Introduction

Personal data that is collected, stored, and processed within the Shiftplan Solution are subject to the current data processing agreement between the subscriber and Plandela company. The Controller of said personal data in this case is the subscriber, while Plandela d.o.o. is merely a Processor. This privacy policy serves as informative only; for details regarding the policy on managing personal data within the solution, please contact the Controller.

The privacy policy for personal data handled within the sales and support processes of Plandela d.o.o. is available in a separate document.

Controller Information

The controller of personal data is the subscriber of the Shiftplan solution, uniquely linked to the web address for accessing the solution (usually the company or organization where you are or were employed). For inquiries, requests, and questions regarding personal data, please contact the company or organization associated with the installation web address. If you need assistance in finding the appropriate contact or if you're unsure whether the personal data is managed by us or the subscriber, you can contact our Data Protection Officer through the dedicated email address gdpr@plandela.si.

Types and Purposes of Data Collection

Personal data within the solution is collected, stored, and processed for the purpose of managing work time, in accordance with agreed functionalities and solution modules, as well as ensuring traceability and information security. The scope of data collection is determined by the current data processing agreement between the subscriber and Plandela. For detailed information about the types and purposes of data collection, please contact the subscriber managing the personal data within the solution.

Rights of the Individual Whose Personal Data Is Concerned

To exercise rights regarding personal data, please contact the subscriber of the solution who manages the personal data within the solution.

Security of Personal Data

We ensure the highest level of care in protecting personal data within the company and with processors, using appropriate physical and organizational measures to safeguard information in compliance with ISO/IEC 27001:2013 standards.