Racunovodstvo.hr d.o.o, Zagreb, Ulica Dure Crnatka 12 (office: Zagreb, Ulica Pere Budmanija 5) (hereinafter: Racunovodstvo.hr), pays special attention to the protection of personal data and privacy (hereinafter: protection of privacy) of its users in accordance with applicable regulations and European best practice. Protecting user privacy is an integral part of our services and products and an important factor in the user experience.
The policy does not diminish the rights and obligations of users in relation to the processing of personal data, which users have on the basis of applicable regulations and possible contractual provisions on personal data protection. The policy is a unilateral legally binding act of Racunovodstvo.hr.
- Principles of Personal Data Processing
- How We Collect Personal Information
- What Types of Personal Data We Collect
- For What Purposes do We Use the Collected Personal Data
- Linking Personal Data
- User Consent
- How We Protect Personal Information
- Where Personal Data is Processed
- Under What Conditions do We Pass on Personal Data to Third Parties
- User Rights (Correction, Deletion, Objection, Access, Restriction of Processing, Transferability)
- Who to Talk to
- Amendments and Transitional Provisions of the Policy
The policy applies to all personal data of users that Racunovodstvo.hr collects, uses or otherwise processes, directly or through its partners. Personal data is any data relating to a natural person whose identity has been or can be established, directly or indirectly (hereinafter: data or personal data). Data processing is any action performed on personal data, such as the collection, recording, storage, use, transfer of personal data and access to personal data.
The policy does not apply to anonymous data. Anonymous data is data that has been modified in such a way that it cannot be linked to a specific natural person or cannot be linked without disproportionate effort and therefore, in accordance with the applicable regulations, is not considered personal data. Racunovodstvo.hr applies the best European practice of data anonymization.
The policy applies to all services and products of Računovodstva.hr that include the processing of personal data. Racunovodstvo.hr services are all services provided by Racunovodstvo.hr. The last statement of the user’s will regarding the processing of personal data applies to all other services of Racunovodstvo.hr that the user uses. For example, if the user did not give any of the consents when contracting one service, but gave that consent subsequently, when contracting another service, it will be considered that he has given that consent. Also, the reverse is true, if the user gave one of the consents when contracting the first service, but subsequently denied that consent when contracting the additional service, it will be considered that he did not give the consent in question for the first service. Računovodstvo.hr guides users according to the identification user number (ID) and, as a rule, one user has one ID to which the aforementioned rules apply. If the user has multiple IDs, it is possible to collect and record consents for each of them separately.
Racunovodstvo.hr is, as a rule, the head of processing in relation to the personal data of its users in terms of applicable regulations on personal data protection.
The policy primarily refers to natural persons who submit a request or use the services of Racunovodstva.hr (hereinafter referred to as Users) and / or are interested in using the services of Računovodstva.hr (hereinafter: Potential users). However, taking into account the legitimate interests of users who are legal entities, the Policy is appropriately applied to legal entities in accordance with the applicable regulations. In order to avoid ambiguities, the Policy in any case fully applies to employees of legal entities using Racunovodstvo.hr when these employees are also in a contractual relationship with Racunovodstvo.hr.
2. Principles of Personal Data Processing
We want to be a reliable partner to Users in protecting their privacy and justify the trust they have placed in us. We also want to be completely transparent and clear regarding the processing of the User’s personal data. This is, among other things, the purpose of this policy, and especially through the active role of the User in data management. Users can always contact us with a request to change personal data relating to them or to express their will as to the purposes for which they want or do not want their data to be processed.
2.2. Legality and Best Practice
When processing personal data, we act in accordance with the law, but at the same time we always strive to apply higher standards and best European practice.
2.3. Limited Processing Purpose
We collect and process personal data only for a specific and lawful purpose and do not further process them in a manner that is not in accordance with the purpose for which they were collected, unless otherwise provided by law or with the consent of the user.
2.4. Reducing the Amount of Data
We always use only those data of the User that are appropriate and necessary to achieve a certain legitimate purpose, and not more data than that.
2.5. Processing in an Unnamed Form
Whenever possible and justified, we use the data in an unnamed form. Data in an unnamed form is considered primarily anonymous data. However, whenever possible and justified, especially for the protection of the User’s personal data, we pseudonymize personal data, i.e. we “mask” them with special pseudonymization procedures (e.g. substitution, hashing, etc.) in such a way that they cannot be connected to an individual User without use of additional information that is stored securely and separately (e.g. use of a key).
2.6. Integrity and Confidentiality
We process personal data in a secure manner, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage (e.g. access to personal data of users is available only to authorized persons who need it to perform their work, not other employees).
2.7. Quality of Personal Data
We attach great importance to the quality of the data we process. The personal data we process must be accurate, complete and up-to-date in order to ensure maximum protection of the User’s data and to prevent possible misuse. That is why it is important for us that the User informs us about any change in the data immediately or as soon as possible.
2.8. Limited Storage Time
We store and process the User’s data only for as long as is necessary for the execution of a certain legitimate purpose, unless the applicable regulations provide for a longer or shorter storage time for a particular purpose or in other cases expressly prescribed by law. After that, the data is permanently deleted or made anonymous.
3. How We Collect Personal Information
Racunovodstvo.hr collects personal data (hereinafter: data) of the User in the following basic ways:
3.1. Directly from the User or Potential User
We primarily collect data from the User or Potential User by providing it to us.
3.2. Automatically When the User Uses the Services and/or Products
For example, we collect information about the number called, the duration of the call, information about the Internet connection, IP address, communication time, and the like.
3.3. From Publicly Available Sources
For example, data from the court register, public telephone directory, publicly available services or publicly available numbering. A prerequisite for any collection of personal data of the User is the existence of an appropriate legal basis based on law.
4. What Types of Personal Data We Collect
Depending on the contracted service or product, the User’s consent and the purpose for which the individual data is used, Racunovodstvo.hr is authorized to collect the types of User data listed below. In doing so, we always collect only those data that are necessary to achieve a certain legitimate purpose. Also, the requests for individual services indicate the information that is mandatory for the conclusion of the contract, while the provision of other information is voluntary.
4.1. Contract Data
Contract data in a broader sense include the so-called master data, ie data provided by the User for the purposes of concluding and executing the contract.
4.2. Usage Data
Data on use in the narrower sense are generated automatically, using certain services and products Racunovodstvo.hr because they are necessary for the provision of the service and, for example, include: data on electronic communications (so-called traffic data, eg date, time, duration of communication on the number of the caller and the called number, on the signalization, on the approximate location of the device, data on the user’s device, the amount of used data traffic, IP address), data on how to use services and user habits when using products and services.
4.3. User Communication with Racunovodstvo.hr
For example, written or electronic communication of the User with Racunovodstvo.hr, communication with Racunovodstvo.hr on social networks, etc.
4.4. Viewership data
For example, data on YouTube channel views, posts on other social networks and the like.
4.5. Potential Beneficiary Data
This information includes personal data, especially contact information (e.g. name and surname, e-mail address), but also the interests of the Potential User for Racunovodstvo.hr services. As a rule, Racunovodstvo.hr will record the data of those Potential users who contact Racunovodstvo.hr with the wish that Racunovodstvo.hr informs them and / or offers them certain products and / or services. Potential Beneficiary data is deleted or anonymized at the request of the Potential Beneficiary.
5. For What Purposes do We Use the Collected Personal Data
5.1. Execution of the Contract
Racunovodstvo.hr collects and processes user data (hereinafter: uses) primarily for the purposes of concluding and executing contracts between the User and Racunovodstvo.hr. This includes in particular the use of data to verify the identity of the User, the solvency of the User, the provision of the contracted service, billing and collection of costs, delivery of ordered products, contacting the User if necessary in connection with the service, resolving complaints, monitoring and ensuring quality and safety and products, customer support, advice and assistance in the use of products and services and other actions related to the conclusion and execution of contracts in accordance with the law.
The legal basis for data processing for these purposes is the necessity to execute the User’s contract or to take measures at the request of the User before concluding the contract. In the event that the user does not want to provide the information necessary for the purposes of concluding and executing the contract, Racunovodstvo.hr will not be able to conclude the contract and / or perform certain actions related to the execution of the contract.
5.2. Internal Purposes
Furthermore, Racunovodstvo.hr uses certain data of the User exclusively for the needs of Racunovodstvo.hr’s own records, and for the purposes of protecting the legitimate interests of the User and / or Racunovodstvo.hr. This includes, for example, the use of User data to prevent, detect and prosecute abuse to the detriment of the User or Racunovodstvo.hr, ensure the safety of employees, users, products and services of Racunovodstvo.hr, create services and offers that meet the needs and desires of the User, ensure superior customer service. experiences, personalized customer support, market research and analysis, etc.
The legal basis for data processing for these purposes is the legitimate interest of Racunovodstvo.hr, except when the interest or fundamental rights and freedoms that require protection of the User’s data and / or the legal basis for the protection of key interests of the User or other natural person are stronger than that interest.
5.3. Direct Promotion of Services and Products
Racunovodstvo.hr may also use all of the User’s contact information to send promotional notices about all Racunovodstvo.hr services and products through all advertising channels, unless the User specifies otherwise. In order for the User to receive notifications that correspond to his wishes and habits, it is necessary that Racunovodstvo.hr uses certain data of the User to create personalized promotional notices and offers for the User. The user may at any time declare that he no longer wishes to receive promotional notices. In this case, the User’s data will no longer be processed for the purposes of direct promotion. Racunovodstvo.hr will send promotional notices about the services and products of third parties (partners) to the User only with consent.
5.4. For the Purpose of Fulfilling Legal Obligations
Based on a written request based on applicable regulations, Racunovodstvo.hr is obliged to submit or provide access to certain personal data of the User to the competent state bodies (e.g. courts, police, Tax Administration).
6. Linking Personal Data
If necessary, we connect the personal data of the User related to a particular service or product of Racunovodstvo.hr with the personal data of the same user related to other services and products of Racunovodstvo.hr, all for the aforementioned purposes and respecting the legal bases in order to obtain more accurate information about needs and habits. User and ultimately be able to provide the User with optimal support, service and / or product.
If necessary, we process the personal data of the User together with the data of other Users. However, such processing is generally based on completely anonymous data or the explicit consent of the User to process a certain type of data, and only exceptionally on the legitimate interest of Racunovodstvo.hr, if the data is pseudonymous.
When concluding the contract, Racunovodstvo.hr, processing the User’s data, concludes about the so-called the Beneficiary’s profile with regard to the Beneficiary’s ability to meet its future obligations and accordingly decide on concluding a contract or requesting additional payment security for the purpose of concluding a contract, all in accordance with special regulations.
7. User Consent
The consent of the User is considered to be a voluntary, special, informed and unambiguous expression of the User’s wish by which the User, by a statement or clear confirmatory action, gives consent for the processing of personal data for certain purposes (so-called opt-in). Consent may be given in writing or by other appropriate means. Without the consent of the User:
we will never use the following data of the User for any purposes other than the execution of the contract, ie the provision of services, prevention of abuse, normal functioning or fulfillment of the legal obligation Racunovodstvo.hr, and especially not for the purposes of direct promotion;
- we will never send third-party promotional messages to the user;
- we will never process the User’s data in other cases where consent is required by applicable regulations.
The user manages his expressions of will regarding the use of his own data, depending on his needs and interests. For this purpose, we enable the User to give or deny consent at any time in a simple and free manner, through various channels.
Racunovodstvo.hr publishes personal data of users on social networks only with the consent of the user. The publication of personal data on social networks is carried out only in the case of the implementation of prize games via social networks. In the event that the user wishes to participate in these prize games, he will be informed of the conditions for the use of personal data for the purposes of participating in the prize game. This personal data will not be used for other purposes. The type of personal data collected for the purpose of realizing prize games is the minimum set of data necessary for the realization of each prize game. Only by accepting the conditions of participation will the personal data be used for the purpose defined above. At any time, the user can withdraw his consent to participate in the prize game and the given data will be deleted.
9. How We Protect Personal Information
We use various technical and organizational measures to protect the User’s data from unauthorized access by persons inside and outside Racunovodstvo.hr, alteration, loss, theft and any other data breaches and misuse in accordance with European best practice. These measures include, but are not limited to, the following:
- our services and products, before we offer them to Customers, meet security and data protection requirements (so-called privacy by design and security by design);
- best practice of data anonymization;
- concluding a contract on personal data protection of the User with all so-called subcontractors;
- implementation of all protection measures on the systems on which the User’s data are located;
- conducting regular controls of security measures and personal data protection measures;
- continuous education of employees.
10. Where Personal Data is Processed
As a rule, we process the User’s personal data in the Republic of Croatia. We also process them exceptionally in other countries (e.g. when a subcontractor from another country is hired to provide a certain service or part of a service that includes the processing of personal data), as a rule in the Member States of the European Union. We process them exceptionally in other countries as well, but always with the provision of adequate protection of personal data, at least in the way that personal data is processed in the Republic of Croatia (e.g. by applying the so-called EU Standard Contract Clauses for processors in third countries).
11. Under What Conditions do We Pass on Personal Data to Third Parties
User data are extremely important to Racunovodstvo.hr. Racunovodstvo.hr never sells the User’s personal data to anyone. Racunovodstvo.hr does not forward or exchange the User’s data with any other legal or natural persons (hereinafter: persons), except in the following cases:
a) if there is a legal obligation or explicit authority under the law (e.g. at the request of the court);
b) if we hire another person to perform certain tasks as the so-called subcontractors, ie executors of processing (e.g. printing and delivery of invoices, market research, system maintenance, verification of solvency, forwarding to debt collection agencies for collection of receivables). It is important to emphasize that the so-called. the subcontractor acts exclusively on the order of Racunovodstvo.hr and Racunovodstvo.hr ensures all measures of data protection of the User as if these tasks are performed by Racunovodstvo.hr.
c) if the data needs to be forwarded to third parties in order to perform the contract with the User (e.g. number portability);
d) if the other person is the holder of the User Agreement for the services used by the User;
e) cession, i.e. assignment of claims to third parties pursuant to Article 80 of the Civil Obligations Act;
f) based on the consent of the User.
12. User Rights (Correction, Deletion, Objection, Access, Restriction of Processing, Transferability)
In addition to the active role of the User in relation to the management of consents, ie the right of the User to withdraw consent at any time, the User also has the following active roles, all in accordance with applicable regulations:
a) The right to object: The user has the right to request at any time to stop receiving promotional notices about the services and products of Racunovodstvo.hr. The user also has the right to object to any other processing of user data based on the so-called. legitimate interest of Racunovodstvo.hr, including the development of a profile based on these provisions (so-called opt-out). In that case, Racunovodstvo.hr will not process the data for the stated purposes, unless otherwise prescribed by law.
b) obligation to keep data: The User has the obligation to keep secret and with due care all identification marks assigned to him by Racunovodstvo.hr (e.g. username, password, etc.) because all actions taken with the User’s identification marks are considered actions of the User. Also, the User is obliged to change the password or other access data as soon as he suspects the unauthorized use of this data and to inform Racunovodstvo.hr in case of suspicion of misuse of identification marks.
c) right of access: The User has the right to receive confirmation whether the User’s personal data are processed and, if such personal data are processed, access to such data and information on the purpose of processing, personal data categories, recipients or categories of recipients, on the envisaged period data to be stored or on the criteria used to determine that period, the existence of the User’s rights, the existence of automated decision making, including profile creation, and information on processing logic, importance and anticipated consequences of processing, protective measures if data is transferred to the so-called. third countries.
d) right to erasure: The user has the right to obtain the erasure of personal data relating to him without undue delay and under the conditions specified in the applicable data protection regulations.
e) right to correction: The User has the right to obtain the correction of inaccurate personal data relating to the User.
f) the right to data portability: The User has the right to receive personal data relating to the User, provided by Racunovodstvo.hr, in a structured, commonly used and machine-readable format and has the right to transfer this data to another controller if the processing is based on consent or on contract and is carried out automatically. If this is technically feasible, the User has the right to a direct transfer from Racunovodstvo.hr to another processing manager.
13. Who to Talk to
The User may exercise his rights referred to in Article 12 by submitting an appropriate request to the e-mail [email protected] or postal address Racunovodstvo.hr d.o.o, Ulica Pere Budmanija 5, 10000 Zagreb or in another way provided by Racunovodstvo.hr to the User, about the type of request.
If the User suspects a breach of his personal data, he reports his suspicion in writing to the e-mail address [email protected] or the postal address Racunovodstvo.hr d.o.o., Ulica Pere Budmanija 5, 10000 Zagreb.
In case of any questions about this Policy and / or protection of personal data at Racunovodstvo.hr, the User can contact the e-mail [email protected].
Also, the User is authorized to file a complaint to the Agency for Personal Data Protection.
14. Amendments and Transitional Provisions of the Policy
The policy enters into force and begins to apply to users on 25 May 2018 and is available on the website and in the business premises of Racunovodstvo.hr. Users will be notified of possible changes to the Policy in a timely manner, including through publication on the Racunovodstvo.hr website.