Privacy policy

PRIVACY STATEMENT
The company INFO NOVITAS (from now on the company) is the owner of the website www.info-novitas.hr (“website”). This privacy statement was created with the aim of showing concern for the privacy of our users and informing our users (respondents) about the methods of collecting and processing personal data on this website.

Please read this Privacy Statement in detail to learn how we process, collect, protect, transfer, or otherwise use your personal data.

Data Protection Officer (DPO)
The headquarters of our company is in Zagreb, Republic of Croatia. We have appointed a person as a Data Protection Officer (DPO) who will be the main point of contact for any questions or complaints regarding our privacy policy, processing, or handling of personal data. The contact details of our personal data protection officer are:

Miro Visic
Bolnicka cesta 34A,
HR-10090 Zagreb, Croatia, EU
dpo@info-novitas.hr

Data collection
According to the definition, personal data is any data that refers to an individual (natural person) whose identity is known or can be determined. An identifiable natural person is a person who can be identified directly or indirectly, in particular with the help of identifiers such as name, surname, location data, personal identification number, network identifier (e.g. IP address) or with the help of various factors that refer to the physical, genetic, physiological, economic, mental, social or cultural identity of that natural person (individual).

It is important to emphasize that we collect or plan to collect your personal data in the future only when you voluntarily give us such information through consent (EU GDPR 6a) or on the basis of other legitimate collection bases such as: Performance of contractual obligations (EU GDPR 6b), Compliance legal obligations (EU GDPR 6c), Protection of key interests of data subjects (EU GDPR 6d), Performance of a task in the public interest (EU GDPR 6e), Legitimate interest of the data controller and third parties (EU GDPR 6f) and other specific bases of data collection and processing ( EU GDPR 9a-9j). We collect data about you when you fill out one of the forms on our website, when you send an e-mail directly to the e-mail addresses listed on our website when you access our website via cookies, and analytical data to monitor site visits. via Google Analytics, when signing up for our newsletter, or based on your phone calls and expressions of interest in our products and services.

It is also essential that you are informed that non-personal information and data can be collected automatically through our website, that is, through the Internet server or through the use of “cookies”. Click here to learn more about our cookie policy.

As an example of information that is usually collected through our websites about your use of the site, it includes the most viewed and most visited pages and various links on our website (tags, buttons, etc.), tracking of form filling, tracking of time spent on our website, keywords that lead users to our site when searching the web, your IP address from which you access it, other information collected through cookies, and the data of your device from which you view our website (such as hardware settings, system activity, browser type, etc.).

Data processing

We use the data obtained about you for one or more of the following purposes:

• To personalize your user experience (collected information helps us better respond to your individual needs);
• To improve our website (we constantly strive to improve our website offering based on the feedback we receive from our visitors);
• In order to establish the primary channel of communication with you;
• To send occasional emails (regarding occasional news (if you wish), updates, information about similar products or services, etc.)

Links to third parties
We do not offer or provide any third-party services or products on our website.

Use of cookies
To find out how we use cookies, please read our cookie policy at www.gdprinformer.com/cookie-policy.

Protection of your data
In order to protect the personal data you send through this website, we use physical, technical, and organizational security measures. We are constantly upgrading and testing our security technology. We limit access to your personal data to only those employees who need to know that information in order to provide you with some benefits or services. In addition, we educate our employees about the importance of data confidentiality and the preservation of privacy and the protection of your data.

Data storage and retention period
All data is stored in the databases and repositories of DigitalOcean’s cloud server in Amsterdam, the Netherlands. We will not transfer or store stored data to countries outside the European Union.

We keep and protect your personal data for the duration of your business relationship with us. We regularly delete personal data that you have given us for business or contact purposes after 12 months from the day you gave us that data.

Individual rights
If you want to know whether we own and process your personal data, or if you want to access the personal data we have about you, please contact us at dpo@info-novitas.hr.

You can also request information on: the purpose of data processing, categories of personal data under processing; who else outside of our company received your personal data from us; what is the source of the personal data (if you have not directly provided it to us); and how long we will keep the data. You have the right to correct the personal data we hold if it is incorrect. You can also, with certain exceptions, request that we delete your data or stop processing it. You can ask us to stop using your personal data for direct marketing purposes. In many countries, you have the right to submit a complaint to the competent data protection authority if you are not satisfied with the way we handle your personal data. If it is technically feasible, based on your request, we will send you your personal data or transfer it directly to another data controller.

If you submit a request to send us your personal data to dpo@info-novitas.hr, we will comply with that request free of charge. If we cannot comply with your request within a reasonable time, we will inform you of the date when we will comply with the request. If for some reason we cannot fulfill your request, we will send you an explanation of why we did not fulfill your request.

Notification of personal data breach
In the event of a personal data breach, we will notify you and the competent supervisory authority by e-mail within 72 hours of the extent of the breach, the data covered, the possible impact on our services, and our planned measures to secure data and limit any adverse effects on individuals.

We will not send you a notice of infringement in the case of:

• if there are technical and organizational protection measures (such as encryption) that have been applied to the personal data affected by the personal data breach, which make that data unintelligible to any person who is not authorized to access it;
• if we have taken follow-up measures to ensure that a high risk to the rights and freedoms of individuals is no longer likely to occur;
• if this would require a disproportionate effort (in which case we will inform you through public information or a similar equally effective measure).
  A personal data breach means a security breach that leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access of personal data transmitted, stored, and processed in connection with the provision of our services.

Your consent
By using this website, you consent to this privacy policy.

Changes to our privacy policy
In the event of changes to our privacy policy, we will notify you on this page and update the privacy policy change date below as follows.

This privacy policy was last modified on March 5, 2018.

The right to complain to the competent authority
At any time, you can send a complaint to the supervisory authority regarding our collection and processing of your personal data. In the Republic of Croatia, you can submit a complaint to the Agency for the Protection of Personal Data (AZOP).