1.1 Purposes and Legal Bases for Processing Personal Data
At the time of submitting personal data, the respondent agrees to contact with the processing manager / processor, thereby entitling the processing manager / processor to process personal data in accordance with the stated purpose. The privacy of the respondent’s personal data is permanent.
The processing manager / processor is collecting and processing the personal data in accordance with the provisions of the General Data Protection Regulation. The data collected shall be kept in an appropriate manner and secured by their confidentiality. The collected data will not be passed on to third parties without the applicant’s request and / or approval. Only those personal data that the respondent voluntarily submits are collected. The processing manager / processor does not require the data subject to submit the data. The processing manager / processor will not send the unsolicited mail to the respondent. The Processing Manager is not responsible for a random mistake or error due to force majeure or other objective circumstances causing an accidental violation of the protected protection of the respondent’s personal data, but warrants that the error will be removed, if possible as soon as possible. Processing Manager does not sell, transmit or disclose personal information to anyone without a licensee’s permission.
1.4 Data secrecy
The Processing Manager declares that the personal data of the respondent remain confidential unless the respondent wishes to voluntarily disclose them to other parties.
The Respondent has the right to inspect the personal data collection, request access to and alter their personal data, the right to supplement and correct, forget, restrict the processing, objection and transfer of data, and at any time may terminate the authorization for the use of personal data, request deletion from the database data. You can do so by submitting a request to the data protection officer, in writing or in person, by entering the address of the processing manager / processor.
1.6 Data security
In order to avoid unauthorized access to personal data or their loss, data stored in paper form are kept in files or registers, in closets and in rooms accessible only by authorized Processing Manager / Processing operator employees and the data stored in electronic form on computers are protected by security programs, and by assigning a special username and password, known only to the worker who processes this data, and regularly back up their files and store them on removable memory.
1.7 Cookies at apiworks.net
1.8 E-mail message
When a respondent sends an email with personal identifiable information, either by email or question, or by e-mail form, the Processing Manager / Processor uses this data to fulfill the purpose demands of the respondent.
1.9 Personal Data Protection Officer
Phone: 031 283 588
1.10 Notification of personal data breach
In the case of personal data breach, the Processing Manager / Processor will inform the respondent and the competent supervisory institution by email within 72 hours of the extent of the incident, the data covered, the potential impact on other services and the planned data protection measures and the restriction of any harmful effects to respondent..
A violation notice will not be sent if:
if there are technical and organizational protection measures (such as encryption) applied to personal data affected by the violation of personal data, which makes this information incomprehensible to any person who is not authorized to access them
if further measures are taken to ensure that it is no longer likely to be at high risk for the rights and freedoms of the respondent
if this would be a disproportionate effort (in this case the respondent would be informed by means of public notification or similar equally effective measures).
Violation of personal data means a security breach that leads to unintentional or unlawful destruction, loss, modification, unauthorized disclosure or access to personal data transmitted, stored and processed in connection with the provision of a Product, Goods or Services of the Company.
1.11 Right to complain to the competent authority
The respondent may at any time submit a complaint to the supervisory authority regarding the collection and processing of personal data by the Processing Manager / Processor. In the Republic of Croatia, the complaint is filed with the Personal Data Protection Agency (Agenciji za zaštitu osobnih podatka) (AZOP).