IZUM is processing personal data in accordance with the law (Personal Data Protection Act, Librarianship Act, Research and Development Activity Act, General Data Protection Regulation), other regulations (personal data protection regulations) and purposes, for which the data was gathered, stored and processed.
As an information system of Slovenian science, culture and education, IZUM is also a processor that is performing personal data processing services on behalf and at the expense of other personal data controllers.
As personal data controllers, libraries that are full members of the COBISS.SI system are responsible for ensuring that the collection, storing and processing of personal data of its members is done in accordance with regulations. For that purpose, they have concluded a Data Processing Agreement with IZUM.
IZUM is implementing organisational and technical procedures and measures to ensure the protection of personal data and to prevent accidental or intentional unauthorised destruction of data or their alteration, loss or unauthorised processing.
IZUM employees can process personal data if they are granted special authorisation.
On 1 September 2017, IZUM named Davor Šoštarič as their data protection officer.