Personal data protection
We respect your privacy and take care of the security of your personal data at Terme Dobrna d.d. We are committed to data protection and ensuring security and confidentiality in accordance with applicable laws and regulations, as well as the company's internal general acts governing personal data protection.
The Company's Privacy Policy and Cookie Policy provide you with information about the processing of your personal data.
The information on the processing of personal data is valid as of 30.11.2020.
PRIVACY POLICY
As part of the Privacy Policy, the current page provides you with all the key information on the protection of personal data in the company Terme Dobrna d.d., including the collection, storage, purpose, and processing of personal data collected from users by the controller, as well as your rights and how to exercise them.
PERSONAL DATA COLLECTION CONTROLLER
Your personal data controller is the company Terme Dobrna d.d., Dobrna 50, 3204 Dobrna, registration number: 5053587000, tax number SI 94639272, e-mail: info@terme-dobrna.si.
OBTAINING YOUR PERSONAL DATA
We obtain your personal data during the course of legal business operations, specifically: when you identify yourself when using our services (reservations, contractual, marketing, analytical, payment, and legally harmonised activities related to the provision of core business), when you contact us by e-mail, telephone, in writing, or through social media, when you fill out any entry forms, subscribe to our services, use our website and its functions, or in any other way.
We also use cookies and similar technologies to collect data about how you use our website. More information on how we use these technologies for personal data collection can be found in our COOKIE POLICY.
PERSONAL DATA CATEGORIES AND PURPOSE OF USE
Personal data is only used and processed in accordance with a legal basis, a legitimate interest, and a statement of consent for the specific purpose of collection, as described below.
Personal data categories obtained and processed on the basis of the aforementioned bases, as well as their intended use:
| Personal data category | Purpose |
| Name, surname and contact details (address, e-mail, phone) |
Reservations, contractual, marketing, analytical, payment, and legally harmonised activities related to the provision of core business operations; sending of mail, e-mails, customised offers. |
| Information about your date of birth: | Applications for temporary residence in the event of a stay; verification of age/adolescence. |
Gender, nationality, type and number of identification document |
Registration of temporary residence in the event of a stay; gender data is collected in order to send personalised offers (based on consent). |
| Payment data | Payment and refund arrangements. |
| Data on your reservations, stays, and purchases | Providing services, resolving complaints, and sending personalised offers. |
| Health data | Treatment and rehabilitation of patients in spas and outpatient settings, as well as monitoring the quality and safety of health care |
| Data obtained through prize games or promotional activities | Implementation of such activities. |
Data obtained for direct marketing purposes (or for communication) |
For the purposes of direct marketing, with express consent, and For the purposes of direct marketing, on the basis of legitimate interests, with a clear possibility of objection under Article 21 of the General Regulation. |
STORAGE PERIOD
We retain your data for the duration of the business relationship or for the purposes specified in this Privacy Policy, unless a longer retention period is required or permitted by law, in whole or in part.
Personal data obtained on the basis of a legitimate interest are retained for the duration of the business relationship or purpose, plus 5 years for possible legal claims assertion and defence (such as the general statute of limitations under the Code of Obligations). Personal data on accounting documents must be kept for 10 years from the date of issue due to tax regulations.
The data obtained with consent are kept until the consent is revoked or the purpose expires, at which point the collection or personal data (of the individual) are immediately and effectively deleted.
Data obtained under the Residence Registration Act (during a guest's registration) are kept for one year from the expiration of the last day of the year of deregistration, or for 5 years in the case of claims (during this time the data is not active and is not in use.).
Medical records are kept in accordance with the Health Care Databases Act and are subject to a strict security policy.
In exceptional cases, we may process your personal data for a longer period of time if required by applicable laws in the Republic of Slovenia.
TRANSFER OF PERSONAL DATA TO THIRD PARTIES
We handle your personal data with care and responsibility, as we want to maintain your trust in the future.
In general, only our professionally qualified employees within the scope of their responsibilities process your personal data. We only transfer personal data of guests for external processing to contractual processors who process the data solely within the framework of the concluded personal data processing contract.
Personal data files are stored on the premises where the activity occurs, i.e. within the EU, and are not exported to third countries.
TRANSFER OF PERSONAL DATA TO THIRD PARTIES
We handle your personal data with care and responsibility, as we want to maintain your trust in the future.
In general, only our professionally qualified employees within the scope of their responsibilities process your personal data. We only transfer personal data of guests for external processing to contractual processors who process the data solely within the framework of the concluded personal data processing contract.
Personal data files are stored on the premises where the activity occurs, i.e. within the EU, and are not exported to third countries.
AUTHORISED PERSON FOR PERSONAL DATA PROTECTION
Terme Dobrna d.d. has designated an authorised person for the protection of personal data, who will assist you with personal data processing and exercising your rights.
You can exercise your rights in the field of personal data protection in the most accessible way possible by using any information channel (oral/written, by telephone, online, by post, or in person at the reception), namely:
- to our address: TERME DOBRNA D.D., DOBRNA 50, 3204 DOBRNA,
- via our e-mail address: info@terme-dobrna.si
- in person at hotel receptions and by phone at 080-22-10.
USER RIGHTS
When exercising your rights and issues related to your personal data and exercising your rights under the General Regulation on Personal Data Protection, you can contact the designated authorised person for personal data protection at Terme Dobrna d.d.
To ensure fair and transparent processing of personal data, the individual whose personal data is processed may: request access-acquaintance, supplementation/correction, blocking or restricting the processing of personal data related to them, or deletion of personal data related to them.
Individuals have the right to revoke their consent to the processing of their personal data (for one or more specific purposes) at any time, permanently or temporarily, in whole or in part. The individual does so in the most accessible way possible, which can be accomplished through any of the available information channels (orally/in writing, by phone, online, by post, or in person at the reception).
