General Terms of Use of the BetrSign® eID Service

These General Terms of Use of BetrSign® eID Service, for the creation, storage, management, and use of electronic identities and authentication by electronic identification means (hereinafter: General Terms) set out the terms and conditions for the performance and use of the BetrSign® eID service for individuals, scope of these services and mutual rights and obligations for users of this service and SETCCE d.o.o., Ljubljana, Tehnološki park 21, as the responsible provider of the BetrSign® eID service (hereinafter: provider).

These General Terms constitute a legally valid and binding agreement between the provider and the users of BetrSign® eID service.

Subject of the service

By accepting the BetrSign® eID General Terms, the user has the right to create and use the electronic identity and associated electronic identification means (user name, password, OTP …) that they use for authentication with the integrated online services.

The user acquires an electronic identity and the associated means of electronic identification for an indefinite period of time. By accepting the General Terms and Conditions, the provider becomes the processor of the user's data required for the use of the BetrSign® eID service. If the user does not accept the General Terms, then they cannot use the BetrSign® eID service.

Use of BetrSign® eID service

Using of the BetrSign® eID service enables:

• User registration for the BetrSign® eID service. Th user can submit or confirm their personal information and obtain an electronic identity and associated means of electronic identification (username, password…),
• User login with their existing BetrSign® eID electronic identification means. Upon login, the user can gain access to the required online services that are integrated with BetrSign® eID, provided they have logged in with an electronic identification mean that has an adequate assurance level,
• User profile editing: the user can edit the personal data they provided and delete the electronic identity of the BetrSign® eID.

The user can terminate the use of the BetrSign® eID service at any time in the user profile editing section of the BetrSign® eID service.

Technical requirements for using the BetrSign® eID service

In order to use BetrSign® eID, the user needs valid email address, PC or mobile device (smartphone, tablet, etc.) with internet access and an officially supported web browser and operating system. The provider is not responsible for support of the BetrSign® eID service in earlier versions of operating systems that are no longer officially supported by the manufacturer. Moreover, while the BetrSign® eID service may also work in earlier unsupported browser versions, it may have a truncated or distorted page layout.

One condition for using the BetrSign® eID service is a valid and accessible email address provided by the user.

User responsibility

The user may only use the BetrSign® eID services for their own use.

The user warrants that the personal information that they have provided is accurate and related to themselves. Using offensive information or other hate speech is forbidden.

The user is obliged to update any changes to their data in the BetrSign® eID user Profile.

The user must protect the confidentiality of the electronic identification means and use it in accordance with the instructions in this General Terms. In the event of misuse of the BetrSign® eID service or negligent conduct, the user may be liable for damages or criminal liability.

The user may not authorise other persons, lend the electronic identification means to others, or otherwise allow the use of their electronic identification means by other persons. In the event of a breach, the user guarantees full liability for any damages.

The user must not use the BetrSign® eID services for illegal purposes.

The user may not obtain, collect or store the personal information of other users of BetrSign® eID services.

In case of suspected misuse of a user's means of electronic identification, the user is obliged to inform the provider immediately. Upon notification, the provider shall disable the use of electronic identification means.

Provider rights, responsibilities and data protection

The BetrSign® eID service is regularly available 24/7.

The provider ensures that all personal data, electronic identification means and other information (hereinafter "data") that the Provider has access to for performing the BetrSign® eID service are secured in compliance with the applicable legislation.

The provider undertakes not to disclose the personal information of users to persons who are not authorised to use the BetrSign® eID service. Persons/employees involved in the provision of the provider’s service have signed a legally binding statement on data protection and confidentiality.

The provider ensures the security of data processing and storage in accordance with the organizational measures of the BetrSign® eID service, as well as the measures for ensuring information security, data protection and business confidentiality in order to prevent misuse of user data.

The provider reserves the right to revoke the user's electronic identity in the event of repeated unsuccessful attempts to login.

The provider reserves the right to modify any part of the system and delete any part of its content without prior notice.

The information system and the backup itself are located on the provider’s premises or hosted at a subcontractor’s premises in the territory of the European Union.

Limitation of provider's liability

The provider reserves the right to short disruptions of access to the BetrSign® eID service for technical reasons, maintenance or replacement of equipment. The provider does not guarantee the availability of the BetrSign® eID in the event of a failure in communication networks or any failures, faults, other technical disruptions or interruptions of third parties (power supply, etc.) and cases of force majeure.

The provider is not liable to the user for any direct or indirect damage or defects that may arise due to technical problems or inability to use the BetrSign® eID service.

The provider is not liable for any damage that may arise in the event the user provided wrong, false, incomplete or outdated information in relation to themselves.

The provider is not responsible for the improper workings of the services resulting from misuse or user’s lack of knowledge.

The provider is not liable for any damage suffered by the user as a result of lost, forwarded, or otherwise misused data caused by the user, user’s contracting provider or third parties.

In the event of misuse of the BetrSign® eID service, the provider can immediately restrict or prevent the user’s access to the BetrSign® eID service.

Personal data

For the purpose of providing the BetrSign® eID service, the provider obtains, processes and stores the user's personal data and electronic identification means, and works as a controller of personal data. The provider processes personal data in accordance with applicable data protection legislation. Personal data is stored until the purpose of personal data processing is cancelled, or the right of erasure is exercised. The user is treated in these General Terms as an individual as defined by the relevant legislation in the field of personal data protection.

The processing of personal data is based on the personal consent of the user with the General Terms. The General Terms accepted by the user are the legal basis for the processing of personal data by the provider. The processing of the personal data for the purposes specified in the previous paragraph is a condition for the use of the BetrSign® eID service. If the user does not agree with the General Terms, the BetrSign® eID service cannot be used. The provider does not share collected personal data with third parties or other organisations. Exceptions are those integrated web services to which the user is logging into by using the BetrSign® eID service.

The provider, as the controller of personal data, undertakes to treat the user’s personal data with care and to process it solely for the purposes for which it was originally collected.

For the purpose of providing the BetrSign® eID service, the provider processes the following personal data of the user: first name, last name, email, telephone number and country (for a one-time password) and other personal data specified by the controller, and the user gives their prior consent to this.

The provider may forward personal data to the competent national authorities, on the basis of a justifiable request, provided they have legal basis for this. For example, the provider will respond to requests from courts, law enforcement and other national authorities, which may also include the national authorities of other EU member states.

The provider grants the user the following rights in connection with the processing of the user’s personal data:

• the right of access to data,
• the right to rectification,
• the right to erasure (right to be forgotten),
• the right to restriction of processing,
• the right to data portability,
• the right to object.

The provider guarantee that the user can exercise their rights in connection with the processing of their personal data without any undue delay. The provider will decide on a ‘users request within one month after receipt of the request. That period may be extended up to two months where necessary, taking into account the complexity and number of requests. If the provider extends the deadline, it shall notify the user by email within one month of receiving the request, together with the reasons for the delay.

Requests in connection with the exercise of user rights may be sent by email to gdpr@setcce.com, or by post to SETCCE d.o.o., Tehnološki park 21, 1000 Ljubljana.

When there is a reasonable doubt in connection with the identity of the user submitting a request in respect of any of their rights, the provider may request additional information necessary for establishing the identity of the user.

Where requests from a user are manifestly unfounded or excessive, in particular because of their repetitive character, the provider may:

• charge a reasonable fee that reflects the administrative costs of providing information or messages, or carrying out the requested action,
• or refuse to act on the request.

If the provider does not decide on the request within the legal deadline or if it rejects the request, the user has the right to lodge a complaint with the Information Commissioner. The user also has the right to lodge a complaint directly with the Information Commissioner if they believe that the processing of personal data breaches Slovenian regulations or EU regulations in the area of personal data protection.

Termination of service

In the event of termination of the BetrSign® eID service, the provider will remove all user-related information from its systems within the prescribed one-month deadline, and notify users of this by posting details on the provider's official website.

Technical support

Users can request technical support by email to support@betrsign.com or call the following telephone numbers from Monday to Friday, except on public holidays:

• during working hours 8am-4pm: +386 5 90 74 660,
• outside the working hours 4pm-9pm: + 386 31 632 118.

Violation of General Terms

The provider reserves the right to deny access to the BetrSign® eID service to users who violate or breach the General Terms.

If users cause any harm to the provider, they are fully morally, materially and criminally responsible.

Any violations of the use of BetrSign® eID by other users should be reported to the provider by email at support@betrsign.com or in writing at SETCCE d.o.o., Technology Park 21, 1000 Ljubljana

Modifications and amendments of the General Terms

The provider may modify or amend the existing General Terms without prior notice or consent of the users.

These General T&Cs shall take effect on 5 July 2022.

SETCCE d.o.o.