The public company "Skijališta Srbije" undertakes to protect the privacy of users of the company's services. We only collect user data necessary to provide the service or information, in accordance with good business practices and our quality policy. All user data are strictly stored and is available only to employees who need access to perform their work. All employees of the Public Enterprise "Skijališta Srbije" are responsible to obey the principles of privacy protection. JP Ski Resorts of Serbia is the controller of personal data, in the sense of the Personal Data Protection Law.
What information do we collect and how?
When you interact with us, whether you use our website, a point of sale, webshop or otherwise communicate, we may collect certain information about you. You may, for example, give us information about yourself if you: create an account on our website, place an order, fill out any form (such as application forms, contests and surveys), opt-in to receive news, or correspond with us (via e-mail, phone, chat, social networks or in some other way). The information provided, may include your name, address, phone number, email address, date of birth, gender, purchase information, photos. We also receive information about you from our partners, who are contracted to provide the services available to you (vendor of the ski ticket sales system, payment processor, bank, rescue service). We rely on carefully selected partners who process your personal data, only to extent necessary to provide their services. The relationship between JP Ski Resorts of Serbia, as a personal data controller, with those companies, which represent personal data processors, is governed by contracts, as prescribed by the Personal Data Protection Act. Based on the Law and the contract, the processing of personal data by the processor is allowed only in the manner and for the duration determined by the controller.
Every time you visit a website, certain data can be created on your device for further use - so-called cookies. These small text files can help you improve your experience and make it easier to interact with the website. This may include saving your location or language settings, so that you do not have to re-enter information on your next visit, or to ensure that items you have added to your basket do not disappear as you move between pages on our site. By clicking the Cookie settings link (at the bottom of the page), you can see which cookies we use and change your settings.
For what purpose do you use my data?
We use your data to provide you with services and provide access to our website and webshop, including enabling ordering, administering your account and optimizing your experience. We can also use the information for advertising purposes, only if you have given your consent. If you have chosen to receive advertising materials and notifications, we and our partners will use your personal data (including your name, e-mail and address) to periodically send you updates, news and offers, via e-mail, telephone, sms message or mail. We may use your information to tailor these messages to you. If you have chosen to receive notifications, news, offers, you will have the option to change that decision at any time.
Who do you share my data with?
JP Ski Resorts of Serbia does not share user data with third parties. Third parties do not include data processors with whom JP Ski Resorts of Serbia, as a personal data controller, has a contract.
Third Parties Websites
The protection of your personal data is very important to us. We take a number of reasonable steps to try to protect the personal information you provide, including:
- Using Transport Layer Security (TLS) to encrypt the data you exchange with our site.
- Requirement that you set a unique username and password to access your account.
- Not keeping your credit or debit card information that would allow any third party to make transactions using that credit or debit card (such as your CVV number).
- When entering payment card data, confidential information is transmitted via a public network in an encrypted form, using the most modern methods of tokenization of sensitive data, and in accordance with PCI-DSS standards. The payment card information is not available to the merchant at any moment. 3D Secure protection for all merchants and customers - AllSecure Payment Gateway uses the highest global standards of data protection and privacy. All merchants using the AllSecure Payment Gateway are automatically included in the 3D-Secure protection, guaranteeing customers the security of their purchases. Customers' payment card numbers are not stored on the merchant's system, and the registration itself is protected by data encryption. The entire payment process is compliant with the PCI-DSS standard, which defines the necessary security measures for the processing, storage and transmission of sensitive card data. Sensitive data about the cardholder is protected during the entire payment process: from the moment of data entry on the merchant's online store, during communications between the merchant and relevant banks and card organizations, as well as subsequent storage of such data.
How long will you use my data?
We retain the data you provide us for as long as you may have claims in connection with our services. In some circumstances, you may ask us to delete your data as set out below. After you stop using our services, we may store your information in an aggregated and anonymous format.
The right to: withdraw consent, access data, make a correction and make a compliant
We hereby inform you that you have the right to revoke your consent to the processing of your personal data, at any time, by sending an e-mail to the address firstname.lastname@example.org