The Company responsible for processing personal data is:
Alpha Charta Ltd., a limited liability company for services, based in the Republic of Croatia, Radmanovačka Street 18G, Zagreb, registered with the Commercial Court in Zagreb under the registration number (MBS): 05381835, personal identification number (OIB): 88867115628.
Contact information for the Data Protection Officer:
Method of Data Collection and Types of Data Collected
Certain services provided by the Company require the collection of personal data from users and/or customers, collecting basic data in the following ways:
Automatically by visiting our web pages, involving data associated with network identifiers (internet protocol addresses and cookie identifiers, such as Google Analytics for tracking user and/or customer interactions).
A cookie is a piece of information stored on your computer, mobile phone, or tablet, which can be delivered directly by the website you visit (first-party cookies) or in collaboration with and for the needs of a third-party website (third-party cookies). Cookies generally store your settings, website preferences, and more. After you reopen the website, your internet browser sends back cookies belonging to this website. This allows the site to display information tailored to your needs. Cookies can contain a wide range of information, including some personal information. Such information can only be stored if you allow it. The website itself cannot access information you have not provided and cannot access any other file on your computer.
Some cookies are necessary for the functionality of the site, while others are used to improve performance and user experience.
Functional cookies are used for:
Remembering your login data Ensuring your security while logged in Ensuring a consistent appearance of the website Performance cookies are used for: Improving the performance characteristics of the website Enhancing the user experience
Advertising cookies are used for:
- Enabling sharing and "liking"
- Enabling the sending of information to other websites to tailor their ads accordingly
Examples of Use:
Cookies are used to improve services for you, for example:
Enabling the functioning of specific services that cannot work without these cookies
Enabling a service to recognize your device so that the same data does not need to be provided multiple times during a single search
Recognizing that you are already logged into the website
Tracking how many people use services to simplify their use and ensure sufficient capacity for their fast operation
Analyzing data to understand how you use internet services and how they can be improved
If you want to delete cookies already on your computer, please refer to the instructions from your web browser provider by clicking on "Help" in your browser menu.
More about cookies and how to delete and manage them can be found at www.aboutcookies.org or by clicking on "Help" in your web browser menu.
The mentioned network identifiers can leave traces which, in combination with other identifiers and information provided by internet service providers, can be used to identify users and/or customers. Additionally, for this purpose, the following data are collected and processed:
a) IP address data; b) data on the use of individual applications; c) data on user and/or customer habits - these data are created for the purpose of profiling users and/or customers.
The quantity or scope of personal data collected by the Company depends on the type of service provided by the Company to its users and/or customers, as well as on the legal basis on which it collects the data. The Company constantly ensures the collection of only the necessary scope of personal data required to achieve the legally determined purpose for which the data are processed.
Purposes of Collecting and Further Processing Personal Data
The Company collects personal data to be able to provide, maintain, protect, and improve its services related to the purchase of certain products, to understand how users and/or customers use the provided services and use the Company's web pages, and for the purpose of fulfilling the contractual obligations of the Company. Such data is collected based on the consent given by the user and/or customer in one or more specifically defined purposes, as well as in one of the following cases.
Fulfillment of Legal Obligations
The Company is obliged, based on a written request submitted by users and/or customers to the above-mentioned address of the Data Protection Officer, to provide them access to personal data processed about them, correct inaccurate personal data, delete personal data, or restrict the processing of personal data, as well as inform them about the possibility of objecting to the processing of personal data and the right to data portability.
Contact details of users and/or customers may be used to send promotional notices about the products and services of the Company if the user and/or customer has given consent for such processing or if there is a legitimate interest of the Company in such actions, unless such interests are outweighed by the interests or fundamental rights and freedoms of users and/or customers requiring the protection of personal data.
The Company may use contact details and personally contact users and/or customers whose personal data it already possesses, based on a legitimate interest in sending promotional notices about all products and services it provides, using all available advertising channels unless the user and/or customer objects to such processing.
To ensure that users and/or customers receive notices that match their preferences and habits, it is necessary for the Company to use certain user and/or customer data to create personalized promotional notices, as long as the user and/or customer explicitly objects to such data processing or withdraws their previously given consent for processing.
The legal basis for processing personal data for these purposes is the legitimate interest of the Company, unless such interest is outweighed by the interests or fundamental rights and freedoms requiring data protection.
Duration of Storage and Processing of Personal Data
Depending on the purpose and legal basis on which personal data of users and/or customers are collected, the Company is in some cases obliged to retain personal data for a specific period determined by the relevant regulations or by the cessation of the purpose for which they were collected. After the legal retention period for certain personal data expires or if the purpose ceases, the data is deleted.
In cases where the processing and collection of data is based on the legitimate interest of the Company or the consent of users and/or customers, personal data may be deleted before the expiration of the period specified in this Policy if such deletion is requested by the user and/or customer, or when the user and/or customer objects to such processing.
The period for which personal data is stored for specific purposes is as follows:
a) data on users and/or customers: 12 months; b) data on potential users and/or customers: 12 months;
Data processed based on the legitimate interest of the Company and/or the consent of users and/or customers may be deleted before the expiry of the period stated in this Policy if such deletion is requested by the user and/or customer or if the user and/or customer objects to such processing.
Right to Access Personal Data
As a data controller, the Company undertakes, based on a written request submitted by users and/or customers, which can also be in the form of an email, to provide access to personal data processed about them, inform them about the purpose of processing personal data, the type of personal data processed, the recipients or categories of recipients to whom personal data has been or will be disclosed, the intended processing period, or the criteria used to determine that period.
Right to Rectification of Inaccurate Data
The Company, as a data controller, will enable the rectification of inaccurate personal data in each case when it is determined that the collected personal data about the user and/or customer are not accurate or there has been a change in the user's and/or customer's data.
Right to Erasure of Personal Data
The Company will delete the personal data of users and/or customers in the following cases:
a) when personal data are no longer necessary for the purpose of processing or the purpose has ceased; b) when the user and/or customer withdraws consent as the legal basis for data processing, and there is no other legal basis for data processing; c) when the user and/or customer objects to the processing of data (see more under the title Right to Object); d) when personal data is processed unlawfully; e) when personal data must be deleted to fulfill legal obligations under EU law or the law of the Member State to which the data controller is subject; f) when personal data is collected in connection with the offer of information society services regarding the consent of a child.
Right to Restrict Data Processing
The Company will ensure the restriction of personal data processing in cases where the user and/or customer disputes the accuracy of the data, when the processing is unlawful, and the user and/or customer opposes the deletion of the data and instead requests the restriction of their use, when the data controller no longer needs personal data for processing purposes but the user and/or customer requests the data for the establishment, exercise, or defense of legal claims, and when the user and/or customer objects to the processing of personal data based on the legitimate interest of the Company, including profiling of users and/or customers.
Right to Object
The user and/or customer has the right to object to the processing of personal data related to them if the data are processed for the purposes of the legitimate interest of the data controller. In this case, the Company, as the data controller, will stop processing personal data, unless it proves that there are compelling legitimate reasons for processing personal data in relation to the rights and freedoms of users and/or customers, or when the processing of data is done for the purpose of setting, exercising, or defending legal claims.
If personal data of users and/or customers are processed for the purposes of direct marketing, the user has the right to object at any time to the processing for the purposes of direct marketing, especially if personal data are used for profiling.
Where Personal Data is Processed
The Company processes the personal data of users and/or customers in the Republic of Croatia.
Under What Conditions are Personal Data Transferred to Third Parties
The Company transfers the personal data of users and/or customers to third parties (including competent authorities) only in the following cases:
a) consent of the user and/or customer; b) to fulfill legal obligations of the Company; c) when such processing is necessary to protect the vital interests of users and/or customers.
Management of Consents
The active role of users and/or customers in protecting privacy is reflected in giving consents as a voluntary, specifically informed, and unambiguous expression of the wishes of the data subjects, through a statement or clear affirmative action by which they give consent to the processing of personal data. Consent management involves the possibility for the user and/or customer to authorize the Company, through active and unambiguous actions, to collect and process certain personal data for one or more purposes (consent of the data subject), or to withdraw previously given consent for the collection and processing of personal data for one or more purposes.
Who to Contact
Alpha Charta Ltd.
Radmanovačka ulica 18G
The Company reserves the right to amend and supplement this Policy at any time without giving any special notice to interested parties. For this reason, it is recommended that all interested parties regularly check the content of the Company's website for up-to-date information on the current content of this Policy.