The protection of personal information on the website www.advensys.hr of Advensys engineering d.o.o. is of great importance. The use of this website is possible without providing personal information, but if the user of the website wishes to use some of the services of the site, the processing of personal information may be necessary. If data processing is necessary but there is no legal basis for it, the user will always be asked for consent.
The processing of personal data such as first name, surname, residence address, e-mail address or telephone number of the users of the website will always comply with the General Regulation on the protection of personal data and the legislation of the Member State applicable to this website.
Through this Privacy Policy, we want to inform the public about the nature, scope and purpose of the personal information we collect and process. Furthermore, we hereby wish to inform the users of the Website of their rights.
As Head of Data Processing, this site has implemented a number of technical and organizational measures to ensure complete protection of the personal data being processed.However, the transfer of personal data via the Internet can in theory have security flaws, so 100% protection may not always be guaranteed. For this reason, any user of the website may submit personal information through alternative methods, for example by telephone call.
1. Definitions
The privacy policy of the Advensys engineering d.o.o. website is based on the terms used by the EU Legislation when drafting the General Regulation on the protection of personal data. The privacy policy is readable and understandable to the general public as well as to clients and business partners. To ensure this, we will first explain the terminology used.
In this Privacy Policy, we use the following terms, among others.
1.1. Personal data
Personal information is any information relating to any identified natural person ("User"). An identified natural person is one who can be identified, directly or indirectly, by first and last name, identification number, location data, online identifiers such as the physical, psychological, genetic, mental, economic, cultural or social identity of an individual.
1.2. User (web pages)
Website user is any natural person whose identity is identified or identifiable and whose personal information is subject to processing by the processing manager in charge of processing personal information.
1.3. Processing
Processing is any process or set of processes applicable to personal information, whether it be automated processes such as collecting, recording, organizing, structuring, saving, adjusting or modifying, extracting, viewing, using, transmitting, disseminating or placing available, aligned, restricted, deleted or destroyed.
1.4. Processing restriction
Processing restriction is the marking of stored personal data in order to limit their processing in the future.
1.5. Profiling
Profiling is any method of automated processing of personal data consisting of the use of personal data to determine the personal preferences of an individual, more precisely to analyze and overlook aspects of job performance, economic situation, health, personal preferences, interests, reliability, behavior , locating and moving each individual individual.
1.6. Pseudonymisation
Pseudonymization is the processing of personal data so that properties can no longer be assigned to the user without the use of additional information that is collected so that they are separated and subject to measures of a technical and organizational nature that ensure that the data cannot be applied to any natural person whose is the identity established or identifiable.
1.7. Head of Personal Data Processing
The head of the processing of personal data is any natural or legal person, public institution, agency or other body that alone or in cooperation with others determines the purpose and manner of processing personal data; where the purpose and manner of processing personal data is governed by the law of an EU Member State, the criterion for the selection of the head of processing will be under the jurisdiction of the legislation of the EU Member State.
1.8. Personal data processing contractor
The processor of processing of personal data is any natural or legal person, public institution, agency or other body that performs processing of personal data on behalf of the manager of processing of personal data.
1.9. The recipient
The recipient is a natural or legal person, public institution, agency or other body to whom personal information has been provided, whether third party or not. However, national authorities that receive personal data through a specific query that is in line with EU or Member State law will not be considered as recipients; the processing of personal data by these national authorities will comply with the applicable rules regarding the purpose of the processing of the data.
1.10. Third party
A third party is any natural or legal person, public institution, agency or other body, other than the user, the processing manager or the processing executor, who, with the direct permission of the processing manager or processing executor, is authorized to process the personal data of the user.
1.11. Cajolement
User consent is any well-defined, informed and unambiguous indication of a user's desire that he or she, through a statement or clear affirmative action, expresses consent to the processing of personal data relating to him or her.
You can find out more about consent to the processing of personal data here.
2. Head of personal data processing
The head of the processing of personal data under the General Regulation on the protection of personal data or other laws concerning the protection of personal data applicable in the EU Member States is Advensys engineering d.o.o.
3. Data Protection Representative
We have appointed a Data Protection Officer so that you can contact him for any questions or complaints regarding our privacy policy or the handling of personal information. The contact information of our Data Protection Officer is: info@advensy.hr.
4. Cookies
The personal data processing manager's website uses cookies.Cookies are text files that your browser saves to your computer system.
Many websites and servers use cookies. Many cookies contain so-called cookies.Cookie ID. It is a unique cookie identifier. It consists of a series of characters that websites and servers can assign to the specific browser in which the cookie is stored. This allows the websites and servers visited to differentiate individual browsers from other browsers with different cookies. Each browser can be identified by a unique cookie ID.
By using cookies, the Personal Data Processing Manager website provides visitors with more accessible services that would not be possible without the use of cookies.
The information and offers of the website can be optimized through cookies so that the user and his user experience come first. As stated previously, cookies allow us to identify users of the website. The purpose of this is to make it easier for the user to use the website. For example, a user who uses cookies does not have to enter access information every time they access the website, as this process is downloaded by the website that places the cookie on the computer system. Another example of using cookies is a shopping cart in a web shop. The web store remembers items that the user placed in the cart via cookies.
Respondent may at any time prevent the placement of cookies by editing the settings of the browser he or she uses, and thus may permanently disable the placement of cookies. Furthermore, cookies already set can be removed at any time through any browser. However, if a user disables cookies in their browser, they will not be able to use all the features of the website.
5. Collection of general information and information
The personal data processing manager website collects general information and information when a user or an automated system accesses the website. This general information and information is then saved to the server as log files. The type of browser and its version, the operating system, the website from which this site is accessed (the so-called referrals), the sub-page, the date and time of access to the website, the IP address, the Internet service provider, and other similar information and information are collected can be used in the event of an attack on an information system.
We do not draw any conclusions about the user when using this general information and information. On the contrary, this information is needed to:
properly deliver the
content of the website,optimize the content of the website and its marketing,
ensure the long-term capability of the system and the website,
provide the necessary assistance to government authorities in the case of cyber-attack.
Therefore, the personal data processing manager's website analyzes the anonymously collected data and information statistically in order to increase data protection and security and to ensure the optimum level of protection of all the collected personal data that he or she processes. The anonymous data of the server log files is stored separately from the user's personal data.
6. Registration
Respondent does not have the option of registering independently on the leader's website with his personal information. If the manager creates an account for the user at his personal request or for any other mutually accepted reason, what personal information is transferred to the manager is determined by the corresponding entries used for registration. Personal information entered by the user is collected and stored solely for internal use by the manager and for his own purposes.A manager may request a transfer to one or more services (eg, a service package) that also uses personal information for internal purposes attributable to the manager.
By registering on the manager's website, the date and time of the IP address assigned by the ISP and used by the user are stored. The storage of this information takes place in the background because it is the only way to prevent misuse of our services and, if necessary, to enable us to investigate the offenses committed. The storage of this information is necessary to secure the manager. This information is not transmitted to third parties unless there is a legal obligation to transfer the data or if the transfer serves the purpose of prosecution.
User registration, with a voluntary indication of personal information, is necessary to enable the facilitator to offer content or services that can only be offered to registered users due to the nature of the subject matter. Registered persons may at any time change the personal information provided during registration or completely delete it from the manager's personal data collection.
The data processing manager must at any time provide information on request to each user about what personal data is stored about the user. Furthermore, the personal data collection manager will correct or delete personal data upon request or indication by the data carrier (user), provided that there are no legal storage obligations. All employees of the manager are available to the user in this regard as a contact person.
7. Ability to contact through the website
The personal data processing manager's website contains information that allows for quick contact through electronic media as well as direct communication, including an email address. If a user contacts a personal data processing manager via email or contact form, the transferred personal information is automatically saved. Personal data transmitted voluntarily by the user to the head of the processing of personal data are automatically stored for the purpose of processing or further communication with the user. There is no transfer of this type of personal information to a third party.
8. Deleting or blocking personal information
The data processing manager will only process and hold personal data of the user for the time necessary to achieve the goals of personal data retention or until the deadline allowed by EU legislation or other legislators under the responsibility of the data processing manager.
If the reason for storing personal data cannot be fulfilled or the retention period specified by EU legislation or other competent legislators expires, the personal data of users will be routinely blocked or deleted in accordance with legal requirements.
9. User rights
With respect to data processing, the user has the rights set out in the next few chapters.
If you wish to exercise any of the rights listed below, please complete the "User Request" and mail it to us at:
Advensys engineering d.o.o.
Baštijanova ulica 52A
10000 Zagreb, Croatia by
email at info@advensys.hr.
You can download the Request Template here.
9.1. Right to confirm personal information
Each user has the right guaranteed by EU legislation to receive from the head of the processing of personal data whether his or her personal data is being used or processed. If the user wishes to exercise this right of confirmation, he or she may contact the head of the processing of the personal data at any time.
9.2. Right to access personal information
Every user has the right guaranteed by the EU Legislation to receive free of charge information about their personal data stored as well as a copy of the requested personal data from the data processing manager at any time. Furthermore, European provisions and directives allow the user access to the following information: the
purpose of the processing of personal data;
the type of personal information requested;
the recipient or type of recipients to whom personal data are shared, in particular recipients from third countries or international organizations;
where possible, the envisaged period of retention of personal data or, in the case of impossibility, the criterion determining that period;
the existence of the right of the user to request from the head of the processing of personal data the correction or deletion of personal data, the restriction of the processing of personal data of the user or the right of the user to object against the processing of personal data;
the existence of a right of appeal to the supervisory authority;
if the personal data is not collected directly from the user, information on the source of the personal data is available;
the existence of an automated decision-making process of the General Regulation on the protection of personal data and, in that case, the information available on the logic of automatism, as well as the importance and anticipated consequences for users.
Furthermore, the user is entitled to information if his or her personal information is transferred to third countries or international organizations. In this case, the user is entitled to information about the security measures implemented in the data transfer.
If the user wishes to exercise this right of correction, he or she may at any time contact the head of the processing of personal data.
9.3. Right to Correct Personal Information
Every user has the right guaranteed by the EU Legislation to receive corrections of incorrect personal data at any time from the head of the processing of personal data. Considering the purpose of the processing of personal data, the user has the right to complete his / her incomplete personal data with, among other things, through a supplementary statement.
If the user wishes to exercise this right of correction, he or she may at any time contact the head of the processing of personal data.
9.4. Right to delete personal information
Every user has the right guaranteed by the European legislation to request from the data processing manager at any time to delete the personal data related to the user without delay. The manager of the processing of personal data is obliged to immediately delete personal data where at least one of the conditions applies, until the processing is necessary:
Personal data are no longer needed for the purpose for which they were collected or processed.
Respondent withdrew his consent for the processing of personal data based on the articles and items of the General Regulation on the protection of personal data and where there is no longer a legal basis for processing the data.
The respondent objects to the processing of data according to the articles and items of the General Regulation on the protection of personal data, and there is no legal basis for processing the data, or the user objects to the processing of the data according to the articles and items of the General Regulation on personal data protection.
Personal information has been processed illegally.
Personal data must be deleted in accordance with a legal obligation under EU law or the law of the Member State of the processing of personal data by the national.
Personal data were collected in connection with the provision of information society services in accordance with the articles and items of the General Regulation on the protection of personal data.
If at least one of the above reasons is applicable and the user requests the erasure of personal data collected by the personal data processing manager's website, he or she may contact the personal data processing manager. The personal data processing manager will ensure that the deletion of personal data is carried out immediately.
In places where the data processing manager has allowed the disclosure of personal data and it is mandatory to delete the personal data, the data processing manager will take reasonable steps, including technical measures, to inform other data processing managers, taking into account the technical feasibility and costs of the application. that the user has requested to delete all links, copies or replicas of personal data until their processing is no longer required. The Personal Data Processing Manager on the Personal Data Processing Manager's website will ensure that these measures are implemented on a case-by-case basis.
9.5. The right to restrict the processing of personal data
Each user of the EU legislation has guaranteed the right to ask the leader of the processing of personal data obtains the right to limit the processing of personal data in cases where the following applies:
The accuracy of personal data is contested by the user allowing the leader of the processing of personal data to verify the accuracy of personal information.
The processing of personal data is illegal, and the user opposes the deletion of personal data and instead seeks a restriction on the use of said personal data.
The personal data processing manager is no longer required to process, but the user is required to establish, implement or defend legal claims.
The respondent objected to the processing of personal data in accordance with the articles and articles of the General Regulation on the protection of personal data, waiting to verify that the legal basis of the head of the processing of personal data exceeds that of the users.
If at least one of the reasons above applies, and the user requests a restriction on the processing of personal data collected by the website of the processing manager, he or she may contact the processing manager. The head of the processing of personal data will provide a restriction on the processing of personal data.
9.6. Right to portability of personal data
Each user under EU law is guaranteed the right to receive personal data relating to him or her by the head of the processing of personal data, in a structured, mostly used and legible format. The Respondent has the right to transfer the said personal data to another Head of Personal Data Processing from the current Head of Personal Data Processing without any interference, as long as the processing of personal data is based on consent in accordance with the General Regulation on the protection of personal data or under contract under the General Regulation on the protection of personal data, and the processing of data is carried out automatically, until the processing of data is necessary for tasks of public interest or for the official duty of the head of the processing of personal data.
Furthermore, under the existing right to transfer of personal data, the user has the right to transfer his or her personal data directly between the processing manager of the personal data where technically feasible and where this procedure does not endanger the rights and freedoms of other users.
In order to exercise its right to the transfer of personal data, the user may at any time contact the head of personal data processing of the website.
9.7. Right to object
Each user under EU law is guaranteed the right to object based on his or her own situation, at any time, to the processing of personal data relating to the user, based on the General Regulation on the protection of personal data. It may also apply to profiling based on this Regulation.
The personal data processing manager's website will not continue processing personal data unless there is a serious legal basis for the processing of personal data, which may override the interests, rights and freedoms of users or to establish, enforce or defend legal claims.
If the personal data processing manager's website processes personal data for marketing purposes, the user has the right to object at any time against the processing of personal data used for those purposes. This also applies to profiling that is closely related for the purposes of such direct marketing. If a user objects to the processing of personal data for direct marketing purposes, the website of the personal data processing manager will no longer process the personal data of the user for direct marketing purposes.
In addition, the user has the right to complain against the processing of personal data by the website of the processing manager of the personal data, which is used for scientific or statistical purposes, unless its processing is necessary for the public interest.
In order to exercise the right of objection, the user may at any time contact the manager of the personal data processing of the manager's website. In addition, in the context of the use of information society services, despite the Regulation, the user can exercise his right to object by automated means using technical specifications.
9.8. Automated decision making and profiling
Each user under EU law is guaranteed the right not to be subject to decisions based solely on the automated processing of personal data, including profiling, which may have legal or similar consequences for him or her, as long as the decision is not part of the agreement between the user and the manager the processing of personal data is either not authorized under EU law or by individual Member States which take appropriate measures to safeguard the rights, freedoms and interests of users or is not based on the express consent of the users.
If the decision is necessary for a contract between the user and the head of the personal data processing or is based on the express consent of the user, the website of the personal data processing manager will implement measures that will safeguard the user's rights, freedoms and interests, minimum right to human intervention by the personal data manager to whom he will express his position and challenge the decision.
If the user wishes to exercise the rights regarding automated individual decision-making, he or she may at any time contact the head of the personal data processing of the web site of the head of the personal data processing.
9.9. Right to withdraw and terminate the privilege
Each user under EU law is guaranteed the right to withdraw and / or withdraw their consent to the processing of personal data at any time.
If a user wishes to exercise the right to withdraw and / or withdraw their consent, he or she may at any time contact the personal data processing manager of the personal data processing web site manager.
10. Protection of the applicant's data and the processing of the submitted data
The processing manager collects and processes the personal data of the applicant for the purpose of processing the request. Processing can also be done electronically. This is the case if the applicant submits the relevant application documents by email or through a web form on the manager's website. If the manager concludes an employment contract with the applicant, the information provided will be stored for the purpose of carrying out the employment relationship in accordance with legal requirements. If the manager has not concluded a contract of employment with the applicant, the applications shall be automatically deleted two months after notification of the rejection decision, provided that no other legitimate interests of the manager are opposed to deletion.
11. Provisions relating to analytical systems
Analytics systems are online services that allow you to monitor and analyze traffic to web pages. They give the website owner specific information about the users' movements on the website, which sub-pages are most visited, which links the users most often open, etc. This allows the website owner to adjust its content and functionality to the user's preferences.
11.1. Google Analytics Provisions (with anonymization feature)
Google Analytics Manager (anonymization) features are embedded on the Personal Data Processing Manager website. Google Analytics The Internet is a service that collects and analyzes visitor behavior data on a website. The web analytics service, among other things, collects information about the website the user came from, which sub-pages he visited, or how often and how long he viewed a particular sub-page. Web analytics is used to optimize the website and to conduct analysis of advertising on the Internet.
Google Analytics is owned by Google Inc., 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, USA.
For web analytics purposes through Google Analytics, a personal data processing manager uses an application through which a user's IP address is shortened by Google and anonymized when a leader's website is accessed by a user from an EU Member State or other country within the jurisdiction of the European Economic Area.
The purpose of the Google Analytics Component is to analyze the traffic to the Leader’s website Google uses the information and information collected, including to evaluate the use of the website and to provide reporting that displays activity on the website and to provide other services related to the use of the website .
Google Analytics places the cookie on the user's computer system. The definition of cookies is already explained in this document. Setting cookies enables Google to analyze the use of the website. Each visit to a sub-page of a web site operated by a head of personal data processing and incorporating a Google Analytics component will automatically provide the Google Analytics component with the information necessary for the purpose of online advertising and the calculation of a fee belonging to Google. During this technical procedure, Google will receive personally identifiable information, such as the user's IP address (used to understand where visits and clicks are coming from, and creates a commission calculation based on this).
The cookie serves to store personal information such as the time of access to the website, the location from which it is accessed, and the frequency of user access to the website. With each visit to the Leader's website, such personal information, including the user's IP address, will be forwarded to Google and placed there. Google may pass on this personal information through a technical procedure to a third party.
As stated above, the user may prevent cookies from being set by appropriate browser modifications at any time. Such modifications would also prevent Google Analytics from placing a cookie on the user's computer system. It is also possible to delete cookies already set via a browser or other software solution.
In addition, the user may object to the collection and processing of personal data generated by Google Analytics related to the use of the manager's web site. In order to do this, the user must download and install the browser add-on located at https://tools.google.com/dlpage/gaoptout. This plugin lets Google Analytics know that user visit information may not be collected and processed by users. Google considers the installation of this add-on browser a valid objection to the collection of personal information. If at any further time a user’s computer system is deleted, formatted or reinstalled, the user will need to reinstall the add-on to disable Google Analytics. If for some reason the user or authorized person has removed the browser add-on, or the browser add-on is disabled, it can always be reinstalled or activated.
Additional information and Google's guidelines regarding personal data protection can be found at the following links: https://www.google.com/intl/en/policies/privacy/ and https://www.google.com/analytics/ terms / us.html.
Additional information regarding Google Analytics can be found at https://www.google.com/analytics/.
12. Legal basis for the processing of personal data
Article 6, paragraph 1, subparagraph A of the General Regulation on the protection of personal data is the legal basis for the processing of personal data for which we have obtained consent.
If the processing of personal data is necessary for the performance of the contract of which the user is a part, such as when the processing of personal data is necessary for the supply of goods or services, the processing of personal data is based on Article 6, paragraph 1, subparagraph B of the General Regulation on the protection of personal data. The same applies when processing personal data that are required to carry out pre-contractual measures, eg for inquiries regarding products or services.
If a legal or natural person is the subject of a legal obligation where the processing of personal data is necessary, such as compliance with tax obligations, the processing of personal data is based on Article 6, paragraph 1, subparagraph C of the General Regulation on the protection of personal data.
In rare cases, the processing of personal data is necessary to protect the interests of users or other natural persons. For example, if a user is injured when they visit the site of the owner of this site, personal information such as name, age, health insurance information or other vital information will need to be forwarded to a doctor, hospital or third party. Such processing of data is based on Article 6, paragraph 1, subparagraph D of the General Regulation on the protection of personal data.
Finally, the processing of personal data may also be based on Article 6, paragraph 1, Subparagraph F of the General Regulation on the protection of personal data. This legal basis is used in the processing of personal data when no previous legal basis is applicable, if the processing of personal data is necessary for the legitimate interests of the website owner (data processing manager) or a third party, except in situations where the said interests jeopardize the underlying rights and freedoms of users, which require protection of personal data. Such processing of personal data is particularly permissible since it is specifically mentioned by EU legislation. It is envisaged that it may be possible to invoke a legitimate interest if the customer is the client of the manager of the processing of personal data.
13. Legitimate interests of the personal data processing manager or third party
In places where the processing of personal data is based on Article 6, paragraph 1, Subparagraph F of the General Regulation on the protection of personal data, the legitimate interest is to conduct business for the benefit of the employees and / or shareholders, if any.
14. Period of storage of personal information
The criterion for determining the storage period of personal data is determined by law by the maximum storage period.After this period, personal information is routinely deleted until it is no longer needed to fulfill the contract or to conclude it.
15. Provision of personal data, obligations of users and consequences of not providing data
We need to clarify that the provision of personal information is partly required by law (eg tax provisions) or may result from a contractual obligation (eg contractual partner information). Sometimes it is necessary to conclude a contract so that the user provides personal information which is then processed. For example, a respondent is required to provide personal information when entering into a contract with the website owner. Refusal to provide personal information will result in an inability to contract. Before the user provides personal information, they will need to contact the website owner. The owner will then indicate to him whether the provision of personal data is legally or contractually necessary, ie whether it is necessary for the conclusion of the contract, whether there is an obligation to provide personal data and, ultimately, the consequences if he refuses to provide personal data.
16. Existence of an automated decision-making process
As a responsible business partner, we do not use the automated decision-making process (profiling) on this site.
17. Security Statement
Data security on these sites is ensured through the use of Secure Socket Layer (SSL) security protocol with 128-bit data encryption. The exchange of information is thus protected from unauthorized access.
18. Accuracy, completeness and timeliness of information
We are not responsible if the information available on this site is incorrect or incomplete. The materials on this site are used at your own risk. You agree that it is your responsibility to keep track of any changes to the materials and information contained on this site.
19. Intellectual property rights
All copyrights and other intellectual property rights contained in all texts, images and other materials on this site are the property of the personal data processing manager or incorporated with the permission of the appropriate owner.
You are allowed to browse the site, play excerpts through print, save to your hard drive, all for your private non-commercial purposes. All material on this site may be published provided that you retain copyright and other proprietary rights. No reproduction of any portion of these sites may be sold or distributed for commercial purposes and may not be modified or incorporated into any other business, publication or web site.
Trademarks, logos, signs, slogans and service marks displayed on this site belong to the manager of the processing of personal data. All content on these sites should not be construed as permission to use any trademarks or logos displayed on these sites. Your use and / or misuse of any of the contents of these sites is strictly prohibited. If you violate this prohibition, the data processing manager will fully enforce your legal right to intellectual property, including a criminal complaint for serious misconduct.
20. Privacy protection
Privacy policy describes how the personal data processing manager handles your personal information that he or she receives while using the Website. Personal information includes your identification information: name and surname, e-mail address, home address, OIB and telephone number, or information that is not otherwise publicly available and which the manager learns about while using these websites. The processing manager agrees to use your personal information for identification purposes only when using the site, to enable you to use all the options provided. The Manager will keep your personal information confidential, will not distribute it, publish it, give it to third parties for use, or otherwise make it available to any third party without your prior consent.
If you wish to exercise your rights, please send your request by mail to:
Advensys engineering d.o.o.
Baštijanova ulica 52A
10000 Zagreb, Croatia by
email at info@advensys.hr.
21. Electronic communication
By visiting the websites of the personal data processing manager, you communicate electronically. You hereby acknowledge that all agreements, notices, communications and other content provided to you electronically satisfy the frameworks as if they were made in writing.
22. Modification of Terms and Conditions
The Personal Data Processing Manager reserves the right to change and update these terms and conditions without prior notice. Any changes will be posted on this site.
Date of last publication: 2019-08-13.