When you visit the website, which is operated by SW (registered with AJPES) – hereinafter referred to as the controller – you entrust us with some of your personal data, which we are obliged to protect.

If you only browse the site, the personal data we receive from you is limited to the anonymous identity of your device (computer, phone, etc.). This is recorded by so-called cookies, a list of which can be found below.

When you choose to contact us, you provide us with your email address, or sometimes other personal data. More details on all of this below.

The security of your personal data is extremely important to us! We collect, record, edit, store or delete all personal data in accordance with the Personal Data Protection Act (ZVOP-1, Official Gazette of the Republic of Slovenia, No. 94/2007) and the General Data Protection Regulation (hereinafter referred to as GDPR).


What are your rights?

Your rights in relation to the personal data you have provided are set out in Chapter 3 of the GDPR and include:

  • the right to transparency: whenever you entrust us with data, we explain to you in detail and in clear language why we need the data, how we will handle it, etc. In practice, this means that you are given detailed information about what will happen to your data before you confirm that your data will be sent;
  • the right to access or see the personal data we hold about you and to be informed whether we hold personal data about you. Your right to know why we have it, what we do with it, whether we have shared it with anyone, the retention period of your data;
  • the right to rectification and the right to be forgotten (erasure): you can request the rectification or correction of inaccuracies in the personal data we hold about you, or the erasure of the personal data we hold about you;
  • the right to restriction of processing. Processing may mean collecting, recording, editing, structuring, storing, adapting or modifying, retrieving, accessing, using, disclosing by transmission, disseminating or otherwise making available, adapting or combining, restricting, erasing or destroying. You have the right to restrict one or more of these actions, and you do not necessarily have to request deletion of the data;

  • the right to data portability: we are obliged to provide you, at your request, with any data that you have provided to us and that we hold about you in a structured, commonly used and machine-readable format, and you have the right to transfer this data to another controller;
  • the right to object: users can request that we do not include your data in any processing and statistical analyses, which are usually not of personally identifiable information. However, you have the right to object to the use of this data;
  • the right to decide on automated individual decision-making, including profiling.

What information we collect, how we use it and with whom we share it

Access to the data collected on the website is granted exclusively to the controller. We do not share, lend or sell any personal data that you have voluntarily provided to us, electronically or otherwise.

We use it solely to communicate with you or to fulfil the reason for which we needed it (booking an appointment, ordering gift vouchers, etc.). We only pass on information to third parties when it is necessary for the fulfilment of your order (for example, delivery of purchased items).

Website statistics

Statistične podatke o obiskovalcih spletne strani lahko občasno delimo s partnerji ali oglaševalci. Take informacije ne vsebujejo nobenih podatkov, ki bi osebno identificirali kogarkoli, ki je na kakršenkoli način komuniciral z našo spletno stranjo.

Varnost prenosa in hranjenja podatkov

The website has a built-in SSL security certificate issued by Let’s Encrypt. This certificate encrypts messages between a website and its users to ensure secure communication over the internet. You can check that the certificate is installed by looking at the web address bar: to the left of, you will see a green padlock, and some browsers also say “secure”. You can also see that the website address starts with https://. The letter “s” stands for secure connection.

Even after you have sent us your data securely online, we will treat it with care. Only authorised SECRET WELLNESS employees have access to it and only for the tasks that are absolutely necessary for their work (invoicing, preparing shipments, customer service). The servers on which your personal data is stored are safe and secure.


We use cookies on the website to ensure it works optimally. These are small files that your browser places on your computer to improve your experience. For example, a cookie can make it so that you don’t have to log in to a website every time (if that’s what you wanted). Cookies also allow us to monitor how many pages are visited so that we can edit them to better serve their purpose. The use of cookies never implies that you are providing the controller with any personal data about yourself or information that could identify you.