This Policy applies to personal information collected by us. We are bound by regulations of the EU General Data Protection Regulation – GDPR (Official Gazette No. 103/03, 118/06, 41/08, 130/11, 106/12) or other applicable regulations in the Republic of Croatia governing the protection of personal data the way private sector organisations collect, use, process, keep secure and disclose personal information.
how and when the Appenture collects personal information;
how the Appenture uses and discloses personal information;
how the Appenture keeps personal information secure, accurate and up-to-date;
how an individual can access and correct their personal information; and
how the Appenture will facilitate or resolve a privacy complaint.
The Appenture recognises the importance of protecting the privacy of personally identifiable information collected about our customers.
1. Personal information
Personal information to mean information or an opinion, whether true or not, and whether recorded in a material form or not, about an individual whose identity is reasonably identifiable, from the information or opinion. We collect personal information when you (“Visitor”) visit our Website or leave your personal information in Contact form. Generally we will tell you why we are collecting information when we collect it and how we plan to use it or these things will be obvious when we collect the information. We usually collect personal information directly from you although sometimes we may use agents or service providers to do this for us. We may also acquire lists from other sources, both from other companies and from other public documents.It is your responsibility to ensure your personal information held by the Appenture is accurate, up to date and complete.
2. Collection of information
2.1 What kind of personal information does the Appenture collect and hold?
The kinds of personal information that we collect will vary depending on the type of interaction with you and the purpose for collection but may include:
your email address;
information about the browser type and version used;;
credit card details, if you make a payment to us;
country and language; and
device and Operating system.
any other personal information which may be required in order to facilitate your dealings with us.
2.2 How does the Appenture collect personal information?
Generally, we collect personal information when you:
visit our Website;
leave personal info in contact form on Website;
send us an e-mail;
have other dealings with us.
We use “cookies” to make your visit to our Website attractive and to enable the use of certain functions. Cookies are small text files stored in the browser or by the browser on the terminal device. If a Visitor visits a website, a cookie may be stored on the Visitor’s operating system. This cookie contains a characteristic string of characters that allows the browser to be uniquely identified when the website is visited again.
Technically necessary cookies
The personal data collected by technically necessary cookies are not used to create user profiles.
Technically necessary cookies cannot be manually deactivated by you via our website. However, you have the option of using your browser settings to specify that cookies should generally be rejected. Please note that in this case some functions of the website cannot be used.
Functional cookies are displayName, organisationName, email, userRole, userRoleGroup, id used for analytical performance.
Changing the browser settings
Most browsers are set to accept cookies automatically. However, the Visitor can prevent the storage of cookies on its computer by means of appropriate browser settings, which, however, can limit the range of functions of our Website.
The legal basis for the processing of personal data using cookies is point (f) of Art. 6 (1) GDPR.
If you choose to block cookies, you can set your browser to reject cookies or you can manually delete individual cookies or all of the cookies on your computer by following your browser’s help file directions. Note that turning off cookies may also disable functions of many websites you visit.
If you are an iOS user, you can enable Limit Ad Tracking on your iOS device by following instructions here (link: https://support.apple.com/en- us/HT202074).
Android users can opt-out of interest-based ads by following instructions described (link: https://support.google.com/googleplay/android-developer/ answer/6048248?hl=en)
3. Use of information
3.1 What are the purposes for which the Appenture may collect, hold, use and disclose personal information?
Appenture uses the personal information (which is not sensitive information) of Visitors it collects for the purposes for which it was provided to Appenture and for related secondary purposes, to carry out Appenture’s business purposes, to fulfil its legal obligations, other related purposes or as permitted or required by law.
Appenture may use your personal information to
get a better understanding of you, your needs, your behaviours and how you interact with us in order to identify ways in which we can provide you with a better service, or enhance your experience of our website and mobile site or other services;
enhance your experience of the Websites and make the Websites easier for you to use, including remembering your preferences and personalising your experience on the Websites and in the Service;
verifying your identity;
so that we can respond to enquiries and complaint handling;
to comply with our legal and regulatory obligations and enforce our legal rights.
Insofar as we obtain the Visitor’s consent for the processing of personal data on our Website, point (a) of Art. 6 (1) GDPR serves as the legal basis for the processing of personal data.
For the processing of personal data required for the performance of a contract to which the Visitor is a party, point (b) of Art. 6 (1) GDPR serves as the legal basis. This also applies to processing operations that are necessary for the performance of a contractual obligation or pre-contractual measures.
Insofar as the processing of personal data is required to fulfill a legal obligation to which our company is subject, point (c) of Art. 6 (1) GDPR serves as the legal basis.
If processing is necessary to protect a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject concerned do not outweigh the legitimate interest mentioned above, point (f) of Art. 6 (1) GDPR serves as the legal basis for data processing (so-called “weighing of interests”).
In addition, there are other legal bases for the processing of personal data that we have specifically listed in this Policy, where relevant.
Visitor’s personal data will be deleted as soon as the purpose of storage ceases to apply. Furthermore, personal data may be stored if this has been provided for by laws or other regulations to which our company is subject. The personal data will also be blocked or deleted where a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the personal data for the conclusion or fulfillment of a contract.
3.2 Social Networks / External Links
In addition to this Website, we also maintain a presence at various social media sites (e.g. Facebook, Instagram, Twitter, LinkedIn) which you can reach by clicking on the corresponding icon on our Website. Where you decide to visit such a site, they may set third-party cookies. It is possible that further information will be processed by the social network provider in addition to the retention of the data concretely provided by you.
Additionally, the social network provider may process the most important data from the computer system used to visit them, e.g. their IP-addresses, the processor type used as well as the browser version including plug-ins.
Should you be logged in to such a website with your personal account with the social network in question during your visit to such a website, then this social network can also match the visit with your account.
The purpose and scope of the collection of data by the medium in question as well as the further processing of your data as well as your corresponding rights can be reviewed under the terms and conditions of the respective controller.
Additionally, the Website may contain links to other websites that are not owned, operated or controlled by us. As such, we are not responsible for the information on these sites, or their privacy policies.
4. Disclosure of information
4.1 The types of organisations to which we may disclose your personal information
The Appenture will not disclose your personal information to any other third parties unless you have consented to such disclosure. Such consent may be given expressly or it may be implied by conduct.
In particular your personal information may occasionally be disclosed to: (a) our directors, officers, employees and related entities (including entities located overseas), for the purpose of our business and marketing purposes only; (b) subsidiaries and/or affiliates, third party contractors or service providers that we use in the ordinary course of our business to assist with the delivery of our products and services (on a confidential basis and such service providers (so-called “processors”) will be limited in their use of the information to the purpose of our business only); (c) specialist advisers who have been engaged to provide us with legal, administrative, financial, insurance, research, marketing or other services; and (d) any other person authorised, implicitly or expressly, when the personal information is provided to or collected by us.
Some of Appenture’s related entities, or third party service providers to whom we may disclose your personal information, may be located in countries and regions outside EU or may hold your data on servers located outside of EU, including in the United States of America and Australia. We will endeavour to take reasonable steps to ensure that these parties handle such information in a manner that is consistent with the GDPR provisions on the transfer of personal data to so-called “third countries” where applicable and this Policy.
Appenture reserves the right to disclose any personal information (including sensitive information) to law enforcement or other government officials where we reasonably believe that this may be necessary or appropriate, or where it will prevent or lessen a serious and imminent threat to somebody’s safety, life or health.
Appenture will never sell, trade, lease or rent your personal information to third parties.
4.2 Cross border disclosure
Any personal information provided to the Appenture may be transferred to, and stored at, a destination outside EU. Personal information may also be processed by staff or by other third parties operating outside EU who work for us or for one of our related companies.
By submitting your personal information to the Appenture, you expressly agree and consent to the disclosure, transfer, storing or processing of your personal information outside of EU. In providing this consent, you understand and acknowledge that countries outside EU do not always have the same privacy protection obligations as EU in relation to personal information. However, we will take steps to ensure that your information is used by third parties securely and in accordance with the terms of this Policy.
The Regulative requires us to take such steps as are reasonable in the circumstances to ensure that any recipients of your personal information outside of EU do not breach the GDPR. By providing your consent pursuant to the GDPR, we are not required to take such steps as may be reasonable in the circumstances. However, despite this, we acknowledge the importance of protecting personal information and have taken reasonable steps to ensure that your information is used by third parties securely and in accordance with the terms of this Policy.
If you do not agree to the transfer of your personal information outside EU, please contact us via the details set out in Section 10 below.
5. Our Commitment to Data Security
Appenture takes the security of your personal information very seriously. We take reasonable steps to protect the personal information we hold, whether in electronic or other form, from misuse, interference and loss and from unauthorized access, modification or disclosure.
Appenture may retain any personal information you provide during the use of the Websites, for as long as you remain user of the Website, or until you tell us that you no longer wish for us to retain such information and otherwise to the extent permitted by applicable law. We will take reasonable steps to destroy or permanently de-identify personal information we hold if it is no longer needed for Appenture’s business purposes and it is permissible by law to do so. If requested or authorized to do so, we may shorten the retention period.
We may also retain and use your personal information to fulfil our legal obligations, resolve disputes, enforce any agreements to which we are a party, and protect the legal rights and legitimate interests of others and ourselves.
6. Access to personal information
You have the right to obtain confirmation as to whether or not personal information concerning you is being processed; where this is the case, you have the right to request access to personal information that Appenture holds about you in writing by using the contact details below. Appenture will process such request within 1 month to provide a copy of the personal data which is undergoing processing from the controller, further copies may result in the charge of administrative fee that will cover the costs of verifying the application and retrieving the information requested by controller. If Appenture denies an access request, it will provide reasons for doing so.
6.1. Restriction of processing
You have the right to obtain the restriction of processing where one of the conditions detailed in Art. 18 GDPR is met, e.g. where you have objected to the processing, pending the verification of whether the objection should be upheld.
You have the right to obtain the erasure of personal data concerning yourself without undue delay, to the degree that one of the grounds specifically listed under Art. 17 GDPR applies, e.g. where the personal data are no longer necessary for the purposes for which they were collected and the legal retention regulations do not hinder an erasure.
6.3. Data Portability
As per Art. 20 GDPR, you have the right to receive the personal data concerning yourself, that you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data yourself or – where technically feasible – to have this data transferred by us to another controller.
Within the scope of requirements of Art. 21 GDPR, you have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning yourself.
6.5. Withdraw the data protection declaration of consent
You have the right to withdraw at any time the data protection declaration of consent with which you provided us. The withdrawal of the declaration of consent does not affect the legality of processing performed on the basis of the consent prior to its withdrawal.
6.6. Rights in cases of automated decisions
To the degree that we, on an exceptional basis, make decisions in individual cases on an automated basis – including profiling – we are obligated under the legal provisions to make provisions so that you may influence the decision (Art. 22 GDPR).
7. Correction of Personal Information
Appenture will take reasonable steps to ensure that any personal information we hold about you is accurate, complete and up to date. If there are any changes to your personal information, please let us know using the contact details below.
If you request us to, we will take reasonable steps to correct the personal information we hold about you so that it is accurate, complete and up to date, or will provide reasons for not doing so.
You have the right to obtain without undue delay the rectification of inaccurate personal data concerning yourself as well as, where appropriate, the right to have incomplete personal data completed (Art. 16 GDPR).
As an EU citizen without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of personal data related to you infringes provisions of data protection law.
Your complaint will be reviewed by our Data Protection Officer, who will investigate the issue and determine the steps that Appenture will take to resolve your complaint. Appenture will contact you if it requires any further information from you and will notify you in writing of the outcome of the investigation.
If you are not satisfied with Appenture’s determination, you can contact Appenture to discuss your concerns or contact the Croatian Personal Data Protection Agency, through its website at https://azop.hr/data-protection-agency.
9. Changes to this Policy
We may update this Policy from time to time. You can find the most current version on our Website.
10. Contact Details
Controller within the meaning of the GDPR is:
Address: Anina 2/IV, 42000 Varazdin, Croatia, Europe
10.2. Data Protection Officer
If you have any questions or feedback about our Policy, or the way in which we handle your personal data, please contact our Data Protection Officer using the following details:
Address: Anina 2/IV, 42000 Varazdin, Croatia, Europe
Attention: Data Protection Officer