Legal documents

This Privacy Policy explains how GT INDUSTRIES d.o.o. (“GT INDUSTRIES”, “we”, “us”, or “our”) collects, uses, stores, and protects personal data when individuals use our website, purchase our products, or otherwise interact with us.

We are committed to protecting your personal data in accordance with:

• Regulation (EU) 2016/679 – General Data Protection Regulation (GDPR)
• applicable Slovenian data protection legislation
• other applicable privacy regulations.

1. Data Controller

The controller responsible for processing personal data is:

GT INDUSTRIES d.o.o.
Raceva 14, 4226 Ziri, Slovenia
Registration number: 8828342000
VAT number: SI85066630
Email: info@novus-sim.com
Website: www.novus-sim.com

2. Contact Regarding Data Protection

If you have questions regarding personal data processing or wish to exercise your rights, please contact us at: info@novus-sim.com

3. What Personal Data We Collect

Depending on your interaction with us, we may collect the following types of personal data:

Identification Information

• name and surname
• company name (if applicable)
• billing or shipping address

Contact Information

• email address
• phone number

Order and Transaction Data

• purchased products
• order history
• payment information (processed by payment providers)

Technical Information

• IP address
• browser type
• device information
• website interaction data

Marketing Preferences

• communication preferences
• subscription to newsletters or promotional messages

We do not store full payment card details. Payments are processed through secure third-party payment providers.

4. Purposes and Legal Bases for Processing

We process personal data only when a valid legal basis exists.

Contract Performance

Personal data may be processed to process orders, deliver products, manage payments, provide customer support, and manage warranties and service requests. Without necessary personal data, we may not be able to fulfil a contract or deliver goods.

Legal Obligations

We may process personal data when required by law, including for accounting, invoicing, and tax obligations.

Legitimate Interests

We may process personal data based on legitimate interests, including improving our website and services, fraud prevention, customer support, internal analytics, and marketing communications related to similar products or services. Individuals may object to such processing at any time.

Consent

Where required, we may process personal data based on your consent, including for newsletter subscriptions, marketing communications, and publication of photos or media from events. Consent may be withdrawn at any time.

Protection of Vital Interests

In exceptional circumstances, personal data may be processed when necessary to protect the vital interests of an individual.

5. Data Retention

We retain personal data only as long as necessary to fulfil the purpose for which it was collected. Typical retention periods include:

• contract and transaction data: up to 6 years after the contractual relationship ends
• accounting data: according to legal obligations
• marketing data: until consent is withdrawn or objection is made

After the retention period expires, personal data is securely deleted or anonymised.

6. Data Sharing and Processors

We may share personal data with trusted service providers that help us operate our business. These may include:

• payment processors (e.g., Stripe, PayPal)
• shipping and logistics providers (e.g., UPS)
• IT service providers and cloud services
• website hosting providers
• accounting and legal advisors
• marketing and analytics platforms (e.g., Google, Meta platforms)

These partners process personal data only under our instructions and in accordance with applicable data protection laws.

7. International Data Transfers

Some service providers may process data outside the European Economic Area (EEA). In such cases, data transfers are protected through appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission or equivalent legal protection mechanisms.

8. Data Security

We implement appropriate technical and organisational security measures to protect personal data, including secure servers, encryption of sensitive data, firewall and antivirus protection, and restricted access to personal data. Despite these measures, no online system can guarantee absolute security.

9. Rights of Data Subjects

Under GDPR, individuals have the following rights:

• right to access personal data
• right to rectify inaccurate data
• right to erase personal data (“right to be forgotten”)
• right to restrict processing
• right to object to processing
• right to data portability
• right to withdraw consent

Requests can be submitted to: info@novus-sim.com

We will respond within one month, as required by GDPR.

10. Complaints

If you believe your personal data has been processed unlawfully, you have the right to file a complaint with the competent supervisory authority.

In Slovenia, this authority is:

Information Commissioner of the Republic of Slovenia
https://www.ip-rs.si

11. Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will always be published on our website at www.novus-sim.com. By continuing to use the website, you acknowledge and accept the updated policy.

12. Contact

For questions regarding this Privacy Policy, please contact:

GT INDUSTRIES d.o.o.
Email: info@novus-sim.com
Website: www.novus-sim.com