At Rad Grade we respect your right to privacy and take personal data protection extremely seriously, as we would like to provide you with the highest level of protection of the personal data that you have trusted us.

This Policy is based on applicable relevant legislation on the protection of personal data, in particular the Personal Data Protection Act, the Electronic Communications Act, and the General Data Protection Regulation of the EU.

In this Personal Data Protection Policy (hereinafter referred to as: Policy), we define ways of collecting your personal data, the purposes for which we collect it, the security measures we use to protect it, the persons with whom we share it, and your rights regarding the protection of personal data.


This Policy applies to all personal data collected and stored by RADGRADE, d.o.o., Tbilisijska 46, 1000 Ljubljana, Slovenia (hereinafter referred to as “Rad Grade”, “We”, “Us”).

As a data controller, Rad Grade shall be responsible for processing and storing of your personal data.

In order to further upgrade the level of personal data protection, Rad Grade has appointed an authorized person for the protection of personal data, which ensures that the handling of personal data is at all times consistent with the relevant legislation.

In Rad Grade, we appointed the following person as an authorized person for the protection of personal data: Maja Šarlah.

Contact us

If you have any questions regarding the use of this Policy or with regards to the exercise of your rights arising from this Policy, please contact us at any of the following contacts:


This Policy is for:


Here you can find an explanation of the basic concepts that we use in our Policy.

Each particular concept defined below has the meaning within this Policy as defined in this section.

Personal data means any information that refers to a specific or identifiable individual (for example, the name, surname, e-mail address, telephone number, and identifiers that are specific to the individual’s physical, physiological, genetic, economic, mental, cultural, or social identity, etc.).

Controller means a legal entity that determines the purposes and means of processing of your personal data.

Processor means a legal or natural person who processes personal data on behalf of the controller.

Processing means collecting, storing, accessing, and all other forms of use of personal data.

EEA means the European Economic Area, which identifies all the Member States of the European Union, Iceland, Norway, and Liechtenstein.


At Rad Grade, we process your personal data solely on the basis of clearly stated and legitimate purposes, securely and transparently.

We collect your personal data when you provide it to us (for example, using our website, signing up for our webinar, inquiring by e-mail, telephone or writing to our address or by any other means in which you provide us with your personal data).

Your personal data can also be obtained through your interaction with the website; such information can be obtained by using cookies and a cookie-like technology that allows us to customize and personalize our website to your needs.

We also collect your personal data from publicly accessible data records (such as AJPES, publicly available data on LinkedIn and websites).

Your personal data can be obtained directly from you when you provide us with this information (for example, by logging into a webinar, learning management system, etc.). We can also obtain your personal data through the use of our services (e.g. web pages, e-news).

  1. Personal data provided by you
  1. Data we collect indirectly through your use of our services

This data is obtained by using cookies and a cookie-like technology that identifies your device,  accessing a website. With this technology, we can obtain the following information: the IP address of your device, data location, as well as the information about your use of our services, such as the content you have viewed on our website, the time you have spent browsing the page, and the data regarding the response to our emails.

Certain cookies are indispensable for the operation of our websites (permanent cookies), but we also use other types of cookies (and similar technology) to ensure the following features of our website and other services:

To use certain technologies, we will ask for your consent, and you will be notified about it in advance in a separate notice.

At Rad Grade, we carefully protect the principle of the minimum amount of data provided by law, and therefore we collect only data that is appropriate, relevant, and limited to what is necessary for the purposes for which the data is processed. The purposes for which we collect personal data are defined in Chapter 4.3. of this Policy.

In accordance with the legislation governing the protection of personal data, we may process your personal data on the following legal bases:

Is the provision of personal data mandatory?

The provision of personal data is mandatory in certain cases. In most cases, you provide us with personal data on a voluntary basis. It is obligatory to provide only the personal data that we collect on the basis of the requirements of the legislation.

The provision of personal data that we need to fulfill the contract is voluntary. However, in the event that you do not provide us with all the personal data that we need to execute the contract (for example, an order of the Rad Grade product, a webinar login, etc.), we will not be able to provide full services.

Granting consent is always voluntary. However, in case of consent revocation or denial of consent, we will not be able to provide certain services (such as advertising adjustments to suit your needs).

Rad Grade will only process your data for specified, explicit and legitimate purposes. We undertake not to process your personal data in a manner incompatible with the purposes defined in this Policy.

The purposes for which we can use your personal data are defined below. Rad Grade may use your personal data for one or more of the purposes identified below.

The purposes for which we will use your personal data are the following:

In the event that there is a need for further processing of personal data (for a different purpose than for the purpose for which personal data were originally obtained), we will inform you in advance and, when necessary, request for consent. You are entitled to revoke at any time any processing of your personal data, based on your consent. You can notify us of the revocation of the consent at any of the contact points defined in Chapter 2 of this Policy.

We keep your personal data in accordance with the relevant legislation. We will keep your personal data:

When personal data is obtained on the basis of your consent, we keep it permanently or until you revoke this consent (see how to revoke the consent in Chapter 8 of this Policy). We will delete the information collected on the basis of your consent before your revocation, in case the purpose for which the data was collected has been achieved.

When the retention period for certain personal data expires, we will delete these personal data or anonymize them so that the reconstruction of personal data will no longer be possible.

The retention periods for each category of personal data are defined in Annex 1.

For any additional information, please contact us at any of the contact details defined in Chapter 2 of this Policy.


At Rad Grade, we protect your personal data against illegal or unauthorized processing and/ or access, and against unintentional loss, destruction or damage. We undertake all measures according to our technological capabilities (including the cost of implementing certain measures) and the impact assessment on your privacy.

In order to ensure that your personal data is safe, we have undertaken the appropriate technical and organizational measures at Rad Grade, in particular:

In the event of a violation of the protection of personal data, we will notify without delay about any such violation of the competent supervisory authority, represented in Slovenia by the Information Commissioner. You can read more about the competent authority on their website [https://www.ip-rs.si/].

In the event that there is a suspicion of a criminal offense regarding the violation of personal data, Rad Grade will also report such violations to the police and the competent state prosecutor’s office.

In the event of a violation of data protection that may cause a high risk to the rights and freedoms of individuals, we will inform you of such an event without undue delay.


Your personal data may be, exclusively in order to achieve the purpose for which it was collected, transmitted, or we may just allow access to them to certain third parties defined below. Such third parties may only process your personal data for the purposes for which they were collected.

Accordingly, any third party to whom we transmit personal data is bound to comply with the applicable law as well as to the provisions of this personal data protection policy. With external processors, however, the protection of personal data is further defined by the contract.

Your personal data may be transmitted to:

  1. Our external processors who take care of the needs of Rad Grade (accounting services, law firms, companies that provide marketing services, etc.).
  2. When this is required by the law (e.g. tax authorities, courts, accountant, etc.).

We may transmit your personal data to third parties (defined above) outside the European Economic Area (EEA), where personal data processing occurs. In any transmission outside the European Economic Area, we will undertake specific additional measures to ensure the security of your personal data.

Such measures consist mainly of agreements with third parties on the establishment of binding rules in the field of personal data protection, verification that an approved certification mechanism is in place, which meets our standards for the protection of personal data, and the conclusion of relevant contractual obligations that regulate the protection of personal data.


On our website, we offer you the ability to use buttons of the following social networks: Facebook, Linkedin, Instagram, Pinterest

The mentioned social networks operate in accordance with their terms of use and privacy policy, where the usage of personal data for each social network is also defined.

Privacy policies are available at the links provided below:

We would like to remind you that any use of social networks that is enabled on our website is in the sole responsibility of the individual. In the event of any questions and/or requests, an individual is required to contact a particular social network.

Rad Grade does not assume any responsibility for the use of social networks.


You have the following rights regarding personal data processing:


At Rad Grade, we can change this Policy at any time. We shall notify you of the change of the Policy on our web site. We shall consider that you agree with the new version of this Policy if, after the new version enters into force, you continue to use our website and other services defined by this Policy.

The current version of this Policy will be available on our website: https://radgrade/privacy-policy/.

Annex 1: Definition of retention periods

Contacts for the exercise of rights:

If you have any questions regarding the use of this Policy or with regards to the exercise of your rights arising from this Policy, please contact us at any of the following contacts:

You have the right to file a complaint against us with the Information Commissioner, who is the competent authority for the protection of personal data.

The integrity of personal data processed and regular updating is a priority for Rad Grade. Please kindly inform us of any change of your personal data to the above contacts. We will take care of the correction or supplement your personal data in the shortest possible time.

In case of exercising any of the rights, we may require additional personal data (such as name, surname, e-mail address) for identification purposes. We will only need additional information when the information you provide is not sufficient for reliable identification (in this way, we want to prevent your personal data from being transmitted to a third party due to unreliable identification).

Personal data category

Processing purpose

Legal basis

Retention period
Communicating with you to provide quality responses to your inquiriesLegitimate interest24 months
Processing the applications to our webinars, including paymentsContractual relation30 days after the webinar is over; the exception is payment information: we keep all information about the payments 5 years after the payment is made, and we keep the invoices for 10 years after the payment is made, as stipulated by the legislation
Informing about our services and offerLawUntil the individual unsubscribes
Individualized information about our services and our offerConsentUntil revoked
Digital marketingConsentUntil revoked
Download of digital materialConsentUntil revoked