Privacy Policy

Introduction

fluxcrest d.o.o. ("we", "our", or "us") is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, process, and protect your information when you use our corporate wellness programme guidance services and visit our website at fluxcrest.pro.

As a company based in Slovenia and operating within the European Union, we comply with the General Data Protection Regulation (GDPR) and all applicable data protection laws.

Data Controller Information

The data controller for your personal information is:

Data We Collect

We collect and process various types of personal data depending on how you interact with our services. The data we collect includes:

Contact Information

• Name and surname
• Email address
• Phone number
• Company name and position
• Business address

Website Usage Data

• IP address and location data
• Browser type and version
• Pages visited and time spent on site
• Referral sources
• Device information

Communication Data

• Messages sent through contact forms
• Email correspondence
• Records of phone conversations (when relevant to service delivery)
• Meeting notes and consultation records

How We Use Your Information

We process your personal data for specific purposes based on lawful grounds under GDPR. Here's how we use your information:

Service Delivery (Legal basis: Contract performance)

• Providing corporate wellness programme guidance
• Responding to enquiries and consultation requests
• Delivering agreed services and support
• Managing client relationships

Communication (Legal basis: Legitimate interest)

• Responding to your questions and requests
• Sending service-related updates
• Providing customer support

Website Improvement (Legal basis: Legitimate interest)

• Analysing website usage patterns
• Improving user experience
• Ensuring website security

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about our use of cookies, please refer to our Cookie Policy.

Data Sharing and Third Parties

We do not sell your personal data to third parties. We may share your information only in the following circumstances:

• Service Providers: With trusted partners who assist in delivering our services (e.g., email hosting, analytics)
• Legal Requirements: When required by law or to protect our legal rights
• Business Transfers: In the event of a merger, acquisition, or sale of assets

All third-party service providers are required to maintain appropriate security measures and use your data only for specified purposes.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:

• Client data: For the duration of our business relationship plus 7 years for legal and tax purposes
• Website analytics: Maximum 26 months
• Marketing data: Until you withdraw consent or 3 years of inactivity
• Legal communications: 10 years or as required by law

Your Rights

Under GDPR, you have the following rights regarding your personal data:

• Right of access: Request a copy of your personal data
• Right to rectification: Correct inaccurate or incomplete data
• Right to erasure: Request deletion of your data (subject to legal obligations)
• Right to restrict processing: Limit how we use your data
• Right to data portability: Receive your data in a structured format
• Right to object: Object to processing based on legitimate interests
• Right to withdraw consent: Where processing is based on consent

To exercise any of these rights, please contact us at privacy@fluxcrest.pro or +386 51229649.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication measures
• Staff training on data protection
• Incident response procedures

International Data Transfers

As we operate within the EU, your data is primarily processed within the European Economic Area. If we need to transfer data outside the EEA, we ensure appropriate safeguards are in place, such as adequacy decisions or standard contractual clauses approved by the European Commission.

Children's Privacy

Our services are designed for businesses and professional use. We do not knowingly collect personal data from individuals under 16 years of age. If we become aware that we have collected data from a child under 16, we will take steps to delete such information.

Contact Us

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us:

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. We encourage you to review this policy periodically.