Visionect d.o.o. (hereinafter referred to as we, us, our, Visionect, Visionect d.o.o., Visionect ltd.) respects your privacy and is committed to protecting your personal data. This Privacy and Cookie Policy (including any modifications, exhibits, etc., hereinafter referred to as the: “privacy policy”) tells you how we look after and process your personal data, whether you visit our VISIONECT ( or JOAN ( website (hereinafter referred to as the “website”), regardless of where you visit it from, and/or purchase and/or use any of our products, services and/or applications. The term “products, services and/or applications” refers to all our products and services specified on the website, including but not limited to Visionect’s software and hardware products, mobile applications and services. About the terms of usage/sale of our products and/or services please read more in Terms of Use, Terms of Sale or other specific Terms as outlined in the footer of the website).

By now, you’ve probably heard of the General Data Protection Regulation (GDPR), effective as of May 25, 2018. Because we are fully devoted to protecting our confidential and sensitive data, including in particular any personal data processed in connection with our commercial activities, this Privacy policy aims to resolve any concerns you might have in this regard when using our website and/or products and services.

Nevertheless, if after reading this privacy policy, you have any additional questions about the processing of your personal data, including any requests to exercise your legal rights, please do not hesitate to contact us at [email protected].


Visionect LLC., Cesta v Gorice 30, 1000 Ljubljana, Slovenia is a B2B company founded in 2007. Visionect is the premier designer and developer of ultra-low-power digital display solutions created on electronic paper technology. Visionect’s mission is to empower people in public spaces to make better decisions by delivering more relevant, timely information, supported by digital displays easily installed in locations impossible before.The company is known for its JOAN room scheduler and the Place & Play product line.

The purpose of this privacy policy is to provide you with information on which, why and how we collect and process your personal data, including but not limited to any data you may provide through this website, when you:

  • sign up to our newsletter (and download any resource or content from the website),
  • purchase and/or distribute a product and/or service,
  • contact us by filling up the contact form,
  • do other corresponding activities.

It is important that you read this privacy policy together with any other terms and conditions available on the website and/or any notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using it.


Personal data, or personal information, means any information about an individual from which that person can be identified (please also see a more detailed definition of personal data as defined by the GDPR). It does not include data where the identity has been removed and by which we (or any other person) are not able to identify specific individual (anonymous data).

We may collect, use, store and transfer different kinds of personal and/or other related data about you or your company (hereinafter together referred to as the: “data”) which we have grouped together as follows:

  • Identity Data includes yours and/or your company’s first and last name / firm and/or similar identifier;
  • Contact Data includes your company’s billing address, delivery address, e-mail address and telephone numbers;
  • Financial Data includes your company’s bank account details; We do not collect your company’s credit cards and/or PAYPAL information, as this services are ensured by third parties to which you provide the information voluntarily;
  • Transaction Data includes details about payments to and from you (your company) and other details of products and services you (your company) have purchased from us;
  • Technical Data includes internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access the website.
  • Usage Data includes information about how you use our website, products and services.
  • Calendar User Data as specified in the following below.

In order to maximize your user experience we also collect, process and use Aggregated Data which may be derived from your personal data but is, according to the law, not considered to be personal data as it does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. We also measure website-tracking (traffic information, for example). However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will is then used in accordance with this privacy policy.

We do not collect or otherwise process any so-called “special categories of personal data”, which according to the GDPR include details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. Nor do we collect any information about criminal convictions and offences.

Also, the website is not intended to be used children or minors (person under 18) and we do not knowingly collect data relating to children or minors.


We use different methods to collect data from and about you (your company) including through:

Direct interactions. You may provide us your [Identity, Contact and Financial Data] by:

  • filling in contacting forms or by contacting us and/or corresponding with us by e-mail, phone or otherwise,
  • purchasing our products or services;
  • creating an account to use our products or services by creating a user account in the “Joan Portal”;
  • subscribing to our newsletter;
  • requesting marketing material to be sent to you;
  • entering a prize competition, promotion, referral program or survey;

Automated technologies or interactions. As you interact with our website, we may automatically collect Technical Data and/or Aggregated Data about your equipment, browsing actions and patterns. We collect this data by using cookies and other similar technologies as explained below in the “Cookies” section.


To facilitate the use of our room scheduling solution product called »Joan« (hereinafter referred to as: “Joan”) for users of G Suite (Google apps), Office 365 and Microsoft Exchange, we will require certain permissions in your calendar account:

  • Read and / or write access to the calendars you wish Joan to manage. No calendar or event information is permanently stored on servers we are using. The Joan Portal (used for managing Joan – read more in Terms of Use) only stores the e-mail of the room’s resource, all other information is gained through an API call, parsed and sent directly to the device.
  • Access to basic user account information and email.
  • Read only access to your resources to enable automatic room resource scan.

No user calendar data is shared with any third parties.


We have set out below, in a table format, a description of all the ways we plan to use your (company’s) data, including personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate. Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us at [email protected] if you need more detail.

Purpose/Activity Type of data Lawful basis for processing including basis of legitimate interest
To register you as a new customer (creating an account on Joan portal) and providing supported services, including updates, etc. by e-mail Identity Contact Performance of a contract – order (executed purchase of product / service)  concluded with you;
To process and deliver your order including: Manage payments, fees and charges Delivery of products and services purchased / requested Collect and recover money owed to us Identity Contact Financial Transaction Performance of a contract (executed purchase of product / service) with you; Necessary for our legitimate interests (to recover debts due to us);
To manage our relationship with you which will include: To provide you with e-mail news, updates, etc. on our products and services (in case of newsletter subscription, etc.) Asking you to leave a review, let us know your customer experience, etc. after you made purchase of products and services; To deliver you information about its own similar products or services already purchased; Identity Contact Performance of a contract (executed purchase of product / service) with you; Necessary to comply with a legal obligation; Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services):
To administer and protect our business and this website and products and services (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data); Identity Contact Technical Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise) Necessary to comply with a legal obligations (reporting of breaches);
To use data analytics to improve our website, products and services, marketing, customer relationships and experiences; Technical Usage Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy);


Cookies are small text files placed on your hard drive. We use cookies or similar technologies (pixels etc.) to personalize your online experience and improve our services for you. For example, cookies will remember and process the items in your shopping cart on our website. This saves you time, since you are not required to re-enter the same information each time you visit our site.

We use the following cookies:

  • Strictly necessary (essential) cookies. These cookies are required for the operation of our website. They include, for example,  the use a shopping cart or  e-billing services.
  • Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users find what they are looking for easily.
  • Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
  • Advertising (Targeting) cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.

Some of the cookies we use are internal, some of them external (third party) cookies. You can find more about the individual cookies we use here:

Necessary cookies Category Description Cookie
  Hubspot This cookie is used by the opt-in privacy policy to remember not to ask the visitor to accept cookies again. __hs_opt_out
This cookie can be set to prevent the tracking code from sending any information to HubSpot. __hs_do_not_track
This cookie is used to prevent the banner from always displaying when visitors are browsing in strict mode. __hs_initial_opt_in
This cookie is used to record the categories a visitor consented to. __hs_cookie_cat_pref
This cookie is used to consistently serve visitors the same version of an A/B test page they’ve seen before. hs_ab_test
When visiting a password-protected page, this cookie is set so future visits to the page from the same browser do not require login again. <id>_key
This cookie is used to determine and save whether the chat widget is open for future visits. hs-messages-is-open
This cookie is used to prevent the chat widget welcome message from appearing again for one day after it is dismissed. hs-messages-hide-welcome-message
This cookie is set when visitors log in to a HubSpot-hosted site. __hsmem
This cookie is used to ensure that content membership logins cannot be forged. hs-membership-csrf
This cookie is used to save the visitor’s selected language choice when viewing pages in multiple languages. hs_langswitcher_choice
This cookie is set by HubSpot’s CDN provider because of their rate-limiting policies. __cfruid
Essential cookies categories Description Cookie
  Cloudflare Used to identify individual clients behind a shared IP address and apply security settings on a per-client basis. __cfduid
Visionect Used to display different content to users in different countries. cbc_country_name
Analytical cookies Category Description Cookie
  Google Used to distinguish users across browsing sessions for Google Analytics, but cannot identify unique users across different browsers or devices. Has an expiration of 2 years. _ga
Used to distinguish users and has an expiration of 24 hours. _gid
Used to throttle requests and has an expiration of 10 minutes. _gat
Hotjar Used to let Hotjar know whether that visitor is included in the sample which is used to generate funnels. _hjIncludedInSample
LinkedIn Used for LinkedIn Ad analytics. BizoID
Twitter Used for Twitter integration and sharing capabilities for social media. personalization_id
Hubspot This cookie is used for tracking visitors. __hstc
This cookie keeps track of a visitor’s identity. hubspotutk
This cookie keeps track of sessions. __hssc
This cookie is set to determine if the visitor has restarted their browser. __hssrc
Functionality cookies Category Description Cookie
  Zopim Used to talk to customers in real-time AWSALB
Spiceworks Used to automatically discover detailed device information to troubleshoot user issues. visid_incap_1145931
Advertising cookies Category Description Cookie
  Facebook Used to track opted-out Facebook users for advertising purposes. fr

Visionect has listed them so you can decide whether you would like to opt-out or not. You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies (especially essential cookies), please note that some parts of this website may become inaccessible or not function properly.


You can update, remove and/or exercise other rights related to your personal data (as specified in detail below) at any time by contacting us at [email protected] We will respond as soon as we can and will follow up on your request within 14 days at most.

Also, if you do not like to receive our newsletter or other content e-mail, including updates or marketing material e-mails, you may at any time unsubscribe any time with the “unsubscribe” link within any e-mail you receive from us. We will be sad to see you go, but we respect your privacy.

The rights you may exercise with regards to your personal data:

  • Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
  • Request correction – update of your personal data. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
  • Request erasure – deletion of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law.
  • Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes (as mentioned you will also get an option to stop such e-mail contacting in each e-mail we will send it to you). In some cases, we may demonstrate that we have compelling legitimate grounds to process your information, which override your rights and freedoms.
  • Request restriction of processing your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it
  • Request transfer of your personal data. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
  • Other rights established with GDPR.

Please keep in mind that certain personal data:

  • we are required to process for certain period according to applicable legislation (for example due to accounting reasons),
  • we may be required to process in order to provide you (your company) with our products and services. We will properly inform you if this is the case after we receive your request.


We would never sell, share, or otherwise unlawfully use your personal data by disclosing them to any third party controller unless you provide us with your explicit consent as required by law, or we have a legal basis and/or obligation to do so.

Your personal data (and other data as well) is processed by our highly qualified employees and internal subcontractors that are required to execute confidentiality and data processing agreements and must at all time comply with our personal and confidential information policy. We ensure they are provided with proper data security training during the onboarding process.  Each of them receives an account (secured by a strong password) which allows them to access the corporate e-mailing system, other software systems and selected databases.

We also use external subcontractors, third-party service providers (data processors), for processing your personal data (for example e-cloud hosting services for storage, etc.). The ones established in the EU operate in compliance with GDPR. Nevertheless, many of our external third parties’ service providers are based outside the European Economic Area (EEA) so their processing of your personal data involves a transfer of data outside the EEA. Whenever this happens, we enforce  a similar degree of protection by ensuring at least one of the following safeguards is implemented:

  • your personal data is processed by third party service providers (data processors) established and operating in countries that have been deemed to provide an adequate level of protection for personal data by the European Commission;
  • your personal data is processed by third party service providers (data processors) with which  we have specific contracts approved by the European Commission which give personal data the same protection it has in Europe.

Nevertheless, this website or web-platform for use of our products and services may include links to third-party websites, plug-ins and applications (for example, PAYPAL and/or credit card payment service providers, etc.). Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party data processing activities and are not responsible for their privacy policies.


We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.


We take security of your personal data (and your or your company’s other data) very seriously!

We store majority of our data using e-cloud based solutions. Numerous studies have established that data stored in the cloud is less likely to be lost, deleted or leaked than data stored on a personal computers and/or other type of personal hardware. We make sure all our data we collect and process is fully encrypted at rest and in transit, by employing state-of-the art firewall and backup technology.

We also make sure our business premises are located in adequately secured buildings, which conform to established security standards. Physical access is controlled and monitored with the following safety measures: transponder card controlled interior door, limited access to on premise server rooms, surveillance systems (alarm, motion detectors, etc.), etc.

We established security measures presented above based on our best knowledge and experience in the field of data security. Notwithstanding, in case of any legislative and/or business requirements changes, we are ready to implement additional measures as soon as possible.


Yes. Any such data reach will be notified in accordance with Article 33 of the GDPR without undue delay (where feasible, not later than 72 hours after having become aware of it) to the parties concerned as well as to the supervisory authority competent in accordance with Article 55 of the GDPR.


This privacy policy is governed in accordance with Slovenian and/or EU legislation (whichever prevails), including but not limited to GDPR provisions. If you access our website, products and/or services from outside of EU, you are responsible for compliance with applicable local legislation.


We welcome your comments or questions about this privacy policy, you can email us at [email protected]. We will try to reply as soon as possible, but we will make sure we will handle your request in 14 days after we receive it.