Privacy Policy

Introduction

nextriseio d.o.o. ("we", "our", or "us") is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you visit our website or use our services. We are the data controller for the purposes of the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Data Controller Information

The data controller responsible for your personal data is nextriseio d.o.o., a company registered in Slovenia with registration number 1958234678, VAT number SI19564398, and registered address at Gosposvetska cesta 141, 6097 Koper, Slovenia.

Data We Collect

We collect personal data when you interact with our website, contact us, or use our services. The types of data collection include:

• Contact information (name, email address, phone number, postal address)
• Professional information (company name, job title, business details)
• Communication data (messages, enquiries, correspondence)
• Technical data (IP address, browser type, device information, cookies)
• Usage data (pages visited, time spent on site, click patterns)
• Financial information (when providing our services, as necessary for compliance)

How We Use Your Information

We use of your data for the following purposes, based on legitimate legal grounds:

• To provide and deliver our wealth finance and capital preservation services
• To respond to your enquiries and communicate with you about our services
• To improve our website functionality and user experience
• To comply with legal and regulatory obligations
• To protect our business interests and prevent fraud
• To send marketing communications (with your consent)
• To analyse website performance and user behaviour

Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR: (a) Your consent for marketing communications and cookies; (b) Performance of a contract when providing services; (c) Legitimate interests for business operations, security, and improvements; (d) Legal obligation for compliance with financial regulations and tax requirements.

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner. For detailed information about our use of cookies, please refer to our Cookie Policy.

Data Sharing and Third Parties

We may share your personal data with trusted third parties including: service providers who assist with website hosting, analytics, and marketing; professional advisors such as lawyers and accountants; regulatory authorities when required by law; business partners for joint service delivery (with your consent). We do not sell your personal data to third parties.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption, secure servers, access controls, and regular security assessments. However, no method of transmission over the internet is completely secure.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy. Specifically: contact enquiries are retained for 3 years; client data is retained for 7 years after service completion; marketing data until you withdraw consent; website analytics data for 26 months. We may retain certain data longer if required by law or for legitimate business interests.

Your Rights

Under GDPR and applicable data protection laws, your rights include:

• Right of access: Request copies of your personal data
• Right to rectification: Correct inaccurate or incomplete data
• Right to erasure: Request deletion of your data in certain circumstances
• Right to restrict processing: Limit how we use your data
• Right to data portability: Receive your data in a structured format
• Right to object: Object to processing based on legitimate interests
• Right to withdraw consent: Withdraw consent for marketing or cookies

International Data Transfers

We primarily process data within the European Economic Area (EEA). If we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions by the European Commission.

Children's Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will delete it promptly.

Contact Information

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

Complaints

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with the relevant supervisory authority. In Slovenia, this is the Information Commissioner (Informacijski pooblaščenec) at www.ip-rs.si.

Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. We will notify you of significant changes by posting the updated policy on our website with a new "last updated" date. Your continued use of our services after such changes constitutes acceptance of the updated policy.