Privacy Policy

1. Introduction

This Privacy Policy explains how FlickWeb collects, uses, stores, and protects personal data when you visit our website, contact us, request information about our services, or work with us.

We respect your privacy and process personal data in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and applicable Slovenian data protection legislation.

By using this website or contacting us, you acknowledge that you have read and understood this Privacy Policy.

2. Who we are

The controller of personal data is:

FlickWeb, spletne storitve in razvoj, Mihael Vrankar s.p.
Soteska 67
1241 Kamnik
Slovenia

Tax number: 78614970
Registration number: 9875646000
VAT status: Not VAT registered
Email: info@flick-web.com
Website: flick-web.com

For any questions about this Privacy Policy or the processing of your personal data, you can contact us at info@flick-web.com.

We have not appointed a Data Protection Officer because this is not currently required for our type and scale of business activity.

3. What personal data we collect

We collect personal data only when necessary for the operation of our website, communication with visitors and potential clients, delivery of our services, security, analytics, and legal or business obligations.

3.1 Data you provide directly

When you contact us through our website, email, Slack, or another communication channel, we may collect:

Name
Email address
Phone number, if provided
Company name
Website URL
Project details
Service interest
Budget range, if provided
Timeline, if provided
Messages, attachments, or other information you choose to send us

Our website contact form is powered by Contact Form 7. Contact form submissions are sent to our email address and are not intentionally stored in the WordPress database.

If you become a client, we may also process business-related information needed to communicate with you, prepare offers, issue invoices, manage the project, provide support, and deliver our services.

3.2 Technical and usage data

When you visit our website, certain technical information may be collected automatically, including:

IP address
Browser type and version
Device information
Operating system
Referring website
Pages visited
Time and date of visit
Approximate location based on IP address
Cookie preferences
Website security and access logs

This information is used to operate, secure, monitor, and improve the website.

3.3 Analytics and marketing data

With your consent, we may use analytics and marketing tools such as:

Google Analytics
Google Search Console
Meta Pixel / Facebook Pixel

Google Analytics helps us understand how visitors use our website. Meta Pixel may help us measure advertising performance and website interactions. Google Search Console helps us understand how our website appears in Google Search and does not require placing tracking cookies on your device through our website.

Analytics and marketing tools are only used where permitted by law and, where required, after your consent through our cookie banner.

4. Cookies and similar technologies

Our website uses cookies and similar technologies to make the website work, improve performance, measure usage, support security, and, where consent is given, support analytics and marketing.

We use CookieYes as our cookie consent management tool.

Cookies may include:

4.1 Necessary cookies

These cookies are required for the website to function properly and cannot usually be disabled through our cookie banner. They may be used for:

Cookie consent storage
Website security
WordPress functionality
Server and CDN security
Protection against spam, abuse, or malicious activity

Necessary cookies may be set by tools such as WordPress, CookieYes, Wordfence, Cloudflare, or hosting infrastructure.

4.2 Analytics cookies

Analytics cookies help us understand how visitors use our website, which pages are visited, and how the website can be improved.

We use Google Analytics only if you give consent where required.

4.3 Marketing cookies

Marketing cookies may be used to measure advertising performance or create audiences for advertising platforms.

We may use Meta Pixel / Facebook Pixel only if you give consent where required.

4.4 Managing cookies

You can accept, reject, or change your cookie preferences through the cookie banner on our website. You can also manage cookies through your browser settings.

Disabling certain cookies may affect website functionality or limit some features.

5. Why we process personal data

We process personal data for the purposes listed below.

5.1 Responding to inquiries

When you contact us, we use your personal data to reply to your message, understand your needs, discuss your project, prepare a proposal, or continue communication.

Legal basis: pre-contractual steps and/or legitimate interest.

5.2 Providing services

If you become a client, we process personal data to provide web development, design, consulting, maintenance, support, and related services.

Legal basis: performance of a contract.

5.3 Project communication

We may use your data to communicate about project scope, timelines, deliverables, revisions, technical requirements, support requests, and approvals.

Legal basis: performance of a contract and legitimate interest.

5.4 Invoicing, accounting, and legal obligations

We process certain data to issue invoices, keep business records, comply with tax and accounting obligations, and respond to lawful requests.

Legal basis: legal obligation.

5.5 Website security and performance

We process technical data to protect our website, prevent abuse, detect errors, troubleshoot issues, monitor performance, and maintain a secure online presence.

Legal basis: legitimate interest.

5.6 Analytics and website improvement

With your consent where required, we use analytics tools to understand website traffic, visitor behavior, and content performance.

Legal basis: consent.

5.7 Marketing and advertising measurement

With your consent where required, we may use Meta Pixel or similar tools to measure advertising performance and understand interactions with our website.

Legal basis: consent.

6. Who we share personal data with

We do not sell, rent, or trade your personal data.

We may share personal data only when necessary with trusted service providers who help us operate the website, communicate with clients, deliver services, secure systems, and manage our business.

These may include:

Hetzner — hosting and business email services
Cloudflare — DNS, CDN, performance, and security services
CookieYes — cookie consent management
Google — Google Analytics and Google Search Console
Meta — Meta Pixel / Facebook Pixel, where consent is given
Wordfence / Defiant — website security and firewall services
GitLab — code repositories and project development workflows
Slack — client communication, where used
Accounting service providers — invoicing, accounting, and tax obligations
Selected external collaborators or contractors — only when needed for project delivery

External collaborators are selected carefully and are involved only where necessary for the delivery of services. We are not actively looking for new contractors and do not share personal data with unnecessary third parties.

We may also disclose personal data if required by law, court order, government authority, or to protect our legal rights.

7. International data transfers

Some of the service providers we use may process personal data outside the European Economic Area.

Where personal data is transferred internationally, we take reasonable steps to ensure that appropriate safeguards are in place, such as adequacy decisions, standard contractual clauses, or other legally recognized transfer mechanisms.

8. How long we keep personal data

We keep personal data only for as long as necessary for the purposes described in this Privacy Policy, unless a longer retention period is required by law.

Typical retention periods are:

Contact form inquiries and email inquiries: up to 24 months after the last communication, unless the inquiry becomes part of a client relationship or a longer period is needed to protect legitimate interests.
Client communication and project records: for the duration of the client relationship and for a reasonable period afterward, usually up to 5 years after the last project or service, unless longer retention is required for legal, tax, accounting, or dispute-related reasons.
Invoices and accounting records: for the legally required retention period under applicable accounting and tax laws.
Cookie consent records: for as long as necessary to demonstrate consent and manage cookie preferences.
Security logs: for a limited period necessary for security, troubleshooting, and abuse prevention.
Analytics data: according to the retention settings in the analytics tools we use and only for as long as reasonably needed to understand website performance.

When personal data is no longer needed, we delete it, anonymize it, or securely archive it where required by law.

9. Client access and project-related data

During project work, clients may provide access to systems such as hosting accounts, WordPress admin areas, Shopify admin areas, APIs, DNS settings, analytics tools, repositories, or other technical systems.

We use this access only for the purpose of providing agreed services. Clients are responsible for ensuring that access permissions are appropriate and that they have the right to provide such access.

We do not intentionally collect or process client customer data as part of our normal website inquiries. If a specific project requires access to systems that contain personal data, we handle such access only as necessary to perform the agreed work.

10. Your rights

Under applicable data protection law, you may have the following rights:

Right of access to your personal data
Right to rectification of inaccurate or incomplete data
Right to erasure of personal data
Right to restriction of processing
Right to object to processing
Right to data portability
Right to withdraw consent at any time, where processing is based on consent
Right to lodge a complaint with a supervisory authority

To exercise your rights, contact us at:

info@flick-web.com

We may need to verify your identity before responding to certain requests.

You also have the right to lodge a complaint with the Slovenian supervisory authority:

Informacijski pooblaščenec Republike Slovenije
Dunajska cesta 22
1000 Ljubljana
Slovenia
Email: gp.ip@ip-rs.si

11. Data security

We take reasonable technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration, disclosure, or destruction.

These measures may include secure hosting, HTTPS, access controls, strong passwords, website security tools, firewall protection, software updates, backups, and careful access management.

However, no method of internet transmission or electronic storage is completely secure. While we work to protect your personal data, we cannot guarantee absolute security.

12. Third-party websites and services

Our website may contain links to third-party websites, platforms, or services.

We are not responsible for the privacy practices, content, security, or policies of third-party websites. We recommend reviewing the privacy policies of any third-party websites you visit.

13. Children’s privacy

Our website and services are intended for businesses and individuals over the age of 16.

We do not knowingly collect personal data from children. If you believe that a child has provided us with personal data, please contact us and we will take appropriate steps to delete it.

14. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, website tools, legal requirements, or business operations.

The latest version will always be published on this page with the updated date.

15. Contact

For questions about this Privacy Policy or how we process personal data, contact us at:

FlickWeb, spletne storitve in razvoj, Mihael Vrankar s.p.
Soteska 67
1241 Kamnik
Slovenia

Email: info@flick-web.com
Website: flick-web.com