The company BOCCA (hereinafter "us", "our", etc.) is the owner of the website www.bocca.hr ("web site"). We have created this Privacy Statement to demonstrate that we care about our users' privacy and to inform them about ways of collecting and processing personal information on this site.
Please read this Statement carefully to learn how we collect, process, protect or otherwise use your personal information.
Data Protection Officer
Personal data is any information relating to an individual whose identity is known or can be determined. An individual whose identity can be determined is a person who can be identified directly or indirectly, in particular with the help of identifiers such as name, identification number, location information, network identifier, or with the help of one or more factors that are part of the inherent physical, physiological, genetic, mental, economic, cultural or social identity of that individual.
We collect your personal information only when you give us such information with your will. We collect data about you when you fill out the form.
You should keep in mind that personal information and data can be automatically collected through our Internet servers or by using "cookies". Click here to read our policy on cookies.
Examples of such information include: most visited and most viewed pages and links on our website, number of completed forms, time spent on the page, most popular keywords that lead users to our site, your IP address, information collected through cookies, information about your device such as hardware settings, system activity, browser type, etc.
The information we receive about you is used for one or more of the following purposes:
- To personalize your user experience (collected information helps us to better respond to your individual needs);
- For the sake of improving our website (we are constantly trying to improve our website's offer based on the feedback we receive from our visitors);
- To establish the primary channel of communication with you;
- For occasional email submissions (concerning occasional news receiving (if desired), updates, information about similar products or services, etc.)
Links to Third Party Websites
We do not offer nor provide third party services or products on our website.
Protecting Your Data
In order to protect the personal information you submit through this website, we use physical, technical and organizational security measures. We are constantly upgrading and testing our security technology. We restrict access to your personal information only to those employees who need to know this information to provide you with some benefits or services. In addition, we educate our employees about the importance of confidentiality of the data and to preserve the privacy and protection of your data.
Storage and data retention period
All data is stored in databases and repositories of DigitalOcean's cloud server in Amsterdam, The Netherlands. We will not transfer or store stored data to countries outside the European Union.
Your personal information is kept and protected for the duration of your business relationship with us. Personal information you give us for business or contact purposes is regularly deleted 12 months after the date you provided this information.
The rights of individuals
If you want to know if we own and process your personal information, or if you want to access the personal information we have about you, please contact us at firstname.lastname@example.org.
You can also request information about: the purpose of data processing, the categories of personal data processed; who outside of our company has received your personal information from us; what is the source of personal data (if you have not provided us directly); and how long we will keep the data. You have the right to correct personal information we own if it is incorrect. You can also, with certain exceptions, request that we delete your information or discontinue processing. You may request that we stop using your personal information for direct marketing purposes. In many countries you have the right to file a complaint with the data protection authority if you are not happy with how we handle your personal information. If technically feasible, we will, on the basis of your request, send you your personal information or transfer them directly to another processing manager.
If you submit a request to send your personal information to us at email@example.com, we will comply with this request free of charge. If we cannot meet your request within a reasonable time, we will notify you of the date when we will comply with the request. If for any reason we cannot meet your request, we will send you an explanation of why we did not meet your request.
Notification of personal data breach
In the event of a personal data breach, we will notify you and the competent supervisory body by email within 72 hours about the extent of the injury, the data contained, the potential impact on our services and our planned data protection measures and the limitation of any harmful effects per individual.
We will not send you a notification of a violation in the following cases:
- if there are technical and organizational protection measures (such as encryption) applied to personal data affected by the violation of personal data which make this information incomprehensible to any person who is not authorized to access them;
- if we have taken further measures to ensure that the individuals’ rights and freedom will not be put at a high risk;
- if this would require a disproportionate effort (in this case, we will notify you through means of public disclosure or similar equally effective measures).
Violation of personal data means a security breach that leads to unintentional or unlawful destruction, loss, alteration, unauthorized disclosure or access to personal data transmitted, stored and processed in connection with the provision of our services.
The right to complain to the competent authority
You may at any time send a complaint to the competent authority regarding our collection and processing of your personal information. You can file a complaint to the Republic of Croatia with the Personal Data Protection Agency (AZOP).