Privacy Policy and Cookies
Last updated 21.12.2023
At CESAREC ("us", "we", "our" or the "Company") we value your privacy and the importance of safeguarding your data. This Privacy Policy (the "Policy") describes how our Company collects, uses, and discloses your personal information when you visit, use our services, or make a purchase from (the "Site") or otherwise communicate with us (collectively, the "Services"). For purposes of this Privacy Policy, "you" and "your" means you as the user of the Services, whether you are a customer, website visitor, or another individual whose information we have collected under this Privacy Policy. In this Policy, personal data (“Personal Data”) refers to any information that on its own, or in combination with other available information, can identify an individual.
We process all personal data strictly in line with legal bases and specific consent forms, adhering to the latest standards and laws for personal data protection. This includes compliance with the General Data Protection Regulation (GDPR) – Regulation (EU) 2016/679 of the European Parliament and Council dated 27 April 2016. This regulation addresses the processing of personal data and the free movement of such data, replacing Directive 95/46/EC. Additionally, we follow the relevant Slovenian data protection laws, particularly the Law on the Protection of Personal Data (ZVOP).
This Privacy Policy aims to provide users of our services with comprehensive details regarding how we handle your personal data. Please read this Privacy Policy carefully.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time, including to reflect changes to our practices or for other operational, legal, or regulatory reasons. We will post the revised Privacy Policy on the Site, update the "Last updated" date and take any other steps required by applicable law.
Server log files
You can use our websites without submitting personal data. Every time you access our website, your internet browser transmits usage data to us or our web hosters/IT service providers and stores it in server log files. This stored data includes, for example, the name of the page accessed, the date and time of the request, the IP address, the amount of data transferred and the requesting provider. The processing is based on Article 6 (1) f) GDPR due to our legitimate interest in ensuring the smooth operation of our website and improving our services.
How We Collect and Use Your Personal Information
To provide the Services, we collect personal information about you from a variety of sources, as set out below. The information that we collect and use varies depending on how you interact with us.
In addition to the specific uses set out below, we may use information we collect about you to communicate with you, provide the Services, comply with any applicable legal obligations, enforce any applicable terms of service, and to protect or defend the Services, our rights, and the rights of our users or others.
What Personal Information We Collect
The types of personal information we obtain about you depend on how you interact with our Site and use our Services. When we use the term "personal information", we are referring to information that identifies, relates to, describes or can be associated with you. The following sections describe the categories and specific types of personal information we collect.
Information We Collect Directly from You
Information that you directly submit to us through our Services may include:
- Basic contact details including your name, address, phone number, email.
- Order information including your name, billing address, shipping address, payment confirmation, email address, phone number.
- Shopping information including the items you view, put in your cart or add to your wishlist.
- Customer support information including the information you choose to include in communications with us, for example, when sending a message through the Services.
Orders - Collection, processing and disclosure of personal data in orders
When you place an order, we collect and use your personal data only to the extent necessary for the fulfilment and processing of your order and for dealing with your enquiries. The provision of the data is necessary for the conclusion of a contract. Failure to provide the data will result in a contract not being concluded. The processing is based on Article 6 (1) b) GDPR and is necessary for the performance of a contract with you. Your data is passed on, for example, to the shipping companies and dropshipping providers, payment service providers, service providers for processing the order and IT service providers. In any case, we strictly adhere to the legal requirements. The scope of the data transfer is limited to a minimum.
When you make purchases as a guest, CESAREC utilizes the provided data exclusively to process these orders. In line with Article 86 of the Value Added Tax Act, CESAREC, as a taxable entity, is required to retain invoices associated with the supply of goods or services in Slovenia. This retention period extends for at least 10 years following the end of the year indicated on the invoice. Consequently, the data on these invoices will be stored for the same duration.
Financial Data
Financial information, such as data related to your payment method (e.g. valid credit card number, card brand, expiration date) that we may collect when you purchase, order, return, exchange, or request information about our services from the Site. We store only very limited, if any, financial information that we collect. Otherwise, all financial information is stored by our payment processor, [Paypal, Stripe], and you are encouraged to review their privacy policy and contact them directly for responses to your questions.
What are cookies and why are they required?
Cookies are small text files used by websites to store user data. These files are saved in your browser when you browse the internet. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge. Cookies are highly useful as almost all websites use them. Specifically, they are known as HTTP cookies to distinguish them from other types of cookies used for different applications. These small files are stored by websites on your computer and are located in your browser's cookie folder. Each cookie consists of a name and a value, and additional attributes must be defined when creating a cookie. Cookies store certain user data such as language settings or personal page settings. When you revisit a website, your browser sends these specific pieces of information back to the site, allowing the website to recognize you and display your preferred settings. In some browsers, each cookie has its own file, while in others, like Firefox, all cookies are stored in a single file. There are both first-party cookies, created directly by the visited website, and third-party cookies, created by partner websites (e.g., Google Analytics). Each cookie is unique and stores different data. The lifespan of a cookie varies from a few minutes to several years. Importantly, cookies are not software programs and do not contain viruses, trojans, or other harmful programs. They also cannot access information on your PC.
When you browse our website, we employ essential cookies for its functionality. These are the only cookies that load automatically, as they are necessary for the website to operate. These essential cookies involve storing a text file on your computer or browser.
Importantly, all other non-essential cookies are only activated if you choose to accept them. The first time you visit our website, a notice regarding the use of cookies is displayed at the bottom of the starting page. By clicking the "Accept" button on our website, you allow us to load additional cookies that enhance your browsing experience but are not crucial for the basic functioning of the site.
You can always deactivate the use of cookies described above; you can also use the website without it. However, we would like to point out that this might result in you not being able to use all the functions of the website to their full extent. You can determine how cookies are handled by adjusting the corresponding settings in your internet browser or on our website under cookie preferences.
For example, you can set your internet browser to inform you when a cookie is transferred to your computer, or you can deactivate all cookies via your browser (the Help menu of your browser tells you how to correctly change or update the handling of cookies).
Essential cookies
We only use these technically necessary cookies to make our offer more user-friendly, effective and secure. Cookies also enable our systems to recognise your browser after a page change and to offer you services. Some functions of our website cannot be offered without the use of cookies. These services require that the browser is recognised after a page change.
| Cookie | Expiry | Description |
|---|---|---|
| fs-cc-updated | 6 months | Used for maintaining consent state |
| fs-cc | 6 months | Used for maintaining consent state |
Non-essential cookies
Our website offers the option to use Google Analytics for enhanced user experience and performance tracking. However, this feature is entirely based on your consent. We only activate Google Analytics tracking when you explicitly accept it. This ensures that your data is only used for analytical purposes if you choose to opt-in for this service. Your decision to enable Google Analytics can be made through a simple acceptance process on our website, ensuring that your preferences are respected and prioritised.
Google Analytics is a web analytics service from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (‘Google’). Google Analytics also uses cookies, i.e. text files which are stored on your computer and enable analysis of your use of the website. The information extracted by the cookie regarding your use of this website is usually transferred to a Google server in the USA and stored there. IP anonymization is activated on our website, meaning that your IP address is shortened in advance by Google within the member states of the European Union or other contracting states of the Agreement on the European Economic Area. The full IP address is only transferred to a Google server in the USA and shortened there in exceptional cases. In these exceptional cases, in accordance with Article 6(1) GDPR, this processing is based on our legitimate interest in statistical analysis of user behavior for optimization and marketing purposes. Google will use this information on our account to evaluate your use of the website, compile reports on website activities and provide additional services associated with website use and Internet use to us as the website operator. The IP address transmitted by your browser as part of Google Analytics is not combined with other data from Google.You can prevent the storage of cookies using the relevant setting in your browser software; however, please note that in this case, you may not be able to use all functions of this website to their full extent.You can also prevent the collection of the data extracted by the cookie concerning your use of the website (including your IP address) at Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: Google browser plugin.Google LLC, with its headquarters in the USA, is certified for the US-European ‘Privacy Shield’ data protection framework, which guarantees compliance with the level of data protection applicable in the EU.
For more information on how user data is used in Google Analytics, please see Google Analytics Data.
You can find Google's Privacy Policy at: Google Privacy Policy.
We also utilise Microsoft Clarity to enhance your experience on our website. Microsoft Clarity helps us analyse user interactions and patterns through features like heatmaps and session replays. This tool is instrumental in understanding how visitors navigate and use our site, allowing us to make informed improvements. We gather this user interaction data primarily to optimise the website’s functionality and design.Microsoft Clarity employs both first and third-party cookies, along with other tracking technologies, to track how you use our website. The insights gained from this data are used exclusively for website enhancement, focusing on areas like ease of navigation, user interface effectiveness, and overall site performance.Your consent is crucial for activating Microsoft Clarity’s tracking features. They are enabled only after you have explicitly agreed to their use, ensuring your data is used solely for enhancing your website experience. You can manage your preferences regarding the use of Microsoft Clarity through our website’s consent interface, which respects and prioritizes your privacy choices.For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement.
| Cookie | Expiry | Description |
|---|---|---|
| _ga | 1 year | Google Analytics primarily utilizes the '_ga' cookie, which helps the service differentiate one visitor from another and has a lifespan of 1 years. This cookie is employed by any website using Google Analytics, including Google's own services. Each '_ga' cookie is distinct to the website it's on, preventing it from tracking a user or browser across different, unconnected websites. |
| _ga_* | 1 year | A Google Analytics cookie that maintains session state, tracking visit counts and page views for the service. |
| _clck | 1 year | Persists the Clarity User ID and preferences, unique to that site is attributed to the same user ID. |
| _clsk | 1 year | Connects multiple page views by a user into a single Clarity session recording. |
| CLID | 1 year | Identifies the first-time Clarity saw this user on any site using Clarity. |
| ANONCHK | 1 year | Indicates whether MUID is transferred to ANID, a cookie used for advertising. Clarity doesn't use ANID and so this is always set to 0. |
| MR | 1 year | Indicates whether to refresh MUID. |
| MUID | 1 year | Identifies unique web browsers visiting Microsoft sites. These cookies are used for advertising, site analytics, and other operational purposes. |
| SM | 1 year | Used in synchronizing the MUID across Microsoft domains. |
Privacy and Secure Transmission of Personal Data
We assure you that your personal data will not be shared with any external third parties. However, in specific instances, we may share your personal information with trusted partners bound by contractual obligations. These are entities with whom we have agreements for processing your personal data. The primary purposes for such transmission include user support, order fulfilment, and payment processing. These contract-based processors are granted access only to the personal data required to perform their contracted services. They are also strictly bound to safeguard your personal data, adhering to our high standards of privacy and security.
Individual Rights Protection at CESAREC
At CESAREC, we are committed to upholding the rights of individuals in relation to their personal data.
Right to Be Informed: Individuals have the right to know what personal data is collected, the purposes of collection, the duration of data retention, the sources of the data, and any third parties involved in its processing.
Right to Erasure: Individuals can request at any time that CESAREC delete their personal data.
Right to Data Correction: If an individual finds their personal data to be inaccurate or incomplete, they have the right to ask for corrections or completion of their data.
Right to Restrict Processing: Individuals can request that their personal data be marked to exclude it from processing. This restriction is temporary, unlike permanent erasure.
Right to Data Portability: Individuals can ask to receive their personal data provided to CESAREC, or have it transferred to another controller of their choice, at any time.Right to Object: Individuals have the right to object to certain types of data processing.Right to Withdraw Consent: An individual may withdraw their consent for personal data processing at any time, impacting the future use of their data.
Webflow
We used Webflow to create this website. Webflow is a product of Webflow, Inc., located at 398 11th Street, 2nd Floor, San Francisco, CA 94103.Webflow operates as a Software as a Service (SaaS) application that allows designers to create responsive websites using browser-based visual editing software. Webflow automatically generates HTML, CSS, and JavaScript. Webflow also offers the option to export website code and host it on an external server, separate from the Webflow hosting infrastructure.In the course of using Webflow, personal data of the website user is transferred to the United States and processed there. On July 10, 2023, the European Commission issued an implementing decision pursuant to Article 45(1) of the GDPR regarding the adequacy of the level of protection for personal data under the EU-US Privacy Shield framework. Based on this decision, data controllers can transfer personal data to certified companies and organizations in the United States without the need for appropriate safeguards, additional measures, or reliance on specific derogations. The US Department of Commerce has published a list of US companies that have self-certified to the Department and committed to complying with the principles of the EU-US Privacy Shield framework. Webflow is certified accordingly and is listed on this roster. For more information, please visit: https://www.dataprivacyframework.gov/s/
To align with data protection regulations, we have entered into a data processing agreement with Webflow, following Art. 28 of the GDPR, complemented by the EU Standard Contractual Clauses.The processing of personal data in relation to the use of Webflow is grounded on Article 6(1)(f) of the GDPR.For more detailed information about the nature and extent of data collection and processing by Webflow, we encourage you to consult the privacy policies available on Webflow's website, which can be accessed at: https://webflow.com/legal/privacy
Controller of Personal Data and Contact Information
MODNA ZNAMKA CESAREC, Proizvodnja modnih oblačil, MARINA CESAREC S.P., located at Užiška ulica 1, 9240 Ljutomer, Slovenia is the controller of your personal data.For any inquiries related to this Privacy Policy, the confidentiality of your personal data, our processing practices, or to exercise your rights concerning personal data, please reach out to the designated contact person or the data protection officer at MODNA ZNAMKA CESAREC, Proizvodnja modnih oblačil, MARINA CESAREC S.P.. You can submit your questions by emailing us at info@cesarec.eu.
Thank you and enjoy our website!