KlubIS - Promotion

English

Slovensko

English

Slovensko

Appearance

Privacy Policy

Last updated: 5 March 2026

This Privacy Policy explains how personal data is collected, used, and protected when using the Klubis web application ("Service").

Klubis is a software platform designed to help clubs, associations, and organizations manage members, activities, communication, and billing.

This Privacy Policy is provided in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR").

1. Data Controller

The Service is operated by:

Velis d.o.o.
Jelovška ulica 20
4240 Radovljica
Slovenia
Email: info@velis.si

("Service Provider", "we", "us", or "our").

When organizations (clubs) use the Service to manage their members, those organizations typically act as Data Controllers, while the Service Provider acts as a Data Processor.

2. Categories of Personal Data

Depending on how the Service is used, we may process the following categories of personal data.

2.1 Account Information

When a user creates an account, we may collect:

  • full name
  • email address
  • password (stored in encrypted form)
  • user role within the organization (administrator, coach, member)

2.2 Member Data Entered by Organizations

Organizations using the Service may store personal data relating to their members, including:

  • name
  • contact details (email, phone number)
  • membership information
  • participation in activities or groups
  • attendance records
  • billing and payment-related data

This information is entered and managed by the organization using the platform.

2.3 Technical and Usage Data

When users access the Service, certain technical information may be collected automatically, including:

  • IP address
  • browser type and version
  • operating system
  • timestamps of access
  • pages or features accessed

This information is used to maintain system security and improve functionality.

3. Purposes of Processing

Personal data may be processed for the following purposes:

  • providing and maintaining the Service
  • managing user accounts
  • enabling organizations to manage members and activities
  • recording attendance and participation
  • generating billing information and invoices
  • sending system notifications
  • improving platform performance and reliability
  • maintaining system security and preventing misuse
  • complying with legal obligations

4. Legal Basis for Processing

Under the GDPR, personal data is processed based on one or more of the following legal bases:

Contractual necessity
Processing required to provide the Service to users and organizations.

Legitimate interests
Processing necessary to maintain platform security, prevent misuse, and improve functionality.

Legal obligation
Processing required to comply with applicable laws.

Consent
Where required for certain communications or optional features.

Organizations using the Service are responsible for ensuring they have a lawful basis for processing their members' personal data.

5. Data Sharing and Processors

Personal data is not sold or rented to third parties.

Personal data may be shared with trusted service providers who assist in operating the platform, including:

  • cloud hosting providers
  • email delivery services
  • SMS notification providers
  • infrastructure and monitoring providers

These providers process personal data only on our behalf and under appropriate data processing agreements.

6. International Data Transfers

Personal data is generally processed within the European Economic Area (EEA).

If data is transferred outside the EEA, appropriate safeguards will be implemented, such as:

  • Standard Contractual Clauses approved by the European Commission
  • transfers to countries recognized as providing adequate protection

7. Data Retention

Personal data is retained only for as long as necessary to fulfill the purposes described in this Privacy Policy.

Retention periods may depend on:

  • the duration of the user account
  • contractual obligations
  • legal or regulatory requirements
  • legitimate operational needs

When data is no longer required, it will be securely deleted or anonymized.

8. Data Security

Appropriate technical and organizational measures are implemented to protect personal data against unauthorized access, loss, or misuse.

These measures may include:

  • encrypted connections (HTTPS)
  • access control mechanisms
  • authentication and authorization systems
  • secure infrastructure and monitoring

Despite these measures, no system can guarantee absolute security.

9. Rights of Data Subjects

Under the GDPR, individuals may have the following rights regarding their personal data:

  • right of access
  • right to rectification
  • right to erasure ("right to be forgotten")
  • right to restriction of processing
  • right to data portability
  • right to object to processing
  • right to withdraw consent where consent is the legal basis

Requests regarding personal data should generally be directed to the organization (club) that collected the data.

If the request concerns data processed directly by the Service Provider, requests may be submitted via the contact details provided in this Policy.

10. Cookies and Similar Technologies

The Service may use cookies and similar technologies to:

  • maintain user sessions
  • remember user preferences
  • improve usability and performance
  • analyze platform usage

Cookies are small text files stored on the user's device.

Users can manage cookie preferences through their browser settings.

11. Children's Data

The Service may be used by organizations that manage activities involving minors (for example youth sports clubs).

In such cases, the organization using the Service is responsible for ensuring that appropriate parental consent or other lawful basis exists for processing such data.

12. Changes to This Privacy Policy

This Privacy Policy may be updated from time to time.

Where material changes occur, users may be notified through:

  • email notifications
  • notices within the application
  • updates on the official website

Continued use of the Service after such updates constitutes acceptance of the revised Privacy Policy.

13. Contact Information

If you have questions about this Privacy Policy or about how personal data is processed, please contact:

Velis d.o.o.
Jelovška ulica 20
4240 Radovljica
Slovenia
Email: info@velis.si

You may also have the right to lodge a complaint with your local data protection authority if you believe your rights have been violated.