Privacy
Policy and Terms of Service (GDPR)

Frano Bilano is a trademark of 3 IDEJE d.o.o.

We take the protection of your privacy and personal
data seriously. This Privacy Policy explains what data we collect, why we
collect it, and how we process it, in accordance with Regulation (EU) 2016/679
– GDPR and applicable Slovenian legislation.

1. Data Controller

The data controller is:

3 IDEJE d.o.o.
Trg Borisa Kidriča 6

Email: info@franobilano.com
Phone: +386 41 388 066

2. Data We Collect

When visiting our website www.franobilano.com, we may collect the following
data:

• basic
  contact details (name, surname, email, phone), if you enter them into a
  form,
• order and
  payment information (in case of purchase),
• technical
  data (IP address, browser type, time of visit, pages viewed),
• data
  obtained through cookies (preferences, language, analytics).

3. Purpose of Data Processing

We use your data for the following purposes:

• processing
  orders and fulfilling contracts,
• sending
  pro forma invoices, invoices, and required communication,
• responding
  to inquiries submitted via form or email,
• improving
  website functionality and user experience,
• complying
  with legal obligations.

4. Legal Basis for Processing

We process personal data on the following legal
grounds:

• your
  consent (e.g. newsletter subscription),
• performance
  of a contract (e.g. when placing an order),
• legal
  obligations (e.g. retention of invoices),
• legitimate
  interest (e.g. preventing misuse).

5. Data Retention

We retain personal data only for as long as necessary
to fulfill the purpose for which it was collected, or as required by law.

• Data
  related to business documents is kept for 10 years in accordance with tax
  legislation.
• Data
  collected based on consent is stored until consent is withdrawn.

6. Data Disclosure to Third Parties

Your personal data will not be shared with third
parties without your consent, except:

• contractual
  processors (e.g. accounting, IT support, hosting providers),
• state
  authorities, where required by law.

7. Cookies

Our website uses cookies for functionality, analytics,
and advertising.
For more information about cookies and settings, please see our Cookie
Policy.

8. User Rights (GDPR)

In accordance with GDPR, you have the following
rights:

• right of
  access (to review the data we store about you),
• right to
  rectification of inaccurate data,
• right to
  erasure (“right to be forgotten”),
• right to
  restriction of processing,
• right to
  data portability,
• right to
  object to processing,
• right to
  withdraw consent (where processing is based on consent).

To exercise your rights, please contact us at:
[company contact email].

9. Data Security

We use appropriate technical and organizational
measures to protect personal data against loss, misuse, and unauthorized
access.

10. Children

Our website is not intended for children under the age
of 13. We do not knowingly collect their personal data. If you believe your
child has provided us with personal data, please contact us so we can delete
it.

11. Changes to Privacy Policy

We reserve the right to amend this Privacy Policy. The
updated version will always be published on our website.

12. Consent

By using our website, you confirm that you agree with
this Privacy Policy and Terms of Service.