Privacy Policy
The purpose of the Privacy Policy, including the Personal Data Protection Notice (hereinafter
referred to as the “Notice”), is to inform you about which of your personal data we collect, for
what purposes, what we do with them, how we ensure their security, and what rights you have
regarding the processing of your personal data. We take the protection of your personal data
extremely seriously and responsibly. We fully comply with our obligations regarding the lawful,
fair, and transparent processing of personal data. We recommend that you carefully review the
content of this Notice.
To ensure compliance of this Notice with data protection regulations, IOK Rehab, Ian Oskar
Katanec s.p. reserves the right to amend or supplement it. We will inform you of any changes in
a timely manner through the most appropriate means, such as via email or by publishing them
on our website.
Data Controller Information
-
IOK Rehab, Ian Oskar Katanec s.p.
-
Cesta Cirila Kosmača 9
-
1211 Ljubljana - Šmartno
-
VAT ID: 21718512
-
Taxpayer: no
-
Registration Number: 8693447000
-
Email: iokrehab@gmail.com
-
Hereinafter referred to as IOK.
What Personal Data Do We Process?
a) Basic contact details (name, surname, phone number, email address, address, city, region,
street, country);
b) Data on the use of our website (clicks on links, time spent) and responses to our email
communications (whether the email was opened, which links were clicked);c) Server data (e.g., date and time of visits, visited subpages, information viewed or searched for, etc.);
d) Device data (information about the computer or mobile device used to access the website,
including operating system, model, web browser, etc.);
e) Data on the use of our website;
f) Aggregated data for advertising purposes, such as viewed and purchased products and other
activities related to the purchasing process.
Legal Basis for Processing Personal Data
We collect your personal data only when necessary or when you have given your consent. We
do not process your personal data unless the purpose and legal basis for processing are
adequately justified in accordance with the applicable data protection regulations, including:
Personal Data Protection Act (Official Gazette of the Republic of Slovenia, No. 94/07 – official
consolidated text (ZVOP-1));
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on
the protection of individuals with regard to the processing of personal data and on the free
movement of such data (GDPR);
Electronic Communications Act (Official Gazette of the Republic of Slovenia No. 109/12, 110/13,
40/14 – ZIN-B, 54/14 – Constitutional Court decision, 81/15, and 40/17 (ZEKom-1)).
IOK will process your personal data based on the following legal grounds:
Contractual Basis: By visiting our website, you accept and agree to this Notice and enter into a
contract with IOK, which serves as the legal basis for processing your personal data. Data is
encrypted and transmitted to the server in a secure format, preventing unauthorized
interception.
Legal Obligation: IOK processes your personal data based on legal requirements, including:
Prevention of Money Laundering and Terrorist Financing Act (Official Gazette of the Republic of
Slovenia, No. 68/16 and 81/19; ZPPDFT-1);
Personal Data Protection Act (Official Gazette of the Republic of Slovenia, No. 94/07 – official
consolidated text; ZVOP-1);
Copyright and Related Rights Act (Official Gazette of the Republic of Slovenia, No. 16/07 –
official consolidated text, 68/08, 110/13, 56/15, and 63/16 – ZKUASP; ZASP);
Other international treaties and EU regulations that legally require IOK to share personal data
with state authorities and other controllers in certain cases to fulfill legal obligations or official
duties.
Legitimate Interest for Processing Personal Data
IOK may process personal data based on legitimate interest, such as:
a) For statistical purposes and collecting demographic data and visitor interests;
b) To identify issues with the server and website;
c) To conduct business analyses;
d) For further development of our offerings;
e) To improve or customize services for individuals;
f) To assess the effectiveness of promotional activities and advertising;
g) Based on other legitimate interests.
In certain cases, IOK may process your personal data based on your explicit consent for
marketing activities, such as sending newsletters, general updates about offers, promotions,
events, or contests, and informing you about services tailored to your personal interests through
profiling. Your consent is entirely voluntary and is not a condition for entering into a contract. In
these cases, processing is carried out within the scope of the declared purpose and
agreed-upon communication methods, and it continues until you withdraw your consent.
Purposes of Personal Data Processing
Your personal data may be used for one or more of the following purposes:
a) Communicating with you regarding the provision of our services and responding to your
inquiries;
b) Marketing communication (sending emails and SMS messages);
c) Enforcing legal claims and dispute resolution;
d) Advertising purposes on external websites.
Data Retention Period and Disposal
The retention period for personal data depends on the legal basis and the purpose for which
each category of personal data is processed. Personal data is stored only for as long as
required or permitted to fulfill the purpose for which it was collected or further processed. Once
the purpose is fulfilled, we will retain only the personal data we are legally required to keep or
that may be necessary for evidence or defense in case of legal claims. Any other data will be
deleted, destroyed, blocked, or anonymized unless the law stipulates otherwise.
Personal data processed for sending offers and notifications is stored until you withdraw your
consent or, in any case, for a maximum of five years from the date of consent. After this period,
we will ask for your renewed consent.
Invoice data is stored for 10 years from the date of issuance, in accordance with legal
requirements.
Once the retention period expires, personal data is effectively deleted or anonymized, meaning
it is processed in such a way that it can no longer be linked to you or attributed to you in any
way.
Voluntariness of Providing Data and Consequences of Non-Provision
Providing personal data is voluntary. You are not obligated to provide your personal data, but if
you choose not to, you will not be able to enter into a contract with us (as we require this
information to process and deliver your order). We will specify which data is essential and the
consequences of non-provision whenever we collect personal data from you.
Who Has Access to Your Personal Data? Will It Be Shared with Third
Parties or Transferred Outside the EU?
We take your privacy very seriously. Your personal data is considered confidential business
information of IOK. Employees at IOK process your personal data strictly in accordance with
their authorizations and internal policies.
We do not share your personal data or grant access to third parties, except for those who have
a written agreement with us, under which they perform specific tasks related to data processing.
These contracted processors are obligated to comply with data protection laws and maintain
confidentiality. Contracted processors may include:
a) Marketing service providers;
b) Email distribution service providers;
c) Software solution providers, etc.
Contracted processors may only process personal data according to our instructions and are
prohibited from processing it for their own purposes. They, along with their employees, are
legally bound to protect the confidentiality of your personal data.
Your Rights Regarding Personal Data Processing
You have the right to:
-
Access your personal data;
-
Request correction or deletion of your personal data;
-
Restrict processing of your data or object to it;
-
Request data portability to another data controller (subject to technical feasibility and the policies of the respective data controller).
-
If you withdraw your consent for marketing communications, it does not affect the legality of the processing carried out before the withdrawal.
IOK is not responsible for the accuracy, truthfulness, or timeliness of the personal data you
provide. You are responsible for ensuring your personal data is accurate and up to date.
In case of a data breach, we will notify you as required by applicable law.
Exercising Your Rights
To exercise your data protection rights, you may submit a written request using any of the
contact details listed in the section Data Controller and Contact Information at the top of this
document.
For reliable identification, we may request additional information and will only deny a request if
we can demonstrate that we cannot reliably identify you.
We will respond to your request without unnecessary delay and no later than one month from
the date of receipt.
Any changes to our privacy policy will be published on this website.
Right to File a Complaint
You may file a complaint regarding the processing of personal data at any time with the
Slovenian supervisory authority: Information Commissioner, Dunajska 22, 1000 Ljubljana,
Slovenia.
Disclaimer
IOK is not liable for any damages resulting from your submission of incorrect, false, incomplete,
or outdated personal data.
If you suspect that your personal data or access credentials (such as usernames and
passwords) have been misused or accessed by unauthorized persons, you must notify us
immediately.
If a contractual relationship exists between you and IOK, the applicable contract or general
terms and conditions will govern liability exclusions and limitations.
Cookies
The legal basis for our cookie notification is the amended Electronic Communications Act
(ZEKom-1), published in the Official Gazette of the Republic of Slovenia (Uradni list RS 109/12,
110/13, 40/14 – ZIN-B, 54/14 – odl. US, 81/15, and 40/17). This act, effective since early 2013,
introduced new rules for the use of cookies and similar technologies for storing or accessing
information on users' computers or mobile devices.
What Are Cookies?
A cookie is a small text file that is downloaded to a user's computer when they visit a website. It
typically contains the name of the server from which the cookie was sent, the cookie’s lifespan,
and its value—a randomly generated unique number.
A cookie itself does not contain or collect information. However, if a server reads it in
conjunction with a web browser, it can help improve user-friendly services, such as
remembering your username and password for future logins or recalling past purchases or
account details. Only the server that sent the cookie can read and use it. On a trusted website,
cookies can enhance the browsing experience. However, cookies can also be used in ways that
interfere with an individual's privacy. Cookies are not harmful and are always time-limited.
Purpose of Cookies
Cookies are used to improve website functionality and the user experience. They make
interactions between users and websites faster and easier. With cookies, a website can
remember user preferences and past experiences, saving time and making browsing more
efficient.
IOK Cookies
We use only cookies permitted under the ZEKom-1 law. Our website only uses cookies that are
striclly necessary for its operation.
For tracking site visits, we use a system that records only session cookies and does not track
your behavior beyond this website or in connection with other sites. By continuing to use this
website, you agree to the use of the cookies described below.
Some of the cookies we use are temporary, while others are stored on your device for a set
period, even after you leave our website. Temporary cookies help us track visitor numbers,
allowing us to evaluate the effectiveness of content display and advertising, leading to
continuous website improvement. Stored cookies retain contact details for future visits so you
won’t need to log in again, or they adjust content display based on your device.
We also use cookies from external sites, such as Facebook, Twitter, Google, and others. If you
do not consent to their use, these cookies will not be installed.
Additionally, we use cookies to analyze how you navigate our website, which content interests
you, and how long you stay on the site. Based on this data, we can tailor the website content to
your needs.
The data collected through cookies is processed solely for statistical purposes, demographic
analysis, server problem detection, website optimization, product notifications, cross-site user
tracking, content personalization, and marketing or advertising purposes.
Strictly Necessary Cookies
These cookies are essential for the website to function correctly and cannot be disabled by
users.
Wix
-
hs – Used for security purposes. (Domain: .www.ianoskarkatanec.com)
-
svSession – Used in connection with user login. (Domain: .www.ianoskarkatanec.com)
Analytics and Customization Cookies
These cookies collect information to help understand how the website is used, evaluate
marketing campaign effectiveness, and enable personalized content for users.
Adobe Analytics
-
s7 – Collects website usage and user behavior data. (Domain:
www.ianoskarkatanec.com and .www.ianoskarkatanec.com)
Functionality Cookies
These cookies enhance the website’s performance and functionality but are not essential for its
use. Without them, some features (e.g., videos) may not be available.
Wix
-
fedops.logger.sessionId – Used for measuring stability and performance. (Domain:
Security Cookies
These cookies help ensure website security and prevent malicious attacks.
-
XSRF-TOKEN – Helps secure the site by preventing Cross-Site Request Forgery
(CSRF) attacks. (Domain: .www.ianoskarkatanec.com)
Final Provisions
We recommend that you also read the General Terms of Use, published on our website, as they,
together with this Privacy and Cookie Policy, form a binding agreement between you and IOK.
Mobile Applications Privacy Policy
Effective Date: 1.2.2025
Last Updated: 17.2.2025
1. Introduction
This Privacy Policy applies to all mobile applications owned by IOK Rehab, Ian Oskar Katanec s.p. It explains how we collect, use, and protect your information.
By using any of these applications, you agree to the data practices described in this policy.
2. Information We Collect
We collect the following types of information when you use our applications:
a. Information You Provide
• Name, email address, and account details when you sign up.
• Information you input into the application, such as progress tracking, habits, or communication with coaches/trainers.
b. Automatically Collected Information
• Device Information: Model, operating system, unique device identifiers.
• Usage Data: App interactions, features used, and session times.
3. How We Use Your Information
We use your data to:
Provide and improve application functionality.
Personalize your experience and track progress.
Facilitate communication between you and authorized users (e.g., coaches, trainers, or other relevant personnel).
Maintain security and prevent unauthorized access.
4. Data Sharing & Third Parties
We do not sell your personal data. However, we may share information with:
• Authorized users associated with your account.
• Service providers who help maintain and improve the application (e.g., analytics, hosting).
• Legal authorities if required by law.
5. Data Security
We implement industry-standard security measures to protect your data. However, no system is 100% secure, so we encourage strong password practices and awareness of shared devices.
6. User Choices & Rights
You have the right to:
Access, update, or delete your data.
Opt out of marketing communications.
Request data export or restriction of processing.
For requests, contact us at iokrehab@gmail.com .
7. Children’s Privacy
Our applications are not intended for users under 13 years old (or the applicable age of digital consent in your region). We do not knowingly collect personal data from children.
8. Changes to This Policy
We may update this policy periodically. If significant changes occur, we will notify users through the application or email.
9. Contact Information
If you have any questions about this Privacy Policy, you can contact us at: