Privacy Policy

September 2020


PELIA ORGANIC, d. o. o., respects the privacy of its customers, therefore we handle personal data attentively, responsibly, carefully and in accordance with applicable regulations in the field of personal data protection in the Republic of Slovenia and the European Union.

The Privacy Policy sets out how PELIA ORGANIC, d. o. o., as personal data controller in terms of the General Data Protection Regulation (GDPR) and the ePrivacy Regulation, is collecting and processing personal data and other user data.

Your personal data will be protected and accessible only to authorized personnel and carefully selected contract processors, to the extent and for purposes strictly necessary to exercise the rights and obligations arising from the contractual relationship with the online-store customer or website user – in accordance with express consents given and for the needs of legitimate interests pursued by the operator.

Throughout the processing, we care to maintain the confidentiality and integrity of personal data as well as to prevent their loss or unintentional destruction. We will not use personal information for any purpose that would harm the data subject or any other person involved.

1. Categories of collected data


1. IDENTIFICATION DATA (name, surname, company name, TIN, country, street, apartment, floor, ZIP code, city, telephone number, e-mail address, password, VAT ID (if the buyer is a legal entity) – these data are collected when placing an order in the online store and when registering a user profile;

2. CONTACT DATA (delivery address, e-mail address, telephone number, invoice address, and social media profiles, if you use the “Share on social networks” function) – these data are collected when placing an order in the online store and when registering a user profile;

3. USER-ACCOUNT SETTINGS (user profile, saved delivery address, newsletter subscriptions, shopping list, favourite items, etc.) – these data are stored only for inspection by the registered user, the administrator does not have access to the list of favourite items and wishes;

4. DATA ON ORDERS (data on ordered items, payment method, claims, enforcement of factual errors, complaints);

5. INFORMATION ON THE HABITS AND INTERESTS OF ONLINE STORE VISITORS (how anonymized users use the website, information on searched items and services, links used, the method of searching and navigating the website/online store and information on devices used to access the website (IP-address, location, device ID, other technical parameters of the device, such as operating system, version, screen resolution, selected browser and browser version, reference page, date and time of access, amount of transferred data, transfer status, interface, language and data obtained through cookies and similar device identification technologies)) – these data are used for Google Analytics services, especially the Search Console; we do not use these data for advertising purposes.

We provide you with access to our website via your IP-address. When we no longer need your IP-address for this purpose, we shorten it by removing the last octet of your IP-address. We will use metadata, including the abbreviated IP-address, to analyse user behaviour, which helps to improve the quality of performance and services within our website or application.

6. DERIVED DATA, including personal data obtained from the user profile, data on items purchased by the user, data on online habits and user behaviour concerning reading messages – these are mainly data on consumer habits and attitudes towards various items and services.

2. Purposes of personal data processing
2.1   Processing unregistered guests’ personal data for the purpose of monitoring and execution of received orders and obtaining analytical data in order to optimize the website and the online store offer

For the purpose of order execution, the following personal data are processed: name, surname, company name, TIN, VAT ID number, country, street, apartment, floor, ZIP code, city, phone number, e-mail address. The provision of these personal data by the user is mandatory for the purposes of order execution and represents a condition for the use of the above service. The user’s Failure to provide personal data will result in the inability of placing an order.

2.2   Processing of personal data due to the registration of a user profile in the online store

For the purposes of using a user account in the online store, including all e-services of the online store, the following personal data are processed: name, surname, company name, TIN, VAT ID number, country, street, apartment, floor, ZIP code, city, phone number, e-mail address and password.

Personal data are collected and processed to simplify and facilitate the ordering of items and services; to provide users with access to information related to their orders; to improve the transparency of administrative procedures when executing orders; to store favourite items and items added to the cart; to review past orders; to provide advantages following the use of coupons; to arrange Newsletter and advertising messages subscriptions; to inform the user about customized offers; to optimize the business activity by analysing and studying shopping habits of users and to adjust the offer to the wishes and interests of the user; to optimize business costs aiming to achieve the highest level of user satisfaction (these data are processed by the operator in an anonymized or pseudonymous form); to facilitate processing of complaints and exercising other consumer rights; to inform the user in case of technical or legal issues concerning the use of the online store and other online services provided by the operator.

The operator may also from time to time prompt the user to verify the accuracy of his or her user profile data. The provision of these personal data by the user is voluntary, however, it represents a registration condition. Failure to provide personal data will result in the inability of the user to register and use the user profile in the online store.

Data processing during the use of the user profile does not include profiling.

2.3 Processing of personal data for direct marketing purposes

The operator will use the user’s personal data for the purpose of direct marketing exclusively following prior explicit and voluntary consent of the user. The user can revoke his consent at any time by sending a written message via the e-mail address, or by using the unsubscribe link provided within each operator’s direct marketing e-mail. User consent revocation does not affect the lawfulness of personal data processing carried out based on a previously granted consent (i.e. before the consent revocation).

2.4   Processing of personal data for the purpose of fulfilling legal obligations

The operator may process the user’s personal data in order to fulfil own legal obligations. This particularly includes:

a) Processing data on payments for services, to meet tax and accounting obligations; and

b) Information disclosure as requested by authorities, including courts, based on and to the extent of generally applicable provisions.

2.5 Processing of personal data for the purposes of legitimate interests of the operator or a third party, provided that such legitimate interests do not outweigh the interests or fundamental rights and freedoms of the user

The operator may process the user’s personal data for the purposes of operator’s legitimate interests, e.g. asserting, enforcing or defending legal claims in order to protect the rights and interests of the operator, other users or third parties, to exercise and enforce the rights and obligations set out in the General Terms & Conditions of Trade (and Use) or for the purposes of status changes and reorganization.

The operator is collecting personal data on his website via cookies also during user visits, for the purposes of providing certain functionalities and improved user experience, security, smooth website and online-store operation, and counting website users. Read more about the use of cookies below.

The operator provides all necessary technologies and organizational measures to ensure complete security of the purchase and protection of personal data when purchasing items and ordering services online. The data are encrypted and transferred to the operator’s server in a secure form. Thus, we ensure security against third-party interception of the user’s personal data in the online store. The operator ensures a secure payment transfer using a certified payment system.

3. Functions of third parties: social media and payment service providers

The website uses functions of social networks (Facebook, Instagram) and payment service providers (PayPal, etc.) – operated by third parties. These features may a.) collect data (name, e-mail address, telephone number, postal address, date of birth, payment information (credit/debit card number, expiration date, CVV / CVC number and cardholder’s name, your IP-address, the pages you visit on our website) and b.) set cookies or use similar technologies enabling proper functioning of individual website features.

If you have logged into your user account from a device located at a third party, the respective third party will be able to link information about your visit to our website with you through your user account. Similarly, a third party can record user interactions with these features even when visiting e.g. the Facebook or Instagram page of Pelia Organic, d. o. o. An individual’s interactions with these features are governed by the Privacy Policy of the third party offering that feature. To learn more about the collection and processing of personal data by a third party, read their (relevant) Privacy Policy.

4. Links to other sites

The website may contain links to other websites operated by third parties. We remind you to review the privacy and security policies of these external sites when visiting them. In any case, the user should check the relevant privacy policy of these external websites – before providing them with personal data.

5. Prize games

Within the frame of prize games, the company PELIA ORGANIC, d. o. o., will collect and process the following personal data based on your written consent: your name and surname, postal address, e-mail address, start date of participation, selection of the winner, prize, answer to the respective question. PELIA ORGANIC, d. o. o., will process such personal data in order to organize a prize game, inform the winner, hand over the prize, carry out the event, fulfil its legal obligations and for marketing purposes in accordance with the consents given.

6. Website user rights
6.1 Change and accuracy of data, and the right to rectification

The user guarantees the correctness, accuracy and truthfulness of the data provided to the operator. The operator will not be held responsible for any possible consequences of inaccurate, incorrect or untrue data provided by the user.

The user is obliged to notify the operator of any change or addition to personal data (especially name, surname, e-mail address, etc.) in writing, no later than 15 days after the occurrence of the change.

The user can exercise his right to data rectification in writing via the e-mail address

The operator will process the change of personal data within 5 working days, however not later than 1 month from receiving the written notice. If the user does not report the respective change of personal data, the operator will not be held responsible for any errors considering sent orders, promotional and other messages as well as granted price advantages.

To change personal data for an order already placed, please see the General Terms and Conditions of Trade.

6.2 The right to objection or revocation of consent to the use of personal data for advertising and marketing purposes

A user who has given consent to the use of his personal data may at any time, temporarily or permanently, object to data processing for the purposes of:

a) Direct marketing – sending of general offers and price advantages;

b) Informing the user about customized offers;

c) Conducting market research.

The user may not object to other purposes of personal data processing, related to the use of the user account, unless he requests the user profile to be deleted, as provided by the General Terms and Conditions of Trade (and Use) of the online store. In this case, the user loses all rights and advantages arising from the possession of the respective user profile.

The user may inform the operator of changes to his consent via the e-mail address

In case of receiving an objection or changes of information settings, the operator typically prevents or adjusts client information within a maximum of 5 business days, however not later than 1 month from receiving the objection notice or changes of user settings. If the information campaign was prepared before processing the objection or change of settings, it is possible that the user will still receive one last notification. Revocation of consent does not affect the lawfulness of personal data processing executed before the consent revocation.

The user will be able to use his profile in the online store despite the above objection or change of settings. After that, the user will receive only the information necessary to execute placed orders and to enable the basic use of the user profile.

7. Other users of personal data

The operator will not provide the user’s personal data to third parties without prior written consent or submission of authorization by the user. Exceptions only apply for:

a) EXTERNAL CONTRACTORS processing data exclusively on behalf of, for the account of, under the direction and under the control of the operator (e.g. service providers providing services to the operator and from whom the operator orders certain items, as necessary for contract performance; printers, advertising agencies, IT-services, accounting services and external administrators); external contractors are carefully selected and monitored by the operator;

b) STATE BODIES, on the basis of their reasoned written request for the purposes of a specific procedure.

The above companies may be located in countries outside the European Union (hereinafter “third countries”), where the level of personal data protection may not be as comprehensive as in the European Union. In the event of personal data transfer to third countries, the operator undertakes to ensure appropriate user data protection measures (e.g. by concluding agreements on the transfer of personal data including standard data protection provisions adopted or approved by the European Commission).

8. Personal data retention period

The operator will retain the user’s personal data as long as the user has a registered profile unless longer retention of certain data is provided by law and a special retention period is set for it.

In case of cancellation/deletion of the user profile by the operator, the data, in accordance with the internal rules of the controller and tax legislation, will be stored for 5 years from cancellation/deletion (unless the law provides a longer retention period) and will not be processed for other purposes.

9.  User rights and enforcement thereof

The user has the right to send a written request for access to his personal data or data relating to him to the registered office of Pelia Organic, d. o. o., Ulica škofa Maksimilijana Držečnika 6, SI-2000 Maribor, EU, or via the e-mail address In the same way, the user may exercise the right to restrict the processing, to rectification, deletion, portability of his personal data or object to the processing thereof.

The operator is obliged to fulfill user requests within 1 month from receiving the request. This deadline can be extended by a maximum of 2 additional months, if necessary (depending on the complexity of the matter).

In case of suspicion of data processing violations, an individual has the right to file a complaint to the Office of the Information Commissioner, at the address: Zaloška 59, SI-1000 Ljubljana,

10. Information on personal data protection 

Users can send all questions related to personal data protection and exercise of their rights:

a) Via regular mail to: Pelia Organic, d. o. o., Ulica škofa Maksimilijana Držečnika 6, SI-2000 Maribor, EU;

b) Via e-mail to:

11. Cookies

This website uses cookies. Therefore, we are stating some details on the use of cookies and the possibilities of control over saving or deleting cookies.

11.1 What are cookies?

Information downloaded from websites to the user’s hard drive are called “cookies”. Those are no computer programs, but small data files allowing websites to access and store data on browsing patterns of individual users.

Most websites use cookies because they represent one of the tools to improve the user experience of the website. With the help of cookies, websites are able to provide personalized services (e.g. they store login information, keep items in the cart or display relevant content).

There are several types of cookies (listed below). However, depending on the duration of cookie storage: temporary cookies (or session cookies) are deleted when you close the browser. On the other hand, persistent cookies are not deleted, but remain stored on the user’s hard drive until they expire or are actively deleted by the user (depending on the cookie storage time (on the user’s hard drive) settings by the operator).

11.2 Disabling or deleting cookies

Most browsers are set to automatically accept cookies. You can disable cookies in your browser, but be aware that you can also disable features of key importance for proper functioning of this website.

For detailed information on cookies, visit . This website contains comprehensive and independent information about disabling cookies using your browser settings or deleting cookies already stored on your computer. To delete cookies from your mobile device, see your device’s instructions for use.

11.3 Different types of cookies

This website uses cookies to ensure the best possible user experience. Each time you access the website, a transfer of cookies / access to cooky settings will follow. The types of cookies are listed below.

Strictly necessary cookies – These cookies are necessary for navigating the website and using all functions, such as access to safe areas of the site. Without these cookies, we cannot provide you with required services, such as making a purchase.

Performance cookies – These cookies collect information about the way users use the website, e.g. which pages they access most often and whether they get error messages on those pages. These cookies do not collect data enabling user identification. All data collected by these cookies are displayed in aggregate form and are therefore anonymized. They are used exclusively to improve the performance of the site.

Functionality cookies – These cookies allow the website to store your selections (such as name, language or region) and provide you with enhanced, personalized features. The data collected by these cookies are anonymized, so these cookies cannot track your activities while you are browsing other websites.

Targeting or Advertising cookies – These cookies are used to display advertisements according to your interests. In addition, we use them to limit the display number of a particular ad and to measure the effectiveness of an advertising campaign. With the express permission of PELIA ORGANIC, d. o. o., they are installed by market operators within our advertising network. These cookies remember your website visits and share this information with other organizations, e.g. with advertisers. Targeting or advertising cookies are often associated with the functionality of the site, provided by the respective other organization.

11.4 List of used cookies
Name Use Provider Valid for
NID A cookie that records your search preferences (eg: preferred language). Google 1 year
PH_HPXY_CHECK The cookie is used by the web hosting security system to prevent brute force attacks and does not enable the identification of individual users. Pelia Organic Session
cookielawinfo-checkbox-non-necessary The cookies is used to store the user consent for the cookies in the category “Non-necessary”. Pelia Organic 1 year
CookieLawInfoConsent The cookie is used to store the summary of the consent given for cookie usage. It does not store any personal data. Pelia Organic 1 year
_fbp This cookie is used to provide you with more relevant advertising across Facebook. Facebook 1 year
_ga Used to distinguish users. Google 2 years
cookielawinfo-checkbox-necessary The cookies is used to store the user consent for the cookies in the category “Necessary”. Pelia Organic 1 year
_gat_gtag_UA_ The cookies is used to store the user consent for the cookies in the category “Non-necessary”. Google 1 minute
_gid The cookie is used to store information of how visitors use the website. Google 24 hours
fr To Enable ad retargeting. Facebook 3 months
viewed_cookie_policy The cookie is set to “yes” when the Cookie law info bar has been viewed and accepted. Pelia Organic 1 year
wp-wpml_current_language Determines the language that is selected on the page. Pelia Organic Session
woocommerce_cart_hash Helps WooCommerce determine when cart contents/data changes. Pelia Organic Session
wp_woocommerce_session_ Contains a unique code for each customer so that it knows where to find the cart data in the database for each customer. Pelia Organic 2 days
woocommerce_items_in_cart Helps WooCommerce determine when cart contents/data changes. Pelia Organic Session
wordpress_logged_in_ Indicates when the user is logged in, and who it is. Pelia Organic Session
wordpress_sec_ Indicates when you’re logged in, and who you are, path /wp-admin. Pelia Organic Session


12. Changes to the Privacy Policy

The operator reserves the right to change this Privacy Policy at any time. The obligation to inform the clients about respective changes is fulfilled by the publication of the current version of the Privacy Policy on the website . The changed Privacy Policy takes effect on the date of publication, unless applicable regulations provide otherwise. Continued use of the website and services after publication (client information) means that the user agrees with the changes to the Privacy Policy.


Iva Rat, CEO