Personal Data Protection Policy – White Label Collagen

Privacy Policy

Privacy Policy and Cookie Policy

When you visit this website https://whitelabelcollagen.com/ (”Website”) we take your privacy seriously. This Privacy Policy and Cookie Policy (‘’Policy’’) explains who we are, how we collect, process, use and store your personal data in accordance with legislation of Republic of Slovenia and Regulation (EU) 2016/679 (General Data Protection Regulation-GDPR).

We process personal data only for the purposes for which it was collected and in accordance with this Policy. We take reasonable steps to ensure that the personal data we process is accurate, complete and current, but we depend on you to update or correct your personal data when necessary.

PERSONAL DATA CONTROLLER

Controller of personal data is TOSLA d.o.o., Železna cesta 8a, 1000 Ljubljana, Slovenia, VAT nr.:
12355992, registration nr.: 6596886000 (‘’controller’’, ‘’we’’ or ‘’us’’). We do not have Data Protection Officer as we do not process personal data to such an extent that this obligation should be fulfilled, but you can always contact us by e-mail dataprotection@tosla.si.

When do we collect your personal data, what type of data we collect, on what lawful basis we process data

We may collect your personal data when you use our Website.

This Website is designed for informative purpose and is not designed to collect any data from you without your knowledge, but we have to ensure that this Website is secured. We process non-personal data when you visit and use our Website. Some of that data is considered as personal data (such as IP address) but mostly that data alone, cannot be used to identify or contact you. We want to continuously improve our Website and your experience, so the information of your use of our Website is very important for us. For that purpose we use cookies and other tracking technologies to automatically collect and analyze data we collect.

When you visit and use our Website, your browser automatically sends data to our server and temporary saves it. The data we collect may include:

operating system,
browser type/version,
IP address,
Date and time of your use of Website.

Legal basis for personal data processing: personal consent which you can withdraw at any time (Article 6 (1) (a) of GDPR) and our legitimate interests (Article 6 (1) (f) of GDPR) for the purpose of securing, improving and optimizing our Website.

We collect your personal data when you decide to contact us such as by contact form available at our Website, our e-mail indicated on our Website.

When you send us an e-mail you may provide us with your personal data. We will use your personal data that you provide to us for the purpose of answering your inquiry and to make further contact with you about your regard. The data we collect may include:

your e-mail,
your name and surname,
country
all other personal and non-personal data that you provide to us voluntary, such us in message.

Legal basis for personal data processing: your consent (Article 6 (1) (a) of GDPR), our legitimate interests (Article 6 (1) (f) of GDPR), or performance of contract or in order to take steps at the request of the data subject prior to entering into a contract (Article 6 (1) (b) of GDPR).

We do not collect or process other personal data through this Website.

WITH WHOM DO WE SHARE YOUR PERSONAL DATA WITH?

We are not in the business of selling your personal data. We do share personal data with third parties, which may be processors of your personal data only as set forth in this Policy. We share it with carefully selected business partners that we either control or are our external contractors and that are either subjects to this Policy or that follow practices that are at least as restrictive as those described in this Policy or we have a data processing contract in accordance with GDPR requirements. We may share it with:

Based on your consent, we may share your personal data with those third-parties for whom you have given your consent. Our service providers, Website maintenance staff and as we use some other third-party service providers to offer or facilitate services on our behalf. These services may include research and analyze the individuals who use our Webiste (such us Google Analytics).
We may report to law enforcement agencies any activities that we reasonably believe to be unlawful, or that we reasonably believe may aid a law enforcement investigation into unlawful activity. In addition, we reserve the right to release your personal data to law enforcement agencies if we determine, in our sole judgment, that either you have violated our policies, or the release of your personal data may protect the rights, property, or safety of us or another person. We will disclose personal data that that law enforcement agencies require in particular case to be disclosed.
We may disclose your personal data to comply with a law, regulation or compulsory legal request, to protect the safety of any person from death or serious bodily injury, prevent fraud or misuse of products or services or its users or to protect our property rights. We will disclose personal data to government entities or third parties based on judgments of courts or tribunals or decisions of administrative authorities or another binding act. We will disclose personal data that previously mentioned entities require in particular case to be disclosed.

THIRD COUNTRIES

We do not transmit your personal data to third countries, but we use Google Analytics who may forward the collected data to a different country. Please note that Google Analytics might transfer the data outside of the EU/EEA and to a country without the required data protection standards.

CHILDREN DATA

We are committed to protecting the online privacy of children and making the internet safe. Any communication we get that is identified as being from a child under 15 will not be kept by us. We encourage parents or guardians of children under 15 to regularly check and monitor their children’s use of email and other activities online.

AUTOMATED DECISION MAKING AND PROFILING

We do not process personal data for automated decision making and profiling.

HOW DO WE KEEP YOUR PERSONAL DATA SECURE?

We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. These include internal reviews of data collection, storage and processing practices and security measures, as well as physical security measures to guard against unauthorized access to systems where we store personal data. We restrict access to personal data to our employees, service providers and agents who need to know such information in order to operate, develop or improve our services. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations. We use secure socket layer (“SSL”) technology to encrypt and protect the security of your personal data. Therefore, while we strive to protect your personal data, we cannot guarantee its absolute security. We are not responsible for the functionality, privacy or security measures of any other organization.

DATA RETENTION

We store your personal data for as long as is needed for its purpose. We may store anonymized information longer, but only in a way that it cannot be tracked back to you. We store personal data in accordance with applicable law. Retention for personal data may vary depending on the applicable sectoral legislation (eg. tax, accounting legislation). In the case where the applicable sectoral legislation establishes mandatory duration for retention of personal data, we will delete if after the expiration of that mandatory duration. When personal data is no longer needed, we shall delete it using reasonable measures to protect the personal data from unauthorized access or use.

YOUR RIGHTS AS THE DATA SUBJECT

In relation to your personal data that we process, you have the right:

To withdraw consent to processing of your personal data at any time (The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal).
To obtain confirmation whether we process your personal data.
To access: to request confirmation whether we process your personal data relating to you, and if so, to request a copy of that personal data, to ask about purposes of processing, categories of personal data concerned, whether personal data is transferred to a third country or international organization etc.
To rectification: to request that we rectify or update any personal data that is inaccurate, incomplete or outdated.
To erasure (Right to be forgotten): to request that we erase your personal data in certain circumstances, such as when the processing of personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed or where we collected personal data on the basis of your consent and you withdraw your consent etc.
Of restriction of processing: to request that we restrict the use of your personal data in certain circumstances, such as when accuracy of the personal data is contested by you;
To data portability: to request that we provide a copy of your personal data to you in structured, commonly used and machine-readable format in certain circumstances and you have the right to transmit that personal data to another controller in certain circumstances.
To object: at any time to processing of personal data for our legitimate interest, to direct marketing and profiling connected with direct marketing.
To appeal, independent of the above stated rights, to a supervisory authority if you believe that processing of your personal data violates the data protection regulations. You may file a complaint to the competent state authority: Information Commissioner, Dunajska 22, 1000 Ljubljana, e-mail address: gp.ip@ip-rs.si, phone: 00386 1 230 97 30, website: ip-rs.si.

For all stated rights, you may, at any time, contact us

at dataprotection@tosla.si.

We shall promptly ensure that the request is complied with immediately, but no later than in one (1) month. You will receive requested personal data in a structured, machine-readable and generally applicable way. First copy of your personal data in electronic or hard is free of charge, each additional copy we may charge a fee to cover cost of preparing the copy.

COOKIES AND TRACKING TECHNOLOGY

Cookies are small text files placed on your hard drive. We use cookies or similar technologies (Google Analytics etc.) to personalize your online experience and improve our Website to you. For example, cookies will remember and process the items in your shopping cart on our Website. You can modify your browser settings to control whether your computer accepts or declines cookies. If you choose to decline cookies, you may not be able to use certain interactive features of our Website. Note that you can always go back and delete cookies from your browser; however, that means that any settings or preferences controlled by those cookies will also be deleted and you may need to recreate them. The law states that we can store cookies on your device if they are strictly necessary for the operation of the Website. For all other types of cookies (unnecessary cookies; e.g. analytics cookies), we need your prior informed consent.

Below is a list of cookies that we use. We have listed them so that you can choose if you want to opt-out of cookies or not.

Strictly Necessary cookies

Cookie key	Domain	Path	Cookie type	Expiration	Description
CookieScriptConsent More info	.whitelabelcollagen.com	/	First-party	1 month	This cookie is used by Cookie-Script.com service to remember visitor cookie consent preferences. It is necessary for Cookie-Script.com cookie banner to work properly.

AnalyticsSyncHistory More info	.linkedin.com	/	Third-party	1 month	Used to store information about the time a sync with the lms_analytics cookie took place for users in the Designated Countries

li_gc More info	.linkedin.com	/	Third-party	1 year 11 months	Used to store guest consent to the use of cookies for non-essential purposes

mtc_id More info	whitelabelcollagen.com	/	First-party	Session	This cookie is used to detect how visitors engage with the website, in order to improve the information we provide on the website. Visitors that choose not to engage with any website form or email-link will remain anonymous.

mtc_sid More info	whitelabelcollagen.com	/	First-party	Session	This cookie is used to detect how visitors engage with the website, in order to improve the information we provide on the website. Visitors that choose not to engage with any website form or email-link will remain anonymous.

mautic_device_id More info	whitelabelcollagen.com	/	First-party	Session	This cookie is used to detect how visitors engage with the website, in order to improve the information we provide on the website. Visitors that choose not to engage with any website form or email-link will remain anonymous.

Performance cookies

Cookie key	Domain	Path	Cookie type	Expiration	Description
_ga More info	.whitelabelcollagen.com	/	First-party	2 years	This cookie name is associated with Google Universal Analytics – which is a significant update to Google’s more commonly used analytics service. This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the sites analytics reports.

_gid More info	.whitelabelcollagen.com	/	First-party	1 day	This cookie is set by Google Analytics. It stores and update a unique value for each page visited and is used to count and track pageviews.

Targeting cookies

Cookie key	Domain	Path	Cookie type	Expiration	Description
UserMatchHistory More info	.linkedin.com	/	Third-party	1 month	This cookie is used to track visitors so that more relevant ads can be presented based on the visitor’s preferences.

bcookie More info	.linkedin.com	/	Third-party	2 years	This is a Microsoft MSN 1st party cookie for sharing the content of the website via social media.

lidc More info	.linkedin.com	/	Third-party	1 day	This is a Microsoft MSN 1st party cookie that ensures the proper functioning of this website.

bscookie More info	.www.linkedin.com	/	Third-party	2 years	Used by the social networking service, LinkedIn, for tracking the use of embedded services.

_gat_gtag_UA_138420622_2 More info	.whitelabelcollagen.com	/	First-party	1 minute	This cookie is part of Google Analytics and is used to limit requests (throttle request rate).

_fbp More info	.whitelabelcollagen.com	/	First-party	3 months	Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers

Functionality cookies

Cookie key	Domain	Path	Cookie type	Expiration	Description
lang More info	.ads.linkedin.com	/	Third-party	Session	There are many different types of cookies associated with this name, and a more detailed look at how it is used on a particular website is generally recommended. However, in most cases it will likely be used to store language preferences, potentially to serve up content in the stored language.

lang More info	.linkedin.com	/	Third-party	Session	There are many different types of cookies associated with this name, and a more detailed look at how it is used on a particular website is generally recommended. However, in most cases it will likely be used to store language preferences, potentially to serve up content in the stored language.

GOOGLE ANALYTICS

On our Website, we have the component of Google Analytics. Google Analytics is a web analytics service. Web analytics is the collection, gathering, and analysis of data about the behavior of visitors to websites. A web analysis service collects, inter alia, data about the website from which a person has come (the so-called referrer), which sub-pages were visited, or how often and for what duration a sub-page was viewed. Web analytics are mainly used for the optimization of a website and in order to carry out a cost-benefit analysis of Internet advertising. The data processing is based on a data processing agreement with Google. You can read more about Google Analytics privacy policy here.

More about Google Analytics: The operator of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States.

GOOGLE ADS

FACEBOOK PIXEL

LINKEDIN ADS

MAUTIC MARKETING AUTOMATION

On our Website we use Mautic which is a self-hosted open source makreting automation service and uses cookies. We would like point out that the information generated by the Mautic cookies about the use of this Website are stored within our own servers within Europe and will not be disclosed to third parties.

MORE ABOUT COOKIES

More information about cookies, including instructions on how to manage cookies in the browser you use, is available at the following links:

If you do not accept our cookies completely, there is a possibility that some parts of our Website will not work properly, or you may need to manually adjust your desired settings each time you visit our Website.

LINKS TO OTHER WEBSITES

Our Website may contain links to third websites. These websites have their own privacy policies, which you should familiarize yourself with, as we do not assume any responsibility for them.

UPDATES TO THIS POLICY

We may amend this Policy from time to time. Use of personal data we collect now is subject to the Policy in effect at the time such personal data is used. If we make changes in the way we collect or use personal data, we will notify you by posting new Policy on Website. You are bound by the changes to the Policy when you use our Website after such changes have been first posted. This Policy was last updated on 1.6.2021.

Privacy Policy

STAY IN THE KNOW

HQ

Production