By using the products and services and accessing this website, you entrust us with your personal data. This statement describes what personal data we collect from the user, how we process it and for what purposes we use it, as well as the rights relating to that data. The Head of Processing is responsible for the collection, processing and protection of personal data:
Badel 1862 d.d.
Ulica grada Gospića 7, Zagreb, Croatia
The controller pays special attention to the protection of personal data and privacy (hereinafter: protection of privacy) of its users in accordance with applicable regulations and the best European practice.
With the personal data protection policy, we want to provide our users clear information on the processing and protection of their personal data and enable them to easily monitor and manage their personal data and consents.
Scope of use
The policy applies to all personal data of the website user that the Processing Manager collects, uses or otherwise processes, directly or through his partners. Personal data is any data relating to a natural person whose identity has been or can be established, directly or indirectly (hereinafter: data or personal data). Data processing is any action performed on personal data, such as the collection, recording, storage, use, transfer of personal data and access to personal data.
The policy does not apply to anonymous data. Anonymous data is data that has been modified in such a way that it cannot be linked to a specific natural person or cannot be linked without disproportionate effort and therefore, in accordance with the applicable regulations, is not considered personal data.
Principles of personal data processing
Protection of Users’ privacy is very important to us, so we want to be completely transparent and clear regarding the processing of Users’ personal data – which is also the purpose of this policy. Users can always contact us with a request to change personal data relating to them or to express a desire regarding the purposes for which they do or do not want their data to be processed.
When processing data, we act in accordance with the General Data Protection Regulation, but we also strive to apply the highest standards and best practices.
LIMITATION OF THE PURPOSE OF PROCESSING
We collect and process personal data only for a specific and lawful purpose and do not further process them in a manner that is not in accordance with the purpose for which they were collected, unless otherwise provided by law or with the consent of the user.
We always only use User data that is appropriate and necessary to achieve a certain legitimate purpose, and no more than that.
INTEGRITY AND CONFIDENTIALITY
We process personal data in a secure manner, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage (e.g. access to the User’s personal data is granted only to authorized persons who need it to perform their work, and not to other employees).
LIMITED STORAGE TIME
We store and process the User’s data only for as long as is necessary for the execution of a certain legitimate purpose, unless the applicable regulations provide for a longer or shorter storage time for a particular purpose or in other cases expressly prescribed by law. After that, the data is permanently deleted or made anonymous.
How we collect personal information
We primarily collect data directly from the User in that they provide it to us. The most common example of this method of data collection is by subscribing to a newsletter.
We also collect data that is automatically generated when the User uses our website. The most common example of this method of data collection is the IP address, approximate location of the device, time and duration of use, etc.
What data we collect
When using the web site, newsletter and our services, we may use technology, such as that provided by Google Analytics, to collect information about the User’s visit to our web site. These tools basically allow us to analyze how Users use our website.
The data we collect may include:
- IP address;
- browser type (e.g. if you use Chrome or Safari);
- number of visits per browser on each device;
- the type of device and operating system used by the User;
- time zone;
- user settings;
- pages visited by the User.
Use of collected data
We use the data Users voluntarily provide to us for:
- the purpose of protecting the legitimate interests of the User and/or the owner of the website;
- providing a superior user experience on the website;
- personalization of the user experience on the website;
- market research and analysis;
- preventing, detecting and prosecuting abuse of the website;
- improving the safety of users, employees, products and services;
We may also use all the User’s contact information to send promotional notices about all services and products through all advertising channels, unless the User specifies otherwise. In order for the User to receive notifications that correspond to their wishes and habits, it is necessary that we use certain User data to create personalized promotional notices and offers for the User. The User may at any time declare that they no longer wish to receive promotional notices. In that case, the User’s data will no longer be processed for the purposes of direct promotion.
We may share anonymous usage data that does not link the User to third parties. We may combine User data with that of other Users of our website and share that data in aggregated and anonymized form with third parties to improve the design and operation of the website, thereby increasing network site efficiency and user experience for all Users.
The legal basis for data processing for these purposes is the legitimate interest of the Processing Manager, except when the interest or fundamental rights and freedoms that require the protection of the User’s data are stronger than that interest.
As a rule, we retain your personal data for 12 months from the day of their collection, and at the latest until the expiration of all legal obligations related to the storage of personal data.
How we protect data
We use various technical and organizational measures to protect the User’s data from unauthorized access by persons inside and outside our legal entity, alteration, loss, theft and any other data breach and misuse in accordance with the best European practices. This, among other things, includes meeting security requirements (security by design) and data protection requirements (privacy by design), anonymization of data, signing contracts on personal data protection with all subcontractors and associates, implementation of all protective measures for the personal data of Users, conducting regular controls of security measures and personal data protection measures.
Data processing location
We process the User’s personal data in the Republic of Croatia. We may sometimes process personal data in other Member States of the European Union with the provision of adequate protection of personal data and with the prior consent of the User.
In addition to the active role of the User in regards to the management of consents, i.e. the right of the User to withdraw consent at any time, the User has the following active roles, all in accordance with the General Data Protection Regulation: right to object to, correct, delete, access, and restrict data processing and portability.
The User can exercise their rights by addressing or submitting a request directly to the Processing Manager via email or mail. Also, the User is authorized to file a complaint to the Agency for Personal Data Protection.
Cookies are small packets of data sent from the server to the User’s computer, and serve as an anonymous identifier and enable the collection of statistics on the User’s behavior on the website (e.g. on which parts of the website users stay the longest and where the shortest), which Internet browser (e.g. Internet Explorer, Opera, Safari, Google Chrome, Firefox) is used, and the like.
The purpose of cookies is to improve user experience when using the website. The information collected by cookies also allows us to improve the website by assessing the amount and patterns of use, the suitability of the website to the individual needs of the User, faster searches, etc. For example, it is used to remember your personal settings while browsing the website and for future visits.
We do not store sensitive personal information, such as your address, password and other information, through the cookies we use.
The information stored in cookies is used exclusively by us, except for those described below as “third-party cookies”, and they are used and managed by external legal entities to provide the services we request to improve our services and user experience when browsing our website. These “third-party cookies” are mainly used to obtain access statistics and to guarantee payment transactions if they are executed.
Types of cookies
|ACCORDING TO DURATION|
|Permanent||They remain on the computer after closing the Internet browser. They usually last from a few months to forever.|
|Session||They are removed from the computer after closing the Internet browser.|
|ACCORDING TO SOURCE|
|First-party cookies||First-party cookies come from the website that the User is viewing, and can be permanent or temporary. With these cookies, the website can store data that will be used again the next time the User visits that website.|
|Third-party cookies||Third-party cookies come from other websites, which are located on the website that the User is visiting. With these cookies, other websites can monitor the use and behavior of the user on the website the User is viewing for marketing purposes.|
|ACCORDING TO FUNCTION|
|Essential||They are necessary for the functioning of the website and cannot be switched off. They are typically set in response to User actions that involve a request for services, such as cookie settings, login, or form completion.|
|Performance||They enable anonymous recording of visits and traffic sources, which parts of the website are more or less visited, the movement of the User around the website so that we can measure and improve the efficiency of the website. They do not store personal data directly, but are based on the unique identification of the User’s browser and Internet device.|
|Functional||They allow information (settings) that change the behavior or appearance of your website, such as your preferred language or region, to be saved.|
|Advertising||They enable tracking of the User through several websites. The intent is to display individualized and relevant ads for an individual User, and at the same time represent value for third-party publishers and advertisers.|
List of cookies
|_cc||domain.ltd||Cookie settings for the current website||1G|
|_ga||Google.com||Google Analytics – distinguishing unique users||2G|
|_gat||Google.com||Google Analytics – regulating request frequency||1D|
|_gid||Google.com||Google Analytics – identifying unique users||1D|