​The privacy policy for the massage salon must comply with data protection laws, primarily the General Data Protection Regulation (GDPR) applicable in the European Union and local laws such as the Slovenian Personal Data Protection Act (ZVOP-1).

​

1. Types of Personal Data

To process reservations and provide our services, we collect the following personal data:

• Full name

• Contact details (phone, email)

• Payment information

2. Purpose of Data Collection

We collect data to provide massage services, manage reservations, and inform clients about upcoming appointments or promotions.

Additionally, data is collected for service improvement, customer satisfaction evaluation, accounting and administrative tasks, and compliance with legal obligations (e.g., tax requirements).

Ensuring high-quality service and responding to guest inquiries.

Improving our services.

​

3. Legal Basis for Data Processing

• Contractual obligation: Collecting personal data is necessary to fulfill the contract for massage services.

• Customer consent: Clients must provide explicit consent for processing sensitive data (e.g., health-related information).

• Legal obligations: Processing data for tax or other legal requirements.

4. Data Processing and Storage Conditions

Personal data is stored and processed only for as long as necessary to fulfill the purposes for which it was collected. After this period, the data is deleted or anonymized.

Data storage must be secured with appropriate measures to prevent unauthorized access.

​

5. User Rights Clients have the following rights:

• Right to access: Clients can review their personal data.

• Right to rectification: Clients can request correction of incorrect personal data.

• Right to erasure: Clients can request the deletion of their data unless legal obligations require further retention.

• Right to restrict processing: Clients can request a restriction on data processing if they believe the data is incorrect or processed unlawfully.

• Right to data portability: Clients can request their data in a structured format for use with other services.

• Right to object: Clients have the right to file a complaint with the supervisory authority (Information Commissioner in Slovenia).

6. Sharing Data with Third Parties

• External service providers: Such as accountants, IT services, and online booking platforms (if applicable), who must access the data to provide services.

• Legal obligations: Data may be shared with law enforcement or other authorities if required by law (e.g., tax authorities).

7. Use of Cookies

The website uses cookies to track visits. Users are informed about cookie usage and must provide consent for their use.

​

8. Transfer of Personal Data

Outside the EU If personal data is transferred to countries outside the EU, this must be specifically explained, and appropriate protection measures must be ensured.

​

9. Data Protection

We protect your personal data with advanced technical and organizational measures to prevent unauthorized access, loss, or destruction. This includes encryption of payment data and strict access control to confidential information.

​

10. Contact Information:

• Email: aljazskerban@gmail.si or via the contact form on our website.

• Phone number: +386 31488802

Legislation:

• GDPR (General Data Protection Regulation) – Official EU regulation for data protection.

• Personal Data Protection Act (ZVOP-1) – Slovenian law governing personal data protection.

• Electronic Communications Law – For data collection via online tools or cookies.

The Massage Studio offers various types of massage and therapy. The space is equipped with a premium electric massage table, high-quality oils, and various massage accessories.