Pravilnik o zasebnosti
The purpose of the Swingy Privacy Policy (hereinafter: the Policy) is to inform customers, potential customers, or visitors of Swingy’s websites about the purposes and legal basis for processing personal data.
Swingy d.o.o., Topniška ulica 4, 1000 Ljubljana, customer support chat on our website (hereinafter: Swingy or the provider or the data controller), protects your personal data by ensuring its security at all times during business operations.
At Swingy, we value your privacy and always handle your data with care.
This privacy policy may be modified or supplemented at any time without prior notice. By continuing to use the provider’s websites after changes or additions, the individual confirms their agreement with the updates.
All our activities related to personal data processing comply with current European legislation (primarily Regulation (EU) 2016/679 on the protection of individuals with regard to the processing of personal data and the free movement of such data (General Data Protection Regulation or GDPR)) and the conventions of the Council of Europe (ETS No. 108, ETS No. 181, ETS No. 185, ETS No. 189)) as well as the national laws of the Republic of Slovenia (Personal Data Protection Act (ZVOP-1, Official Gazette RS, No. 94/07), Electronic Commerce Market Act (ZEPT, Official Gazette RS, No. 96/09 and 19/15), etc.).
The privacy policy addresses the handling of personal data that Swingy receives from you when you visit and use Swingy’s websites or when you provide it through other means.
Data Controller and Data Protection Officer
The data controller is Swingy d.o.o., Topniška ulica 4, 1000 Ljubljana, Slovenia.
Swingy has appointed a Data Protection Officer who can be contacted at dpo@swingy.com.
If you have any questions regarding this policy or in relation to exercising your rights arising from this policy, please contact the Data Protection Officer using the contact information provided below.
Authorized Representative
Person: Rok Terziev, Cesta Jaka Platise 21, 4000 Kranj, Slovenia.
Email: dpo@jkgroup.si (only for GDPR-related issues)
Key Terms
- Personal data: Any information that can identify an individual (e.g., name, surname, email address, phone number, etc.).
- Data controller: A legal entity that determines the purposes and means of processing your personal data.
- Data processor: A legal or natural person that processes personal data on behalf of the data controller.
- Processing: Collecting, storing, accessing, and all other forms of using personal data.
- EEA (European Economic Area): Includes all EU member states, Iceland, Norway, and Liechtenstein.
Personal Data
Personal data is information that identifies you as a specific or identifiable individual. An individual is identifiable when they can be directly or indirectly identified, especially by referencing an identifier such as a name, identification number, location data, online identifier, or one or more factors specific to their physical, physiological, genetic, mental, economic, cultural, or social identity.
In accordance with the purposes defined below, Swingy collects the following personal data:
- Basic user information (name, surname, residential address, date of birth, location).
- Contact information and details of communication with the controller (email address, phone number, date, time, and content of postal or email communication, date, time, and duration of phone calls, call recordings).
- Channel and campaign – how the user came into contact with the controller (website and advertising campaign, call center, physical store).
- Purchase and billing details (purchase date and location, purchased items, item prices, total purchase amount, payment method, delivery address, invoice number and issue date, identifier of the person issuing the invoice, etc.) and product complaint resolution data.
- Data on the user’s website activity (dates and times of website visits, visited pages or URLs, time spent on individual pages, number of visited pages, total time on the website, performed settings on the website) and data on the use of received messages (emails, SMS).
- Personal data provided voluntarily through forms (e.g., participation in sweepstakes, product configurators, or questionnaires for identifying optimal products for the user).
- Other data voluntarily provided by the user when requesting specific services, if necessary for service execution.
Swingy does not collect or process personal data unless you provide it through the use of the website, when ordering products or services, subscribing to newsletters, or participating in sweepstakes. We also process your data when there is a legal basis for collection, a contractual obligation, or a legitimate interest.
Your personal data is also collected through the use of cookies on our website. Read more about our use of cookies here.
Swingy collects only the personal data that is relevant and necessary to fulfill the purposes for which the data is processed.
Legal Basis for Data Processing
Swingy collects and processes your personal data on the following legal bases:
- Processing based on legal obligations.
- Processing based on contractual necessity.
- Processing based on individual consent.
- Processing based on legitimate interest.
Processing Based on Contractual Necessity
Your data is required when necessary for concluding, executing, and fulfilling contractual obligations. Providing personal data in this case is voluntary.
If you do not provide personal data, Swingy cannot conclude a contract with you and will not be able to provide services or deliver products.
Processing Based on Consent
We process your data when you explicitly consent to it. When processing is based on consent, we ensure that all necessary information is available to help you make an informed decision. You may withdraw your consent at any time. However, if consent is withdrawn, Swingy may no longer be able to provide certain services.
Processing Based on Legitimate Interest
Swingy may process data based on legitimate interest, unless such interests are overridden by your rights and freedoms requiring data protection. In such cases, we conduct an assessment in accordance with the GDPR.
If processing is based on legitimate interest, users have the right to object. Read more about your rights in the following sections.
Processing Based on Legal Obligations
We process your personal data when required by law (e.g., tax legislation requires the retention of issued invoices). Such personal data is processed in compliance with legal requirements.
Purposes of Personal Data Processing
Swingy collects and processes your personal data for the following purposes:
| Purpose of Processing | Detailed Explanation |
|---|---|
| Communication with you regarding service provision and responding to your inquiries | Includes notifications and responses to inquiries, complaint resolution, customer satisfaction surveys, etc. This processing is based on our legitimate interest in ensuring effective communication and successful business operations. |
| Contract execution and fulfillment of obligations | Includes fulfilling your orders, communicating with you, verifying payments, and fulfilling both Swingy’s and your obligations. If you do not provide the necessary data, Swingy reserves the right to delay or cancel the order. |
| Direct marketing via email or SMS | Based on legal grounds (ZEKom-1), Swingy may inform its customers about products, services, and offers via email or SMS. You can unsubscribe at any time through the link in received messages or by emailing dpo@swingy.com. |
| Personalized marketing based on consent | With your explicit consent, Swingy may inform you about products, services, discounts, and content tailored to your interests. You can withdraw consent at any time. |
| Customer profiling for targeted marketing | Swingy may analyze customer behavior to personalize offers and marketing messages, but without automated decision-making. Customers may opt out at any time. |
| Fraud prevention | Swingy processes data on uncollected remote orders to prevent fraudulent activity. Customers repeatedly failing to collect orders may be restricted to prepaid orders only. |
| Automated email communication based on shopping behavior | Swingy may send reminders to customers who have added items to their cart but have not completed the purchase. You can opt out at any time. |
Retention of Personal Data
Swingy will retain your personal data only as long as necessary to fulfill the purpose for which it was collected.
Personal data processed based on legal obligations will be stored for the period required by law.
Personal data processed for contract fulfillment will be retained for 5 years after contract completion, unless a legal dispute arises, in which case it is stored for 5 years after the final court ruling.
Personal data processed based on consent is retained until the individual withdraws consent.
| Processing Purpose | Retention Period |
|---|---|
| Communication regarding services and inquiries | 6 months after communication ends |
| Contract execution | 5 years after contract completion |
| Marketing via email and SMS | Until consent is withdrawn |
| Fraud prevention | 5 years from the start of processing |
Data Sharing with Third Parties
Swingy may entrust certain data processing tasks to third parties (data processors). These processors may only process data according to Swingy’s instructions and within the limits of their contracts.
Data processors Swingy works with include:
- Accounting services, legal consultants
- IT system maintenance providers
- Email service providers (e.g., Mailchimp)
- Payment service providers (e.g., PayPal, Klarna, Adyen)
- Advertising service providers (e.g., Google, Facebook)
Swingy does not transfer personal data outside the European Economic Area (EEA), except for certain providers in the U.S., who are part of the Privacy Shield program.
Your Rights Regarding Personal Data
Individuals have the following rights regarding personal data processing:
- Right to withdraw consent: You may withdraw consent for data processing at any time without affecting the legality of prior processing. Withdrawal requests can be sent to dpo@swingy.com.
- Right of access: You can request confirmation on whether Swingy processes your data and access detailed information on processing purposes and data categories.
- Right to rectification: If your personal data is inaccurate or incomplete, you can request correction.
- Right to erasure (“right to be forgotten”): You may request deletion of your data if it is no longer needed for processing, if consent is withdrawn, or if it has been unlawfully processed.
- Right to restriction of processing: You may request temporary restriction of processing under specific conditions.
- Right to data portability: You may request a copy of your personal data in a structured format and transfer it to another data controller.
- Right to object: If processing is based on legitimate interest, you can object, and Swingy will cease processing unless overriding legitimate grounds exist.
- Right to file a complaint: You can lodge a complaint with the national data protection authority.
Data Breach Notification
In the event of a personal data breach, Swingy is required to notify the relevant supervisory authority unless it is unlikely that the breach has compromised individuals’ rights and freedoms.
If there is a risk of significant harm, Swingy will also inform affected individuals without undue delay in clear and understandable language.
Access to Social Media
Our website provides access to social media plugins, including:
Each social media platform operates according to its own privacy policies and terms of use. Swingy is not responsible for how these platforms process data. Users must address privacy concerns directly with the respective platform.
Use of Cookies
Cookies are small text files stored on your device to enhance your user experience. Swingy uses cookies to track website usage and optimize advertising activities.
For more information, please refer to our Cookie Policy.
Data Security
Swingy implements technical and organizational security measures to protect personal data from loss, destruction, forgery, unauthorized access, or unauthorized disclosure. These measures include:
- Employee training on data protection
- Regular monitoring and audits
- Careful selection of data processors
- Regular data backups
- Updating and maintaining IT systems
- Implementation of internal security policies
Privacy Rights of Minors
Individuals under the age of 16 should not provide personal data without parental consent. Swingy does not knowingly collect personal data from minors without parental approval.
Changes to the Privacy Policy
This privacy policy may be updated at any time. The latest version will always be available at http://swingy.net/privacy-policy.
Last Updated: February 20, 2025
