Privacy Policy

Privacy policy

In accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (Official Journal of the European Union L 119 , 4.5.2016, page 1, hereinafter: General Regulation on Data Protection), which is in full application from 25 May 2018 in the Republic of Croatia and all EU Member States, as well as the Law on Implementation General Regulations on Data Protection (Official Gazette No. 42/18, hereinafter: the Act), the Labor Act (Official Gazette nos. 93/14 and 127/17), the Occupational Safety and Health Act (Official Gazette no. 71/14, 118/14 and 154/14), ie in accordance with the legal framework for personal data protection in the Republic of Croatia and the European Union and the best European practice, Villa annette d.o.o, Vladimir Peršić, 10964903377, Raška 24, Rabac, 52221.

registered in the Commercial Court in Zadar (hereinafter: The company), as the head of the processing of personal data of users of its services and customers, drafted a policy on the protection of personal data of users of services and customers. Privacy Policy is a unilaterally binding legal act based on fundamental principles in the processing of personal data, which regulates which user data are collected, how such data are processed, and for what purposes they are used. The privacy policy also informs service users and / or customers of their rights to collect and further process personal data, all for the purpose of protecting their privacy in a broader sense.

Privacy policy based on the following principles of personal data processing: procedures of legality, transparency and best practices, the possibility of reducing the processing and reduction of data, the way points and personal data work, the possibility of reducing access, integrity and confidential data, which should be taken into account calculate trust and fair processing, manner of performing opportunity (purposes of processing), manner of processing in unnamed (anonymized) form.

The Privacy Policy applies to all services The company offers, with the aim of the Policy being to inform users clearly and transparently about the processing of their personal data and their rights. First of all, users can at any time contact the Association with a request to amend, supplement and/or update the data relating to them, as well as to withdraw the given consent and request the cessation of further processing of personal data.

The following is responsible for the processing of personal data: Villa annette d.o.o, Vladimir Peršić, 10964903377, Raška 24, Rabac, 52221.

Contact details for personal data protection:
e-mail:

Methods of collection and types of personal data collected

Directly by the users themselves in a way that the users themselves submit the data to the The company as the processing manager in a certain range of data that is essential for the provision of appropriate services, sales or some other user link and www.villa-annette.com. In order to provide appropriate services, the user is obliged to provide the The company with the following information that he needs to establish a contractual relationship in order to provide a particular service and / or sell certain products. The customer-user can submit the data orally or in writing to the center of the The company, via e-mail sent to one of the e-mail addresses of the The company and via the website of the The company www.villa-annette.com.

From other publicly available sources of data on companies and physical persons in companies on internet portals, telephone directories that contain such data and other publicly available services only for the purposes for which they were initially collected.

Automatically by visiting The company internet (web) pages, applications and portal, which are data associated with network identifiers (Internet protocol addresses and cookie identifiers, such as Google Analytics to track user and / or customer interaction).

A cookie is a small data file that is stored on a computer or mobile device when you visit a particular website. Cookies are used to provide a better user experience to each user and/or customer, to store user and/or customer preferences, in order to make the website work more efficiently, as well as to monitor and test the use and traffic of the website The company.

By disabling and/or blocking the storage of cookies, the user and/or customer can still browse the website The company. However, it is likely that certain features and/or functionalities of the website will not be available to such user and/or customer, or that the time required to access certain features of the website will be longer than usual.

The network identifiers in question may leave traces which, in combination with other identifiers and information provided by Internet service providers, may be used to identify the user and/or customer.

The amount or scope of personal data that it The company collects depends on the type of service that it The company provides to its users and/or customers, as well as on the legal basis on which it collects data. The company, it constantly takes care of collecting only the necessary range of personal data that is necessary to achieve the legally established purpose for which the data is processed.

Data on potential users

The company, it also collects data on potential users and/or customers of its services and/or products. This information includes basic information (name and surname, e-mail address), but also the interests of potential Users and/or Customers who contact the association with the desire to be informed and/or offered certain products and services.

A cookie is a small data file that is stored on a computer or mobile device when you visit a particular website. Cookies are used to provide a better user experience to each user and/or customer, to store user and/or customer preferences, in order to make the website work more efficiently, as well as to monitor and test the use and traffic of the website The company.

By disabling and/or blocking the storage of cookies, the user and/or customer can still browse the website The company. However, it is likely that certain features and/or functionalities of the website will not be available to such user and/or customer, or that the time required to access certain features of the website will be longer than usual.

The network identifiers in question may leave traces which, in combination with other identifiers and information provided by Internet service providers, may be used to identify the user and/or customer.

The amount or scope of personal data that it The company collects depends on the type of service that it The company provides to its users and/or customers, as well as on the legal basis on which it collects data. The company, it constantly takes care of collecting only the necessary range of personal data that is necessary to achieve the legally established purpose for which the data is processed.

Types of personal data collected?

The data that the Customer – User most often provides are:

  • name and surname
  • address
  • personal identification number (OIB)
  • contact phone and/or mobile phone number
  • contact details of e-mail (e-mail address)
  • identity card data
  • bank account and card number data for the purpose of regulating the payment obligation

Where is personal data processed?

Personal data of Users – Customers The company processes in the Republic of Croatia.

Where is the collected data stored?

Data are processed in such a way that all or part of the information about Customers – Users – Respondents is stored in the databases of the processing manager.

Obligations of the processing manager regarding the security of processing

TECHNICAL DATA PROTECTION

The processing manager implements technical and organizational measures to ensure an appropriate level of security.

The processing manager shall also take measures to ensure that any individual acting under the responsibility of the controller who has access to personal data does not process that data if this is not in accordance with the instructions of the processing manager.

Taking into account the nature, scope, context and purposes of processing, as well as risks of different levels of probability and severity for risks to the rights and freedoms of individuals, the Processing Manager implements appropriate technical and organizational measures in accordance with Security Policies to ensure and prove processing implemented in accordance with the General Regulation.

Purpose of data collection and further processing

The company collects and further processes personal data of users and/or customers for the purpose of concluding and executing contracts, making purchases or service interventions on equipment, delivery of ordered products, advice and assistance in using products, providing appropriate additional and/or extended product warranties, resolving complaints of users and/or customers and other actions related to the conclusion and execution of the contract in accordance with applicable regulations.

The processing of personal data of users and/or customers for the above purposes is a necessity and legal basis for concluding a contract, ie, in case the user and/or customer refuses to provide relevant data, the service will not be able to enter into a contract and/or take certain actions. with the execution of the concluded contract.

Organization of prize games
The company occasionally organizes prize games, so the data is used to notify about the prize won.

Direct marketing
Contact details of users and/or customers can be used to send promotional notices about products and services The company if the Customer – User has given consent.

Videos
The company uses surveillance cameras to protect people and property.

Time duration of personal data storage

Depending on the purpose and legal basis on which the personal data of users and/or customers are collected, The company is in some cases mandatory to keep personal data for a period of time prescribed by the relevant regulations or termination of the purpose for which they were collected. Upon the expiration of the legal deadline which obliges The company on the storage of certain personal data or the termination of the purpose, they are deleted.

In cases where the basis for data collection and processing is the consent of the user and/or customer, personal data is stored for 10 years.

Data processed with the consent of the user and/or customer may be deleted before the expiration of the period specified in this Policy, in the event that such deletion is requested by the user and/or customer or when the user and/or customer objects to such processing via the Internet. e-mail address:

Ways of exercising rights

The customer can exercise his rights if he considers that there has been an irregularity in the processing of his personal data, via contact information or by e-mail . Also, the user and / or the buyer has the right to lodge a complaint with the national supervisory authority.
Under what conditions and for what reason personal data is passed on to third parties

The personal data of the Customer-User The company forwards to third parties (including competent authorities) in the following cases:

  • to fulfill the legal obligations of the The company
  • when such processing is necessary to protect the key interests of Customers – Users
  • for the purpose of fulfilling the contractual obligation, performing the work for the account of the Buyer – User
  • for which it is necessary to hire a third person – the processor manager

Processing of personal data in the context of employment

Personal data of employees may be collected, processed, used and delivered to third parties only if it is determined by law or if it is necessary for the exercise of rights and obligations arising from the employment relationship, or in connection with the employment relationship.

In order to exercise the rights and obligations arising from the employment relationship, the controller will collect, process, use and deliver to third parties only those personal data that are necessary for the stated purpose, and will provide such data only at the request of courts and other state or public bodies.

GDPR and cookies

Cookie names Type of cookie First or Third party Can be blocked Session or Persistent Expiry Time Purpose
wp-wpml_current_language osnovne Third party Persistent Saturday, 13 June 2020 09:14:42
wfwaf-authcookie-*, wf_loginalerted_*, wfCBLBypass osnovne Third party Persistent
wordpress_logged_in_6b8404ae5943187aaf2df78bc70edf9e osnovne Third party Session
mphb_session osnovne Third party Persistent Friday, 12 June 2020 09:44:41
wordpress_sec_6b8404ae5943187aaf2df78bc70edf9e osnovne Third party Session
woocommerce_*, wp_woocommerce_*, wc_cart_hash_*, wc_fragments_* osnovne Third party Persistent