CVS MOBILE, informacijske rešitve d.d., seated at Ulica Gradnikove brigade 11, 1000 Ljubljana, Slovenia (hereinafter referred to as “CVS MOBILE”, “we”, “us”) is a leading provider of innovative telematics and fleet management solutions and services in Central and Eastern Europe and is also the owner of the mobileWEB cloud-based platform, mobileCHAT application, mobileMAP application, mobileNET application and other CVS MOBILE applications.
At CVS MOBILE we respect your right to privacy and take personal data protection extremely seriously, as we would like to provide you with the highest level of protection of the personal data you have trusted us with.
This Personal data protection Policy (hereinafter referred to as “Policy”) is based on relevant legislation on the protection of personal data, in particular the Personal Data Protection Act and the EU General Data Protection Regulation.
When using our services, you’ll share some information with us. That is why this Policy defines key issues of processing personal data when using our applications, such as who collects your personal data, how your personal data is collected and for which purposes, how the data is protected and with whom it is shared. CVS MOBILE has many different Policies, depending on which of our services you use. General Policy for the users of our mobileWEB platform is available at http://docs.cvs-mobile.com/privacy-policy/. For any other specific services (ex. Use of applications issued by CVS MOBILE) see Policies which are limited to the processing of personal data associated to this specific services.
We tried to write our entire Personal Data Protection Policy as understandable as possible. If you still have any questions concerning personal data, do not hesitate to contact us.
In order to enable you to quickly and efficiently find information you need, we have created an interactive index, designed to provide you with information about a topic that you are interested in in one click:
Here you can find definitions of basic concepts that we use in our Policy.
Each particular concept defined below has a meaning within this Policy as defined in this section.
Personal data means any information that refers to a specific or identifiable individual (for example, the name, surname, e-mail address, telephone number and identifiers that are specific to the individual's physical, physiological, genetic, economic, mental, cultural or social identity, etc.).
Controller means a legal entity that determines the purposes and means of processing of your personal data.
Processor means a legal or natural person who processes personal data on behalf of the controller.
Processing means collecting, storing, accessing and all other forms of use of personal data.
EEA means the European Economic Area, which identifies all the Member States of the European Union, Iceland, Norway and Liechtenstein.
Application means the mobileMAP application or mobileCHAT application or mobileNET application or any other application issued by CVS MOBILE, which an individual can download to their electronic devices via Google Play or App Store or are installed by CVS Mobile directly to devices.
Client means a legal or natural person who signs a Contract (hereinafter referred to as “Contract”) for the use of the mobileWEB platform that is issued by CVS MOBILE. After an initial registration procedure, the Client receives master credentials to access in the mobileWEB platform. Master access in the mobileWEB platform enables the creation of new mobileWEB users and assign them specific access rights in mobileWEB platform. The client shall enable users to register and use the application.
User means any individual who has received an invitation via e-mail to access mobileWEB platform and has finished the registration procedure. Any User, who has the credentials to access mobileWEB platform, can use those credentials to access and use mobileMAP, mobileCHAT or others CVS MOBILE applications. When using mobileNET application, user does not need credentials to access. The use of mobileNET application is independent from the User and is connected directly to the vehicle.
Entry point is any application function that an individual uses and where personal data is collected. The entry points are further defined in Chapter 5 of this Policy.
Content of Clients means any information, file or data published by clients in mobileWEB database, which is not under the control of CVS MOBILE. In relation to these data the Client designates CVS MOBILE as its personal data processor.
Prior activities of the user mean the activities that an individual performed on the platform https://mobileweb.cvs-mobile.com before using his account in any CVS MOBILE application.
Controller of the personal data being processed within the applications (mobileMAP, mobileCHAT, mobileNET and other applications issued by CVS MOBILE) is CVS MOBILE, informacijske rešitve d.d., seated at Ulica Gradnikove brigade 11, 1000 Ljubljana, Slovenija.
As the controller of personal data, CVS MOBILE is responsible for processing and retention of your personal data.
In order to further upgrade the level of personal data protection, CVS MOBILE has appointed an authorized person for the protection of personal data, who ensures that the handling of personal data is at all times consistent with the relevant legislation.
In CVS MOBILE, we appointed the following person as an authorized person for the protection of personal data: Mr. Bojan Jelen. The authorized person for the protection of personal data can be reached through the following e-mail: email@example.com.
If you have any questions regarding the use of this Policy or with regards to the exercise of your rights arising from this Policy, please contact us at to the email defined above.
This Policy applies to Users of applications issued by CVS MOBILE in regard with logging in the applications.
In accordance with the legislation governing the protection of personal data, we may process your personal data on the following legal bases:
Is the provision of personal data mandatory?
The provision of personal data is mandatory in certain cases. In most cases, you provide us with personal data on a voluntary basis. It is obligatory to provide only the personal data that we collect on the basis of the requirements of the legislation.
The provision of personal data that we need to fulfill the Contract is voluntary. However, in the event that you do not provide us with all the personal data that we need to execute the contract we will not be able to provide full services (for example we cannot provide the Service for you if you do not provide us with information on e-mail, we need to create the account).
At CVS MOBILE, we process your personal data solely on the basis of clearly stated and legitimate purposes, securely and transparently.
How do we obtain personal data?
We collect your personal data when you provide it to us (for example, using our applications, signing up in to our applications, inquiring by e-mail, telephone or writing to our address or by any other means in which you provide us with your personal data).
Your personal data can also be obtained automatically when you use mobileMAP, mobileCHAT and other CVS MOBILE applications. When automatic collection of data occurs, you shall be properly informed before collecting, or asked for your consent to such a collection of personal data. Also, the consent will explicitly indicate all the categories of personal data we collect.
What categories of personal data do we collect?
We collect your personal data at entry points, which are defined in the list below. Any collection and processing of your personal data takes place only when such processing is necessary to fulfill the specific purpose of the processing. In the list below, in addition to the listed categories of data we collect, you will also find the purpose of the processing for which this data is needed. Your personal data may be processed for one or more purposes. We will also inform you accordingly whether the processing of personal data for a specific entry point is based on legitimate interest.
In addition to the purposes outlined above, personal data collected at one of the points of entry can also be used for the following purposes:
At CVS MOBILE, we carefully protect the principle of the minimum amount of data provided by law, and therefore our mobileWEB platform, mobileMAP, mobileCHAT and other CVS MOBILE applications are developed in the way to ensure that we collect only data that are appropriate, relevant and limited to what is necessary for the purposes for which they are processed.
CVS MOBILE will only process your data for specified, explicit and legitimate purposes. We undertake not to process your personal data in a manner incompatible with the purposes defined in this Policy.
If there is a need for further processing of personal data, we will inform you in advance and, when necessary, request for consent. You are entitled to revoke at any time any processing of your personal data, based on your consent. You can notify us of the revocation of the consent at any of the contact points defined in Chapter 3 of this Policy.
We keep your personal data in accordance with the relevant legislation. We will keep your personal data:
When the retention period for certain personal data expires, we will delete the personal data or anonymize it so that the reconstruction of personal data will no longer be possible, i.e. it will not be possible to discover to whom the data refers based on the anonymized data.
The retention period for personal data collected when logging into our applications is 10 years.
For any additional information, please contact us at any of the contact details defined in Chapter 2 of this Policy.
At CVS MOBILE we protect your personal data against illegal or unauthorized processing and/ or access, and against unintentional loss, destruction or damage. We undertake all measures according to our technological capabilities (including the cost of implementing certain measures) and the impact assessment on your privacy.
To ensure that your personal data is safe, we have undertaken the appropriate technical and organizational measures, in particular:
In the event of a violation of the protection of personal data, we will notify without delay about any such violation the competent supervisory authority (in Slovenia, the Information Commissioner). You can read more about the competent authority on their website https://www.ip-rs.si/.
If there is suspicion of a criminal offense regarding the violation of personal data, CVS MOBILE will also report such violations to the police and the competent state prosecutor's office.
In the event of a violation of data protection that may cause a high risk to the rights and freedoms of individuals, we will inform you of such an event without undue delay.
Your personal data may be, exclusively in order to achieve the purpose for which it was collected, transmitted to, or we may allow access to the data to certain third parties defined below. Such third parties may only process your personal data for the purposes for which the data was collected.
Accordingly, any third party to whom we transmit personal data must comply with the applicable law as well as with the provisions of this Personal Data Protection Policy. With external processors, however, the protection of personal data is further defined by the contract.
Your personal data may be transmitted to:
We may transmit your personal data to third parties (defined above) outside the European Economic Area (EEA), where personal data processing occurs. In any transmission outside the European Economic Area, we will undertake specific additional measures to ensure the security of your personal data.
Such measures consist mainly of agreements with third parties on the establishment of binding rules in the field of personal data protection, verification that an approved certification mechanism which meets our standards for the protection of personal data is in place, and the conclusion of relevant contractual obligations that regulate the protection of personal data.
You have the following rights regarding the personal data processing:
Contacts for the exercise of the rights:
If you have any questions regarding the use of this Policy or with regards to the exercise of your rights arising from this Policy, please contact us at any of the following contacts:
You have the right to file a complaint against us with the Information Commissioner, who is the competent authority for the protection of personal data.
The integrity of personal data processed, and regular updating is a priority for CVS MOBILE. Please kindly inform us of any change of your personal data to firstname.lastname@example.org. We will take care of the correction or supplementing your personal data in the shortest possible time.
In case of exercising any of the rights, we may require additional personal data (such as name, surname, e-mail address) for identification purposes. We will only need additional information when the information you provide is not sufficient for reliable identification (for example if we receive unsigned email and we do not have that email in our data base, we will ask for additional information in order to determine if we process your personal data and to execute your request). In this way, we want to prevent your personal data from being transmitted to a third party due to unreliable identification.
At CVS MOBILE, we can change this Policy at any time. We shall notify you of the change of the Policy in the mobileMAP, mobileCHAT or any other CVS MOBILE application. We shall consider that you agree with the new version of this Policy if, after the new version enters into force, you continue to use our platform and other applications, or services defined by this Policy.
The current version of this Policy will be available on our website: