Processing of Personal Data via Contact Forms

Data Controller

The controller of your personal data is:

TOSAMA d.o.o.
Šaranovičeva cesta 35,
1230 Domžale, Slovenia
Email: dpo@tosama.si

The appointed Data Protection Officer is:
Sabina Mikulin, Law Office Mikulin d.o.o.
Email: dpo@tosama.si

Purpose of Processing

We process your personal data exclusively for the purpose of:

 

    • Communicating with you

    • Responding to your inquiries, requests, or messages submitted via the contact form

Legal Basis for Processing

The legal basis for processing your personal data is your explicit consent, in accordance with Article 6(1)(a) of the General Data Protection Regulation (GDPR).

Personal Data We Process

When you use our contact form, we may collect the following information:

 

    • Name and surname

    • Email address

    • Company name and position

    • Communication content (e.g., inquiries, orders, feedback)

Data Security and Retention

We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, unlawful processing, accidental loss, destruction, or damage.

Your data will be:

 

    • Accessed only by authorized personnel and contractual processors (e.g., email service providers)

    • Retained only as long as necessary to fulfill the purpose of communication

    • Specifically, retained for 12 months after receipt of your message, after which it will be permanently deleted

In the event of a suspected data breach, we follow our internal incident response procedures and notify the relevant supervisory authorities if required.

Data Sharing

Your personal data will not be shared with third parties, except:

 

    • Contractual processors who provide secure email and hosting services

    • Competent authorities, only when legally required (e.g., in cases of misuse or legal violations)

Your Rights

As a data subject, you have the following rights under the GDPR:

 

    • Right of access to your personal data

    • Right to rectification of inaccurate or incomplete data

    • Right to restriction or blocking of processing

    • Right to erasure (“right to be forgotten”)

    • Right to object to the processing of your data

    • Right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal

To exercise your rights, please contact us at:

 

    • Mail: TOSAMA d.o.o., Šaranovičeva cesta 35, 1230 Domžale, Slovenia

We will respond to your request as promptly as possible, and no later than the legally required deadline.

Supervisory Authority

If you believe that your personal data is being processed in violation of the GDPR or national data protection laws, you have the right to lodge a complaint with the Information Commissioner of the Republic of Slovenia:

 

    • Address: Dunajska 22, 1000 Ljubljana

    • Phone: +386 1 230 97 30

Privacy Policy

1. Purpose of the Policy

This Privacy Policy explains how TOSAMA d.o.o. collects, uses, and protects the personal data of company representatives and business clients who visit our website or request information about TOSAMA products.

We are committed to protecting your privacy and ensuring transparency in all data processing activities.

2. Data Controller

 

    • Company Name: TOSAMA, Tovarna sanitetnega materiala d.o.o.

    • Short Name: TOSAMA d.o.o.

    • Address: Šaranovičeva cesta 35, Vir, SI-1230 Domžale, Slovenia

    • Registration Number: 5033195

    • Website: https://tosamatampons.com

    • Data Protection Officer: Sabina Mikulin, Law Office Mikulin d.o.o.

3. What Data We Collect and Why

We collect only the data you voluntarily provide, such as:

 

    • Name and surname

    • Email address

    • Company name and position

    • Communication content (e.g., inquiries, orders, feedback)

Purposes of processing:

 

    • To respond to your inquiries about TOSAMA products

    • To manage business relationships and fulfill orders

    • To send product updates, offers, and relevant business communications (with consent)

We do not require personal data to access or browse our website.

4. Legal Basis for Processing

We process your data based on:

 

    • Consent (Article 6(1)(a) GDPR) – for marketing and informational emails

    • Contractual necessity (Article 6(1)(b) GDPR) – for order processing and communication

    • Legitimate interest (Article 6(1)(f) GDPR) – for maintaining business relationships

5. Data Sharing and Retention

Your data is:

 

    • Not shared with third parties without your consent

    • Accessed only by authorized employees and contractual processors (e.g., IT and email service providers)

    • Stored securely and retained only as long as necessary or until you withdraw your consent

6. Website Analytics and Cookies

Our website uses cookies to enhance user experience and analyze traffic. These include:

 

    • Essential cookies – for basic site functionality

    • Analytics cookies – to understand how our site is used (anonymous)

    • Advertising cookies – to tailor promotional content (anonymous)

Cookies do not contain personally identifiable information. Data may be processed by Appoteka d.o.o. and stored on servers within the EU.[EP1]

7. Who Processes Your Data

Your data may be processed by:

 

    • TOSAMA d.o.o. employees whose roles require access

    • Competent public authorities (when legally required)

    • Contractual processors under strict data protection agreements

    • Third parties, only with your prior knowledge and consent

    • Other entities with a legal basis for processing

8. Data Security

We implement technical and organizational measures to protect your data from unauthorized access, loss, or misuse. This includes:

 

    • Secure IT infrastructure and firewalls

    • Role-based access controls

    • Encrypted communications and secure storage

9. Your Rights

You have the right to:

 

    • Access and correct your personal data

    • Restrict or object to processing

    • Request deletion of your data

    • Withdraw consent at any time

To exercise your rights, contact us at:

 

    • Mail: TOSAMA d.o.o., Šaranovičeva cesta 35, 1230 Domžale, Slovenia

10. Supervisory Authority

If you believe your data is being processed unlawfully, you may file a complaint with the Information Commissioner of the Republic of Slovenia:

 

    • Address: Dunajska 22, 1000 Ljubljana

    • Phone: +386 1 230 97 30

11. Policy Updates

TOSAMA d.o.o. reserves the right to update this Privacy Policy in response to changes in services, legal requirements, or user feedback. The latest version will always be available on our website.

© 2025 Tosama      General informations       FAQ      Privacy Policy