BRACOPONE D.O.O. PRIVACY POLICY

NAME: Bracopone limited liability company for services and trade

SHORT NAME: Bracopone d.o.o. for services and trade; Bracopone d.o.o.

ADDRESS: Ul. grada Chicaga 7

PLACE: 10.000 Zagreb

COUNTRY: Republic of Croatia

ACTIVITIES: photography, videography, graphic design, digital services

DIRECTOR: Ivan Brajković

CONTACT: 385 99 2410609, info@bracopone.com.

IN GENERAL

Bracopone d.o.o. (hereinafter referred to as Bracopone) takes your privacy seriously. This Privacy Policy describes why and how we collect your data, how we use and protect it, with whom we share it, and how you can contact us regarding protecting your privacy and GDPR.

Bracopone may collect data and information about you in a variety of ways. Please be careful when sending us your personal information and ensure that you do not accidentally provide and/or enter incorrect and/or sensitive data and information. Wherever there is a legitimate reason for us to collect your personal information, we do not need to ask for your consent. If we do not have a legitimate interest, but also where there is any doubt as to whether we have the same, we will always ask for your consent to use your data, and we will only use it for the purpose for which you gave your consent.

We believe that everyone has the right to privacy and data protection. That’s why we are fully committed to protecting the privacy and security of visitors and clients visiting our business premises and/or our websites. Your data and trust are very important to us, and that is why we will not, nor will we, sell, rent, or in any other way distribute any of your personal data to any third party or make them public.

The company will try to collect accurate data, which will be corrected, deleted, or updated if necessary or at the respondent’s request. The collected data will be kept for as long as needed, considering the purpose for which it was collected, i.e., for the period following the applicable regulations.

It is stated and noted that Bracopone’s activities include photography, videography, graphic design, and digital services and products. This includes managing social and digital media and networks, digital advertising, creating and publishing content on media and networks, creating and maintaining websites and applications, and everything related to digital services, including advertising.

It’s hard to please everyone, but we must please everyone with this Privacy policy. Most of Bracopone’s customers want something short and easy to understand. While we wish we could fit everything you need to know, our regulators ask us to meet our legal obligations by detailing them all.

LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA

We collect, process, and use personal data for the purposes for which they were collected, including the following:

  1. Processing is necessary to comply with the legal obligations of the company,
  2. The processing is necessary for the execution of a contract in which the user is a party and/or to take actions at the request of the client and the user before entering a contract and/or framework agreement,
  3. The processing is necessary for the legitimate business interests of the company or a third party, except when those interests are more substantial than the interests or the fundamental rights and freedoms of the user that require the protection of personal data,
  4. Based on the user’s express consent.

Personally Identifiable Information may include your name, email address, and other information that specifically identifies you. We use it in several different ways, depending on the information and its purpose. Despite this, your personal data is not collected unless you voluntarily provide it to us, except for certain personal data that we collect through the information systems and programs used for our website, the transfer of which is necessary to use Internet communication protocols.

If you visited Bracopone’s social networks and contacted us, we process your data to get back to you. In this case, the legal basis of the processing is our legitimate interest in responding to your message. We do not store your information separately.

Suppose you participated in one of our promotional or prize games. In that case, we process your data to organize the promotional and/or prize game and award the prize, the legal basis of the processing is our legitimate interest as the organizer of the game for which you have registered, and promotion of that event and Bracopone, in that case, the legal basis of the processing is our legitimate interest as the organizer of the game you signed up for, as well as separate consent if we want to publish a recording of your participation in the game or the handover of the prize.

Suppose you have sent us a complaint, a request due to product malfunction, a request to cancel a purchase, etc., to a purchased service. In that case, we process your data to verify the nature of your request; in that case, the legal basis of processing is our legitimate interest as a seller of goods or services. For which you sent your request, forwarding your request to the manufacturer of the product and/or service, in that case, the legal basis of the processing is our legitimate interest as a seller of goods and/or services to contact the manufacturer for its contractual guarantees, to act on your request, in that case, the legal basis of the processing is our legal obligation towards you as a consumer.

Suppose you have submitted an open job application to us or applied to our job advertisement. In that case, we process your data to conduct the selection process and employment, – in this case, the legal basis of processing is our legitimate interest as an employer based on your job application, conducting future selection procedures, in that case, the legal basis of processing is your separate consent and/or our legitimate interest if you have sent an open job application, checks of your previous work experience and/or certificates of your education and/or training, in that case, the legal basis of the processing is your separate consent to contact the authorities.

Suppose we designate you as a supplier, customer, other business partner, or contact person for one of them. In that case, we process your data to buy and sell goods and services (ordering goods/services, delivery, collection, billing, objections, sending or preparation of offers), in that case, the legal basis of the processing is our sales contract and/or legitimate interest if you are an employee of our supplier or customer, based on business cooperation with your employer, the fulfillment of another agreement that we have concluded, in that case, the legal basis of the processing is our contract and/or legitimate interest if you are an employee of our business partner, based on business cooperation with your employer, verification of satisfaction with our business cooperation, in this case, the legal basis of processing is our legitimate interest as your business partner.

If you work for the media or report independently, we process your personal data for various business publications. In that case, the legal basis of the processing is our legitimate interest based on our business cooperation.

If you have requested information about your rights, we process your personal data to respond to your request. In that case, the legal basis of the processing is our duty to enable you to exercise your rights regarding your personal data.

If you fall into any of the previous categories, in the event of a security incident or suspected security incident, we process your personal data for the purposes of investigating the incident, taking appropriate measures and being able to inform you about the incident, in this case, the legal basis for processing is our legitimate interest to protect our data, and our legal duty to notify you in the event of a breach of the privacy of your data, in the event of an audit of our business or our handling of personal data, we process your personal data for the purposes of carrying out such an audit, in that case, the legal basis of processing is our legitimate interest to prove the legality of our actions, in the event of a dispute or other procedure before a competent authority, we process your personal data for the purposes of conducting such a procedure, in that case, the legal basis of the processing is our legitimate interest as a party to such a procedure, we process your personal data for the purposes of internal analysis and reporting, in that case, the legal basis of the processing is our legitimate interest as a business entity.

We do not process any category of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data), nor we collect information about criminal convictions and misdemeanors.

COLLECTION OF PERSONAL DATA

We can collect your personal information in the following ways:

  1. Directly from you, e.g., data provided to conclude or execute a contract, arriving at the Company’s premises, sending your CV, attending one of our or our clients’ events, talking to an individual on the phone, participating in a prize game or prize competition and similar,
  2. Indirectly, data that is publicly available on websites that do not belong to the company, such as posts on social networks, open forums, and data obtained using cookies, links, and similar technologies.

REFUSAL TO GIVE CONSENT TO COLLECTION OF DATA

We need some data for our services and products to function. Other information is not mandatory, but its absence could affect the quality of your experience. We use the information we must provide to improve our services and products. This includes personalizing features, content, and recommendations. We use the specially protected information you choose to provide for these purposes but not to display unnecessary information and data to you.

VISITORS

Suppose you have visited one of our business premises (office premises, logistics centers, etc.). In that case, we process the personal data that you gave us at the premises entrance and the video of your entry and exit from the premises. This is the following information: first and last name, ID number, purpose of your arrival, time of arrival, contact person in Bracopone, and your video. Before entering the business premises, you will be separately warned in an appropriate way that our business premises are being filmed.

PERSONAL DATA WE RECEIVE

When interacting with Bracopone, you may be asked for specific information in the following ways:

  1. Submitting your CV,
  2. Accepting to receive our newsletters,
  3. Through business contact and cooperation, we can find out some information about business partners or their employees to carry out professional activities, but also to establish close business contacts and relationships,
  4. When you visit us at a public event, such as an event or celebration, or when you participate in one of our surveys, contests, or sweepstakes, we may request information such as your business card, first and last name, contact information, interests, and preferences,
  5. By participating in a public event, such as an event or a celebration, we can take photos or videotape you,
  6. When you use our services online, we may receive content that you choose to upload, such as comments, photos, and forum posts, or details about your interests and preferences that you share with us,
  7. Representing our clients in performing their marketing activities based on the contractual relationship with the client,
  8. Establishing an employment relationship according to the applicable regulations.

DATA COLLECTION THROUGH WEBSITES

As the website is one of the largest platforms for collecting personal information, Bracopone knows that our clients and visitors value their privacy. We want to assure you that we are committed to protecting and respecting your privacy. Therefore, this Privacy Policy tells you what you can expect us to do with your personal information when you visit our website, contact us, or use one of our services, so please read it carefully. Bracopone acts as a data controller in terms of the General Data Protection Regulation (GDPR), and as such is responsible for the processing of personal data collected on or through this site.

In case of collect your data through the website, we only use your data in the following ways:

  1. To improve the performance of our website and ensure that its content is as relevant to you as possible,
  2. To ensure that the content from our website is presented most effectively for your browser settings,
  3. To administer our website for internal operations, including troubleshooting, data analysis, research testing, and statistical and survey purposes,
  4. We would like to provide you with the information you requested.

When you use some of our social media apps and sites, we may receive information related to your social media accounts, for example:

  1. We may receive essential information from your social network profile if you log in to our website using a social network account. The vital data we receive depends on the privacy settings of the specific social network account but may include your ID on the social network, name and surname, profile picture, gender, and language information. We may also receive additional information from your profile of a particular social network if you permit us to access it,
  2. We can record what you did if you press ”like” or a similar link on our site. In addition, the content you view may be published on your profile or your social network’s news feed. We may receive information about further interaction with that posted content (eg, if your contacts select a link in the posted content), which we may then associate with the details we store about you,
  3. If you click on a ”like” or similar link on our pages on a social network website, we may receive information about your social network profile, depending on the privacy settings of your social network account,
  4. Details of the content you view. For example, when you use our website, we may collect information about your visit, such as the pages you view, the time and place of your activities, application settings, and errors and hardware activity.

We use the personal data collected this way until you request its deletion. We use your CVs and portfolios according to your consent.

TYPES OF COOKIES

Cookies are small text files that websites store on a visitor’s computer or mobile device to collect certain information about the user and improve the user’s experience while browsing the website.

Although cookies can improve the user’s experience on the website, it should be remembered that Bracopone can collect private information about users by using cookies. For this reason, Bracopone respects all privacy rules so that users have the right to information and consent to using cookies.

Types of cookies are the following:

  1. Site functionality cookies are essential for enabling you to browse and navigate our site and use its features. Without these cookies, using our website is not possible,
  2. Statistical cookies collect information about how you use our website – for example, which parts of our website you visit most. This data can be used to optimize our website, make it easier to navigate, and improve its functionality. We do not collect data that could identify you with these cookies. All information collected by these cookies is anonymous,
  3. Functionality cookies let our website remember your browsing preferences (personal settings such as text size, fonts, language, location, and other customizable website elements). With these cookies, we do not collect any information that could identify you, and we cannot track your activity while you browse websites outside of this website.

We also use Google Analytics, which collects analytical website cookies to help us understand how you use the website so that we can improve its functionality. You can read more about how Google uses your personal information here: https://www.google.com/intl/hr/policies/privacy/. You can also opt out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.

WEBSITE BLOG

If you choose to add a comment to any post we have published on our blog, the name and email address you enter with the comment will be saved in this website’s database, along with your computer’s IP address and the time and date you submitted the comment. This information is only used to identify you as a contributor to the comment section of the blog post in question. It is not passed on to third-party data processors, as described below.

The public website will display only your name, and if an email address is provided, your photo will also be displayed.

Your comment and associated personal information will remain on this website until we deem it necessary to remove the comment or blog post. If you want a comment and associated personal information deleted, please email us using the email address you used to comment.

If you are under 16, you must get your parent’s consent before posting a comment on our blog.

You should avoid entering personal information into the actual comment field of any blog comment you submit on this website.

WHEN YOU CONTACT US VIA THE CONTACT FORM ON THE WEB PAGE

If you contact us through the contact form on our website, we may store a record of your inquiry and our response so that we can improve our support and services to you and deal with your inquiry and any subsequent issues that may arise.

Such data shall be kept for up to 2 (two) years from receipt of the request.

DATA COLLECTED VIA NEWSLETTER

If you have agreed to this, we will send you a newsletter (about once a month) to let you know what we are up to and to help you see and find our products and services.

We use data processors—HubSpot and Mailchimp—to deliver our newsletter. For more information, see HubSpot’s Privacy Policy and Mailchimp’s Privacy Policy.

If you wish to stop receiving our newsletter, you can use the unsubscribe link provided in all email newsletters we send you or submit a removal request via email.

If you do not wish to receive our newsletter, it may take a few days until all our systems are updated, so please be patient. You may receive a newsletter from us while we process your request.

LINKS TO OTHER WEBSITES

Our website may contain links to other websites that we do not control. You will be redirected to that third party’s website if you click on a third-party link. You are strongly advised to review the privacy policy of each website you visit.

When third parties have the status of processor, they process your data according to our instructions. When these third parties have the status of a separate data controller, we do not influence their behavior. We regularly check our business partners to ensure your rights are respected.

We have no control over and assume no responsibility for any third-party website or service’s content, privacy policies, or practices.

APPLICATIONS FOR JOB

If you want to work in our company, you are always welcome to send us an open job request.

Only a few authorized persons within our company have access to your data. They are bound by a statement on data confidentiality and process your open job application to contact you and possibly hire you.

The data is kept for a maximum of 2 (two) years from the day we receive the open job application.

When you apply for a job opening

If you apply for an open position, we will keep your data until the end of the competition.

After the competition, we can keep your data only if you have given us your consent to keep them in our database for up to 2 (two) years after the competition application.

Only a few authorized persons within our company have access to your data. They are bound by a statement on data confidentiality and process your open job application to contact you and possibly hire you.

DATA SHARING

Generally, Bracopone does not provide information about you to third parties without your permission, but there are exceptions to this rule:

  1. We may use third-party service providers to process information on our behalf for the above purposes (e.g., providing marketing assistance). Our service providers act solely on our instructions, following our policies, and are subject to appropriate obligations related to confidentiality and security,
  2. We must/can provide information about you to third parties for legal and/or business purposes, such as government and competent authorities for compliance with favorable legal regulations and to meet the reasonable requirements of these authorities, professional advisors who implement or protect our legal rights, etc. .,
  3. We can share total or general data, by which you cannot be identified, with any third party (eg, partners, advertisers, media, public, etc.),
  4. We can forward workers’ information to competent authorities for the purpose of realizing their employment rights and obligations (pension and health insurance institutions, etc.).

Certain mechanisms on our website or social networks allow you to transfer and share messages, photos, videos, and other content that cease to be private or confidential when you post them. For example, forums allow you to post comments, photos, and videos (with a name associated with your account) that are visible to other service users.

We process your information within the European Economic Area. If personal data needs to be transferred outside that area, it will only take place if the European Commission confirms that the third country meets a certain level of data protection or if appropriate protection measures are in place in accordance with positive legal regulations.

When you voluntarily provide us with your contact information to carry out our marketing activities, we may communicate with you to send you details about our latest products and services, rewards, etc.

DATA PROTECTION

We take many measures to protect your data from unauthorized access and use, e.g.:

  1. Access to your information is only available to our employees who need this information to carry out our business activities,
  2. We save the data in specially separated folders (special folders on personal computers, separate places in locked cabinets), with clearly defined access rights,
  3. We have implemented appropriate technical and organizational measures to prevent the loss of your data, alteration, theft, or access by unauthorized third parties,
  4. We have provided appropriate physical, electronic, and management systems to protect and preserve the data we collect over the Internet.

AUTOMATED DATA PROCESSING AND DATA PROFILE

Your personal data will be the subject of profiling in direct advertising and advertising.

THIRD PARTY DATA

We use third parties to process personal data on our behalf (eg, for and/or the website, we use a UK-based cloud service provider) who are carefully selected and all comply with applicable laws regarding protecting personal data.

We keep your data in the European Union. Only in exceptional cases do we transfer your data to third countries (third countries do not include other countries of the European Union). In this case, the transfer occurs based on a decision on the adequacy of the European Commission or only after the recipient of personal data from a third country undertakes to act following the applicable standard contractual clauses approved by the European Commission.

We can use MailChimp and HubSpot, which are based in the United States, to implement marketing campaigns or send notifications. You can read more about how they process your personal information in their Privacy Policy, which is available here. We only send them your e-mail address.

Also, depending on the specific case, members of Bracopone who operate in third countries may have access to your personal data.

Some of our data processors include Google, Mailchimp, and Hubspot.

DATA COLLECTED DURING THE BUSINESS RELATIONSHIP WITH CUSTOMERS

In a business relationship with business partners, legal entities and natural persons, we often establish a friendly and collegial relationship with you as a natural person, where we can find out your dates of birth to congratulate you on your birthday, send you a gift for your birthday or holidays, invite you to our parties and other events. , and in general to socialize both on a business and private basis. By providing us with your data, such as your date of birth, you allow us to wish you a happy birthday and to give you a symbolic gift. You can always withdraw your consent to the processing of personal data without any negative consequences in the manner described in this Privacy Policy.

Suppose you are designated to us as a supplier or a contact person at a supplier with whom we cooperate. In that case, we process your personal data that you or your employer have given us, which are necessary for ordering goods/services, their delivery, collection, payment, or in case of complaints. This is the following information: first and last name, supplier’s name, supplier’s address, your location, email address, and phone number.

If you are designated to us as a customer or a contact person at a customer with whom we cooperate, we process your personal data that you or your employer have provided to us, which are necessary for the sale of services, their delivery, collection, and/or payment. These data include your first and last name, customer name, address, location, e-mail address, and phone number.

To reduce the amount of personal data we process, we separately remind suppliers and customers that when they enter a contact person or their contact information, they should use only official addresses, e-mail addresses, and phone numbers. In this case, it is possible that your data is not processed at all.

If you work for the media with which we regularly cooperate and you are our contact person in that media, or if we directly cooperate with you for the purposes of publishing business information, we process your personal data to contact you for various business publications. This data includes your first and last name, the name of the media/platform / your profile, your location, your email address, and your phone number.

We want to use the data collected in this way until you withdraw your consent. We want to continue doing business with you and celebrating together as long as it suits you.

DATA COLLECTED DURING RELATIONSHIPS WITH MEDIA AND JOURNALISTS

Providing PR services is part of our core activity. Because of this, we often must contact journalists. In our communication with journalists so far, we have collected the journalists’ contacts (name and surname, e-mail address, phone number) in a way that they themselves provided us with.

We will still contact journalists using the contacts we have collected from them. Some contacts in our database we have used so far are private, and some are official and related to specific media.

Any journalist or other person considered as such can always withdraw their consent for us to contact them and use their personal information for contact without any negative consequences, in the way described in this Privacy Policy.

We will keep and use the database of journalists’ contacts for professional purposes until the journalists withdraw their consent for us to contact them in the above-mentioned way. In this way, we achieve joint professional benefit.

DATA COLLECTED DURING EMPLOYMENT

We highly value the privacy of all our employees and do not collect personal data from them without our legitimate approval. Whenever we need the data of employees and their children to exercise certain rights, we always ask for the employee’s prior consent if we need such consent and do not have a legitimate interest and approval for it.

Employees are obliged to provide us with information determined by the regulations on records in their field of work and other regulations that regulate the said area. If the data initially submitted has changed, employees are always obliged to update and submit correct data in a timely manner. The employees bear the harmful consequences of this omission.

The personal data of employees may be collected, processed, used, and delivered to third parties if this is necessary for the exercise of rights and obligations from the employment relationship or in connection with the employment relationship. For this purpose, data provided by accounting regulations, regulations in the field of pension and health insurance, rules in the field of occupational safety, and laws and regulations passed to implement the Labor Act will be collected, processed, used, and delivered to third parties.

We do not transfer employee data to other persons without the express written consent of the employee, except in the case of legal obligations and the execution of a contractual relationship with the employee.

We keep employee data for as long as there is a legal obligation to keep said data, and we delete and/or destroy such data as soon as the legal prerequisites for this are met.

DATA COLLECTED DURING BUSINESS RELATIONSHIP WITH THE CLIENT

Bracopone is a trading company that, based on the contractual relationship with the client, represents clients as a processing executor in the performance of their business activities. In this case, the database manager is not Bracopone but the client we represent.

In carrying out the activities, we will always present ourselves as the client’s representative, whose correct name will be indicated. In the communication, if you wish to exercise your rights following GDPR, you must contact our client directly, but we are willing to provide you with all the help and information you need.

On behalf of our client, we may collect your data in several ways:

  1. At events where you are invited as a guest, you are warned with a disclaimer that you will be photographed and video recorded for the client’s marketing purposes, with an indication of exactly where the said materials will be published. By attending the event, you give your consent for photography and recording and the use of these materials for the marketing purposes of the client/event organizer/Manager,
  2. By participating in sweepstakes/contests or other types of contests of our clients, following favorable legal regulations, you give your consent to the use of your data to run the sweepstakes/contest and marketing activities related to the sweepstakes/contest,
  3. By participating in surveys that we conduct for clients, you give us your consent to use your personal data/preferences/opinions (e.g., first and last name, year of age, etc.) for market analysis and other purposes expressly and indicated and explained during the survey,
  4. for other purposes based on the express order of our client, the Data Controller.

We delete the personal data that we have collected on behalf of the client, performing our professional activity based on the contractual relationship with the client, immediately after the task received from the client is completed. At the request of the client, we return the database to him, but we delete it from our records.

DATA COLLECTED AT THE ORGANIZED EVENTS

If you participated in one of our events, we process the personal data you provided during registration and when you arrived at the event itself.

Our events may be recorded, including video and photographs. You will be informed about this separately in the invitation to the event itself and upon entering the area where the event is being held. The purpose of the recording is to promote the event and Bracopone, and the recordings are published on websites, social media, and networks.

If you are a panelist, speaker, or presenter at our event, we may publish your name and surname, occupation, position, and experience in the announcement, the report of the event itself, and recordings from the event.

CHILDREN’S PRIVACY

Children are all natural persons under the age of 18.

Our Services are not directed at children, and you may not use our Services if you are under 18. You must also be of sufficient age to consent to the processing of your data. We do not collect personal information from children without the written consent of their parents and/or guardians.

If we are convinced that such data were transferred to us without the consent of parents or legal guardians, we will delete them as soon as possible. In doing so, we will be guided by the guidelines you received as a parent or legal guardian.

If a parent or guardian has questions related to our processing of their children’s personal data, the same rights apply as for adults.

YOUR RIGHTS

You have many rights related to your data, which are:

  1. You can withdraw your consent to any marketing communications and other processing. If you withdraw your consent to the processing of your personal data, or when our legal basis for processing your data ceases, or in other cases provided for by the General Regulation on the Protection of Personal Data, you have the right to request us to delete your data,
  2. You have the right to be informed about how your personal information is used,
  3. You have the right to request confirmation of processing (about the purpose of processing, source, category of personal data, recipients, or categories of recipients to whom personal data is or may be transferred, as well as the location of such transfer, the intended period of personal data storage, the use of any automated decision-making and profiling),
  4. You have the right to access the personal information we have about you,
  5. You have the right to request the correction and/or addition of incorrect personal data we have about you,
  6. If we process your personal data based on your consent or a contract we have entered, you have the right to ask us to transfer your data properly.
  7. You have the right to request that we delete your information or stop processing or collecting it, in some circumstances,
  8. You have the right to stop receiving direct marketing messages,
  9. If you dispute the accuracy of your data or in other situations provided for by the General Regulation on Personal Data Protection, you have the right to ask us to limit the processing of your data until such a situation is resolved,
  10. You have the right to request that we transfer or transmit elements of your data to you or another service provider,
  11. You have the right to object to further or excessive processing of your data,
  12. You have the right to ask us to explain any computer system decision about you,
  13. You may request the transfer of personal data to another controller. You can fulfill your requests by simply unsubscribing from our list or by contacting us with your request at our e-mail address, info@bracopone.com or by directly contacting our Personal Data Protection Officer,
  14. You have the right to file a complaint with the competent authority to protect personal data at any time. The competent authority for data protection is the Agency for Personal Data Protection, and the Agency for Data Protection website is www.azop.hr.

o You exercise your rights free of charge. However, if you frequently (for example, if less than 6 months have passed since your last request) or excessively (for instance, you request all your data in written form) request access or transfer of your data, we have the right to ask you to pay our costs before carrying out such action.

We will consider your every request, following all applicable favorable legal regulations governing personal data protection. We reserve the right to charge costs for processing unreasonable requests. We will deliver the answer to each request no later than 30 days after receiving the request.

If you are an authorized agent of the Client and wish to submit a request related to access, modification, or deletion of your or another’s data, you may also contact us in writing. We may request additional information from you for verification purposes.

We provide our services to all clients in Croatia, member countries of the European Union, and all over the world, and we offer tools for privacy and controls to all our users, regardless of where they live. However, your experience may be slightly different from that of users in other countries, and to ensure that Bracopone respects local requirements, Bracopone undertakes to respect all privacy according to the laws of the country where the client is located.

DATA STORAGE PERIOD

We store your personal data for the period necessary to fulfill the purpose for which we collected it and the additional reasonable period necessary for its deletion. The storage period depends on the purpose of processing personal data, the sensitivity of that data, our legal obligations, and our legal basis.

In processing based on your consent, we store your data for the period the consent was given or until the consent is withdrawn. We delete them within 90 days of the withdrawal of consent.

In the case of processing based on our contract, we store your personal data for the duration of the contract and an additional five-year limitation period. We delete them within one year of the expiry of the statute of limitations.

If we process your personal data based on our legal obligation, we store it if that legal obligation exists. We delete it within one year of the termination of the legal obligation.

In case of processing based on legitimate interest, we store your data if our legitimate interest exists, and we check the existence of legitimate interest annually. We delete them within a year from the end of the legitimate interest.

CHANGES IN OUR PRIVACY POLICIES

From time to time, we may change this Privacy Policy to reflect how we process your information.

We will not expressly notify our customers or website users of these changes. Instead, we recommend that you periodically check for changes to the policy. You can do that on our site.

SECURITY AND SECURITY PRACTICES

We are committed to taking reasonable steps to ensure the safety of your data. To prevent unauthorized access, maintain data accuracy, and ensure the appropriate use of information, we have put in place appropriate physical, electronic, and control procedures, as well as technical and organizational measures to protect and secure the personal data we collect through any means, including through the website.

Due to the open nature of the Internet, we cannot guarantee that communications between you and us or information stored on our website or our servers will be completely free from unauthorized access by third parties.

JURISDICTION, SUPERVISION, AND COMPETENT AUTHORITIES

All matters related to our Privacy Policy are regulated by Croatian law. You agree that in connection with the procedure associated with this Policy, the courts in the Republic of Croatia will have exclusive local jurisdiction.

For example, in the following cases, we may share your data:

  1. prevention or detection of crime,
  2. the arrest or prosecution of the violator,
  3. the assessment or collection of taxes or duties,
  4. by court order or any law.

THE RIGHT TO SUBMIT AN OBJECT TO THE SUPERVISORY AUTHORITY

At any time, you can submit an objection to the processing of your data if you believe that during the processing of your data we have violated Croatian or European regulations on the protection of personal data to the competent supervisory authority, the Croatian Agency for the Protection of Personal Data, or in the event of a change in the applicable regulations to another authority that will to take over its jurisdiction, and from September 1, 2020, also to the supervisory authority within the EU.

NOTICE OF DISCLAIMER

Suppose any provision of this Privacy Policy is criminal, harmful, or unenforceable. In that case, such provision shall not apply to the extent it is void and invalid or unenforceable, provided that the validity of the remaining provisions of this Privacy Policy is not affected.

Although we take available technical, organizational, and personnel measures to protect personal data from accidental or intentional misuse, destruction, loss, unauthorized alteration, or access, we cannot guarantee that some of the personal data we collect will never be accidentally disclosed, contrary to the provisions of this Privacy Policy.

To the maximum extent permitted by law, we exclude responsibility for damage caused to users or third parties by accidental disclosure of personal data.

Since we have no control over the personal data you provide when accessing or using other portals, or directly to third parties (e.g., when participating in sponsored activities), we exclude liability to the maximum extent permitted by law for damage that may occur to you or third parties due to the provision of personal data.

To the maximum extent permitted by law, we exclude responsibility for damage caused to users or third parties by accidental disclosure of personal data.

Since we have no control over the personal data that you submit when accessing or using other portals, or directly to third parties (e.g., when participating in sponsored activities), we exclude responsibility to the maximum extent permitted by law for damage that may occur to you or third parties due to the submission of personal data.

CONTACTS AND HOW TO CONTACT US

If you have any questions or feedback about this Privacy Policy, wish to exercise any of your rights as set out above, or have a complaint, don’t hesitate to contact us—we’ll be happy to answer.

You can contact us through the form, e-mail, or postal address.

Bracopone’s contact details are:

  1. E-mail address: info@bracopone.com
  2. Postal address:

Bracopone d.o.o., Ul. grada Chicaga 7, 10000 Zagreb, Republic of Croatia.