Privacy policy

Here you can learn more about how we collect, protect, and process your personal data.

Social Media Marketing

APPCRO ("Company") is the owner of the web site www.gdpr.com.hr/en/ („Web site“). This privacy statement has been drafted with purpose to express our privacy concerns to our users (data subjects) and to inform our users about the ways of collecting and processing personal information on this web site.

 
Please read this Privacy Statement in detail to find out how we process, collect, protect, transfer, or use your personal information in any other way.
 

Data Protection Officer (DPO)

The head office of our company is in Zagreb, Republic of Croatia. We have appointed a person as a Personal Data Protection Officer (DPO) who will be the main contact for any questions or complaints regarding our privacy policy, personal data processing, or handling them. The contact details of our DPO:

Miro Višić
Bolnička cesta 34A
10090 Zagreb, HR
dpo@appcro.com

Data collecting

According to the definition, a personal data is any data relating to an individual (a natural person) whose identity is known or can be determined. A person whose identity can be identified is a person who can be identified directly or indirectly, in particular with the help of identifiers such as name, surname, location information, personal identification number, network identifier (eg. IP address) or with the help of various factors which refers to the physical, genetic, physiological, economic, mental, social or cultural identity of physical person (individual).

It is important to emphasize that your personal information is collected or planned to be collected only when we have your consent (EU GDPR 6a) or based on other legitimate collection bases such as: Performance of the contract (EU GDPR 6b), Compliance with a legal obligation (EU GDPR 6c), Vital interests of the Data subject (EU GDPR 6d), Performance of a public task (EU GDPR 6e), Legitimate interests of the controller or third party (EU GDPR 6f), and other specific lawful basis of data collection and processing (EU GDPR 9a-9j). We collect your personal information when you fill out some of the forms on our web site, when you send a direct e-mail to the e-mail addresses listed on our web site, when you access our page via cookies and in analytics purpose for site visitation through Google Analytics, when signing up for our newsletter or on basic of your phone calls and on interest for our products and services.

Additional, it is important that you are informed that personal information and data can be automatically collected through our web site or Internet server or by using "cookies". Click here to learn more about our policy on cookies.

As an example of the information that is commonly collected through our web site include: the most viewed and most visited pages and various links on our website (tags, buttons etc.), tracking forms completes, tracking time spent on our website, key words used when searching the web to our site, your IP address from which you access, other information that is collected through cookies, and the data of your device from which you browse our website (such as hardware settings, system activity, browser types, etc.).

Data processing

Received information is used in one or more of the following purposes:

 

  • To personalize your user experience (collected information helps us to better respond to your individual needs);
  • In purpose of improving our web site (we are constantly trying to improve our website's offer based on the feedback we receive from our visitors);
  • To establish the primary channel of communication with you;
  • For occasional email submissions (concerning occasional news receiving (if you want), updates, information about similar products or services, etc.)

 

Links with third parties

On our web site we do not offer services or products of third parties.

Using cookies

To learn how to use cookies, read our policy on cookies.

Data protection

In order to protect your personal data you submit through this website, we use physical, technical and organizational security measures. We are constantly upgrading and testing our security technology. We restrict access to your personal data only to those employees who need to know this information to provide you some benefits or services. In addition, we educate our employees about the importance of data privacy; to protect the privacy and protection of your data.

Storage and deadline for data storing

All data is stored in databases and repositories WMD d.o.o. We will not transfer or store stored data to countries outside the European Union.

Your personal data is kept and protected  during business relationship. Personal information you give us for business or contact purposes is regularly deleted 12 months after the date you provided this information.

Individual rights

If you want to know if we own and process your personal information, or if you want to access the personal information we have about you, please contact us at dpo@appcro.com.

 
You can also request information about: the purpose of data processing, the categories of personal data which are processed; who has received your personal data outside the company; which is the source of personal data (if you have not provided directly to us); and how long we will keep the data. You have the right to correct personal data that we own if they are incorrect. You can also, with certain exceptions, request that we delete your information, or discontinue processing. You may request that we stop using your personal information for direct marketing purposes. In many countries you have the right to send a complaint to the data protection authority if you are not not satisfied with handling your personal information. If is manageable, we will, on the basis of your request, send you personal data or transfer them directly to another processing manager.
 
If you submit us request for sending your personal data at dpo@appcro.com, we will satisfy this request for free. If we can not meet your request within a reasonable time, we will notify you of the date when we will comply with the request. If for any reason we can meet your request, we will send you an explanation of why we did not meet your request.

Notification about personal data breach

In case of a personal data breach, we will notify you and the competent supervisor by email within 72 hours of the extent of the injury, contained data, the potential impact on our services and our planned data protection measures and the limitation of any harmful effects per individual.

We will not send you a notification of a violation in case:

  • personal data affected by the violation of personal data, which makes this information incomprehensible to any person who is not authorized to access them;
  • if we have taken further measures to ensure that it is no longer likely that high risk for individuals' rights and freedoms will be at risk;
  • if this would be a disproportionate effort (in this case, we will notify you through means of public disclosure or similar equally effective measures).

Violation of personal data means a violation of security that results in unawareness or unlawful destruction, loss, alteration, unauthorized disclosure or access to personal data transmitted, stored and processed in connection with the provision of our services.

Your consent

In case of a change in our privacy policy, you will be notified on this page and we will update the Privacy policy change date below.

Right to complain to the competent authority

In any time you can send a complaint to the supervisor authority which refers on collection and processing of your personal information. In Republic of Croatia, you can send complaint to Croatian Personal Data Protection (AZOP).

This Privacy Policy was last updated on January 01 2023.