Article 12 of the General Data Protection Regulation (hereinafter referred to as the GDPR)
January 29, 2025
At Ngen d.o.o., we are committed to respecting the privacy of our customers, which is why we handle your personal data responsibly, carefully, and in accordance with applicable laws and the company's internal regulations.
In line with this, Ngen will ensure that, in addition to processing personal data as required by law, we are limiting processing of the personal data necessary to provide you with the highest quality products and services. For the purposes of direct marketing, informing you about new products and services, other marketing activities, or preparing personalized offers, we will request your voluntary, informed, specific, and unambiguous consent for the processing of personal data. We will also inform you about the specific purpose for which your personal data will be used and your rights under applicable legislation when you provide us with your data.
NGEN energetske rešitve d.o.o. (hereinafter referred to as Ngen or the Controller)
Address: Moste 101, 4274 Žirovnica, Slovenia
Phone: +386 (0)4 581 20 20
Email: info@ngen.si
At Ngen, we process your personal data in accordance with the legal bases defined in the GDPR: (i) implicit consent, (ii) contract performance, (iii) legal obligations, and (iv) legitimate interests pursued by the controller or a third party. Personal data is collected for lawful purposes in the minimum necessary scope and duration required to achieve the purpose or as long as a legal basis exists.
i. Implicit Consent
Your data is processed based on consent given for specific purposes, such as:
You can withdraw or modify your consent at any time. A withdrawal request can be sent to the email address Etics Point NGEN eticspoint@ngen-group.eu or to the controller's headquarters, indicating the person and consent being withdrawn. Withdrawal or modification of consent only applies to the personal data processed based on that consent. The possibility of withdrawing consent does not in any form constitute a right to terminate the valid contractual relationship with us. Withdrawal does not affect the legality of processing carried out prior to the withdrawal.
ii. Contract Performance
Ngen processes your personal data for the purpose of contract conclusion and fulfillment of contractual obligations.
For this purpose, the following processing activities are carried out: identification of the individual, acquisition and processing of authorizations needed for contract execution, preparation of offers or other necessary contractual documentation, conclusion of a new contract or modification of the contractual relationship, delivery and invoicing of services or goods under the contract, issuance and settlement of invoices, monitoring of payments and their collection, resolution of complaints and technical issues, and carrying out other actions necessary to fulfill contractual obligations.
We obtain data directly from you, but also from other sources, such as the system operator of the electricity distribution network, publicly accessible sources (e.g., the Land Register), other competent or authorized state bodies or institutions, as well as data obtained from our own records of the data controller and related companies.
The purpose of processing your personal data is to prepare offers and/or contracts, execute the contract, inform you about installation conditions, assess the post-installation status, manage overdue receivables due to unpaid obligations, and provide other information necessary for the quality execution of the contractual relationship to the satisfaction of both contracting parties. For the successful execution of the contract, we require and process the necessary data, mainly: data about the contractual relationship, which is obtained before the contract is concluded and during its execution (your identification and contact details; details of the contract or annex to the contract), tax number, bank account number, data about the metering or consumption point, data about the production facility, metering and billing data, and data about users of the justCharge and SG Connect web portals.
Personal data processed based on the conclusion or execution of a contract may be retained for the purpose of fulfilling contractual obligations as long as necessary for the conclusion or execution of the contract and the exercise of rights and obligations arising from the concluded contract, or until the expiration of the legally prescribed period for asserting legal protection of the contracting parties.
iii. Legal Obligations
Your personal data is processed in accordance with applicable laws, such as energy Act, consumer protection, data protection, electronic communications, obligations, enforcement, tax laws, excise duties, and others that bind the controller.
In accordance with energy Act, we are obligated to process your personal data for the purpose of executing the supply contract and for the purpose of preparing operational forecasts.
iv. Legitimate Interest
Your personal data may be processed based on our legitimate interest, which is determined by a careful assessment that your interests, rights, and freedoms do not override the legitimate interests of the data controller.
In line with this we carry out the following processing activities:
Video surveillance: We conduct video surveillance to ensure the safety of people and property, protect data and trade secrets, secure office spaces, and monitor entry and exit in areas where the aforementioned interests need to be safeguarded. During video surveillance, your personal data is processed to the necessary extent, and surveillance is conducted only in areas deemed potentially at risk. Notifications of the video surveillance system are placed before you enter monitored area. Detailed information about video surveillance is available on www.ngen-group.eu.
Visitor data: We maintain visitor data to ensure the safety of people and property, track visitor movements, and protect trade secrets. We record information such as name, surname, date and time of arrival and departure, company name, and host's name. This data is stored for a maximum of 2 years from the time of entry into the records.
We process personal data of various categories of individuals based on different legal grounds:
We use Cookies and similar tracking technologies to track the activity on our websites and store certain information. Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyse our websites. The technologies we use may include:
Cookies or Browser Cookies. A cookie is a small file placed on your device. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if You do not accept cookies, you may not be able to use some parts of our websites. Unless you have adjusted your browser setting so that it will refuse cookies, our service may use cookies.
Web Beacons. Certain sections our websites and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of a certain section and verifying system and server integrity).
Cookies can be 'Persistent' or 'Session' Cookies. Persistent cookies remain on Your personal computer or mobile device when You go offline, while session cookies are deleted as soon as you close your web browser.
We use both session and persistent cookies for the purposes set out below:
Necessary / Essential Cookies
Type: Session Cookies
Administered by: Us
Purpose: These cookies are essential to provide you with services available through the websites and to enable You to use some of its features. They help to authenticate users. Without these cookies, the services that you have asked for cannot be provided, and we only use these cookies to provide You with those services.
Cookies Policy / Notice Acceptance Cookies
Type: Persistent Cookies
Administered by: Us
Purpose: These Cookies identify if users have accepted the use of cookies on the websites.
Functionality Cookies
Type: Persistent Cookies
Administered by: Us
Purpose: These cookies allow us to remember choices You make when you use the websites, such as remembering your login details or language preference. The purpose of these cookies is to provide you with a more personal experience and to avoid you having to re-enter your preferences every time you use the websites.
| Name | Duration | Purpose |
|---|---|---|
| XSRF-TOKEN | 24 hours | Generated security token for requests on this website |
| _clck | 24 hours | Your Microsoft Clarity ID for storing and tracking pageviews |
| _clsk | 48 hours | Used for storing and combining pageviews into a single session recording |
| _ga | 1 month | Used for storing and counting pageviews |
| _ga_* | 1 month | Your Google Analytics ID for pageviews and other statistics |
| _gcl_au | 3 months | Used for storing and tracking conversions on website |
| cc_cookie | 182 days | Remembers your decision on what types of cookies you agree to use |
| sg_connect_session | 24 hours | Your unique session ID for providing functions across pages |
Users of your personal data include:
Our contractual processors may also process your personal data, such as service providers for IT support, document printing and mailing services, debt collection services, etc.
Personal data is processed by employees of the controller who are responsible for processing in a specific work area and in accordance with the assigned authorizations. The individuals processing your personal data are professionally trained in the field of data protection. We use personal data within the parent company Ngen and its subsidiaries, listed on the website www.ngen-group.eu, if it is consistent with the purpose of the processing.
We may utilize services provided by third parties to enhance user experience and facilitate customer or sales support (the Third-Party Support). The Third-Party Support can be provided either by humans or automated tools, including artificial intelligence.
The Third-Party Support providers may collect, process, and store personal data that You provide during Your interactions. The processing of this data is governed by the GDPR and the following conditions apply:
Data Collection: The information collected through the Third-Party Support may include, but is not limited to, your name, email address, chat history, and any other personal data you choose to provide. This data is necessary to offer you personalized assistance and improve the services we offer.
Purpose of Processing: The data collected by the Third-Party Support may be used for customer and sales support, responding to inquiries, improving our services, and for other purposes specified in this Privacy Policy. The Third-Party may also process Your data to enhance the functionality and performance of the service.
Legal Basis for Processing: The legal basis for the processing of Your Personal Data by the Third-Party Support is either your consent, which you provide by interacting with the Third-Party Support, or our legitimate interest in providing efficient customer service and improving our offerings.
Data Sharing and Transfer: The data processed by the Third-Party Support provider may be transferred to, processed, and stored in, countries outside the European Economic Area (EEA). In such cases, we ensure that appropriate safeguards are in place to protect your data.
Third-Party Accountability: The Third-Party Support providers are data processors under GDPR, and they are contractually obligated to process your data only in accordance with our instructions, to maintain confidentiality, and to implement adequate security measures to protect your data.
Data Retention: The data collected by the Third-Party Support may be retained for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. You have the right to request the deletion of your data at any time, subject to legal or contractual obligations.
Your Rights: Under the GDPR, you have the right to access, rectify, or erase your Personal Data, restrict or object to its processing, and the right to data portability. If you wish to exercise any of these rights in relation to the data processed by the Third-Party Support, please contact us.
Withdrawal of Consent: If the processing of your data by the Third-Party Support is based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
Ngen and its subsidiaries may act as joint controllers of personal data. If you provide your personal data to one of the Ngen group companies, both the subsidiary and the parent company may process your data based on a joint data management agreement.
Ngen will not transfer your personal data to third countries outside the EU or to international organizations.
If such a transfer is necessary, it will be done after careful consideration of legal bases and protective measures. Any transfer of personal data to third countries will be carried out by the controller with careful consideration and due diligence, in accordance with the principle of accountability. Information about the intended data transfer and the specific security mechanism will be provided to you in advance.
Ngen does not use automated decision-making in relation to contract execution or any other decision-making processes.
Ngen recognizes your rights concerning personal data protection, including:
