Effective Date: JULY 7TH, 2021
PRINCIPLES OF DATA PROTECTION
- Legal – only if the processing is allowed by law and within the limits prescribed by law.
- Fair – respecting the specifics of the relationship with you, applying all measures to protect personal data, making it easier for you to exercise your rights.
- Transparent – by providing all information in a clear and easily accessible manner within the limits prescribed by the General Data Protection Regulation.
- With a purpose limitation – processing personal data for the purposes for which they were collected and for other purposes taking into account (a) any link between the purposes of the collection of personal data and the purposes of the intended continuation of processing; (b) the context in which the personal data was collected, in particular as regards our relationship with you; (c) the nature of personal data, in particular whether special categories of personal data are processed in accordance with Article 9 of the Regulation or personal data relating to criminal convictions and criminal offenses in accordance with Article 10 of the Regulation; (d) the possible consequences of the intended continuation of processing for the respondents; and (e) the existence of appropriate safeguards.
- With a storage restriction – keeping the data in a form that allows the identification of the individual only to the extent necessary for the purposes for which the personal data are processed, and longer only if permitted by the Regulation.
- With a reduction in the amount of data – we make sure that the data we process is appropriate, relevant and limited to what is necessary.
- Paying attention to accuracy – we take care of the accuracy and timeliness of data and delete incorrect data in accordance with the requirements of the Regulation.
- Paying attention to integrity and confidentiality – technical and organizational measures take care of adequate security of personal data depending on their risk, including protection against unauthorized or illegal processing and against accidental loss, destruction or damage by applying appropriate technical or organizational measures
Legality, ie legal bases of data processing can be:
- -fulfillment of the legal obligation of the society,
- concluding or executing a contract to which you are a party,
- our legitimate interest to the extent that it is more important than the interest of the respondents not to process the data or
- Your consent,
- another legal basis in accordance with the Regulation.
What personal information do we collect and why do we collect it?
The service collects personal information about users and potential users through inquiry forms and contact forms available on the site. The forms are intended for all those who want to apply for a specific program of our society and/or want to send an inquiry of any kind. The data collected in these forms may include:
- name and surname
- residential address
- OIB (Personal Identification Number)
- education degree
- e-mail address
- phone/cell phone number
This information is collected only for the purpose of communication by the society to the person who completed the form and for the purpose of sending an invoice for a specific program (activity or workshop) or service. Users’ email addresses are also used to exchange information and program notifications informing them of possible schedule changes, etc. Users will not receive any emails intended to advertise or promote commercial and other content unrelated to the association and its programs and services.
We may also collect information about access to and use of the Service. This information may include information such as: your computer address (eg IP address), browser type, browser version, pages of our Services you visit, time and date of your visit, time spent on these pages, unique device identifier and other diagnostic information.
Tracking and cookie data
Embedded content from other websites
Who do we share your information with?
Personal data is collected exclusively for the purpose of communication with users of the association in connection with the programs of the society (activities, workshops) and for the purpose of issuing and sending invoices to users of programs and services. This information is stored within the society itself. Personal information we collect through online inquiry forms and contact forms is automatically passed on to our webmaster for security reasons. The webmaster does not use this information for any marketing or advertising purposes and manages the information available to him in accordance with the General Data Protection Regulation of the GDPR.
Recipients of data can also be executors of processing. Namely, other data processing entities (for example, information service providers) may be involved in data processing, if necessary and in accordance with the restrictions prescribed by the Regulation. The contractual relationship with such entities is regulated in detail and it is ensured that your personal data is protected in an appropriate manner and in accordance with the requirements of the Regulation.
In other situations, it is possible for us, together with other subjects, to determine the purposes and means of processing personal data, so we will have the position of joint controllers together with these subjects. In these relations, we will determine in a transparent manner our responsibilities for compliance with the obligations under the Regulation, especially with regard to the exercise of the rights of respondents and their duties to respect the transparency of processing, unless the responsibilities are established by law.
If the processing of data includes international transfer, the Society will inform you about the intention to disclose personal data to a third country or international organization and the existence or non-existence of a European Commission decision on adequacy, as well as appropriate safeguards and ways to obtain copies in case the transfer is subject. appropriate safeguards under Article 46 of the Regulation, the application of binding corporate rules under Article 47 of the Regulation or, if applicable, under Article 49 (1) (2) of the Regulation. Any transfer of personal data to third countries will be carried out in accordance with Chapter V of the Regulation.
How long do we keep your data?
The collected data will be kept for as long as necessary to achieve the purpose of their collection.
How do we protect your data?
What rights do you have over your data?
Users may at any time request the deletion of any personal information we hold about them. They can do this in person, by mail or by e-mail at the address/e-mail address of the Institution. Also, they can unsubscribe at any time from receiving informative emails related to the society and its programs.
Regardless of the legal basis of data processing, you have the right to:
- access, amendment or supplementation of data,
- deletion (“right to forget”) of personal data,
- restrict the processing of your data or object to the processing of data,
- transfer of your data to you or third parties,
- if the information is given on the basis of consent, you can always withdraw that consent without negative consequences,
- the right to submit a complaint to the competent supervisory body – in Croatia it is the Agency for Personal Data Protection (more on this at www.azop.hr).