1. Introduction
The protection of your personal data is important to us.
This Privacy Policy explains how JustBecauseWhy d.o.o. collects, processes and protects personal data when you visit our website www.justbecausewhy.com or interact with our services.
We process personal data in accordance with the General Data Protection Regulation (GDPR) and applicable European data protection laws.
By using our website, you agree to the collection and processing of personal data as described in this Privacy Policy.
2. Controller
The controller responsible for data processing within the meaning of the General Data Protection Regulation (GDPR) is:
JustBecauseWhy d.o.o.
Parapatova ulica 19
1241 Kamnik
Slovenia
VAT Number: SI13551183
Company Registration Number: 7458410000
Registered in Slovenia (AJPES)
Email: info@justbecausewhy.com
Website: www.justbecausewhy.com
3. What Is Personal Data
“Personal data” means any information relating to an identified or identifiable natural person.
This includes information such as:
- name
- email address
- phone number
- location data
- IP address
- any other data that can be used to identify a person
4. Data Collected When Visiting Our Website
When you visit our website for informational purposes only, your browser automatically transmits certain technical data to our servers.
This may include:
- IP address
- browser type and version
- operating system
- referring website
- pages visited
- date and time of access
This data is used to ensure the technical operation and security of the website and to improve our services.
Legal basis: Article 6(1)(f) GDPR – legitimate interests
5. Contact Form and Business Inquiries
If you contact us through our contact form or email, we process the personal data you provide, such as:
- name
- email address
- company name
- message content
This information is used solely to respond to your inquiry and manage our communication with you.
Legal basis:
- Article 6(1)(b) GDPR – pre-contractual measures
- Article 6(1)(f) GDPR – legitimate interest in responding to inquiries
Your data will not be shared with third parties unless necessary for processing your request.
6. Wholesale Account Applications
If you apply for a wholesale account, we may collect business-related information such as:
- company name
- contact person
- business email
- phone number
- billing and shipping address
- VAT number
- website or social media profile
This data is used to review your application and manage the business relationship.
Legal basis: Article 6(1)(b) GDPR – performance of a contract or pre-contractual measures
7. Cookies
Our website uses cookies to improve functionality and user experience.
Cookies are small text files stored on your device. Some cookies are necessary for the operation of the website, while others help us understand how visitors use the site.
The legal basis for the use of cookies is:
- Article 6(1)(f) GDPR – legitimate interest
- Article 6(1)(a) GDPR – consent, where required
You can control or disable cookies through your browser settings.
8. Web Analytics and Tracking
We may use analytics tools to understand how visitors interact with our website and to improve our services.
These tools may collect information such as:
- IP address (in anonymized form)
- device type
- pages visited
- duration of visits
This data is used exclusively for statistical and website optimization purposes.
Legal basis: Article 6(1)(f) GDPR – legitimate interest
9. Data Sharing
Your personal data will only be shared with third parties when necessary, including:
- hosting providers
- logistics partners
- technical service providers
- payment service providers
Data is shared only to the extent required for the operation of our services and business activities.
All service providers process data in accordance with Article 28 GDPR (Data Processing Agreements).
10. International Data Transfers
If personal data is transferred outside the European Union (EU) or European Economic Area (EEA), such transfers will occur only where appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.
11. Data Retention
We store personal data only for as long as necessary to fulfill the purposes described in this policy or as required by legal obligations (for example accounting or tax regulations).
After the retention period expires, personal data will be securely deleted.
12. Data Security
We implement appropriate technical and organizational measures to protect personal data from unauthorized access, loss, misuse or alteration.
Our website uses SSL encryption to protect the transmission of confidential information.
13. Your Rights
Under the GDPR, you have the following rights regarding your personal data:
Right of access (Art. 15 GDPR)
You have the right to obtain information about the personal data we process about you.
Right to rectification (Art. 16 GDPR)
You have the right to request correction of inaccurate or incomplete data.
Right to erasure (Art. 17 GDPR)
You may request deletion of your personal data when there is no longer a legal basis for processing.
Right to restriction of processing (Art. 18 GDPR)
You may request limitation of processing under certain circumstances.
Right to data portability (Art. 20 GDPR)
You may request your personal data in a structured, machine-readable format.
Right to object (Art. 21 GDPR)
You may object to the processing of personal data based on legitimate interests.
Right to withdraw consent (Art. 7 GDPR)
If processing is based on consent, you may withdraw it at any time.
14. Right to Lodge a Complaint
If you believe that your personal data is being processed unlawfully, you have the right to lodge a complaint with a supervisory authority.
In Slovenia, the competent authority is:
Information Commissioner of the Republic of Slovenia (Informacijski pooblaščenec)
Website: https://www.ip-rs.si