As the coordinator of the European Digital Innovation Hub DIGI-SI and in collaboration with our consortium partners, the University of Maribor is fully dedicated to safeguarding the handling and protection of all personal data. Our commitment includes implementing effective measures to prevent any unauthorized access or disclosure of this information. We collect and store personal data only with the explicit consent of the individual and process it for the purpose of providing networking opportunities, encouraging participation in project activities, and providing information on the preferred methods of engaging with the DIGI-SI Consortium.

You can find out more about the processing of personal data at University of Maribor on the following website: The notice to individuals under Articles 13 and 14 of the General Data Protection Regulation (GDPR) regarding the processing of personal data can be found here.

Joint Controllers of Personal Data

The European Digital Innovation Hub DIGI-SI is a consortium consisting of seven partners that work together to manage data for the purpose of implementing project activities.

According to the General Data Protection Regulation (GDPR), a controller refers to a natural or legal person, public authority, agency, or other body, that determines, the grounds and methods for processing of personal data. If two or more controllers collaborate in determining these grounds and methods, they are regarded as joint controllers.

If you require access to, correction of, or deletion of your personal data, or wish to object to its processing or withdraw your consent, please send an email to one of the DIGI-SI joint controllers listed in the table bellow.

Date of notification: 28/02/2023

Personal data controller:

Controller’s identity and contact details
Name of the controller:University of Maribor (hereinafter: UM), Digital Innovation Hub Slovenia, (hereinafter: DIHS), Institut Jozef Stefan (hereinafter: IJS), Technology Park Ljubljana (hereinafter: TPLJ), Arctur d.o.o. (hereinafter: Arctur), Innovation Technology Cluster (hereinafter: ITC), Toolmaker Cluster of Slovenia (hereinafter: TCS)
Address of the controller:  UM: Slomškov trg 15, 2000 Maribor, Slovenija DIHS: Dimičeva ulica 13, 1000 Ljubljana, Slovenija IJS: Jamova cesta 39, 1000 Ljubljana, Slovenija TPLJ: Tehnološki park 19, 1000 Ljubljana, Slovenija Arctur: Industrijska cesta 1 a, 5000 Nova Gorica, Slovenija ITC: Lendavska ulica 5a, 9000 Murska Sobota, Slovenija TCS: Kidričeva ulica 25, 3000 Celje, Slovenija
Controller’s e-mail address (for the exercise of the individual’s rights)UM: DIHS: IJS: TPLJ: Arctur: ITC: TCS:
Controller’s pfone numberUM: +386 2 23 55 280 DIHS: +386 40 606 710 IJS: +386 1477 39 00 TPLJ: +386 1 620 34 00 Arctur: +386 5 3029070 ITC: +386 41 526 395 TCS: +386 3 424 42 02

which has an appointed Data Protection Officer (DPO):

Contact details of an appointed Data Protection Officer
Title of DPO:Miha Dvojmoč, Ph.D.

processes and protects personal data in accordance with Personal Data Protection Act (Uradni list RS, št. 163/22) and REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

You can find out more about the processing of personal data at UM on the following website:, or you can contact the Data Protection Officer of the University of Maribor, Miha Dvojmoč, Ph.D., for further information (

The mentioned articles refer to the articles of the General Data Protection Regulation.

Purposes for which personal data are processed
The data will be collected for the purpose of providing the services set out in the DIGI-SI project (co-financing contract from the EU co-funding agreement No. 101082654), participation in project activities and for the purposes of reporting indicators and implementing activities to European and national supervisory authorities. In addition, the data will be used in anonymised form for statistical purposes. The collected data will also be used for the purposes of sending DIGI-SI e-news and invitations to events organized by the consortium partners (UM, DIHS, IJS, TPLJ, Arctur d.o.o., ITC MS, TCS) within the project. Certain activities involve the use of the IT-enabled tool MS Teams, provided by Microsoft with which the University of Maribor has a cooperation agreement (servers and processing in the EU), and the use of the system for Intrix CRM from Intera d.o.o.. During implementation, personal data are stored based on the individual’s consent. Information about the desired participation, including your data, will be visible to employees of UM, DIHS, IJS, TPLJ, Arctur d.o.o, ITC MS and TCS.
Types of personal data concerned
Personal data:Source:Legal obligation:Contract obligation:Consequences if the individual does not provide personal data:
EMPLOYEES IN ENTERPRISES/NON-GOVERNMENTAL ORGANISATIONS/PUBLIC PUBLIC SECTOR/ ICT PROVIDERS Mandatory information: •Method of participation: Service user or ICT provider (in this category sub-question – mode type of participation: provision of training, renting research equipment, consultancy or implementation services). •General information of the organisation: Name, street name and street number, postal code, country, e-mail address of the organisation, organisation’s tax identification number, responsible person and his/her function in the company, organisational form (possible answers: Start-up, micro, small, medium or large enterprise, non-governmental organisation, public sector, other). •Username and password. •ICT OFFERORS – Additional Mandatory field for only this category of users: Technologies provided by the provider: Supercomputing, Artificial Intelligence, Cyber Security, Advanced Digital Skills, Robotics, IOT, Blockchain, Big Data.   Optional data: • Organisation’s General information: website, company’s additional telephone number, sector area of activity (possible answers: Healthcare and pharmaceuticals, Manufacturing, Tourism and Cultural Heritage, Agri-food industry, Green industries, Creative industries, other). Individual Other Define the source Yes No Independent consent. Yes No Independent consent.Cooperation is not possible.
Contact person: Name and surname, function in the company, e-mail address. User name and password, telephone number, mobile phone number. Individual Other Define the source Yes No Independent consent. Yes No Independent consent.Cooperation is not possible.
Legal basis for processing personal data
6(1)(a)the data subject has consented to the processing of his personal data for one or more specified purposes  
The period of retention of personal data or, where this is not possible, the criteria used to determine this period
The data is processed solely for the purpose of providing networking opportunities and information about the desired forms of cooperation and for active participation in various activities of the DIGI-SI consortium and, in accordance with contract No. 101082654 on the co-financing of the project concluded with the European Commission are kept for a period of 5 years after the end of the project (September 30, 2030).
Users or categories of users of personal data, if any
User/user category:User’s role:
Employees at d.o.o.Processor of personal data in the context of renting servers for website hosting.
Employees at Intera d.o.o.The processor of personal data within the framework of the management system and management of Intrix CRM customers for the purposes of project activities.
Competent supervisory institutions of the European CommissionSupervisory Authority
Competent supervisory institutions of the Republic of SloveniaSupervisory Authority
Information on transfers of personal data to a third country or an international organisation
Personal data is not transferred to third countries or international organisations.
Information about the existence of automated decision-making, including profiling and at least in such cases meaningful information about the reasons for it, as well as the meaning and intended consequences of such processing for the individual to whom it applies concerned personal data
Automated decision-making:☐ Yes; Reasons, significance, intended consequences ☒ No
Profiling:☐ Yes; Reasons, significance, intended consequences ☒ No
Information about the existence of an individual’s rights to request access to personal data and the correction or deletion of personal data or restriction, or the existence of the right to object to processing and the right to data portability:
You can exercise your rights with a written request to the address or e-mail address of the controller (see Identity and contact information of the controller).
The right of access of an individual, to whom they relate data (Article 15)The data subject shall have the right to obtain confirmation of whether the personal data concerning him or her are being processed and, in that case, has the right to information such as provided for in Article 15 of the General Data Protection Regulation.
Right of rectification (Article 16)The data subject shall have the right to obtain from the controller, without undue delay, to rectify inaccurate personal data concerning him or her. Individual, on subject to personal data, having regard to the purposes of the processing, has the right to completion of incomplete personal data, including the submission of a supplementary statement.
The right to erasure (“right to forget”) (Article 17)The data subject has the right to obtain that the controller,without undue delay, deletes personal data related to him. The controller has an obligation to delete personal data without undue delay in the following cases: personal data is no longer necessary for the purposes for which it was collected or otherwise processed; individual, to which the personal data refer, invokes the consent on the basis of which it takes place processing and when there is no other legal basis for the processing; the data subject objects to the processing (see right to object); personal data was processed unlawfully; personal data must be deleted to comply with legal obligations in accordance with the law of the Union and the Republic of Slovenia. Erasure shall not take place if the processing of personal data is necessary for: the exercise of the right to freedom of expression and information; to fulfill the legal obligation of processing on the basis of regulations or for the performance of a task in the public interest or in the exercise of public authority that was assigned to the controller; for reasons of public interest in the field of public health; for the purpose of archiving in the public interest, for scientific or historical research purposes or statistical purposes; to assert, implement or defend legal claims. You can only exercise your right to erasure in the limited cases listed above.
The right to restriction of processing (Article 18)The data subject shall have the right to obtain restrict  processing from the controller where one of the following condition is met: the individual objects accuracy of data, namely for a period that allows the administrator to check the accuracy of personal data; the processing is unlawful and the data subject objects to the erasure of the personal data and requests instead the restriction of their use; the controller no longer needs the personal data for the purposes of the processing, but the data is needed by the individual to whom the data is related to for the establishment, exercise or defence of legal claims; the data subject has filed an objection in relation to processing until it is determined whether the controller’s legitimate reasons prevail individual. If the individual has requested the restriction for the reasons stated, then the data may only be further storage, and all other types of processing may only be carried out: with the consent of the individual, to which data are related to; to assert, exercise or defend legal claims; for the protection of the rights of another natural or legal person; or due to an important public interest of the Union or the Republic of Slovenia. You can only exercise your right to restriction in the limited cases listed above.
Obligation to notify in relation to correction or deletion of personal data or restriction of use (Article 19)The operator shall notify each user to whom personal data has been disclosed of all corrections, erasures and limitations of processing unless this proves impossible or involves disproportionate effort.
Right to object (Article 21)UM does not process personal data for direct marketing purposes, so there is no reason, as data subject, to exercise the right to object at any time for the purposes of such marketing, including profiling when related to such direct marketing.
Information on the right to withdraw consent where processing is based on consent:
Consent can be revoked at any time without affecting the legality of the data processing carried out on the basis of consent until its cancellation.
Information on the right to lodge a complaint with the supervisory authority:
You can lodge a complaint to the Information Commissioner (address: Dunajska 22, 1000 Ljubljana, e-mail:, phone: 01 230 97 30, website:


Our website uses cookies to provide a better user experience and monitor the visit statistics. The link to the subpage with instructions regarding cookie management is available at the bottom of the website.

What are cookies? Cookies are small text files that are placed on a user’s computer when they visit a website. You can manage or erase already stored cookies also through your web browser.

​​​Cookie_notice_accepted Cookie acceptance checkDIGI-SI 1 month
wordpress_test_cookie Checking cookie settingsWordPress 6 months
tk_ai Storing user identifier for online shop purposesWooComerce session
pll_language Storing user identifier for online shop purposesPolylang plugin 1 year