Data confidentiality

These are the privacy rules (hereinafter: the “Privacy Policy”) issued by Vanitas j.d.o.o., Zagreb, 2. Ravnice 16, 10 000 Zagreb, OIB: 69945374148 (hereinafter: “Company” or “We”). In this sense, the company has the position of head of the processing of your personal data.

 

Sending newsletters
We process your personal data in order to inform you about interesting events and our services and products. In that case, the basis for the processing of your personal data is our legitimate interest or your consent, depending on the specific case.

 

Other cases
In order to protect our legitimate interests as a society (for example, when necessary for the purposes of conducting judicial, misdemeanor and other proceedings or when necessary to ensure an adequate level of protection). In that case, the basis for processing your personal requests is our legitimate interest.

 

Who has access to your personal data?

We consider your personal data as a business secret and as such we protect them in accordance with applicable legal regulations and best practice.

We will process your personal data ourselves, as well as the entities within the Orbico Group. Third parties have the right to access and process your personal data only in the situations described below:

Legal entities with which we cooperate in business and which enable or assist us in orderly business. These are, for example, people who develop and maintain the IT solutions we use. In that case, these legal entities process your personal data exclusively for our needs;

Persons with whom we do business, when we deem it necessary to protect certain of our legitimate interests. For example, tax advisors, accountants, lawyers and other advisors. In this case, these persons process your personal data exclusively for our needs;

Competent bodies in the implementation of supervision over the legality of operations and actions as well as other legal entities when necessary for the performance of some of our legal duties, such as the auditor. In that case, these legal entities process your personal data for the purpose assigned to them by law;

Other parties in connection with business transactions such as the sale of a company or part of a company, reorganization, merger, joint venture or any other type of disposal of our company, assets or inventories (including bankruptcy or similar proceedings).

Third parties are limited in their ability to use your personal information for any purpose other than those listed, and are required to protect and process your personal information in accordance with legal, regulatory and contractual obligations.

 

Is my personal data transferred to third countries?

We do not disclose your personal data to third countries (outside the European Union).

 

Kako štitimo Vaše osobne podatke?

The protection of your personal data is extremely important to us. Some of the protection measures we implement are the following:

Implement database pseudonymization whenever possible;

Application of modern methods of protection and control of access to data resources containing personal data;

Continuous monitoring of all resources (physical spaces where your data is stored) used to process personal data.

The purpose of implementing these measures is to prevent the risk of destruction, loss, alteration, unauthorized disclosure or access to your personal data.

We also request the use of appropriate protection measures, in relation to your personal data, from third parties who have the right to access and process your personal data, as stated in Article 5, paragraph 5.2.

 

During what period do we keep your personal data?

For data where there is a legally defined retention period, we store your data through that period and delete them for an additional period of one year.

We hold your personal data as our clients, for which there is no defined legal retention period, for the entire duration of the contract we have concluded with you. Upon termination of the contract, we delete your data.

We store personal data that we process based on our legitimate interest as long as our legitimate interest exists, and delete it thereafter.

We retain personal data that we process on the basis of your consent as long as we have your consent. In case of withdrawal of consent, we delete them as soon as possible.

The above periods of storage of your personal data are defined based on the following criteria:

the period in which we need your personal data in order to be able to provide you with our services, products or manage your business;

if you have a registered account with us, then we process your personal data as long as you are an active account user;

whether there is a legal, contractual or similar obligation to retain your personal information.

 

What regulations apply?

The protection of your personal data is regulated by EU Regulation 2016/679, known as the General Regulation on Data Protection and the applicable national law of the Republic of Croatia on data protection.

 

Vaša prava

If you choose to use one or more of your rights below, the Company has the right to verify your identity, all for the purpose of protecting personal information.

You get your rights for free. However, if you frequently (for example, less than 6 months have passed since your last request) or excessively (for example, requesting all your personal information in writing) request access to or transfer of your personal data, we have the right to ask you to pay our costs before carrying out such an action.

Access to your personal data: You have the right to ask us to confirm whether we process your personal data, as well as access to your personal data that we process. Please send inquiries and requests, in writing and signed, to the address Vanitas j.d.o.o., 2. Ravnice 16, Zagreb, Croatia or to the e-mail address: info@marijabutkovic.com. We will respond to your request as soon as possible, and within a month at the latest, unless the extraordinary complexity of the individual case requires an extension of the said deadline.

Correction of incorrect personal data: You have the right to request the correction of your incorrect personal data, as well as the right to supplement your personal data. Please send inquiries and requests, in writing and signed, to the address Vanitas j.d.o.o., 2. Ravnice 16, Zagreb, Croatia or to the e-mail address: info @. We will respond to your request immediately, and within a month at the latest, unless the extraordinary complexity of the individual case requires an extension of the said deadline.

 

Prenosivost osobnih podataka
You have the right to download and request the transfer of your personal data. Please send inquiries and requests, in writing and signed, to the address Vanitas j.d.o.o., 2. Ravnice 16, Zagreb, Croatia or to the e-mail address: info@marijabutkovic.com. We will respond to your request immediately, and within a month at the latest, unless the extraordinary complexity of the individual case requires an extension of the said deadline.

 

The right to withdraw consent and forget
You have the right to withdraw your consent to the processing of personal data as well as to request that your personal data that we have processed on the basis of your consent be permanently deleted. Please send inquiries and requests, in writing and signed, to the address Vanitas j.d.o.o., 2. Ravnice 16, Zagreb, Croatia or to the e-mail address: info@marija butkovic.com. We will respond to your request immediately, and within a month at the latest, unless the extraordinary complexity of the individual case requires an extension of the said deadline.

 

Objection to the processing or handling of your personal data:
You have the right to object to the processing of your personal data as well as to our way of handling your personal data in general. Send us your request via e-mail to info@marijabutkovic.com, where in the title of the message you state the Objection against processing and in the message you explain the reason for the objection and your request.

 

The right to complain to the Personal Data Protection Agency
As a Client, you have the right to complain at any time before the competent body for personal data protection – the Agency for Personal Data Protection (www.azop.hr), regarding the processing and protection of your personal data.

 

Important notes

This Privacy Policy applies to our customers, users of our services, those who are interested in becoming one and all our other business partners (hereinafter: “Clients” or “You”).

We hereby regulate the privacy and protection of your personal data. The privacy policy applies only to persons or their personal data. Personal data is all data through which we can, directly or indirectly, identify you.

This version of the Privacy Policy applies since May 25, 2018. The current version is always available at www.marijabutkovic.com

Please read this Privacy Policy. If you do not agree with our actions, please do not provide us with your personal information.

In case of any questions or requests regarding the handling or protection of your personal data, please contact Anka Roglić-Karlušić, employee of Vanitas j.d.o.o., responsible for enforcement, at the following e-mail address info@marijabutkovic.com

 

What is covered by the Privacy Policy?

Privacy includes ways we process your personal information when you interact with us, such as when:

  • you visit our websites;
  • you use our accounts on social networks;
  • purchase and use our products and services, systems and applications;
    subscribe to our newsletter;
  • you provide your goods or services, systems or applications;
  • contact our customer support;
  • attend our business events;
  • you participate in our competitions;
  • you participate in our promotions;
  • you communicate with us in some other way or in some other way

 

in the role of you as a consumer, customer, business partner, supplier, subcontractor, contractor or other person who is in a business relationship with us.

Processing of personal data means any operation or set of operations performed on personal data, whether automated or non-automated means such as collection, recording, organization, structuring, storage, adaptation or modification, retrieval, recovery, disclosure, use, and consultation relating to personal data.

 

What personal data do we process?

We process the personal data that you have given us, either during the initial contact, or during later communication (for example through a phone call, e-mail, etc.) or those that resulted from our business cooperation.

We process the following personal information we have collected from you:

 

Your identification data

name, surname, address (street and house number, place, postal code, country), place of residence, place of residence, OIB, JMBG, date of birth, sex, education.

 

Your contact information

cell phone, telephone, Fax, Email address;

contact address (street and house number, place, postal code, country, apartment, suite, floor); place of residence, place where you live

 

Your user data

user ID, code;

 

Additional information necessary for business needs

company name, type of user (private or business); company headquarters, business owner

current bank account data (number and the exact bank);

 

Data derived from our business relationship

History of changes to all listed data

Initially given data and their changes, as well as when the change was made.

 

Your other information

data related to your household, your interests, your occupation; preferences

We process those personal data that are related to your use of products and / or services, and which are collected automatically.

We process the following personal information we have collected automatically:

 

Information about your device

device model, unique device identifier, MAC address, IP address, version of the operating system, settings of the device you use to access websites, applications and services;

 

Your login details
the time and duration of use of our digital channel or product;

 

Your location information
the actual location (derived from the IP address or other location-based technologies) that we may collect when you provide us with this through product or location-related settings;

 

Your other information

the applications you use, the websites you visit, the links you click within our advertising email;

We process the personal information we receive about you from publicly available sources (within the legal framework) such as public databases, and those we receive from our marketing partners or social media platforms when you choose to use such services. We may combine the information obtained in this way with other information we have received from you.

You are not required to provide us with certain types of information, but this may affect the functionality of the product or service we offer.

 

In accordance with the law, we won’t process data related to:

  • racial or ethnic origin;
  • political opinion;
  • religious or philosophical beliefs;
  • trade union membership;
  • genetic traits;
  • health;
  • sex life;
  • criminal convictions or related security measures;
  • biometric data;
  • genetic data.

If there is a need to process any of the above personal data, we will always need your explicit consent.
 

Why do we process your personal data?

We process your personal information because you are our customer or user of our services or you are interested in becoming one (for example, you have subscribed to our newsletter or you have sent us certain inquiries).

We process your personal data for the following purposes:

Conclusion and implementation of contracts

We process your personal data that we need in order to process, accept and fulfill some of your inquiries, orders, purchases or other mutual agreements.

 

Fulfilling our legal duties

We process your personal data in order to fulfill our duties – when and in the way in which the positive regulations regulate it. For example, disclosure of information to government institutions or oversight bodies regarding reporting obligations, compliance audits, tax deductions, mandatory records, inspections, and compliance by government or other public bodies. In that case, the basis for processing your personal requests is the fulfillment of our legal duties.

We process your personal data in order to inform you about the status of an individual request, the implementation of the service or similar. In that case, the basis for the processing of your personal data is our legitimate interest.