HS Produkt

BACK

HS PRODUKT d.o.o., Mirka Bogovića 7, Karlovac, as the Data Controller, has prepared this Privacy Policy in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter: General Data Protection Regulation), which has been fully applicable since 25 May 2018 in the Republic of Croatia and all European Union member states. This policy is also in accordance with the Act on the Implementation of the General Data Protection Regulation (Official Gazette 42/18, hereinafter: the Act) and the legal framework for personal data protection in the Republic of Croatia and the European Union, as well as best European practices.

CONTROLLER:

HS PRODUKT d.o.o., Mirka Bogovića 7, Karlovac, Tel.: +385 47 666 666, Fax: +385 47 645 594, e-mail: hs-produkt@hs-produkt.hr, Web: www.hs-produkt.hr

DATA PROTECTION OFFICER’S CONTACT DETAILS

Tel.: +385 47 666 679, e-mail: osobni.podaci@hs-produkt.hr

PURPOSE OF PERSONAL DATA PROCESSING

We process your personal data solely for clearly defined purposes to prevent unnecessary processing of your personal data. We may process your personal data for the following purposes:

1. Use of the website

Whenever you visit our website, we process the data your browser sends us during your visit so that we can display the requested web page. To ensure the stability and security of our website, we process your IP address, which is considered personal data. We also collect other types of personal data, such as real-time website access statistics (e.g., information about the day, week, and month), details about the internet browser you are using, as well as your computer's operating system, application version, language settings, platform category, and the country from which you accessed our website. We may collect information about your clicks and your access to www.hs-produkt.hr pages displayed to you.

Server log files (IP address and browser type) are stored on our server for one month and then deleted. Statistical data is stored for two months and then deleted.

2. Contact

You can contact us by phone, mail, fax, or e-mail. If you choose to contact us, we will process the personal data you provide to respond to your inquiry and handle your request.

When you contact us via the online contact form, we, as the Data Controller, will request personal data such as your e-mail address, first name, last name, and phone number. The legal basis for processing your data is your consent. By entering and submitting your data through the online contact form on the website www.hs-produkt.hr, the user provides consent for the processing of their personal data. Users can withdraw their consent at any time by sending a request to the e-mail address of the Data Protection Officer.

Depending on the type of request you submit when contacting us, we will process your personal data until the purpose of the data processing is fulfilled. Once the purpose for which the data was collected has been achieved, we will no longer use your personal data.

3. Business collaboration

When you contact HS PRODUKT d.o.o. with any inquiry related to our offered products, we will process your contact information and/or other data you provide when submitting your inquiry.

4. Social media

The Data Controller uses the following social media platforms: Facebook, Instagram, and LinkedIn. When you contact us via social media, we collect the data you have made available to us when submitting an inquiry or request.

The retention periods for personal data collected and processed on the social media platforms used by the Data Controller are governed by their respective privacy policies (more information can be found in the section: Other websites).

5. Job applications

You can submit your job application by mail, e-mail, or through the application form on our website. The data processed in this context includes your personal information (name and surname, date of birth, permanent residence, temporary address, contact number, e-mail, information on whether you have a criminal record, education and acquired skills, work experience, signature), as well as any additional data you provide in the application form, via e-mail, or by mail. This also includes documents you submit, such as a cover letter, CV, references from previous employers, certificates of completed and additional education, etc. In all such cases, we will process the personal data provided for the purpose of conducting the recruitment process. By sending an unsolicited application by mail or e-mail, or by entering and submitting your data through the form on the website www.hs-produkt.hr, the user consents to the processing of their personal data. Users can withdraw their consent at any time by sending a request to the e-mail address of the Data Protection Officer.

You can also automatically submit your application to our LinkedIn profile if we have posted a job vacancy on that platform. If you save your application and personal data in your LinkedIn profile, the data protection provisions of this service provider will apply. You can read more about personal data protection on this social network at: https://privacy.linkedin.com/gdpr.

Personal data collected during the application process will be stored for 6 months after the application process concludes and will then be deleted.

6. Video surveillance

HS PRODUKT d.o.o. uses video surveillance to protect individuals and property, as well as to enhance security within the company. The collection and processing of video recordings are based on the legitimate interest of the Data Controller. Video recordings may be provided to competent state authorities upon request if necessary for proceedings under specific regulations.

Video surveillance recordings are deleted after 6 months.

LEGAL BASIS FOR PROCESSING PERSONAL DATA

We process your data based on the following legal grounds:

• Your consent, provided when visiting www.hs-produkt.hr via a pop-up window, submitting a completed contact form, job application form, or any inquiry related to our offered products.

• Legitimate interest (for example, in cases involving cookies necessary for the functioning of www.hs-produkt.hr or in the case of video surveillance)

• Compliance with legal obligations - to fulfill our obligations under applicable data protection regulations.

If processing is based on your consent, you have the right to withdraw your consent at any time. A request to withdraw consent can be submitted to the Data Controller via e-mail at: osobni.podaci@hs-produkt.hr or by post to HS PRODUKT d.o.o., Mirka Bogovića 7, Karlovac, with indication: “Attn. Data Protection Officer.” Such withdrawal will not affect the lawfulness of processing based on consent before its withdrawal.

USE OF COOKIES

The official website www.hs-produkt.hr uses cookies – text files placed on a user’s computer by an internet server, enabling the service provider to display the website. Cookies are created when a browser on the user’s device loads a visited website, which then sends data to the browser and generates a text file (cookie). The browser retrieves and sends the cookie back to the website’s server when the user returns to the website. You can find more information about cookies at: Link to Cookie Policy.

Technical cookies (mandatory cookies, cannot be disabled) are used on the official website, as they are essential for the website's functioning. Functional cookies and statistical cookies, such as the Google Analytics service, are also used.

OTHER WEBSITES

Our website contains links to other websites that are outside our control and not covered by this Privacy Policy. If you access other websites via these links, the entities managing those websites may collect information from you and use it in accordance with their own privacy policies, which may differ from ours. We do not accept any responsibility for their policies or their processing of your personal data. We encourage you to read the privacy and cookie notices, as well as the terms and conditions, of any third-party websites we link to, reference, or that are connected to our website before providing your personal data.

The Data Controller uses the following social media platforms: Facebook, Instagram, and LinkedIn.

You can read more about personal data protection on these social networks at:

https://hr-hr.facebook.com/privacy/policy/?entry_point=facebook_page_footer

https://privacy.linkedin.com/gdpr

METHOD OF COLLECTING PERSONAL DATA

Personal data is collected directly from the Data Subject.

SHARING OF PERSONAL DATA

Personal data may be shared with third parties, such as competent state authorities or emergency services, to fulfill legal obligations. Personal data may also be shared with service providers (data processors). Agreements on personal data processing have been concluded with each data processor, clearly defining which personal data is processed and the methods of handling such data. Data processors may not share personal data with third parties without the explicit instruction of the Data Controller.

REFUSAL TO PROVIDE PERSONAL DATA AND POTENTIAL CONSEQUENCES

In certain cases, refusing to provide personal data may have consequences for the Data Subject, which will be communicated at the time of data collection. If you do not provide this data, we may be unable to respond to your request or may only respond to it in a limited capacity.

PERSONAL DATA SECURITY

We protect your personal data from unauthorized access, unlawful processing or transfer, as well as from loss, damage, or destruction. The Data Controller implements appropriate technical and organizational measures to safeguard personal data. When implementing these measures, special attention is given to ensuring that only personal data necessary for each specific purpose of processing is handled. This obligation includes particular focus on the amount of data collected, the scope of processing, the duration for which data is stored, and its accessibility.

Technical and organizational measures are determined based on a risk assessment to ensure the security of personal data processing and to meet the principles of data processing (lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity and confidentiality, and reliability).

All employees are required to maintain the confidentiality of personal data by signing a Confidentiality Statement.

All employees are obligated to maintain the confidentiality of all personal and other confidential information they learn while performing their duties. This obligation continues even after their employment with the company ends.

CHANGE OF PURPOSE

In case of additional processing of your personal data for a purpose different from the one for which it was originally collected, we will notify you in advance in a detailed and transparent manner, providing information about the new purpose and all other relevant details. If the change in purpose requires consent as a legal basis, we will inform you and request your official consent.

PERSONAL DATA RETENTION PERIOD

We process your personal data until the purpose of the processing is fulfilled. After the purpose for which the data was collected has been fulfilled, we no longer use your personal data. The data remains in our storage system and is retained in accordance with the time periods established by legal regulations and internal policies.

For more details about data retention periods, you can contact our Data Protection Officer.

WHAT ARE YOUR RIGHTS REGARDING THE PROCESSING OF PERSONAL DATA

You can exercise your rights by contacting us in writing or via e-mail at: osobni.podaci@hs-produkt.hr.

It is possible that, for security verification purposes (to confirm the identity of the Data Subject), the Data Controller may request additional information before fulfilling the request, about which the Data Subject will be informed. The security verification does not affect the exercise of the Data Subject's rights.

The response period for a request is one month. If the request is complex or if a large number of requests are received within a short period, the response period may be extended, about which the Data Subject will be additionally informed (for a maximum of an additional two months).

If you believe that your right to personal data protection has been violated, you have the right to lodge a complaint with the supervisory authority for data protection: Croatian Personal Data Protection Agency, Selska cesta 136, 10 000 Zagreb, azop@azop.hr.

Your rights are as follows:

Right to access personal information

You have the right to access your personal data that we process and may request detailed information, particularly regarding the purpose of processing, the type/category of personal data being processed, including access to your personal data, the recipients or categories of recipients, the anticipated period during which personal data will be stored. Access to personal data may only be restricted in cases prescribed by EU law or our national legislation, or where such restrictions respect the essence of the fundamental rights and freedoms of others.

Right to rectification of personal data

You have the right to request the rectification or supplementation of your personal data if it is inaccurate, incomplete, or outdated. To do so, send your request to osobni.podaci@hs-produkt.hr.

Please note that your request must specify what exactly is inaccurate, incomplete, or outdated, how it should be corrected, and include any necessary documentation to support your claims.

Right to erasure

You have the right to request the erasure of personal data concerning you if one of the following conditions is met, except for exemptions under Article 17(3) of the General Data Protection Regulation (GDPR):

• Your personal data is no longer necessary for the purposes for which it was collected or processed;

• You have withdrawn your consent on which the processing is based, in accordance with Article 6(1)(a) or Article 9(2)(a) of the GDPR, and there is no other legal basis for the processing;

• You have objected to the processing of your personal data in accordance with Article 21(1) of the GDPR, and there are no overriding legitimate grounds for the processing;

• Your personal data has been processed unlawfully;

• Your personal data must be deleted to comply with a legal obligation under Union or Member State law to which the Data Controller is subject;

• Your personal data was collected in connection with the offer of information society services referred to in Article 8(1) of the GDPR.

Right to restrict the processing of personal data

You have the right to request the restriction of processing your personal data if:

• You contest its accuracy;

• The processing is unlawful, and you oppose its erasure;

• The Data Controller no longer needs the personal data, but you require it to establish, exercise, or defend legal claims;

• You have objected to the processing of your personal data.

Right to withdraw consent

The Data Subject may request the withdrawal of their consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. The Data Subject is informed of this before giving their consent.

Right to personal data portability

The Data Subject has the right to receive the personal data concerning them, which they have provided to the Data Controller, in a structured, commonly used, and machine-readable format. They also have the right to transfer this data to another Data Controller without interference from the original Data Controller, provided that the processing is based on consent or is necessary for the performance of a contract to which the Data Subject is a party or for steps taken at the Data Subject's request before entering into a contract, and that the processing is carried out by automated means. When exercising their right to data portability, the Data Subject has the right to have their data transferred directly from one Data Controller to another, where technically feasible. Exercising this right does not affect the right to data erasure. This right does not apply to processing necessary for performing a task carried out in the public interest or in the exercise of official authority vested in the Data Controller.

Right to object

If we process your data for the purpose of performing tasks in the public interest, exercising our official authority, or based on our legitimate interests, you have the right to object to such processing.

CONTACT INFORMATION

If you have any questions regarding the processing of your personal data, you can contact us at: osobni.podaci@hs-produkt.hr.

CHANGES TO THE PRIVACY POLICY

We regularly update the Privacy Policy to ensure it is accurate and up to date, and we reserve the right to modify its content if deemed necessary. You will be promptly informed of any changes or amendments through our website, in accordance with the principle of transparency.

Name	Duration	Type	Domain	Description
XSRF-TOKEN	Session	First-party	hs-produkt.hr	Security token for web application protection

Name	Duration	Type	Domain	Description
hs_produkt_session	Session	First-party	hs-produkt.hr	Identifier of the currently active programming language session

Name	Duration	Type	Domain	Description
_ga	400 days	First-party	hs-produkt.hr	Google Analytics
_ga_9KLBYRVXY5	400 days	First-party	hs-produkt.hr	Google Analytics

We respect your privacy!

Cookie Settings

Technical - Necessary

Functional

Statistical