Geotech d. o. o. (hereinafter: Data Controller), as the Data Controller, collects personal data from the User necessary for the unhindered use of certain features of the website. Such data is collected directly from the User and exclusively in the case where the User independently enters it in the online forms provided for this on the website.
The meaning of certain terms:
| Data Controller | Geotech d. o. o., Ciottina 21, 51000 Rijeka, OIB 02329110570 |
| User | Any third party who is the recipient of services that make up the business activity of the Data Controller |
| Regulation | General Regulation on the Protection of Personal Data |
| Data processing | Any procedure or set of procedures performed on personal data or sets of personal data, whether by automated or non-automated means. |
| Personal data | All data relating to an individual whose identity has been determined or can be determined. |
| Special categories of data | Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, genetic and biometric data and data related to health, sex life and sexual orientation. |
| Data recipient | A natural or legal person, public authority, agency or other body to which personal data is disclosed, regardless of whether it is a third party. |
| Third party | A natural or legal person, public authority, agency or other body that is not the Data Subject, the Data Controller, the Processor or the persons authorized to process personal data. |
I. WHAT DATA IS COLLECTED
From the users of our website, we only collect the data that we need to perform the services requested by the User through the website. For the stated purposes, we collect the following data:
– e-mail address.
In addition to the above, our website also uses cookies, which are necessary for the unhindered operation of the website.
II. HOW WE COLLECT USER DATA
Data collected from users when using the website is collected directly from them by filling in the provided online forms and using cookies.
III. PURPOSE OF DATA COLLECTION
All personal data collected through the website is used to achieve further communication with users as well as to conclude contracts and fulfill contractual obligations, as well as for the unhindered operation of all the website features.
Given that all the data is necessary for the conclusion of a contract and the performance of contractual obligations, this constitutes the legal basis for processing pursuant to the provisions of Article 6 paragraph b.
IV. PROTECTION MEASURES
In order to prevent accidental or intentional misuse of data, the Data Controller uses the following protection measures:
– password use rules;
– password duration (password change);
– password confidentiality; and
– antivirus protection.
Personal data is stored in the personal data collection for the purpose of future cooperation and additional promotional activity.
Personal data can be withdrawn at any time using a request to withdraw consent to the use of personal data because of a legal obligation or legitimate interest.
V. RIGHTS OF DATA SUBJECTS REGARDING THE PROCESSING OF COLLECTED DATA
The users of the website, as Data Subjects, exercise all the rights guaranteed to them by the Regulation.
A User has the right to request, from the Data Controller, access to all their personal data processed by the Data Controller. In this case, the Data Controller is obligated to provide the User with access to the said data. The User also has the right to request data correction. In this case, the User will submit a written request to the Data Controller for the correction of incorrect data, and the Data Controller must correct the incorrect data without delay. The User also has the right to request, from the Data Controller, the deletion of all personal data relating to the User, which the Data Controller must comply with if it has no legitimate interest in the processing of such data in accordance with the provisions of the Regulation.
The User has the right, at any time, to withdraw the consent they have given for the collection and processing of personal data, after which the Data Controller may not further process their personal data. The withdrawal of the given consent does not affect the legality of the processing that preceded the withdrawal of the given consent.
If the Data Controller is basing the personal data processing on the consent of the Data Subject, the Data Subject has the right to request the direct transfer (if technically possible) of their personal data to another Data Controller.
VI. THE RIGHT TO OBJECT TO THE CROATIAN PERSONAL DATA PROTECTION AGENCY
If the Data Subject believes that we have violated their rights in our actions or by some of our decisions, they have the right to file an objection with the Croatian Personal Data Protection Agency.
Objections can be submitted to the Agency in person, on the record, in writing or via an online form available on the Agency’s website. Objections must be submitted to the Agency’s address: Selska cesta 136, 10000 Zagreb, by e-mail at [email protected] or by fax at 01/46-090-99.
VII. CHANGES IN THE NOTICE ON THE PROCESSING OF PERSONAL DATA
This notice is subject to changes for the purpose of improving the protection of the personal data of our users, achieving a higher standard of protection of the right to privacy or, if necessary, because of changes in legal provisions regulating personal data protection.
In accordance with the above, we will promptly notify you of any changes to this notice.
VIII. CONTACT INFORMATION
For all requests and inquiries regarding data protection, you can contact us in the following ways:
• by telephone at 091/429-4033; and
• by e-mail at [email protected].
In the event that the Data Controller doubts the identity of an applicant submitting one of these requests, before issuing the requested data, it may ask you to participate in security checks for the purpose of verifying your identity before complying with the request.
The employer will respond to the submitted request within one month at the latest, depending on the complexity of the submitted request and the volume of requests received during that period. If the Data Controller is unable to comply with the request within the stipulated period, it will inform the applicant in writing of the reasons for the delay, if any, and of the extended time frame, which cannot be longer than one month, in which it will comply with the request.