CTNNB1 Foundation makes this privacy policy available to you through this website in order to inform you in detail about how we treat your personal data and protect your privacy and the information you provide us with.

On this website, CTNNB1 Foundation guarantees the security and confidentiality of the personal data provided by the natural persons with whom it relates by implementing the technical and organisational measures intended for this purpose.

In the event of any future modifications, we will notify you via the website or other means so that you can be informed of the new privacy conditions introduced.

In compliance with Regulation (EU) 2016/679, General Data Protection Regulation and Organic Law 3/2018, of 5 December, on the Protection of Personal Data and guarantee of digital rights, we inform you of the following:

Responsible for the processing

CTNNB1 Foundation.NIF: 4125878000. Postal address: Dalmatinova street 5, 1000 Ljubljana, Slovenia.
E-mail address:

For what purpose do we process your personal data?

At CTNNB1 Foundation we collect and process your personal information in general in order to manage our relationship with you, the main purposes we have identified being the following:

  • Management and contracting of the products and services offered by our organization.
  • To channel requests for information, suggestions and complaints that you may send us electronically or otherwise.
  • To keep you informed about news, events, offers, products and services that may be of interest to you through different communication channels, provided that you have given your consent.
  • Management of the employment relationship, in the case of our employees.
  • Management of the commercial relationship with our suppliers.
  • Management of personnel selection

What is the legal basis for processing your data?

By accepting the privacy policy, you give your consent to CTNNB1 Foundation to process your data in order to send you information of an administrative, technical, organisational, informative and/or commercial nature about our products and services, in response to your request also for a legitimate interest.

CTNNB1 Foundation, in the development of its business activity, may also use other legal bases for the processing of personal data,

    • Consent of the data subject for one or more purposes.
    • Necessary for the performance of a contract or for the implementation of pre-contractual measures at the data subject’s request.
    • Necessary for the protection of the vital interests of the data subject or of other persons.
    • Necessary for compliance with a legal obligation applicable to the data controller.
    • Necessary for the performance of a task carried out in the public interest or in the exercise of official authority.

Necessary for the fulfilment of legitimate interests pursued by the controller or by a third party.

You will be informed of the legal basis used in each business relationship.

How do we collect your information?

We collect your personal information by different means, but you will always be informed at the time of collection by means of informative clauses about the data controller, the purpose and legal basis of the processing, the recipients of the data and the period of conservation of your information, as well as the way in which you can exercise your data protection rights.

In general, the personal information we process is limited to identification data (name and surname, date of birth, address, ID number, telephone number and e-mail address), contracted services and payment and invoicing data.

In cases of personnel management and selection, we collect academic and professional data in order to meet the obligations arising from the maintenance of the employment relationship or, where appropriate, to join our staff.

CTNNB1 Foundation may use social networks and this is another way of reaching you. The information collected through the messages and communications you post may contain personal information that is available online and accessible to the public. These social networks have their own privacy policies explaining how they use and share your information, so CTNNB1 Foundation recommends that you consult them before using them to confirm that you agree with the way in which your information is collected, processed and shared.

Responsibility of the user

By providing us with their data through electronic channels, the user guarantees that they are over 14 years of age and that the data provided to CTNNB1 Foundation are true, exact, complete and up to date. To this effect, the user confirms that he/she is responsible for the veracity of the data communicated and that he/she will keep said information suitably updated so that it corresponds to his/her real situation, taking responsibility for any false or inaccurate data that he/she may provide, as well as for any damages, direct or indirect, that may arise.

For how long do we keep your information?

At CTNNB1 Foundation we only keep your information for the period of time necessary to fulfil the purpose for which it was collected, to comply with the legal obligations imposed on us and to meet the possible responsibilities that may arise from the fulfilment of the purpose for which the data was collected.

In the event that you wish to join our staff and apply for one of our jobs, the data provided will become part of our employment exchange and will be kept for the duration of the selection process and for a maximum of one year or until you exercise your right of deletion.

If at any time we have collected your data to contact you as a potential user of our services or to respond to a request for information made by you, such data will be kept for a maximum of one year from its collection, and will be deleted after this period if a contractual relationship has not been formalised or at the time you request us to do so.

In any case, and as a general rule, we will keep your personal information as long as there is a contractual relationship that binds us or you do not exercise your right of deletion and/or limitation of processing, in which case, the information will be blocked without giving use beyond its conservation, while it may be necessary for the exercise or defence of claims or may arise some kind of liability that had to be addressed.

To whom do we communicate your data?

In general, at CTNNB1 Foundation we do not share your personal information, except for those transfers that we must make based on legally imposed obligations.

Although this is not a transfer of data, in order to provide you with the requested service, third party companies, acting as our suppliers, may access your information in order to carry out the service we have contracted from them. These third parties access your data following our instructions and without being able to use it for a different purpose and maintaining the strictest confidentiality.

Likewise, your personal information will be at the disposal of the Public Administrations, Judges and Courts, for the attention of possible responsibilities arising from the processing.

International data transfers

There are no international transfers of your data to countries outside the European Economic Area (EEA).

We have agreed with our suppliers that, for the provision of the contracted service, they make use of servers located in the EEA and if, in the future, we need to make use of servers located outside the EU territory, appropriate measures will be taken, which will be incorporated into this Privacy Policy, ensuring that such suppliers are under the Privacy Shield agreement or that other appropriate safeguards are in place.

What are your rights in relation to the processing of your data and how can you exercise them?

Data protection regulations allow you to exercise your rights of access, rectification, erasure and portability of data and to object to and restrict the processing of your data, as well as not to be subject to decisions based solely on automated processing of your data, where applicable.

These rights are characterised by the following:

  • Their exercise is free of charge, except in the case of manifestly unfounded or excessive requests (e.g. repetitive nature), in which case CTNNB1 Foundation may charge a fee proportional to the administrative costs incurred or refuse to act.
  • You may exercise your rights directly or through your legal representative or volunteer.
  • We must respond to your request within one month, although, taking into account the complexity and number of requests, the deadline may be extended by a further two months.
  • We are obliged to inform you about the means of exercising these rights, which must be accessible and without being able to refuse you the exercise of the right on the sole ground that you choose another means. If the request is submitted by electronic means, the information will be provided by these means whenever possible, unless you ask us to do otherwise.
  • If CTNNB1 Foundation does not act on the request, it will inform you, within one month at the latest, of the reasons for its failure to act and the possibility of lodging a complaint with a supervisory authority.

How do we protect your information?

At CTNNB1 Foundation we are committed to protecting your personal information.

We use reasonably reliable and effective physical, organisational and technological measures, controls and procedures aimed at preserving the integrity and security of your data and guaranteeing your privacy.

In addition, all staff with access to personal data have been trained and are aware of their obligations in relation to the processing of your personal data.

In the case of the contracts we sign with our suppliers, we include clauses requiring them to maintain the duty of secrecy with respect to the personal data to which they have had access by virtue of the assignment, as well as to implement the necessary technical and organisational security measures to guarantee the permanent confidentiality, integrity, availability and resilience of the systems and services for the processing of personal data.

All these security measures are regularly reviewed to ensure their adequacy and effectiveness.

However, absolute security cannot be guaranteed and no security system is impenetrable so, in the event that any information under our control and subject to processing is compromised as a result of a security breach, we will take appropriate steps to investigate the incident, notify the Supervisory Authority and, where appropriate, those users who may have been affected to take appropriate action.