e: info@plana.si t: +386 (0) 2 461 8060
HomeAboutContact
🇬🇧 English🇩🇪 Deutsch🇮🇹 Italiano🇸🇮 Slovenščina
Legal

Privacy Policy

How we collect, use and protect your personal data.

Last updated: May 2026

1. Who We Are

The data controller responsible for this website is:

Plana Group d.o.o.
Ledina 9, 2000 Maribor, Slovenia
VAT ID: SI 97331392
E-mail: info@plana.si
Phone: +386 (0) 2 461 8060

For any questions related to this privacy policy or the processing of your personal data, please contact us at the address above.

2. What Data We Collect

We collect personal data only to the extent necessary to operate this website and communicate with you. This may include:

  • Contact information you provide voluntarily via our contact form (name, company name, e-mail address, and the content of your message), or when you contact us directly by e-mail or telephone.
  • Technical data collected automatically when you visit our website, such as your IP address, browser type, pages visited, and the date and time of your visit. This data is collected through server logs and, where applicable, cookies (see Section 5).
  • Catalogue downloads — Our catalogues can be downloaded directly from the website without registration or providing any personal data. No information is collected in connection with downloads beyond the standard server logs described above.

We do not collect sensitive personal data (such as health information, financial data, or government identification numbers) through this website.

3. How and Why We Use Your Data

We process your personal data for the following purposes:

  • Responding to inquiries — When you submit our contact form or contact us by e-mail or phone, we use your name, e-mail address, and message to respond to your request and take any pre-contractual steps you ask of us. The legal basis is Article 6(1)(b) GDPR (steps taken at the request of the data subject prior to entering into a contract), or, where no contractual relationship is contemplated, our legitimate interest in responding to inbound communications (Article 6(1)(f) GDPR).
  • Website operation and security — Technical data is used to ensure the proper functioning and security of our website. The legal basis is our legitimate interest (Article 6(1)(f) GDPR).
  • Legal obligations — In certain cases we may be required to retain or disclose data to comply with applicable law (Article 6(1)(c) GDPR).

We do not use your personal data for automated decision-making or profiling.

4. How Long We Keep Your Data

We retain personal data only for as long as necessary:

  • Contact form submissions and inquiry correspondence are kept for up to 2 years from the date of your last communication with us, to allow us to handle any follow-up questions and maintain a record of communications, after which they are securely deleted.
  • Server log data (IP addresses, access records) is retained for up to 90 days for security and diagnostic purposes.

5. Cookies and Similar Technologies

Our website uses only strictly necessary cookies required for the site to function correctly, to remember basic preferences, and to record your consent choices. We do not use analytics, advertising, tracking, or third-party marketing cookies. As a result, no cookies on our website require your prior consent under Article 6(1)(a) GDPR.

The following cookies are used:

  • WordPress — Our website runs on WordPress. WordPress sets session and security cookies required for the site to function correctly and to protect against form-submission abuse (e.g. wordpress_test_cookie). Additional WordPress cookies (such as wp-settings-1, wp-settings-time-1, and authentication cookies) are set only for authenticated administrators of the site, not for regular visitors.
  • Polylang — Sets a pll_language cookie to remember your selected language so that the site is displayed in the correct version.
  • Complianz Cookie Consent — Our cookie notice is managed by the Complianz plugin. It sets a small set of first-party cookies (prefixed cmplz_) to remember your acknowledgement of the notice and the version of the policy that was current at that time. Recording this information is required to demonstrate compliance with the GDPR.

The legal basis for the cookies above is Article 6(1)(f) GDPR (legitimate interest in operating a functional and secure website) together with the exemption for strictly necessary cookies under the Slovenian Electronic Communications Act (ZEKom-2). Fonts on our website are self-hosted, and our website does not load Google Fonts, Google Maps, Google Analytics, or any similar third-party services from external servers.

Our website may contain links to external websites (such as Google Maps for directions to our location). When you click such a link, you leave our website and the linked third party becomes responsible for any data processing that takes place on their site. We are not responsible for the privacy practices of external websites.

You can control or delete cookies through your browser settings at any time. Disabling strictly necessary cookies may affect the functionality of parts of the website.

6. Third Parties and Data Transfers

We do not sell, rent, or share your personal data with third parties for marketing purposes. We may share data with trusted service providers who assist us in operating our website, in particular our web hosting provider, which is located within the European Union and processes data strictly on our behalf under a data processing agreement.

Our website does not transfer personal data outside the EU/EEA. If this changes in the future, we will ensure that appropriate safeguards are in place in accordance with Chapter V of the GDPR, including adequacy decisions or Standard Contractual Clauses.

7. Your Rights

Under the General Data Protection Regulation (GDPR), you have the following rights regarding your personal data:

  • Right of access — You may request a copy of the personal data we hold about you.
  • Right to rectification — You may ask us to correct inaccurate or incomplete data.
  • Right to erasure — You may request that we delete your personal data, subject to our legal obligations.
  • Right to restriction — You may ask us to restrict processing of your data in certain circumstances.
  • Right to data portability — Where processing is based on your consent or a contract, you may request a structured copy of your data.
  • Right to withdraw consent — Where processing is based on consent (for example, non-essential cookies), you may withdraw it at any time without affecting the lawfulness of prior processing.
  • Right to object — You may object to processing based on legitimate interests.
  • Right to lodge a complaint — You have the right to lodge a complaint with the Slovenian supervisory authority, the Information Commissioner (Informacijski pooblaščenec), at www.ip-rs.si.

To exercise any of these rights, please contact us at info@plana.si. We will respond within 30 days.

8. Data Security

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. Our website uses HTTPS encryption for all data transmitted between your browser and our servers.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The date at the top of this page indicates when the policy was last revised. We encourage you to review this page periodically.

10. Contact Us

If you have any questions or concerns about how we handle your personal data, please reach out to us:

Plana Group d.o.o.
Ledina 9, 2000 Maribor, Slovenia
E-mail: info@plana.si
Phone: +386 (0) 2 461 8060