The purpose of Personal Data Protection Policy of Slovenian Accreditation is to raise awareness of the way in which personal data provided by its customers are processed and protected.

The Controller of Personal Data is Public Institute Slovenian Accreditation, Pot k sejmišču 30a, 1231 Ljubljana – Črnuče, Slovenia; Tel: +386 1 54 73 250.

The Data Protection Officer of Slovenian Accreditation is IEPRI d.o.o., Dunajska cesta 106, 1000 Ljubljana, Slovenia; Tel: +386 1 51 55 688;

Slovenian Accreditation processes, uses, manages, maintains, keeps and controls personal data in compliance with Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR) and the RS Personal Data Protection Act (ZVOP-1), as well as other relevant legislation providing to Slovenian Accreditation a legal basis for processing personal data.

Slovenian Accreditation performs its tasks based on the laws of the Republic of Slovenia. In compliance with legal bases, it collects and processes its customers’ personal data needed to satisfy statutory obligations. The Accreditation Act is the basic act establishing legal bases for processing personal data.

Contract on Establishing and Maintaining Accreditation concluded by Slovenian Accreditation with individual customers, as well as a written consent by individuals to be included in the forms for collecting personal data, also represent legal bases for processing personal data.

Slovenian Accreditation may disclose personal data to third persons who have, in accordance with applicable legislation, individual’s personal consent, or contractual relationship, a legal basis to acquire, process, disclose or retain personal data.

The customer’s personal data shall be collected for the following purposes:

  • to communicate with the customer in connection with the organisation of a briefing meeting and to inform the customer about the procedure to obtain accreditation;
  • to carry out the accreditation procedure;
  • to inform customers about changes in the accreditation system;
  • to inform about educational and promotional events in the field of accreditation, which are organised by Slovenian Accreditation.

In relation with personal data processing, customers shall have:

  • the right to access, print out, correction or deletion of data;
  • the right to restriction of processing;
  • the right to data portability;
  • the right to objection;
  • and the right to complaint.

A written or electronic application for the enforcement of the above-mentioned rights should be submitted to the Head Office of Slovenian Accreditation (Pot k sejmišču 30a, 1231 Ljubljana – Črnuče, Slovenia) or to email address:

Personal data shall be retained until withdrawal of consent by the individual, or for 12 years from the date of termination of the accreditation procedure, and shall be deleted, destroyed, blocked or anonymised after the expiry of the deadline, so that they can no longer be associated with the particular individual.

Notification of changes:

Slovenian Accreditation hereby reserves the right to amend and supplement its Personal Data Protection Policy. Slovenian Accreditation shall publish any amendments to its Personal Data Protection Policy on its website.

The latest version of the Personal Data Protection Policy was adopted by Dr. Boštjan Godec on 9 September 2021.