Website with information on data protection.
Article I - Statement on protection and collection of personal data
Article II principles
In order to comply with applicable Personal Data Protection Laws, we process your personal information only on a legitimate basis or if you have consented to it. This also applies to the processing of personal data for marketing purposes. On this web site we can collect data that does not allow us to make direct conclusions about your identity. However, in certain cases - in particular in combination with other data - these data may, in accordance with applicable personal data protection laws, be considered "personal information". Furthermore, on this Web Site we may also collect information that does not allow us to identify you, directly or indirectly; This is the case, for example, of collecting data on all users of this web site.
Article III. Data to be processed
a) Information obtained by mail / e-mail If you have chosen to send information materials, process will the information entered in the contact form, at least your name and details of channels to contact you selected (mail and / or email) for a one-time shipping materials you requested.
b) Consultation by telephone If you choose counseling by phone, process the information entered in the contact form, at least your name and your phone number, so we can find the required counseling by telephone.
c) Personal counseling If you choose a personal consultation, process the information entered in the contact form, at least your name and your phone number and / or email, to give you an appointment for a personal consultation.
d) Newsletter via e-mail If you have chosen the option of sending leaflets by email, process the information entered in the contact form, at least your name and your email, and you'll receive e-mail can send a flyer. If you selected sending newsletters via e-mail, process the information entered in the contact form, at least your name and your email address, so we can send the newsletter. In addition, the use and other information you enter in the contact form so we can send content tailored to your interests. In summary form and analyze the data collected during the delivery and acceptance of such e-mail (delivery rate, the rate of opening, CTR, conversion rate, the rate of cancellation of sending rate variations), in order to have an insight into their performance and use. On the other side, also estimate the data that is generated during your access to and use of these emails (opening time, clicks on a hyperlink, to download documents) to help you on the grounds that deliver personalized information in future bulletins sent by email, and that best reflect your interests and needs.
e) Advertising and marketing inform you about products, services, offers and events. For this purpose, process the necessary information entered in the contact form, at least your name and the name and details of channels of contact (email and phone). On our Website you can place orders without registering and creating an account. In this case we will seek and process information necessary to process orders (eg. Your name, billing address or other delivery address, e-mail and the necessary payment information, mode of delivery and order information). Registration and account If you register as a user of our Web sites - especially when you create your account - collect personal information and process the information specified in the registration form on our Website. If you want to use certain content on our Website or order something, we can ask and re-enter the data already collected during the registration (especially for purposes of your identification) and further process personal data for this purpose.
Article IV Shopify
The host of our online store is Shopify Inc. They provide us with an online e-commerce platform that allows us to sell their products and services. Card data and personalized security features are not stored on the Shopify system, or outside the PBZ Card contractor's ISP Certified System
Article V. Purpose and legal basis for processing your personal information
In order to enable the use of our Web sites, we process personal information that may contain log files; this treatment is, for the purposes of our legitimate interest in the work of our website, based on Article 6 (1) f) GDPR. The data collected by using cookies and pseudonimiziranih user profiles process in order to better perform direct marketing, market research and further develop our digital offers based on user needs, and this treatment is, for the purposes of our legitimate interest in the work of our website, based on Article 6 ( 1) f) GDPR. The received data processing to give you information and advice and allow the selected option, and if you decide to register for a newsletter by email, so that we can register you and deliver you the newsletter via email. Your personal data processing on the basis of your consent and in accordance with Article 6 (1) a) GDPR. Consent may be revoked at any time with effect from the moment of revocation of consent, on the way to contact us via the contact information listed above at the beginning of this information on data protection. In every email you'll find the link to sign out of sending emails. If through our Website or if something order on our website you register an account, the collected data processing under Article 6 (1) b) GDPR in connection with the execution of the contract that we have signed with you. Data associated with your use of the Website can process and how we respect our legal obligations; This type of treatment is based on the article 6 paragraph (1) c) GDPR. To the extent that is required to process your personal data (the processing for the purposes of a business relationship or to comply with legal obligations) for the purpose of our justified interests or the legitimate interests of third parties pursuant to Article 6 (1) f) GDPR. Legitimate interest may include: a) setting up, exercise and defend against legal claims; b) the prevention, investigation, detection or prosecution of offenses; and c) the operation and further development of our business, including risk management.
Article VI. Duty to of sending data
The duty to submit data information required for registration to receive our email newsletter, providing information and consulting, online orders or user registration or account creation, in the relevant field of Internet sites, designated as mandatory data (eg. The contact form); without providing mandatory data we can not allow the use of appropriate functions. If you receive additional information that will indicate whether the provision of such information based on a legal or contractual obligation, or is required to fulfill the contract. usually indicate which data can be given voluntarily and not in accordance with legal or contractual obligation or for the purpose of executing the contract.
Article VII. Access data
Article VIII.Automated decision-making
Automated decision-making relating to the operation of our Web sites generally do not use automatic decision-making (including profiling) within the meaning of Article 22 GDPR. If such procedures apply in the future, You'll be notified separately in accordance with the applicable legal provisions.
Article IX.Transferring data outside the EU / EEA
The transfer of data outside the EU / EEA data can be transferred to recipients in the so-called third country only on the use of service providers to provide information on the services online analysis. "Third countries' are countries outside the European Union or countries that are not signatories to the Agreement on the European Economic Area and which can not be predicted data protection comparable to that in the European Community. If the transferred information includes personal information, before such transfer ensures that a third country or the recipient in a third country provided an adequate level of data protection. This may be due to the so-called. decisions about the appropriateness of the European Commission which decides with a third country there is an appropriate level of data protection. Alternatively, data can also be based on the so-called. EU standard contractual clauses which are coupled with the recipient or, in the event that the recipient is in the United States, in accordance with the principles of European-American system for the protection of privacy (eng. The EU-US Privacy Shield). At your request we will gladly provide you with additional information about these adequate guarantees for maintaining a predetermined level of data protection; contact information can be found at the beginning of this information on data protection. Information about the participants in the EU - US privacy can also be found here: www.privacyshield.gov/list.
Article X.Data storage time
Time data storage Personal data generally is stored until there is a legitimate interest in keeping such information and until you overcome your interests to refrain from further processing of your personal data. If more and there is no legitimate interest, the data can still store if there is no legal obligation to do so (eg. Compliance with legal obligations on Data Retention). Personal data will be deleted, even if no action is taken as soon as further retention is no longer necessary for the purposes for which the data were collected or otherwise processed, or if further detention otherwise not permitted by law. When it comes to the aforementioned processing,
a) deleted information will be used for sending information by post / email after your data is sent,
b) we will delete the data used for consultation by phone or in person consultation after the appropriate consultation if you have not given your consent for further processing of its data (eg. resume consultation) or further storage is not required for other purposes (eg. send a concrete offer on the basis of consultation);
c) to store personal information for preparing and sending newsletters via e-mail until you withdraw your consent or otherwise do not agree with the processing.
Your personal information can be stored and if we want to ensure that, upon your request, we are no longer get further Emile (blacklist). If the personal data should be kept because of legal obligations, they are kept until the end of the corresponding period of storage. If personal data is processed only in accordance with the legal obligation of, access to such data generally is limited, so the data is available only if it is necessary for the purposes of the obligation to maintain.
Article XI. Certainty
Security To protect your personal data, we will take reasonable precautions and follow industry best practices to make sure that they are not inappropriately lost, misused, accessed, disclosed, modified or destroyed. If you give us information about your credit card information is encrypted using Secure Socket Layer technology (SSL) and stored with AES-256 encryption. We follow all PCI DSS requirements and implement additional generally accepted industry standards.
Article XII. The rights of the data owner
Rights of the data As the owner of the data you have the right to request access to their personal data, Article 15 GDPR; request correction of inaccurate personal data, Article 16 GDPR; request the deletion of their personal data ( "right to oblivion"), Article 17 GDPR; request limit processing of their personal data, Article 18 GDPR; exercise the right to data portability, Article 20 GDPR; object to the processing of their personal data, Article 21 GDPR. The above rights may be exercised in relation to us, for example. sending notification channels listed on the first page of this information on data protection. Furthermore, you have the right to file a complaint to our processing of personal data to the competent supervisory authority, Article 77 GDPR. QUESTIONS AND CONTACT If you want to: access, correct, modify or delete personal information we have about you, register a complaint, or would like more information, contact us at firstname.lastname@example.org or by mail to the CE - Makor Ltd., Trakošćanska street 23, 10360 Sesvete, Croatia.