CardPoint CARDPOINT
0
English

Privacy Policy

Introduction

This Privacy Policy describes how CardPoint ("we", "us", or "our") collects, uses, and shares your personal information when you use our website located at cardpoint.si (the "Site").

We are committed to protecting and respecting your privacy in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws in Slovenia and the European Union.

Information We Collect

We collect the following types of information when you use our Site:

Account Information

When you register, we collect your name, email address, and password.

Order Information

When you make a purchase, we collect your shipping address, contact information, and order details (products purchased, quantities, prices).

Payment Information

Payment card details are collected and processed securely by Stripe. We never store your full payment card information on our servers.

Usage Data

We automatically collect information about how you use our Site, including IP address, browser type, device information, and pages visited.

Cookies and Session Data

We use cookies to maintain your shopping cart, keep you logged in, and improve your browsing experience.

How We Use Your Information

We use the information we collect for the following purposes:

  • To create and manage your account
  • To process your orders and arrange shipping
  • To send order confirmations, shipping notifications, and tracking information
  • To maintain your shopping cart across sessions
  • To provide customer support and respond to your inquiries
  • To improve our product selection and website functionality
  • To detect and prevent fraud and abuse
  • To comply with legal obligations and enforce our Terms of Service

We do not use your information for marketing purposes unless you explicitly opt-in to receive promotional emails.

Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR:

  • Contract Performance: To provide services you have requested (e.g., processing orders)
  • Legitimate Interests: To improve our services and ensure site security
  • Legal Obligation: To comply with applicable laws
  • Consent: When you explicitly consent to specific processing activities

Information Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties for commercial purposes. We may share your information with:

Service Providers

We may share your information with trusted third-party service providers who assist us in operating our Site, conducting business, or serving our users (e.g., payment processors, hosting services).

Legal Compliance

We may disclose your information if required to do so by law or in response to valid requests by public authorities.

Business Transfers

In the event of a merger, acquisition, or sale of all or part of our assets, your information may be transferred as part of that transaction.

When sharing data with service providers, we ensure they provide adequate protection for your personal data.

Data Retention

We retain personal data for as long as necessary to fulfill the purposes for which it was collected and for legal compliance purposes. The retention period varies depending on:

  • The type of personal data collected
  • The purpose for which it was collected
  • Legal obligations applicable to us

We will delete your personal data when it is no longer required for these purposes, unless retention is required by law.

Your Rights Under GDPR

As a resident of the European Union, you have the following rights regarding your personal data:

  • Right to be informed about how we use your personal data
  • Right of access to your personal data
  • Right to rectification of inaccurate personal data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing of your personal data
  • Right to data portability (in electronic format)
  • Right to object to processing of your personal data
  • Right to withdraw consent where processing is based on consent

If you wish to exercise any of these rights, please contact us using the contact details provided below.

Data Security

We implement appropriate technical and organizational measures to protect against unauthorized access to your personal information. These include:

  • Secure transmission of data using HTTPS and SSL encryption
  • Secure storage of personal data with access controls
  • Regular security assessments and updates
  • Staff training on data protection principles

However, no method of transmission over the internet or method of electronic storage is 100% secure, and we cannot guarantee absolute security.

Cookies

We use cookies and similar technologies to enhance your experience on our Site. Cookies are small text files stored on your device when you visit our website.

We use the following types of cookies:

  • Essential Cookies: Necessary for the website to function properly
  • Performance Cookies: Help us understand how visitors interact with our site
  • Functionality Cookies: Enable enhanced functionality and personalization

You can control and/or delete cookies as you wish. For more information, visit aboutcookies.org.

Children's Privacy

Our Site does not address anyone under the age of 16. We do not knowingly collect personal information from children under 16. In the case we discover that a child under 16 has provided us with personal information, we immediately delete this from our servers.

If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us so that we can take necessary steps.

International Data Transfers

Where we transfer your personal data outside the European Economic Area (EEA), we ensure that it receives adequate protection through:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Reliance on adequacy decisions made by the European Commission
  • Other appropriate safeguards in accordance with GDPR requirements

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

info@cardpoint.si

Data Protection Contact

For privacy-related requests, you may also contact our Data Protection Officer at the same address.

If you believe that we have not addressed your concern in a satisfactory manner, you have the right to lodge a complaint with the Information Commissioner's Office or the relevant supervisory authority in Slovenia.

Back to Home

Newsletter

Subscribe to get updates on new products and special offers.