At Registry .si, we respect your privacy. When processing your personal and other data, we always act with utmost care and in accordance with the applicable regulations on the protection of personal data.
In the continuation of this statement, we will explain:
- what personal data we process if you register a .si domain, and how we use them;
- how we safeguard your personal information when you visit our website;
- what your privacy rights are, and how the law protects you.
Who will manage your data?
The manager of the personal data collection is Registry .si, which operates under the auspices of the Academic and Research Network of Slovenia (ARNES) with its registered office at Tehnološki park 18, 1000 Ljubljana (hereinafter: »Registry .si«).
Contacts of the data protection officer
If you have any questions regarding the protection of your personal data or if you would like to exercise any right regarding your personal data, please email us at firstname.lastname@example.org, or contact the data protection officer at ARNES directly at email@example.com.
What personal data we process, how we obtain it and on what legal basis we process it
Registry .si obtains certain information in various ways, which enables the direct or indirect identification of an individual (personal data). We collect your personal data:
- either during the process of registering .si domains through our registrars who have a contract with us for participation in the registration of .si domains, or
- you provide it to us voluntarily by post, e-mail, telephone or otherwise, when you contact us to verify your registration information;
We do not collect specific types of personal information such as details about your race or ethnic origin, political opinion, religious or philosophical beliefs, sex life, sexual orientation, union membership, or health, genetic and biometric data. We also do not collect any information on criminal convictions and crimes.
Collection and processing of personal data of .si domain holders
Personal data of .si domain holders are collected during the domain registration process via our registrars who have entered into a contract with us on participation in domain registration. To learn more, please read our General Terms and Conditions.
What personal data do we process if you are a .si domain holder?
In order to provide you with good services and to improve them further, we may process (collect, use, store, disclose by transmission) the following personal and other data of yours:
- first name, last name, permanent residence address, if the holder is a private individual;
- company/title and registered office, if the holder is an organization;
- holder’s email address (contact email address);
- telephone number or fax number of the institution;
- information on the technical contact person (first name, last name, email, address, phone or fax number).
It is vital that your information is accurate and up-to-date at all times during registration, so please notify your registrar of any changes to your information.
For what purposes do we process your personal data if you are a .si domain holder?
We process the collected personal data for various purposes:
- In order to smoothly perform the activities of the Registry .si, we must collect some personal information relating to your domain within the context of managing the domain name system under the .si top-level domain;
- In order to ensure the transparency and stability of the .si domain system, we must maintain a complete and accurate database of all registered .si domains. This helps create and maintain a trustworthy and safer Internet environment;
- in order to identify you and contact you directly regarding the registration of a .si domain, if and when necessary;
- in order to perform the contract if you are a holder of a .si domain.
On what legal basis do we process your personal data if you are the holder of a .si domain?
We need to collect and process your personal information in order to perform your contract or to protect our legitimate interests.
If you are the holder of a .si domain, we obtain your personal data from the registrar with whom you have agreed to register the domain. As soon as your domain is registered, you – the holder of the domain – have accepted our General Terms and Conditions as binding and entered into a contractual legal relationship with us (the holder and Registry .si enter into a contract through the general terms and conditions). The information provided by the registrar is required for the implementation of the said contract (Item 6(1)(b) of the General Data Protection Regulation).
Some of this information (only the contact email address, in case of individuals) is published in a publicly accessible database related to the WHOIS protocol, which allows anyone, by entering your domain, to search for your information (only the contact email address, in case of individuals), your domain information, technical contact and registrar. The legal basis for the publication of personal data in this case is the protection of legitimate interests (Item 6(1)(f) of the General Data Protection Regulation), especially in the interest of protecting the rights of third parties who are allowed to contact you as an .si domain holder, providing greater security by providing technical contact information for technical issues related to your domain and preventing malicious registrations (i.e. domains that are registered for the purpose of publishing illegal online content).
Which third parties (except for Register.si) use personal data collected during the registration of a .si domain?
We will use your personal data solely for the purposes stated above, and we will disclose and pass it on to third parties only if you give your explicit and unambiguous consent in the agreed form of communication. In addition, we will disclose your personal information when we are required to do so by our General Terms and Conditions or other legal obligations.
We require all third parties to safeguard your personal information and to comply with the law.
You can read more about the disclosure process here.
Collection and processing of personal data when visiting the Registry .si website
When visiting the website without consent to the installation of Google Analytics cookies
When you visit the website, but do not consent to the installation of Google Analytics cookies, information about your visit is recorded on the web server in the form of server files: date and time of visit, details about http query, IP number of your device, etc.
The data collected in this way shall be processed for the purpose of ensuring network and information security, i.e. the ability of a network or information system to prevent accidental events or illegal or malicious acts compromising the availability, authenticity, integrity and confidentiality of the stored or transmitted personal data. Such processing is necessary for the performance of a task in the public interest or in the exercise of public authority conferred on the controller (item 6(1)(e) of the General Data Protection Regulation).
The data collected in this way is stored for 90 days from the date of the visit to the website and is not passed on to other users since the website is hosted on the server infrastructure of the Arnes Public Institution.
Although you have not consented to the installation of analytics cookies, cookies essential for the proper functioning of the website are nevertheless stored on your device. You will find further details in the section “List of cookies on the website”.
When visiting the website and offering your consent to the installation of Google Analytics analytics cookies
When you visit the website and give your consent to the installation of Google Analytics cookies on the entry page, both permanent and temporary (session cookies) Google Analytics cookies are installed on your device.
We use the service for the purpose of analyzing traffic (counting visitors, identifying browsers and user time spent on the page, navigation problems, etc.). They allow us to assess the reach and level of interest of our content. The legal basis for the purpose of setting a cookie for analytics monitoring purposes is your valid consent (Item 6(1)(a) of the General Data Protection Regulation).
The data collected in this manner are kept for 26 months.
What third parties (other than Registry .si) use personal data collected through the installation of Google Analytics cookies?
We use Google LLC’s Google Analytics service to monitor website traffic. Processing by the said processors is governed by a Data Processing Agreement.
Do we transfer personal data collected in this way to a third country or an international organization?
When using Google Analytics, personal data of individuals are transferred outside the European Union to the United States, which is a country included in the list of third countries that provide an adequate level of personal data protection when it comes to personal data transferred under the EU-US Privacy Shield (Information Commissioner Decision no. 0601-3/2017/2 dated March 20, 2017). Google LLC is appropriately self-certified under the Privacy Shield, so this is a transfer where the operator has provided appropriate safety measures.
Cookies enable the operation of our website and help us understand what information is most useful to you as a visitor to our website. We use functional cookies on the website, which are necessary for the proper technical operation of the website, or those necessary for the user to accept the service requested. These are cookies that are placed on the user’s device without consent, as they fall under the exception as defined in Article 157 of the Electronic Communications Act (ZEKom-1).
We also use Google Analytics cookies that are permanent or temporary (session cookies). We use the service for the purpose of analyzing traffic (counting visitors, identifying browsers and user time spent on the page, navigation problems, etc.). They allow us to assess the reach and level of interest of our content and notices. We use all information internally and solely for the purpose of improving our website. The installation of Google Analytics is limited to basic functionality only, i.e. cookies that are only placed on your device if you have given a valid consent, as defined in Article 6(1)(a) of the General Data Protection Regulation.
List of cookies on the website:
|_ga||Google analytics||Expires in 2 years||This cookie allows us to better understand the habits of visitors using web analytics.|
|_gid||Google analytics||Expires in 1 day||This cookie allows us to better understand the habits of visitors using web analytics.|
|_gat||Google analytics||Expires in 1 minute||Performance cookie for GUA.|
|cookie_notice_accepted||Wordpress (this website)||Expires in 30 days||Cookie notice display acknowledgment.|
|wp-wpml_current_language||Wordpress (this website)||Expires in 1 day||Language settings preference.|
Turning off or rejecting the analytics cookies
Each visitor has the option of subsequently rejecting or revoking his consent to the installation of analytics cookies and also of disagreeing with their installation on the first visit to the website. By clicking on the “I do not accept” button, the web analytics tool will no longer record your visits to this website, meaning that the cookie will not be installed at all. If you delete all cookies or disable cookies, replace your computer or browser, you will have to select the installation/rejection option for analytics cookies again when you visit the website.
Even if you refuse to install the analytics cookies, those cookies that are absolutely necessary for the proper functioning of the website will nevertheless be stored on your device.
You can change your cookie consent by clicking the button below.Cookie settings
How long is your personal information kept?
We will only retain your personal information for as long as necessary to fulfill the purposes for which we collected it.
To determine the appropriate retention period, we consider the amount, nature and sensitivity of personal data, the potential risk of harm due to unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether these objectives can be achieved by other means and applicable legal requirements.
What rights do you have?
Upon your request regarding data relating to you, we will grant you access to personal data and the correction or deletion of personal data, or restrictions on processing in relation to them, as well as the right to object to the processing and the right to data portability.
You can revoke your consent to the processing of your personal data at any time, but this does not affect the lawfulness of the data processing that had taken place on the basis of your consent before you revoked it. You can revoke your consent to the installation of the Google Analytics cookies by clicking the appropriate selection in the cookie notification.
When exercising any of your rights, or for any additional information, we are available at email addresses firstname.lastname@example.org and email@example.com. We will process your application and respond in accordance with the provisions of the General Data Protection Regulation and other applicable legislation.
If you believe that your rights or regulations on the protection of personal data have been violated, you can file a complaint with the competent state authority, i.e. the Information Commissioner of the Republic of Slovenia (Dunajska cesta 22, 1000 Ljubljana, phone: +386 1 230 97 30, fax: + 386 1 230 97 78, email: firstname.lastname@example.org). Nonetheless, we would appreciate it if you could first contact us and give us the opportunity to respond to your grounds of appeal before filing a grievance.
Safeguarding your personal data
At Registry .si, we work hard to regularly implement and update security measures to protect your personal data and other information from unauthorized access, loss, destruction or alteration. In addition, we restrict access to your personal information to those employees and contractors who must have the information and who have adequate knowledge of data security and security regulations. We strive to ensure that all information is securely stored, and we require our registrars to use appropriate technical and organizational procedures to secure your information.
We have also established procedures to deal with any alleged breaches of personal data. In the event of a breach, we will notify you and the relevant supervisory authorities when we are legally obliged to do so.