AEKS d.o.o., Omladinska 45, Ivanić-Grad, OIB/TIN:64811851682 (hereinafter: AEKS d.o.o.) is committing to protecting your privacy and personal data when collecting and processing it. As we take special care of the privacy of our users, we intend to inform you in this Privacy Policy of the way AEKS d.o.o. collects and processes personal data. The Privacy Policy is written in simple and clear language.
At AEKS d.o.o., we have also appointed a data protection officer whom you can contact regarding any questions or complaints concerning our Privacy Policy or the handling of personal data. The contact information of our data protection officer is as follows:
Data Protection Officer
Jasmina Lešković
Josipa Kozarca 27
Sesvete
gdpr@aeks.hr
Data collection
Personal data is any information that identifies an individual. An individual whose identity can be uncovered is a person who can be identified directly or indirectly, in particular by means of an identifier such as name, identification number, location data, a network identifier or by one or more factors particular to the natural person’s physical, physiological, genetic, mental, economic, cultural or social identity.
1) Who is responsible for the security of collected personal data?
AEKS d.o.o. is responsible for the security of collected personal data.
Your data will be processed by AEKS d.o.o. as the controller and sometimes also as the processor based on the legal basis concluded with you. For the purpose of protecting personal data, enabling the processing of personal data and exercising your rights as the data subject whose personal data are processed, personal data may be transferred to natural persons and/or legal persons with whom we collaborate on the basis of our contractual or legal obligations (e.g., accounting services, attorney offices, competent public authorities).
2) What personal data do we process?
The personal data we process may include the following:
3) How do we collect personal data?
We collect and process your personal data depending on the circumstances, including:
4) Are you obliged to provide us with personal information?
In principle, you provide us with all personal data voluntarily. As a rule, there are no negative or harmful consequences if you decide not to provide us with your personal data. Certain personal data are necessary on a legal or business basis, such as data necessary for preparing an invoice. Certain services or activities, such as promotional activities, also require certain data from you that you provide to us solely for a specific purpose and which you can withdraw at any time (e.g., newsletter). This aspects are explained in more detail below.
Any voluntarily given consent may be withdrawn at any time by providing a written statement. A verbal declaration of denial of consent will be taken into account in the event that there are justified circumstances and consequently, providing a written statement subsequently is not possible.
However, in addition to the above, there are circumstances when AEKS d.o.o. cannot undertake business activities, including legal actions, without your personal data, for example, when personal data is necessary for establishing a mandatory legal relationship, processing your instructions, instructions and requests and for the purpose of sending promotional material.
In all these cases, the collection and processing of your personal data is a precondition for the provision of our services, except in the case of some other legal basis for their collection, such as a legal or contractual basis.
5) Purposes for which we process personal data
We process personal data exclusively for the following purposes:
In cases where you have given us explicit consent to process your personal data, we may also process your personal data for the following purposes:
For the purpose of communications related to marketing services, provided the obligation is prescribed by law, we will send you only the information for which you have given consent and only as long as you do not withdraw your consent. We will not use your personal information to take any other actions or create profiles except in the cases listed here.
Depending on the purpose for which we process your personal data, we may process your personal data on the following legal grounds:
6) With whom can we share your personal data?
We may share your personal information in the following circumstances:
We may transfer your personal data on a confidential basis when necessary for fulfilling our contractual obligations, for administrative purposes, for the purpose of issuing invoices, for the purpose of additionally protecting (backing up) your personal data, for the purpose of achieving and protecting our contractual rights and legal interests as well as in the case of other justified business purposes.
We may share your personal data with external associates such as law firms, accounting services, tax advisors, credit offices and financial institutions, business entities with whom collaboration is necessary in exercising rights and obligations under a mutual contractual relationship, debt collection agencies, public authorities and entities with public authority, when necessary for the purpose of protecting contractual rights and/or requirements, or when it is in the public interest or when it constitutes a legal obligation.
We may share your personal data with third parties to whom we have transferred or assigned rights from the contractual relationship with you.
We are also authorized to order third parties to process your personal data on our behalf and in accordance with our instructions as the controller, in which case we assume responsibility for the confidentiality and security of your personal data. In such cases, AEKS d.o.o. remains fully responsible toward you for the security and confidentiality of personal data and will use all necessary measures required by the applicable regulations to ensure the integrity and security of your personal data.
We may also use your personal data for statistical purposes to observe visits and the use of our website in order to further develop our business and improve the quality of the website.
In other words, we may disclose your personal data to a third party only if you give us your consent for such an action, regardless of whether the consent is contained in a separate document or represents a separate clause of the contract, if it is a legal obligation or obligation to act in accordance with a court order or as ordered by some other public authority or entity with public authority.
7) Personal data of third parties that you provide to us
If you provide us with the personal data of other natural persons, you must guarantee that you are authorized to disclose personal data to us, that we can process it, and that we can obtain, use and transfer it without the obligation of taking further action in accordance with the terms stated in the Privacy Policy.
In particular, you must ensure the other natural person is aware of the disclosure of their personal data to us and, if applicable, they have given consent to such disclosure, use and transfer of their personal data, and they are fully familiar with the content of the Privacy Policy including but not limited to our identity, contact information, purposes of processing personal data, rights in relation to access to personal data, modification of personal data, insight into the collected personal data, deletion of personal data, transfer of personal data, the right to file a complaint in relation to the processing of personal data, as well as consequences in case of a violation of our obligations in relation to the above mentioned.
8) Personal data protection
We will protect your personal data by applying appropriate technical, organizational and security measures in accordance with internal regulations and procedures for storing, accessing, disclosing and accessing personal data. Personal data may be stored in paper form, stored in special electronic personal data protection systems with us or with our contractual partners.
9) Transfer of personal data
In the event of the transfer of personal data to the countries of the European Union or the European Economic Area or countries that do not provide the same level of protection of personal data as in Croatia, we will take all necessary measures to ensure that the degree of protection of your personal data corresponds to the requirements of the Regulation and other applicable regulations of the Republic of Croatia.
10) Changes to personal data
If any personal data you have provided changes (e.g., your e-mail, address, etc.) or if you discover that we have incorrect personal data, please inform us by sending an e-mail to the following e-mail address: gdpr@aeks.hr. AEKS d.o.o. is not responsible for any losses arising from incorrect, untrue, deficient or incomplete personal data provided to us.
11) How long do we keep personal data
Your personal data will be deleted when the reasonable need for storing it for specific purposes ceases or to the extent applicable when you withdraw your consent, provided that we are not obliged to keep personal data on the basis of other legal requirements (for example, legal obligations). In any case, we will keep your personal data for as long as there is a need to retain it for the purpose of exercising the rights and obligations under the concluded contract, i.e., the business relationship, including the need for a forced collection of claims.
12) Your rights
Subject to the conditions prescribed by the Regulation or laws of the Republic of Croatia, you have: (i) the right to withdraw consent (if the processing of personal data is based on consent, and there is no other legal basis for doing so); (ii) the right to peruse the personal data collected; (iii) the right to access and obtain information; (iv) the right to request a copy of the personal data we hold; (v) the right to request the modification/rectification of the personal data collected or restriction of processing; (vi) the right to erasure of personal data; (vii) the right to transfer personal data collected; (viii) the right to object to the processing of personal data. If you decide to do any of the above, please contact us by sending an e-mail to the following e-mail address: gdpr@aeks.hr
When sending, we may ask you to prove your identity by providing a valid copy of the identity document from which your identity can be established in order to comply with applicable regulations and prevent unauthorized disclosure of personal information. We reserve the right to charge you additional fees if you abuse your right to access personal data, for example, in the case of repeated requests or requesting additional copies of documents without providing a reasonable basis. We will consider all your requests and complaints that we receive and respond to them in a timely manner.
If you are not satisfied with our response, you can refer your complaint to the authority responsible for personal data protection (Personal Data Protection Agency, http://azop.hr/). At your request, we will provide you with up-to-date contact information of the personal data protection authority.
13) Changes to the Privacy Policy
AEKS d.o.o. reserves the right to change this Privacy Policy from time to time that will correspond to changed procedures and the method of processing personal data or changed legal circumstances. In the event of such changes, we will post the changes on our website or in another appropriate manner. The changes will take effect on the day of publication thereof.
14) How to contact us
We care about your opinion of our Privacy Policy. You can contact us by sending an e-mail to the e-mail address gdpr@aeks.hr or in writing to the address AEKS d.o.o., Omladinska 45, Ivanić-Grad.
Ivanič-Grad, 1 August 2019
AEKS d.o.o.
Zlatko Lojna, director