Privacy Policy

Last updated: 29. 12. 2025

1. Introduction

This Privacy Policy describes how StahlRisk d.o.o. (“StahlRisk”, “we”, “our”, “us”) collects, uses, stores, and protects your personal data when you visit our website www.stahl-risk.com (“Website”) or contact us through our forms or email.

We are committed to protecting your privacy in compliance with the General Data Protection Regulation (GDPR), applicable Slovenian and EU data protection laws, and other relevant regulations for international users.

By using our Website, you agree to the terms of this Privacy Policy.

2. Data Controller

StahlRisk d.o.o.
Cesta Ceneta Štuparja 127
1231 Črnuče – Ljubljana, Slovenia
Email: info@stahl-risk.com

We currently do not appoint a Data Protection Officer, as it is not legally required for our operations.

3. Personal Data We Collect

3.1 Data You Provide Directly

We collect personal data that you voluntarily provide when interacting with our Website:

a) Contact Form Data

  • Name
  • Email address
  • Phone number (optional)
  • Message content

b) Newsletter Subscription Data

  • Email address

3.2 Cookies and Tracking Technologies

Our Website uses functional, analytics, and advertising cookies.
Analytics data is collected via:

  • Google Analytics / GA4

Cookies help us improve the performance of our Website and deliver a better user experience.

3.3 Data We Do NOT Collect

We do not collect or process:

  • Account registration data
  • Payment or billing information
  • Job application data
  • Automated server logs (IP, device information) beyond what Google Analytics may collect anonymously

4. Legal Bases for Processing

We process your personal data based on the following legal grounds under GDPR:

Purpose of Processing

Legal Basis

Responding to contact inquiries

Art. 6(1)(f) Legitimate interest 

Sending newsletters or marketing emails

Art. 6(1)(a) Consent

Use of analytics and advertising cookies

Art. 6(1)(a) Consent

Ensuring website functionality & security

Art. 6(1)(f) Legitimate interest

When consent is required, it is collected through our cookie banner or email subscription form.

5. How We Use Your Personal Data

We use your data strictly for the following purposes:

  • To respond to inquiries submitted via contact forms
  • To provide newsletters and company updates
  • To analyze Website performance and user engagement (Google Analytics)
  • To ensure the functionality, security, and optimization of the Website
  • To comply with legal obligations where required

We do not use your personal data for profiling or automated decision-making.

6. Third-Party Service Providers (Processors)

We share personal data only with trusted service providers who help us operate our Website and deliver services.

Google Analytics (GA4)

Used for website analytics and performance measurement.
Google may process the data in the EU or the United States.
Data is pseudonymized and aggregated whenever possible.

Email Marketing Provider (e.g., Mailchimp)

Used to send newsletters and email updates to subscribers.

We do not sell or rent your personal data to third parties.

7. International Transfers

Some of our service providers (e.g., Google, email marketing platforms) may store or process personal data outside the European Union, including in the United States.

8. Data Retention

We store your personal data only for as long as necessary for the purposes stated above.

  • Contact form data: retained for up to 24 months after the last communication.
  • Newsletter subscription data: retained until you unsubscribe or request deletion.
  • Cookie data: retained according to cookie lifespan settings

When data is no longer needed, it is securely deleted.

9. Your Rights Under GDPR

As an EU user, you have the following rights:

  • Right to access your personal data
  • Right to rectification (correct inaccurate data)
  • Right to erasure (“right to be forgotten”)
  • Right to restrict processing
  • Right to object to processing
  • Right to data portability
  • Right to withdraw consent at any time
  • Right to lodge a complaint with the Information Commissioner of the Republic of Slovenia

To exercise any rights, contact us at info@stahl-risk.com.

10. Security Measures

We implement appropriate technical and organizational measures to protect personal data from unauthorized access, loss, misuse, or alteration.

These include:

  • Secure communication (HTTPS)
  • Access controls and role-based permissions
  • Encryption where appropriate
  • Contracts with service providers ensuring compliance with data protection laws

However, no online system can be 100% secure, and users should use the Internet with caution.

11. Links to External Websites

Our Website may contain links to third-party websites.
We are not responsible for their privacy practices.
We encourage you to review the privacy policies of any external websites you visit.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.
Revisions will be published on this page with the updated “Last updated” date.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, contact us at:

StahlRisk d.o.o.
Cesta Ceneta Štuparja 127
1231 Črnuče – Ljubljana, Slovenia
Email: info@stahl-risk.com