of the prize draw, GS Gold, d.o.o. collects and processes the following personal data: first name, surname, full address, e-mail address, telephone number and date of birth. In the case of prize winners, the tax identification number in accordance with the General Terms and Conditions.

On the basis of the individual’s consent, the data obtained will be passed on to the subscribers or the organizers of the prize draw.

3.2 Processing on the basis of a contract

GS Gold, d.o.o. collects and processes personal data of individuals on the basis of a contract or for the performance of pre-contractual activities for the purpose of performing contractual obligations.

3.3 Processing based on legitimate interests

GS Gold, d.o.o. collects and processes personal data on the basis of legitimate interests pursued by us. We collect personal data on the basis of legitimate interests for the following purposes:

  • Statistical analysis of the websites visited by GS Gold, d.o.o.;
  • providing and improving our services;
  • providing and developing innovative and personalized services for our customers and users of the GS Gold, d.o.o. website;
  • to ensure the security of our services and website, and to protect against fraud, spam, abuse, etc.

For these purposes, we collect and process the following personal data: IP address, statistics on visits to the GS Gold, d.o.o. website, data on the number of clicks, time of click, data on incoming and outgoing web pages, data on the type of client.

The personal data processed for the above purposes are not linked to the personal data of identifiable individuals.

3.4 Processing based on legal obligations to which the controller is subject

GS Gold, d.o.o. collects and processes personal data of individuals on the basis of legal obligations to which the controller is subject for the following purposes: keeping accounting records, invoicing, debt collection, list of prize winners.

For these purposes, we collect and process the following personal data: name, surname, address, tax number.

4. Protection of personal data

To ensure the protection of personal data, GS Gold, d.o.o. implements all the necessary physical, technical, logical and organizational procedures and measures, on the basis of the adopted internal acts and in accordance with good practices in the field of information security, or through contractual partners, in such a way that:

– the application software used to process personal data is secured;

– preventing unauthorized access to personal data in the course of their transmission, including transmission by telecommunications means and networks;

– provide an effective means of archiving, destroying, erasing or anonymizing personal data;

– secure premises, hardware and software;

– permits the subsequent identification of when personal data have been subject to any processing and by whom, for the period for which the personal data are stored.

5. Retention period of personal data

Personal data of the data subject obtained on the basis of consent shall be kept for up to 5 years from the withdrawal of the consent, only if provided for by specific legislation or in an anonymized form.

Personal data of the data subject processed on the basis of a contract may be retained for 10 years after the contractual obligations of both parties have been fulfilled and, in the case of recovery of unpaid contractual obligations, for 10 years after the conclusion of the legal proceedings.

Personal data collected on the basis of legitimate interests shall be kept until the data subject has exercised his or her rights or the purpose for which they were originally collected exists.

6. Rights of the data subject

In accordance with the applicable legislation governing the protection of personal data, the data subject has the following rights:

6.1 The right of access of the data subject

The data subject has the right to obtain confirmation from the controller as to whether personal data concerning him or her are being processed and, if so, access to the personal data.

6.2 Right to rectification

The data subject shall have the right to obtain from the controller the rectification of inaccurate personal data concerning him or her without undue delay. The data subject shall have the right, having regard to the purposes of the processing, to have incomplete personal data completed.

6.3 Right to erasure

The data subject shall have the right to have personal data concerning him or her erased by the controller without undue delay and the controller shall have the obligation to erase the personal data without undue delay.

6.4 Right to restriction of processing

The data subject shall have the right to obtain the controller’s restriction of processing where the data subject objects to the accuracy of the data, where the processing is unlawful and where the data subject objects to their erasure and requests instead the restriction of their use, where the data subject objects to processing and where the controller no longer needs the personal data for the purposes of the processing but the data subject needs them for the establishment, exercise or defense of claims.

6.5 Right to data portability

The data subject shall have the right to receive personal data concerning him or her which he or she has held with the controller, in a structured, commonly used and machine-readable format, and to have those data transmitted to another controller, without being hindered thereby by the controller to whom the personal data have been provided.

6.6 Right to object

The data subject shall have the right to object at any time, on grounds relating to his or her particular situation, to processing of personal data concerning him or her based on processing which is necessary for the legitimate interests of the controller, including profiling.

6.7 Automated individual decision-making, including profiling

The data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.

6.8 Right to lodge a complaint with a supervisory authority

The data subject may lodge a complaint concerning the processing of personal data concerning him or her directly with the competent supervisory authority, i.e. the Information Commissioner of the Republic of Slovenia.

7. Means of exercising the rights of data subjects

The data subject may exercise the rights to which he or she is entitled at any time in accordance with the General Data Protection Regulation.

He or she may, at any time, submit a request to exercise the rights to which he or she is entitled to info@trlmag.com.

8. Cookies

The website of GS Gold, d.o.o. uses cookies for its smooth operation. These are small text files that most websites store on users’ devices used to access the Internet in order to identify the individual devices used by users to access the Internet. Their storage is under the complete control of the browser used by the user – which can restrict or disable the storage of cookies if desired.

You can find out more about cookies in our Cookie Policy.

9. Changes and validity

GS Gold, d.o.o. reserves the right to change this Privacy Policy and we will issue a notice accordingly.