Privacy Policy for the Avtošola Tilia Mobile App
Last updated: 19 April 2026
This privacy policy explains what personal data the “Avtošola Tilia” mobile app collects, on what legal basis it processes it, to whom it discloses it, and what rights individuals have.
This policy supplements and does not replace the main privacy policy of LMM Tilia d.o.o., published at www.avtosolatilia.si, which continues to apply to all other services, forms, and websites of the controller.
1. Data Controller
The controller of personal data processed via the mobile app is:
LMM Tilia d.o.o. Gerbičeva 44, 1000 Ljubljana Registration number: 5751497000 Tax number: SI52280888
Contact for data protection matters: Email: info@lmmtilia.si Phone: 01 429 20 29
2. Categories of Personal Data We Process
2.1 Data entered by the customer during registration or profile update
- first and last name;
- email address (also used as username);
- phone number (optional);
- password — stored exclusively in cryptographically hashed form (bcrypt), never in plain text;
- profile picture (optional).
2.2 Driving lesson data (obtained from the internal register)
When the customer successfully logs in, the app retrieves and displays the following data from the provider’s internal register:
- candidate registration number;
- name of the driving instructor;
- number of completed driving hours;
- dates of individual driving lessons;
- date of completed CPP course;
- date and status of the driving test;
- amount of payments made and any outstanding balance.
This data is not newly collected via the app; it already exists in the provider’s register as a result of the contractual relationship between the customer and the provider.
2.3 Payment data via the app
- amount and date of transaction;
- type of service selected (driving hours, CPP course, etc.);
- payment method (Stripe card or bank transfer request);
- payment reference.
Important: The controller does NOT process or store payment card data (card number, CVV, expiry date). This data is processed entirely by the payment provider Stripe in accordance with the PCI-DSS standard.
2.4 Technical data (automatically logged)
- app version, operating system version, device model (used only for technical support and error diagnostics);
- login times (to ensure account security);
- device IP address at login (stored in security logs for a maximum of 6 months).
2.5 Content of conversations with the AI assistant
- the text of questions and answers within the “AI help” functionality is transmitted to an external provider (CustomGPT.ai or OpenAI) for the operation of the service. See section 5 below.
2.6 Data the app does NOT collect
The app expressly does not collect, process, or access the following types of data:
- GPS location or other device location data;
- contents of the address book, contacts, or call history;
- contents of photos in the gallery, except those that the customer explicitly selects as a profile picture;
- audio recordings — the app does not use the microphone;
- data from other apps installed on the device;
- data about the customer’s activities outside the app.
3. Legal Basis for Processing
The controller processes personal data on the following legal bases (Article 6(1) GDPR):
a) Contract (6(1)(b) GDPR) — processing is necessary for the provision of driving school services or for the performance of the contractual relationship between the customer and the controller.
b) Legal obligation (6(1)(c) GDPR) — retention of invoices and financial documentation (ZDDV-1); retention of driver training records (ZVoz-1).
c) Legitimate interest (6(1)(f) GDPR) — ensuring account and app security, preventing abuse and fraud, improving app performance.
d) Consent (6(1)(a) GDPR) — for access to the camera and gallery for uploading a profile picture; for processing data for any other purposes not covered by the above bases. Consent may be withdrawn at any time without negative consequences for the customer.
4. Purposes of Processing
We process personal data exclusively for:
- ensuring the operation of the app and the contractual services of the driving school;
- notifying the customer about account status, payments, and training progress;
- processing payments and issuing invoices;
- responding to customer enquiries and providing support;
- app security and prevention of abuse;
- fulfilling legal obligations;
- improving the app (exclusively anonymous, aggregated statistics).
We do not use customer personal data:
- for marketing communications (newsletters) without the customer’s explicit consent;
- for profiling or automated decision-making;
- for sale or disclosure to third parties for their own purposes.
5. Sub-processors (External Service Providers)
For the operation of the app, the controller uses the following external services, which act as sub-processors of personal data in accordance with Article 28 GDPR. The controller has concluded appropriate data processing agreements with all sub-processors or relies on their standard contractual clauses and certifications.
| Sub-processor | Role | Country | Transfer outside EEA |
|---|---|---|---|
| Neoserv d.o.o. | App server hosting (Laravel backend, database, outgoing email) | Slovenia | No |
| Stripe Payments Europe, Ltd. | Processing payments by payment card | Ireland (EU); possible transfer to USA | Covered by Standard Contractual Clauses (SCC) and EU-US Data Privacy Framework certification |
| Google LLC / Google Ireland Ltd. | Connection to internal candidate register (Google Sheets via Apps Script), Google account sign-in system (if used) | USA / Ireland | SCC + DPF |
| CustomGPT.ai, Inc. | AI assistant platform | USA | SCC |
| OpenAI, L.L.C. (via CustomGPT) | Processing of AI language queries | USA | SCC |
| Apple Inc. | App distribution via App Store, iOS platform | USA | SCC + DPF |
| Google LLC (Google Play) | App distribution via Google Play, Android platform | USA | SCC + DPF |
| Expo, Inc. | App platform infrastructure (error diagnostics, distribution via EAS) | USA | SCC |
The controller may update the list of sub-processors. The current list is available in the version of this policy in force at any given time.
6. Special Note Regarding “AI Help”
The AI help functionality transmits the text of customer questions to external providers (CustomGPT.ai, OpenAI) to generate responses. The content of conversations may be temporarily stored by these providers in accordance with their terms.
We expressly recommend that customers do not include in conversations with the AI assistant:
- their personal data or data of third parties (names, addresses, phone numbers, registration numbers, etc.);
- sensitive categories of data (health, political, religious, etc.);
- confidential or business information.
The AI assistant is intended exclusively for learning general CPP content and not for communication about the customer themselves.
7. Retention Periods
| Data category | Retention period |
|---|---|
| User account (login details, profile) | Until account deletion by the customer (see section 9) |
| Profile picture | Until account deletion or manual replacement |
| Payment data | Until account deletion, except financial documentation under ZDDV-1 |
| Issued invoices and transaction documents | 10 years (Article 84 ZDDV-1) |
| Driver training records | In accordance with the Drivers Act (ZVoz-1) |
| Security logs of logins and IP addresses | Maximum 6 months, except in the event of a criminal incident |
| Text of conversations with the AI assistant | Determined by CustomGPT.ai / OpenAI (typically up to 30 days) |
After the expiry of the retention periods, data is permanently deleted or anonymised so that it can no longer be linked to an individual.
8. Individual Rights
In accordance with Articles 15 to 22 GDPR and the Personal Data Protection Act (ZVOP-2), you have the following rights:
a) Right of access to personal data and information about its processing.
b) Right to rectification of inaccurate or incomplete data.
c) Right to erasure (“right to be forgotten”) — particularly when:
- the data is no longer necessary for the purposes for which it was collected;
- you withdraw consent and there is no other legal basis;
- you believe the data is being processed unlawfully.
d) Right to restriction of processing.
e) Right to data portability — you will receive the data in a structured, commonly used, and machine-readable format.
f) Right to object to processing based on legitimate interest.
g) Right to withdraw consent at any time, without affecting the lawfulness of processing before withdrawal.
h) Right not to be subject to automated decision-making, including profiling — the app does not perform such decision-making.
i) Right to lodge a complaint with a supervisory authority:
Information Commissioner of the Republic of Slovenia Dunajska cesta 22, 1000 Ljubljana Email: gp.ip@ip-rs.si Web: www.ip-rs.si
9. How to Exercise Your Rights
9.1 Contact
To exercise any of the above rights, contact us:
- Email: info@lmmtilia.si
- In writing: LMM Tilia d.o.o., Gerbičeva 44, 1000 Ljubljana
9.2 Content of the request
In your request, state:
- your first and last name;
- the email address associated with your account in the app;
- which right you are exercising and for which data.
9.3 Deadline
We will respond to your request within 30 days. In particularly complex or extensive cases, we may extend the deadline by a maximum of 60 days, of which we will inform you in advance.
9.4 Identity verification
The controller reserves the right to verify the identity of the applicant before fulfilling the request, particularly for requests for erasure or data portability.
9.5 Account deletion in the app
Deletion of the entire user account in the app is also possible:
- in the Settings → Delete Account menu within the app, or
- by visiting the office in person at Gerbičeva 44, 1000 Ljubljana.
10. Security Measures
The controller implements appropriate technical and organisational measures for the security of personal data, including:
- user passwords are stored using one-way cryptographic hashing (bcrypt) — the original password does not exist in the system;
- authentication via JWT tokens;
- encrypted transmission of all data between the app and the server (HTTPS / TLS 1.2+);
- encrypted email transmission (TLS/STARTTLS);
- access to production servers is restricted to authorised persons;
- regular updates of software and security patches;
- regular backups of databases in a secure location;
- payment cards are processed exclusively via Stripe in a PCI-DSS environment.
Despite careful security measures, no service on the internet is completely invulnerable. In the event of a security incident that could affect the rights of individuals, the controller will notify the affected persons and the Information Commissioner in accordance with Articles 33 and 34 GDPR.
11. Minor Users
The app is intended for persons aged 15 years or older. Persons under 15 years of age may use the app only with the consent of a legal representative (parent or guardian) in accordance with Article 22 ZVOP-2.
The controller does not knowingly collect data from children under 15 years of age without parental consent. If a parent or guardian discovers that a minor under 15 has used the app without consent, they should contact the controller at info@lmmtilia.si; their data will be deleted immediately.
12. Data Transfers Outside the EEA
Some sub-processors (section 5) process data in the USA or other countries outside the European Economic Area. In these cases, the controller ensures an adequate level of protection through:
- Standard Contractual Clauses (SCC) of the European Commission (Decision 2021/914);
- EU-US Data Privacy Framework (DPF) certification of recipients (where applicable).
13. Changes to This Policy
The controller may amend this policy from time to time, particularly:
- due to legislative changes;
- due to the addition of new app functionalities;
- due to a change of sub-processor;
- to clarify existing provisions.
The controller will notify the customer of material changes:
- by notification in the app, or
- by email to the address associated with the account.
The amended policy generally takes effect 15 days after publication. If the change is necessary for legal reasons, it may take effect immediately.
14. Relationship to Other Documents
This privacy policy supplements and does not replace the main privacy policy of LMM Tilia d.o.o., published at www.avtosolatilia.si, which applies to other websites and other services of the controller.
For matters not expressly regulated in this policy, the main privacy policy and the General Terms and Conditions of the controller apply primarily.
This privacy policy for the Avtošola Tilia mobile app was published on 19 April 2026.
LMM Tilia d.o.o.

