By using the EU Digital COVID Certificate website under eudigitalnacovidpotvrda.hr, the user is considered to be aware of and to fully understand and accept these terms and conditions of use.
AKD d.o.o., Savska 31, VAT No.: 58843087891, Stat. No.: 03751970, is responsible for processing your personal data. We use our best efforts to protect your personal data and your right to privacy. If you have any questions or concerns regarding our rules our practices in connection with the processing of your personal data, please contact us at [email protected]. All information concerning the protection of your personal data is available to you via the following link: Data Protection under the General Data Protection Regulation.
AKD d.o.o. reserves the right to modify any content of or terms and conditions of using the website without prior notice and shall not be responsible for any loss resulting from such modifications. It shall also not be held liable for any direct or indirect damages resulting from the use of this site.
Who should be acquainted with this Privacy Policy?
This Policy may apply to you if you are:
- A visitor of our website
When you visit our eudigitalnacovidpotvrda.hr , eudigitalcovidcertificate.hr website (the “Website”) and contact us using the contact form with a particular query/comment, you are entrusting us with your personal data (name and e-mail address) to allow us to reply. We take your privacy very seriously. This Privacy Policy aims to explain as clearly as possible which data we collect and how, how we process them, for which purposes we use them, for how long we store them, how you are able to keep track of all our operations, and which rights you have regarding your personal data.
Please read this Privacy Policy carefully because it will help you make informed decision regarding the sharing of your personal data with us.
If you do not agree to any terms or conditions of this Privacy Policy, please stop using our website and our services and we will gladly answer any questions you may have.
As used in this Privacy Policy, terms importing a particular gender include all genders.
WHICH DATA DO WE COLLECT?
Your personal data that you voluntarily provide to us
In short: We collect personal data that you voluntarily provide to use, i.e. the data that you manually insert on our website
We collect personal data that you voluntarily provide to use by completing the contact form. By completing the query form, you agree that your personal data classified as personal data under the applicable legislation may be forwarded. In this case, they are your e-mail address and name. We collect your personal data based on your interaction with us and websites. By inserting your personal data in the designated fields, you give your consent to use such data for the purposes for which they are provided.
The data we collect may include:
Name and contact details: We collect your name and e-mail address.
All personal data you provide to us must be true, complete and accurate and it is important that you notify us of any changes to any of your personal data provided to us.
Pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation), which has applied in the Republic of Croatia as of 25 May 2018, and the Act Implementing the General Data Protection Regulation (Official Gazette No 42/2018), your rights as a user of the site are: the right to withdraw your consent at any time, the right to access your data, the right to rectification, erasure or restriction of processing, the right to object, the right to restriction of processing and the right to lodge a complaint with a supervisory authority.
We do not forward or make available your personal data to any unrelated third parties and we use such data to respond to your queries received via the contact form. We may also use your data to ask you for feedback or to contact you in connection with your query or explanation, subject in each case to your consent and provided that they are not used beyond the validity period of your consent.
Automatically collected data
In short: Some data, such as your computer’s IP address or features of your browser and devices, are collected automatically when you visit our website.
We automatically collect certain data when you visit, use or browse our pages. This information will not reveal your identity (such as your name or contact details) but may include data about your device and use, such as your IP address, features of your browser and device, operating system, language preferences, reference URLs, device name, country, location, information about how and when you use our site, and other technical information. This information is primarily needed to maintain security and operation of our websites and for internal analytics and reporting purposes.
We also collect information by using cookies and other similar technologies. Learn more about this in our Cookies Policy.
HOW, FOR WHICH PURPOSES AND ON WHICH LEGAL GROUNDS DO WE PROCESS YOUR DATA?
In short: We process your data for purposes based on compliance with our legal obligations, performance of our contract or relationship with you, legitimate business interests and/or your consent.
Please note that we only process personal data that are necessary to fulfill a specific purpose and we only use such data for defined, clear, legitimate and anticipated purposes.
We process your data on the following legal grounds:
- Consent: We are only allowed to process your data if you have given us your consent to use your personal data for specifically defined purposes.
- Legal obligations: We may disclose your data where legally required to do so to comply with the applicable regulations or an order of a court or any other authority as part of a judicial, administrative or any other legal process (including responses by public authorities to satisfy the relevant national security or law enforcement requirements).
- Legitimate interest: We may disclose your data if we find it necessary to investigate, prevent or take action in connection with any potential violation of our policies, suspicion of fraud, situations involving threats to the safety of any person or any illegal activities, or as evidence in any litigation we may be party to.
We use the data we collect or receive for the purpose of:
- Sending administrative information. We may use your personal data to send you information about your query, a service or new features or information about any changes to our terms and conditions or rules, subject in each case to your consent and provided that they are not used beyond the validity period of your consent.
- Asking for feedback. We may use your data to ask for your feedback and to contact you in connection with your query, subject in each case to your consent and provided that they are not used beyond the validity period of your consent.
- Answering user queries and providing user support. We may use your data to reply to your queries and resolve any issues in connection with your use of our Services and Applications.
- Conducting business. We may use your data for other business purposes such as data analysis, identification of usage trends, assessing the effectiveness of your promotional campaigns, and evaluating and improving our Services or Applications, products, marketing, and your experience. We may also use and store such data in aggregated and anonymized form so that they are not associated with a particular end user and do not include personal data. We will not use any personally identifiable information without your consent.
WILL YOUR DATA BE FORWARDED TO ANYONE?
In short: We do not sell, rent or loan your data to unrelated third parties.
We will not forward or make available your personal data to any unrelated third parties. They are securely stored on our server or an external server chosen by us and in our business premises, which ensures to a sufficient degree that appropriate technical and organizational measures are implemented so that such processing complies with the requirements of the General Data Protection Regulation and ensures that your rights are protected.
We will reduce the data we forward and provide to a minimum, which means that we will only forward personal data that are necessary for the purpose for which they were provided.
All legal and natural persons to whom we forward your personal data are bound by a duty of confidentiality under the relevant contracts with them and have also implemented such organizational and technical measures for data protection purposes.
Certain data may be forwarded to authorities of the Republic of Croatia at their request for the purpose of satisfying requirements defined in the applicable legislation of the Republic of Croatia.
Your personal data shall in no event be exported to a third country or transmitted to any international organization or any recipient in a third country.
We have classified each page in detail to help you understand our data collection and processing practices. If we have processed your data based on your consent which you would not like to withdraw, please contact us.
Providing support to our users
DO WE USE COOKIES OR ANY OTHER TRACKING TECHNOLOGIES?
In short: We may use cookies or other tracking technologies for data collection and storage purposes.
To access or store data, we may use cookies
Cookies are small text files stored in the user’s computer by a web server used by the service provider to access the internet and display their website.
- Cookies are created when the browser of the user’s device uploads a visited web destination, which then sends browser information and creates a text file (cookie). The browser retrieves and sends such cookie to the website’s server each time the user revisits it.
- Our website uses technical cookies (strictly necessary cookies that cannot be disabled) which are necessary for the functioning of the Website, functional cookies (they can be disabled) which allow the Website to provide improved functionality and personalization, and marketing cookies (they can be disabled) which allow tracking visits and sources or traffic to enable us to measure and improve the efficiency of our Website.
Learn more about this in our Cookies Policy.
FOR HOW LONG DO WE STORE YOUR DATA?
In short: We store your data for as long as necessary to fulfill the purposes specified in this Privacy Policy, save as otherwise required by applicable laws or regulations.
We will only store your personal data for as long as necessary to fulfill the purposes specified in this Privacy Policy unless a longer period is prescribed by any applicable laws or regulations.
HOW DO WE PROTECT YOUR DATA?
In short: We aim to protect your personal data by using a system of organizational and technical security measures.
We have implemented appropriate technical, organizational and personnel security measures intended to protect all personal data we process. Please note, however, that we are unable to guarantee that the internet is 100% secure.
WHAT ARE YOUR RIGHTS WITH RESPECT TO THE PROCESSING OF YOUR DATA?
In short: You have numerous rights in connection with the processing of your personal data – below please find a details overview of such rights.
Right to access
You may receive from us confirmation of whether or not your personal data are being processed and, if so, be allowed access to such data and to information about: the purpose of processing, the categories of personal data concerned, the recipients or categories of recipients to whom such personal data have been or will be disclosed, the anticipated period of storing your personal data and the rights of data subjects with regard to personal data processing (such rights are detailed below).
Right to rectification
If your personal data processed by us are incomplete or inaccurate, you may request at any time that we rectify or supplement them by providing a supplementary statement. Please note that you are responsible for providing accurate data and are also required to notify us of any relevant changes to your personal data.
Right to erasure
You have the right to request erasure of your personal data if you think they are no longer necessary for the purposes for which they were collected or otherwise processed, if you have objected to processing based on your legitimate interest, if you think your data have been illegally processed, or if you think you data should be erased pursuant to the applicable law of the Republic of Croatia or the European Union.
Please note that there are reasons which prevent us from erasing personal data, for example if such data are required to be stored for a specific time or permanently.
If you request erasure of personal data that are required to be stored permanently, we will inform you as part of our response to your request for erasure of our inability to erase such data and will also refer to the legal grounds for such permanent data storage.
Right to restriction of processing
You may request that we restrict the processing of your data if:
- you challenge their accuracy during a period in which we are able to verify them;
- the processing was prohibited, but you refuse to have your data erased and instead request that the use of such data be restricted;
- we no longer need such data for the intended purposes but do still need them to satisfy the applicable legal requirements; or
- you have lodged a complaint about the processing of your personal data for the purposes of performing a task of public interest or exercising an official authority.
In case the processing of such data is restricted, such personal data shall, with the exception of storage, only be processed with the data subject's consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest. If you obtain a restriction of data processing, we will notify you before the restriction is lifted.
Right to object
If we collect your data to carry out a task of public interest or exercise an official authority or refer to our legitimate interests during their processing, you may object to such data processing if there is interest in protecting your data. If we refer to our legitimate interests in the course of data processing and you have objected to such processing, we shall no longer process your data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms of the data subject or for the establishment, exercise or defense of our legal claims.
Right to lodge a complaint
If you think we have acted in violation of the law of the Republic of Croatia or the European Union while processing your personal data, please contact us so that we could clarify any issues. You certainly have the right to submit a request to investigate a violation of your rights to the Personal Data Protection Agency.
Right to be notified of personal data breaches
If your personal data are breached despite all measures taken, we will notify you of each such breach without undue delay by providing you with a written notice thereof.
This notice will describe the nature of the personal data breach, provide you with the name of the person from whom you can obtain further information about the breach, describe the likely consequences of the personal data breach, and outline the measures we have taken to resolve such personal data breach, including measures to mitigate any adverse impacts. Such notice will be given in clear and plain language.
Exercise of your rights
If you want to exercise any of your rights, please contact us using the following details:
- dedicated e-mail address: [email protected], mailing address: Savska 31, Zagreb; or
- personally at above address.
We will respond to your requests to exercise rights in accordance with the time limits and authorities defined in the General Data Protection Regulation.
In any event, please note that, when you are exercising such rights, we must unambiguously identify you for the purpose of protecting our rights and privacy.
Such rights may also be exercised by your proxy who must be identified on the basis of a notarized power of attorney, unless the proxy is an attorney-at-law, in which case the power of attorney does not need to be notarized.
If you use any of such rights too often or with a clear intention of abuse, we may refuse to process your request.
Your rights in case data are processed based on consent
If our processing of your personal data is based on your consent, we will ensure that you always provide your consent in the form of a written statement signed personally or electronically and that such consent is voluntary, specific, informed and unambiguous.
Such written statement of consent to the processing of your personal data must be provided for each processing purpose, must be easy to understand and easily accessible and must use clear and plain language.
You may withdraw your consent to the processing of your personal data at any time, of which you will be notified before you give your consent by specifically including such right you have in the written statement of your consent to personal data processing, provided that such consent may only be withdrawn by signing a simple form of statement to be prepared by us.
Please note that, if consent is given for a one-time processing operation and such processing has been completed, your consent withdrawal shall not be effective.
In case you withdraw your consent, we will immediately erase all your personal data, except for those we are required to retain under the applicable legislation of the Republic of Croatia and the European Union.
If you refuse to give your consent in a case where data processing must be based on your consent, we will not be able to establish any legal relationship with you.
DO WE UPDATE THIS POLICY?
In short: Yes, we will update this Policy if we find this necessary to remain compliant with the General Data Protection Regulation or any other relevant legislation.
An updated version will be identified by an updated date (“Revised”) and such updated version will become effective as soon as it becomes available. We recommend that you periodically review this Privacy Policy to be informed of how we protect your data.
WHO CAN YOU CONTACT IN CONNECTION WITH THIS PRIVACY POLICY?
If you have any questions or comments regarding this Policy, please contact our Data Protection Officer at [email protected] or: AKD d.o.o., Zagreb, Savska cesta 31, 1000 Zagreb.