Artboard 2 copy 2
Contact Us

Privacy Policy and Cookies

Thank you for visiting our website and for your interest in Nektar Natura d.o.o.

Below you will find information on the data that will be processed during your visit to the website and on how these data are used. This declaration is provided in accordance with Articles 13 and 14 of the General Data Protection Regulation (GDPR) and the Slovenian Personal Data Protection Act (ZVOP-2). Information is provided in a concise, transparent, intelligible, and easily accessible form using clear and plain language.

I. Name and contact details of the controller and of the data protection officer

This data processing information applies to data processing by:

NEKTAR NATURA d.o.o.
Ekslerjeva ulica 8, Kamnik, 1241 Kamnik
SI – 1241 Kamnik
T: +386 01 7240300
E: info@nektarnatura.com

Data Protection Officer (DPO):

You can contact us regarding any questions on your personal data processing and your data protection rights via mail at the address mentioned above with the addition “Data Protection Officer” or via e-mail at info@nektarnatura.com.

II. Collection and storage of personal data and type and purpose of their use

Personal data are processed lawfully, fairly, and transparently in accordance with Article 5(1)(a) GDPR and ZVOP-2. The types of personal data processed are specified below for each processing activity.

a) When accessing the Website

When accessing the website at https://nektarnatura.com, the browser used by your device will automatically transfer information to our website server. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until automatic deletion:

  • IP address of the requesting computer,
  • Date and time of access,
  • Name and URL of the accessed file,
  • Website from which access was made (referrer URL),
  • Browser used and, if applicable, the operating system of your computer and the name of your access provider.

 

These data are processed for the following purposes:

  • Ensuring a smooth connection to the website,
  • Ensuring comfortable use of our website,
  • Evaluation of system security and stability, and
  • Other administrative purposes.

 

The legal basis for data processing is Article 6(1)(f) GDPR (legitimate interests). Our legitimate interest arises from the purposes listed above. In no case do we use the data to draw conclusions about your identity.

Storage period: Data are stored until no longer necessary for the purposes (typically until automatic deletion after 30 days, or criteria for determining the period: based on security needs and log analysis.

We also use cookies and analysis services when accessing our website. For more information, see Section IV “Cookies” and Section V “Tools for Analysis”.

b) When contacting us by contact form or e-mail

If you contact us via contact form or e-mail, the data you provide (in particular your e-mail address and, if applicable, your name and other contact details) will be stored to respond to your inquiry. We delete the data once storage is no longer necessary or restrict processing if statutory retention obligations exist.

The legal basis is Article 6(1)(b) GDPR (pre-contractual measures based on your inquiry). For more on the contact form, see Section V “Tools for Analysis”, paragraph c) Google reCAPTCHA (“I am not a robot”).

Types of data: E-mail, name, other contact details provided.
Storage period: Until the inquiry is resolved or statutory obligations require longer retention (criteria: until no longer needed for response or legal purposes).

Providing data is not a statutory or contractual obligation, but without it, we cannot respond to your inquiry. Consequences of non-provision: Inability to process your request.

c) Newsletter subscription

When subscribing to our newsletter, your e-mail address, first name, and last name are processed. If subscribed only to the newsletter, we use the data solely for sending the newsletter. Your e-mail address is processed until you unsubscribe. You can unsubscribe at any time by clicking the link in the newsletter or by sending a request to info@nektarnatura.com.

The legal basis is your consent (Article 6(1)(a) GDPR). You have the right to withdraw consent at any time without affecting the lawfulness of processing based on consent before withdrawal.

Types of data: E-mail, name.
Storage period: Until withdrawal of consent.

If further processing for other purposes: We will inform you beforehand.

III. Transfer of data to third parties

Data are not transferred to third parties except for the reasons specified below. We transfer your personal data to third parties only if:

  • You have expressly consented pursuant to Article 6(1)(a) GDPR;
  • The transfer is necessary to protect our legitimate interests or those of a third party pursuant to Article 6(1)(f) GDPR, unless your interests or fundamental rights prevail (e.g., external IT contractors for technical issues);
  • There is a legal obligation pursuant to Article 6(1)(c) GDPR (e.g., external auditors under the Companies Act and Auditing Act);
  • It is permitted by law and necessary for contractual relations or pre-contractual measures pursuant to Article 6(1)(b) GDPR (e.g., transport company for order fulfillment).

 

Recipients or categories of recipients: Contractual processors (e.g., IT providers, analytics services like Google), legal recipients (e.g., auditors, transport partners).

Transfers to third countries: Data may be transferred to third countries (e.g., USA via Google services). Safeguards: EU-US Data Privacy Framework (DPF) adequacy decision as of July 2023. Alternatively, standard contractual clauses (SCCs) or other appropriate safeguards under Articles 46–49 GDPR. Copies available on request. If no adequacy decision applies, transfers are based on explicit consent or necessity for contract performance.

IV. Cookies

We use cookies on our website. These are small files automatically created by your browser and stored on your device (laptop, tablet, smartphone, etc.) when visiting our site. Cookies do not harm your device and contain no viruses, Trojans, or other malware.

Information stored in cookies relates to the specific device used, but this does not mean we directly identify you.

Cookies serve to make our offer more user-friendly:

  • Session cookies recognize if you have visited individual pages (deleted after leaving the site).
  • Temporary cookies optimize usability (stored for a specified period).
  • Analytical cookies statistically evaluate site use to improve our offer (deleted after a defined period).

 

The data processed by cookies are necessary for these purposes to protect our legitimate interests and those of third parties pursuant to Article 6(1)(f) GDPR.

Most browsers accept cookies automatically. You can configure your browser to prevent cookie storage or to notify you before a new cookie is set. Complete deactivation may limit site functionality.

Storage period: Session cookies: until session end; temporary/analytical: up to 2 years or criteria: based on optimization needs.

If cookies are based on consent: You can withdraw consent at any time.

V. Tools for analysis

The tracking tools and reCAPTCHA used are based on Article 6(1)(f) GDPR. We use them to ensure our website meets user needs and is continuously optimized, and to statistically record usage for improvement. These are legitimate interests under Article 6(1)(f) GDPR. For reCAPTCHA: Legitimate interest in preventing abuse.

The purposes and data categories are as follows for each tool. No automated decision-making or profiling occurs (if it did, we would provide meaningful information on the logic, significance, and consequences).

a) Google Analytics

We use Google Analytics, a web analysis service by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”) to design our site according to user needs and optimize it. Cookies create anonymized user profiles. Data generated:

  • Browser type/version,
  • Operating system,
  • Referrer URL,
  • Hostname (IP address, anonymized via IP masking),
  • Time of access.

 

Data are transferred to Google servers in the USA and stored there for analysis, reports, and related services. IP addresses are anonymized.

Legal basis: Article 6(1)(f) GDPR (legitimate interest: site optimization).
Storage period: up to 24 months or criteria: until analysis complete.
Transfers to USA: Via EU-US DPF (adequacy decision); alternatively SCCs. Copies available.
You can prevent cookies via browser settings or opt-out via browser add-on. More info: https://support.google.com/analytics/answer/6004245?hl=de.

b) Google Ads Conversion Tracking

We use Google Ads Conversion Tracking to statistically record and optimize site usage. Cookies are set if you reach our site via Google ads (valid 30 days, no personal identification).

Legal basis: Article 6(1)(f) GDPR.
Storage period: 30 days.
Transfers to USA: As above.
Deactivate via browser settings or block www.googleadservices.com. More: https://services.google.com/sitestats/de.html.

c) Google reCAPTCHA (“I’m not a robot”)

We use Google reCAPTCHA for contact forms to prevent abuse and spam. Data: Site usage (e.g., pages visited, time spent), IP address (transferred to Google USA).

Legal basis: Article 6(1)(f) GDPR.
Storage period: Until form submission or abuse prevention.
Transfers to USA: As above.
More: https://developers.google.com/recaptcha.

VI. Google Web Fonts

This site uses Google Web Fonts for uniform font display. Your browser loads fonts into cache, connecting to Google servers (knowledge of IP access).

Legal basis: Article 6(1)(f) GDPR (uniform presentation).
Storage period: Until fonts loaded (cache-based).
Transfers to USA: As above. If unsupported, standard fonts used. More: https://developers.google.com/fonts/faq; https://www.google.com/policies/privacy/.

VII. Social Media Plug-ins

We do not use social media plug-ins on our website.

VIII. Rights of the data subject

You have the following rights under GDPR and ZVOP-2 (exercisable free of charge, except for manifestly unfounded/excessive requests where reasonable fees may apply per ZVOP-2 Article 17; we will inform you in advance):

  • Right to confirmation and access to your data (Art. 15 GDPR);
  • Right to rectification of inaccurate/incomplete data (Art. 16 GDPR);
  • Right to erasure (“right to be forgotten”) unless processing is necessary for freedom of expression, legal obligations, public interest, or claims (Art. 17 GDPR);
  • Right to restriction of processing if accuracy is contested, processing unlawful but you oppose erasure, we no longer need data but you do for claims, or objection pending (Art. 18 GDPR);
  • Right to data portability in structured, machine-readable format (Art. 20 GDPR);
  • Right to withdraw consent at any time without affecting prior lawfulness (Art. 7(3) GDPR);
  • Right to object to processing based on legitimate interests (we stop unless compelling grounds override or for claims; Art. 21 GDPR).

 

To exercise: Send written request to Nektar Natura d.o.o., Ekslerjeva ulica 8, SI–1241 Kamnik or e-mail info@nektarnatura.comwith “Personal data protection”.

Right to lodge a complaint: With the Information Commissioner (Dunajska cesta 22, 1000 Ljubljana; T: (01) 230 97 30; E: gp.ip@ip-rs.si).

No automated decision-making/profiling exists. If introduced, we provide info on logic/consequences. Rights may be limited per ZVOP-2 Article 18 (e.g., national security, legal claims).

IX. Right to object

You have the right to object to processing based on legitimate interests (Art. 21 GDPR). We will cease processing unless we demonstrate compelling legitimate grounds overriding your interests/rights or for claims. Object via e-mail to info@nektarnatura.com.

X. Data security

We use SSL (Secure Socket Layer) with the highest encryption supported by your browser (typically 256-bit; fallback 128-bit). A closed lock icon indicates encryption.

We implement appropriate technical and organizational measures to protect data against manipulation, loss, destruction, or unauthorized access, continuously improved per technological developments (ZVOP-2 Articles 22–24). We maintain processing logs where required (e.g., for high-risk processing).

XI. Timeliness of this data processing notice and changes

This notice is always accessible and printable at https://nektarnatura.com. Changes become effective upon publication. We will notify you before further processing for new purposes. Valid from 26. 7. 2025.

Komenda, 26. 7. 2025

Nektar Natura d.o.o.