Privacy & data protection statement The purpose of the document This document describes the privacy policy of Net media SISTEMI d.o.o. from Split, Croatia. The document describes the handling of customer data in an appropriate manner, in accordance with Croatian and EU laws. Applicability and current version The assertions in the statement relate to customer data provided to us as a part of a business collaboration with Net media SISTEMI d.o.o or generated during a business collaboration. This statement is part of the Company's Personal Data Protection Policy and as such will be updated as necessary due to changes in business circumstances or legal provisions. The latest and currently valid version of the statement is available at sistemi.hr/zp. Article 1 - Introduction The processing of personal data such as: name and surname, residence and residence address, email address, telephone number, other contact information, photographs, videos, audio recordings is always made in accordance with the General Data Protection Regulation (GDPR). This statement provides information on the nature, scope and purpose of the processing of personal data collected and performed by Net media SISTEMI d.o.o, as well as information on the rights and obligations of respondents under the General Data Protection Regulation. Net media SISTEMI d.o.o. uses collected data for fulfilling orders and contact obligations. The data being processed will be stored only as long as is necessary for the purpose and after that it will be blocked or deleted. Article 2 - Data protection contact and supervisory authority Contact for data protection issues in Net media SISTEMI d.o.o. Supervisory authority Net media SISTEMI d.o.o.Kvaternikova 12 HR-21000 Split www.sistemi.hr info@sistemi.hrtel: +385(0)21 555 888 Personal Data Protection Agency (AZOP)Ulica grada Vukovara 54HR-10000 Zagrebwww.azop.hr azop@azop.hrtel. +385 (0)1 4609 000fax. +385 (0)1 4609 099 Each respondent has the right to contact Net media SISTEMI d.o.o. regarding questions and suggestions for data protection. Article 3 - Sharing personal information with third parties Respondents' data will not be shared with third parties and will be used to process orders and fulfill contractual obligations. Data will only be transmitted if it is necessary for the execution of an order or contractual obligations (e.g. bank, accounting, tax administration, etc.). The transmission of data is carried out in accordance with the GDPR, laws and regulations of the Republic of Croatia and the EU. The data being forwarded is limited to the minimum required. Article 4 - Information, correction, blocking and deletion of data According to the regulations on data processing, there is a right to data information, confirmation of data, right to rectification of data, right to block, right to delete (right to be forgotten), forwarding of data, and right to object to processing. To correct the data, we need change notification from the respondent. The data will be deleted if the contractual, legal or tax deadlines for which the data must be retained have expired. Article 5 - Period of storage of personal data The storage period of personal data is determined according to contractual, legal or tax deadlines. At the end of that period, the data will be deleted if, in the meantime, it has not become necessary due to new orders, fulfillment of contractual obligations or new cooperation negotiations. Article 6 - Data security The protection of personal data is carried out using appropriate technical and organizational measures. Safeguards relate to protection against unauthorized, unlawful and accidental access, loss of processing and manipulation. Regardless of the safeguards and precautions taken, it cannot be ruled out that information provided via the Internet will not be visible to a third party. In this case Net media SISTEMI d.o.o. cannot be held responsible for the disclosure of data resulting from data transmission errors or unauthorized access by third parties (eg hacking). Article 7 - Breach of data confidentiality In case of breach of confidentiality Net media SISTEMI d.o.o. have to notify the data protection supervisory authority without delay or within 72 hours of the occurrence of the breach, unless the breach of data confidentiality does not present a risk to the respondents' rights. In exceptional and justified cases, the supervisory authority may also be notified after the expiry of the 72-hour period from breach if it is assessed that there is a high risk of endangering the respondents' rights. The respondent will be notified immediately. Article 8 - Profiling Net media SISTEMI d.o.o. do not perform automatic profiling as a basis for decision making. Article 9 - Data protection on servers and in the cloud Data hosted on Net media SISTEMI servers (Web sites, web shops, hosting, etc.) may contain personal information and as such are protected under the provisions of the General Regulation (GDPR). Net media SISTEMI d.o.o. and its employees are required to ensure data protection and to ensure compliance with the GDPR and applicable laws. Article 10 – Client’s obligations Net media SISTEMI d.o.o. Clients are responsible for their own privacy policy and its implementation, as well as for compliance with the general provision on personal data protection (GDPR).