Privacy policy

PRIVACY POLICY

By using the AKD website belonging to the domain akd.hr, users are considered to be familiar with these terms of use at all times and fully understand and accept them.

For the processing of your personal data, the responsible company is AKD d.o.o., Savska 31, OIB: 58843087891 MB: 03751970. We are committed to protecting your personal data and your right to privacy. If you have any questions or concerns regarding our rules or practices regarding the processing of your personal data, please contact us at the email address zastita.podataka@akd.hr. All information about the protection of your personal data can be obtained at the following link: Data protection based on the General Data Protection Regulation.

AKD d.o.o. reserves the right to change the content and terms of use of the website without prior notice and is not responsible for any damage resulting from such changes. Additionally, it does not bear responsibility for direct or indirect damage that may occur from the use of this website.

Who should be familiar with this privacy policy?

This policy may apply to you if you are:

• A visitor to our websites

We take your privacy very seriously. With this privacy policy, we aim to clearly explain to you the data we collect, how we collect it, how we process it, the purposes for which we use it, how long we retain it, how you can control all our processes, and what rights you have regarding your personal data.

Please read this privacy policy carefully as it will help you make informed decisions about sharing your personal data with us. If there are any terms in this privacy policy that you disagree with, please discontinue the use of our website and services, and we will be happy to address any questions you may have.

The terms we use in this privacy policy, which have gender-specific meanings, are used neutrally and apply equally to both female and male genders.

WHAT DATA DO WE COLLECT?

Your personal data voluntarily provided to us

In short: we collect personal data that you voluntarily provide to us.

We collect and process personal data about you, such as information that can directly or indirectly identify you, especially through identifiers such as your name, surname, email address, phone number, or company name if it contains personal information, IP address, and other personal data if you disclose them in communication with us, during the execution of a contractual relationship, in cases when:

• You contact us

• We photograph events and activities we organize

• You comment or ask questions

• We process your job application or inquiry

• You are a visitor to our business premises

• We collaborate with you as our suppliers, business partners

• When issuing invoices for products/services

All personal data you provide to us must be truthful, complete, and accurate, and it is important that you inform us of any changes to the personal data you have provided.

In accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of individuals with regard to the processing of personal data and on the free movement of such data – General Data Protection Regulation (GDPR), which has been applicable in the Republic of Croatia since May 25, 2018, and the Implementation of the General Data Protection Regulation Act (NN 42/2018), your rights as a user of the website include: the right to withdraw consent at any time, the right to access data, the right to rectification, erasure or restriction of data processing, the right to object, the right to restriction of processing, and the right to lodge a complaint with the supervisory authority.

We do not transmit or disclose your personal data to unrelated third parties. The information is used to respond to your inquiries/comments sent via email/phone. We may use your data to request feedback from you and to contact you regarding your inquiry or clarification, but only if we have obtained your consent for these purposes and during the duration of the granted consent.

Data Automatically Collected

In summary: Some data, such as your computer's IP address or browser and device characteristics, is automatically collected when you visit our websites.

We automatically collect certain data when you visit, use, or browse our websites. This information does not reveal your identity (such as your name or contact details), but it may include device and usage data, such as your IP address, browser and device characteristics, operating system, language preferences, referral URLs, device name, country, location, information about how and when you use our site, and other technical information. These details are primarily necessary for maintaining the security and functionality of our websites and for internal analytics and reporting purposes.

We also collect information through cookies and similar technologies. You can learn more about this in our Cookie Policy.

HOW WE PROCESS YOUR DATA, FOR WHAT PURPOSES, AND BASED ON WHICH LEGAL GROUNDS?

In summary: We process your data for purposes based on compliance with our legal obligations, the fulfillment of our contract or relationship with you, legitimate business interests, and/or your consent.

Primarily, we emphasize that we only process personal data that is necessary to achieve a specific purpose, and we use this data only for well-defined, clear, legitimate, and expected purposes. The processing is carried out in accordance with our legal obligations, the fulfillment of contracts or relationships with you, legitimate business interests, and/or your consent.

We base the processing of your data on the following legal grounds:

Consent: We can process your data only if you have given us consent to use your personal information for specific purposes.

Legal obligations: We may disclose your data where legally required to comply with applicable regulations or upon the order of a court or another authority, as part of legal, administrative, or other legal proceedings (including responses to governmental bodies to meet national security or law enforcement requirements).

Legitimate interests: We may disclose your data where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspicions of fraud, situations involving potential threats to the safety of any person, and illegal activities, or as evidence in legal proceedings in which we are involved.

We use the data we collect or receive for the following purposes:

Sending administrative information: We may use your personal data to send you information about your inquiry, service, and new features or information about changes to our terms and rules, but only if we have obtained your consent for these purposes and during the duration of the granted consent.

Requesting feedback: We may use your data to request feedback from you and to contact you regarding your inquiry, but only if we have obtained your consent for these purposes and during the duration of the granted consent.

Responding to user inquiries and providing user support: We may use your data to respond to your inquiries and resolve any issues related to the use of our services and applications.

Business purposes: We may use your data for other business purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns, and assessing and improving our services, applications, products, marketing, and your experience. We may use and store this data in aggregated and anonymized form, so it is not associated with individual end-users and does not include personal information. We will not use identifiable personal data without your consent.

WILL YOUR DATA BE SHARED WITH ANYONE?

In short: We do not sell, rent, or lend your data to unrelated third parties.

We do not transmit or grant your personal data to unrelated third parties. They are securely stored on our chosen server, either internal or external, and within our business premises, with sufficient measures to ensure the implementation of appropriate technical and organizational measures in compliance with the requirements of the General Data Protection Regulation, safeguarding the protection of your rights.

We will limit the data we forward and transmit to the minimum necessary by only providing personal information necessary for the processing purpose for which they were submitted.

All legal and physical entities to whom we forward your personal data are obligated to maintain confidentiality within the contractual relationship and have also implemented organizational and technical protection measures.

Certain data may be disclosed to authorities of the Republic of Croatia upon their request, to comply with obligations prescribed by the laws of the Republic of Croatia.

Your personal data is not transferred to any third country, international organization, or recipient in a third country under any circumstances.

We have meticulously categorized each entity to help you understand the purpose of our data collection and processing practices. If we have processed your data based on your consent and you wish to withdraw your consent, please contact us.

Providing support to our users

 

DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

In short: We may use cookies and other tracking technologies for collecting and storing data.

For accessing or storing data, we may use cookies:

Cookies are small text files that the Internet server places on the user's computer, through which the Internet service provider accesses and displays the website.

• Cookies are created when the user's browser loads a visited web destination, which then sends data to the browser and generates a text file (cookie). When the user returns to the site, the browser retrieves and sends the cookie to the web server.

• Our websites use technical cookies (essential cookies that cannot be disabled) necessary for the functioning of the website, functional cookies (can be disabled) that enable enhanced functionality and personalization, and marketing cookies (can be disabled) that allow tracking visits and traffic sources for measuring and improving the effectiveness of our website.

You can find more information in our Cookie Policy.

HOW LONG DO WE RETAIN YOUR DATA?

In short: We retain your data for as long as necessary to fulfill the purposes outlined in these privacy rules, unless the law or other regulations require otherwise.

We will keep your personal data only for as long as necessary for the purposes stated in these privacy rules unless a longer retention period is required by law or other regulations.

HOW DO WE PROTECT YOUR DATA?

In short: Our goal is to protect your personal data through a system of organizational and technical security measures.

We have implemented appropriate technical, organizational, and personnel security measures designed to safeguard the security of all personal data we process. However, please note that we cannot guarantee that the Internet is 100% secure.

WHAT ARE YOUR RIGHTS REGARDING THE PROCESSING OF YOUR DATA?

In short: You have several rights related to the processing of your personal data, and below is a detailed overview of these rights.

Right of Access

You can obtain confirmation from us as to whether your personal data is being processed. If it is, you have the right to access that data and the following information: details about the processing purpose, categories of personal data concerned, recipients or categories of recipients to whom the personal data has been or will be disclosed, the envisaged period for which the personal data will be stored, and the existence of the data subject's rights regarding the processing of personal data (which are further detailed in this Privacy Policy).

Right to Rectification

If your personal data that we process is incomplete or inaccurate, you can request us to correct or supplement it at any time by providing additional statements. Please note that you are responsible for providing accurate data, and you also have an obligation to inform us of any relevant changes to your personal information.

 

Right to Erasure

You have the right to request the erasure of your personal data if you believe that they are no longer necessary for the purposes for which they were collected or otherwise processed, if you have objected to the processing based on our legitimate interest, if you believe your data has been unlawfully processed, or if you believe your data should be erased based on the laws of the Republic of Croatia or the European Union.

Please note that there are reasons that prevent immediate deletion of personal data, for example, when data must be retained for a certain period or permanently.

If you have requested the deletion of personal data that must be retained for a certain period, as part of the response to the deletion request, we will inform you about the timeframe during which the specified data must be retained and the date when it will be deleted.

If you have requested the deletion of personal data that must be retained permanently, as part of the response to the deletion request, we will inform you about the impossibility of deleting such data along with a reference to the legal basis that prescribes the permanent retention of the data.

Right to Restriction of Processing

You have the right to request the restriction of the processing of your data from us:

If you contest the accuracy of the data, during the period allowing us to verify the accuracy of that data.

If the data processing was unlawful, but you refuse deletion and instead request the restriction of data usage.

If the data are no longer needed for the intended purposes but are still required by us for the establishment, exercise, or defense of legal claims.

If you have objected to the processing of personal data for the performance of a task carried out in the public interest or in the exercise of official authority.

If data processing is restricted, such personal data may only be processed with your consent, except for data storage, setting, enforcement, or defense of legal claims, or the protection of the rights of another natural or legal person, or for reasons of important public interest. If processing restriction is obtained, we will inform you before the restriction is lifted.

Right to Object

If we process your data for the performance of tasks carried out in the public interest or in the exercise of official authority, or if we rely on our legitimate interests during their processing, you can object to such data processing if there is an interest in protecting your data. If we rely on our legitimate interests for data processing, and you object to such processing, we will not further process your data unless we can demonstrate compelling and legitimate reasons for the processing that override your interests, rights, and freedoms, or if it is necessary for the establishment, exercise, or defense of our legal claims.

Right to Lodge a Complaint

If you believe that we have processed your personal data in violation of the laws of the Republic of Croatia or the European Union, please contact us to clarify any questions. You certainly have the right to file a complaint regarding the violation of your rights with the Croatian Personal Data Protection Agency.

Right to Notification of Personal Data Breach

In the event that, despite all measures taken, there is a breach of your personal data, we will notify you of each such breach without undue delay, sending a written notification.

In the mentioned notification, we will describe the nature of the personal data breach, provide the name and surname of the person from whom you can obtain additional information about the breach, describe the likely consequences of the personal data breach, and outline the measures we have taken to address the issue of the personal data breach, including measures to mitigate harmful consequences. The mentioned notification will be composed using clear and straightforward language.

Exercising Rights

If you wish to exercise any of the aforementioned rights, please contact us using the following contact information:

Email address for contact: zastita.podataka@akd.hr

Mailing address: Savska 31, Zagreb

In-person at the above-mentioned address.

We will respond to your requests to exercise rights in accordance with the deadlines and authorizations prescribed by the General Data Protection Regulation.

In any case, when exercising these rights, please ensure that we must unequivocally verify your identity, which serves to protect your rights and privacy.

Your rights as listed above can also be exercised by an authorized representative who must authenticate themselves with a power of attorney certified by a notary public unless the representative is a lawyer, in which case a certified power of attorney is not required.

If you were to exercise any of the mentioned rights too frequently and with an apparent intention of abuse, we may refuse to process your request.

Rights in the Case of Data Processing Based on Consent

If we base the processing of personal data on your consent, we ensure that you always provide your consent in the form of a written statement, personally or electronically signed, and that the consent is voluntary, specific, informed, and unambiguous.

The written statement granting consent for the processing of your personal data will be prepared for each specific processing purpose, in a clear and easily accessible format, using clear and simple language.

At any time, you have the right to withdraw your consent for the processing of personal data. You will be informed before giving consent, and this right will be explicitly stated in the written statement granting consent for the processing of personal data. Note that consent can be withdrawn by signing a form of declaration that we will provide in a simple format.

Please note that in cases where consent was given for a one-time processing action, and the processing has already been completed, revoking consent has no legal effect.

In the event of withdrawal of consent, we immediately delete all your personal data, except those that we are obliged to retain in accordance with the regulations of the Republic of Croatia and the European Union.

If you do not agree to give consent in cases of data processing based on consent, we are unable to establish any legal relationship with you.

DO WE UPDATE THIS POLICY?

In short: Yes, we will update this policy as needed to remain in compliance with the General Data Protection Regulation and other relevant regulations.

The updated version will be indicated by the revised date, and the updated version will take effect as soon as it becomes available. We recommend that you periodically review this privacy policy to stay informed about how we protect your data.

HOW CAN YOU CONTACT US REGARDING THIS PRIVACY POLICY?

If you have questions or comments about this policy, you can contact our Data Protection Officer by email at zastita.podataka@akd.hr or by mail at: AKD d.o.o., Zagreb, Savska cesta 31, 1000 Zagreb.