I. GENERAL PROVISIONS
The company Holo Lab d.o.o. with headquarters in Zagreb, Gradišćanska ulica 34, OIB: 23752707618 (hereinafter: HOLO LAB) respects the privacy and rights of every person whose personal data it collects.
We want to transparently and publicly clarify what personal data HOLO LAB as a data controller collects in what way and for what purpose and other details important for the processing and protection of personal data.
HOLO LAB collects and processes personal data legally, fairly and transparently in accordance with the General Data Protection Regulation (EU) 2016/679 of April 27, 2016. (OJ EU L 119 of 04/05/2016, correction L 127/2 of 23/05/2018; hereinafter: GDPR), the Law on the Implementation of the General Regulation on Data Protection (N.N. 42/2018) and other applicable regulations.
All terms used in this Policy have the meaning set forth in the GDPR.
II. LEGAL BASIS OF PERSONAL DATA PROCESSING
HOLO LAB processes personal data only if and to the extent that at least one of the following is fulfilled:
– processing is necessary to comply with HOLO LAB’s legal obligations;
– when the respondent has given his consent for the processing of his personal data for one or more special purposes;
– the processing is necessary for the execution of a contract in which the respondent is a party or in order to take actions at the request of the respondent before concluding the contract;
– processing is necessary to protect the key interests of the data subject or other natural person;
– processing is necessary for the purposes of the legitimate interests of HOLO LAB or affiliated companies, except when these interests are stronger than the interests or fundamental rights and freedoms of the data subject that require the protection of personal data, taking into account the reasonable expectations of the data subject based on their relationship with the manager processing.
Data collected for special, explicit and legal purposes is collected by HOLO LAB only to the extent necessary and processed in a manner consistent with these purposes.
III. HOW WE COLLECT PERSONAL DATA
Personal data is information that identifies you directly or indirectly, such as your name, surname, e-mail, telephone number, IP address, technical data about the number of visits to our website or postal address.
HOLO LAB receives personal data most often from respondents. For example, you provide us with your data when you contact us via our contact forms or by e-mail, send an open job application, visit or browse our website or enter into a contract with us.
When providing personal data to HOLO LAB, in any way, you guarantee that the data is correct, that you are legally competent and authorized to dispose of the data provided, and that you fully agree that HOLO LAB uses and collects your data in accordance with applicable regulations and conditions of this Policy.
When you provide us with personal data of other persons, you guarantee that for such disclosure or delivery you have the necessary authorization and/or consent of the same person whose data you are providing us with.
IV. PURPOSE OF PERSONAL DATA PROCESSING
We collect and process your personal data to the extent – in terms of content and time – that is required in a particular case. For example, we process your personal data in order to respond to your inquiries, fulfill your requests, provide you with the requested information and manage, analyze and administer our website.
We will not keep your personal data longer than is necessary to fulfill or achieve the purpose for which it was collected. As a rule, we will keep personal data until withdrawal of consent, personal data of persons who have contacted us for some reason – while communication lasts, etc. When your personal data are no longer necessary for us or the basis for their processing ceases, we will delete them from our system or we will destroy the documentation in which they are contained, depending on the case.
The foregoing does not apply if the relevant laws and/or regulations for a specific purpose prescribe a longer period of storage of personal data or it is necessary and/or permitted for some other reason.
HOLO LAB takes care of the highest organizational and technical data protection standards. Taking into account the latest technological developments, the cost of implementation and the nature, scope and purposes of processing, as well as the risks of different levels of probability and severity for violations of the rights of respondents, HOLO LAB applies appropriate technical and organizational measures.
At HOLO LAB, there is no automated decision-making, that is, HOLO LAB does not perform automated profiling and decision-making through its systems, that is, profiling and decision-making without the intervention of an individual.
To the greatest extent possible, we exclude responsibility for damage caused to respondents by accidental disclosure of personal data.
VI. SHARING OF YOUR PERSONAL INFORMATION
HOLO LAB sometimes needs to transfer personal data to external service providers for further processing which are considered processors in terms of the GDPR. The processor can be an entity that sufficiently guarantees the implementation of appropriate technical and organizational measures in such a way that the processing complies with the requirements of the GDPR and that it ensures the protection of the data subject’s rights.
HOLO LAB requires those parties to accept applicable regulations, comply with our instructions and comply with our internal rules on the protection of personal data. HOLO LAB guarantees that it will not sell or lend your personal data to a third party outside of its business system.
We are obliged to disclose certain personal data that we collect to the competent authorities or make it public when such an obligation is stipulated by applicable laws and regulations or is necessary to protect our rights, property or safety.
VII. RIGHTS OF RESPONDENTS
According to the GDPR, you have the following rights in relation to your personal data:
Right of access
You have the right to request and receive from us as a data controller confirmation whether your personal data is being processed and, if such personal data is being processed, access to personal data and information, in accordance with Article 15 of the GDPR.
Right to rectification
You have the right to request from us, as the data controller, the correction of personal data relating to you that are incorrect or incomplete.
Right to erasure
You have the right to request from us, as the data controller, the deletion of personal data relating to you, and we will delete them without undue delay, if any of the conditions from Article 17, Paragraph 1 of the GDPR are met.
The right to delete personal data is not an absolute right and it does not exceed our obligations arising from applicable laws and regulations. Therefore, in certain situations, we will not be able to delete personal data to the extent that their processing is necessary.
The right to restriction of processing
You have the right to request from us as the controller the processing of your personal data if:
– dispute the accuracy of personal data, for the period during which we, as the data controller, are able to verify the accuracy of personal data; or
– the processing is illegal and you object to the deletion of personal data and instead request a limitation of their use; or
– we, as the processing manager, no longer need personal data for processing purposes, but you request them in order to establish, fulfill or defend legal claims; or
– you have submitted an objection to the processing, expecting a confirmation whether the legitimate reasons of us as the data controller exceed your reasons.
Right to portability
You have the right to request and receive from us as the data controller personal data relating to you, which you have provided to us in a structured, commonly used and machine-readable format, and you have the right to transfer this data to another data controller, if the conditions from Article 20 of the GDPR.
The right to object
At any time, you have the right to submit an objection to the processing of your personal data based on a legitimate interest due to your specific situation, unless the reasons for performing such processing are stronger than the right to the protection of personal data.
The right to complain to a supervisory authority
We will process your data in accordance with the GDPR, other applicable laws and regulations, and apply organizational and technical measures to protect personal data.
However, if you believe that we are processing your personal data in an illegal manner and you believe that you cannot find a solution to your situation in agreement with us, you have the right to file a complaint with the supervisory body, i.e. the Agency for the Protection of Personal Data with headquarters in Zagreb, Martićeva 14.
For more information, you can visit the official website www.azop.hr.
VIII. HOW YOU CAN CONTACT US
For all your questions, comments and requests you can contact us in one of the following ways:
– by e-mail to the address: firstname.lastname@example.org;
– by mail to the address: Gradišćanska 34, 10 000 Zagreb;
– via the contact forms on our website.
When submitting your request, please clearly state what the subject of your request is and what personal data it refers to. Keep in mind that we will have to verify your identity before we act on your request, for reasons of ours and your safety, so there is a possibility that we may contact you back regarding your request.
We will consider each request and try to act on it within a reasonable time.
IX. FINAL PROVISIONS
As a data controller, we will monitor the situation regarding the protection of personal data and, if necessary, improve measures for protection and other important issues. Given the above, we reserve the right to change or update certain parts of this Policy at any time and without prior notice.
We will notify you of changes and/or amendments to this Policy by posting them on our website, where you can find the current version of the Policy.
Holo Lab d.o.o.