Privacy Policy

Effective date: 1 January 2025. Last updated: 26 Mar 2026

This Privacy Policy explains how Termolog collects, uses, stores, and protects your personal data in accordance with Regulation (EU) 2016/679 (GDPR) and applicable Slovenian data protection law.

1. Data Controller

The data controller is:

CD INŽENIRING d.o.o.
Cesta Ljubljanske brigade 9a, 1000 Ljubljana, Slovenia
Registration No: 5715750000 · VAT No: SI 12060186
Tel: +386 41 686 426
Email: privacy@termolog.si
Web: termolog.si

2. Data We Collect

We collect the following categories of data:

Account data: name, email address, phone number (optional), password (hashed)
Organisation data: company name, contact email, timezone
Operational data: temperature sensor readings, alarm events, corrective action records
Audit logs: records of configuration changes, logins, and permission changes
Technical data: IP address, browser type, session time (for security and debugging)
Contact form data: name, email, phone number, message

3. Legal Basis for Processing

Contractual necessity (Article 6(1)(b) GDPR): Processing is necessary to deliver the Termolog service.
Legitimate interests (Article 6(1)(f) GDPR): Temperature logging to support HACCP obligations under Regulation (EC) 852/2004; platform security.
Consent (Article 6(1)(a) GDPR): For optional features such as scheduled email reports.
Legal obligation (Article 6(1)(c) GDPR): Record retention as required by applicable food safety law.

4. Purposes of Processing

Delivering the automated temperature monitoring service
Sending alarm notifications when threshold limits are breached
Generating HACCP PDF reports for inspection purposes
Managing user accounts and access permissions
Ensuring platform security and preventing misuse
Responding to customer enquiries and requests

5. Data Retention

Temperature logs and alarm records: minimum 2 years from creation, as required by HACCP regulations
User account data: for the duration of the active subscription plus 30 days after termination
Audit logs: 3 years
Contact form data: 12 months
Security logs (IP, session): 90 days

6. Recipients of Data

We do not sell your data to third parties. Data may be shared with:

Hosting and infrastructure providers: servers that host the Termolog platform (located in the EU)
Email service providers: for delivering alarm notifications and reports
Public authorities: where required by law or court order

All external processors are bound by GDPR-compliant data processing agreements.

7. International Transfers

Data is processed and stored within the European Union. Any transfer outside the EU is subject to appropriate safeguards as required by Chapter V of the GDPR.

8. Your Rights

Under GDPR, you have the following rights:

Right of access (Article 15): Request a copy of your personal data.
Right to rectification (Article 16): Request correction of inaccurate data.
Right to erasure (Article 17): Request deletion where processing is no longer necessary.
Right to restriction (Article 18): Request restriction of processing in certain circumstances.
Right to portability (Article 20): Receive your data in a machine-readable format.
Right to object (Article 21): Object to processing based on legitimate interests.

To exercise your rights, contact privacy@termolog.si. We respond within 30 days. You also have the right to lodge a complaint with the Slovenian Information Commissioner (ip-rs.si).

9. Cookies

Termolog uses only technically necessary cookies required for the service to function (session management, CSRF protection). We do not use analytics or advertising cookies. See our Cookie Policy for details.

10. Data Security

We protect your data with encryption in transit (HTTPS/TLS), hashed passwords, two-factor authentication, and role-based access control. We conduct regular security reviews.

11. Changes to This Policy

We will notify you of significant changes by email or by a notice on the platform. The current version is always available on this page.

12. Contact

For privacy-related questions, contact us at privacy@termolog.si.