cetis@cetis.hr

+385 (0) 1 333 5000

MAILING – PRINT AND ENVELOPING

more

DIGITAL SOLUTIONS

more

PACKAGING             

more

DIGITAL AND OFFSET PRINT

more

LABELS

more

 Welcome to our Privacy Policy.

We are CETIS-ZG d.o.o., Sveta Nedelja, Industrijska ulica 11, OIB: 41792612890 (hereinafter: “CETIS-ZG,” “we,” “our” or “us“). CETIS-ZG is the manager (controller) of your personal data processing.

Your privacy and the security of personal data are extremely important to us. This Privacy Policy (hereinafter: the Policy ) serves to inform you about how we collect, use, and protect your personal data when you use our websites and inform you about your rights concerning this data.

GUIDE THROUGH KEY TERMS

To make it easier for you to understand this Policy, below is a brief description of the most important terms we use:

TERM

WHAT DOES IT MEAN

Personal Data

All data relating to an individual whose identity has been determined or can be identified.

Examinee

A person who can be identified directly or indirectly. In the context of this Policy, you are the examinee.

Processing Manager (Controller)

A natural or legal person who determines the purposes and means of personal data processing. In the context of this Policy, we are the data controller.

Processor

A natural or legal person who processes personal data on behalf of the data controller.

Processing

Any procedure or set of procedures performed on personal data.

 

WHAT THIS POLICY APPLY TO

This Policy applies to the processing of personal data that we carry out when

  • You sign up for our newsletter
  • We respond to your inquiries posted to the contact information available on our website
  • You apply for employment at CETIS-ZG.

HOW TO CONTACT US

We have appointed a Data Protection Officer whom you can contact in connection with all questions, remarks, or requests regarding the processing of your personal data, namely:

  • Via the e-mail address: dpo@cetis.hr 
  • By mail to the address: CETIS-ZG doo
    For the Data Protection Officer
    Industrijska ulica 11
    10000 Sveta Nedelja

SUBSCRIBE TO THE NEWSLETTER

When signing up for the newsletter via the site, the visitor directly provides the following personal data:

  1. E-mail address.

Your active subscription to the newsletter also represents your express consent to process your personal data for the direct promotion and sale of our products or services.

At any time, you have the option of withdrawing the given consent through the link found in each newsletter, or you can contact us in one of the ways provided in this Policy.

POSTING INQUIRIES

When submitting an inquiry through the contact information indicated on our website, we may collect the following personal data:

  1. Name and surname
  2. Mobile phone number
  3. E-mail address
  4. Message/query
  5. Name of the company/entity

We process personal data collected in this way solely to answer your inquiry. The legal basis for processing is our legitimate interest in providing you with complete and accurate information about us, our products, and our services. The legal basis for processing is provided for in Article 6, paragraph 1, item f) General Data Protection Regulations.

DATA PROCESSING OF EMPLOYMENT CANDIDATES

When you apply for a job with us, we collect your:

  • identification data,
  • contact information (e-mail address, phone number),
  • information about your work experience and seniority,
  • information about your education, qualifications, and skills,
  • other information that you disclosed to us in your application/resume,
  • photo (if you added it to your CV).

 

We process your personal data in order to realize our legitimate interest in choosing suitable employees for work in our company in the selection process. The legal basis for processing is provided for in Article 6, paragraph 1, item f) General Data Protection Regulations.

If we want to keep your CV data for a longer period after the recruitment competition, we will first ask for your consent.

If you are selected in the selection process, we will process your personal data for the purpose of preparing the implementation of the contract that we intend to conclude with you. After concluding the contract, we will process your data to fulfill our obligations in accordance with the applicable legal and by-law regulations.

COOKIES

Our website uses only necessary cookies and does not use cookies that collect personal information, so you can safely visit it without revealing any of your personal information.

Necessary cookies are cookies that enable the basic functionality of the website, such as navigation, access to protected parts, management of user sessions, and ensuring security when using the website. They ensure that the website functions properly and that users can use the basic features without interruption.

HOW PERSONAL DATA STORAGE PERIODS ARE DETERMINED

We will keep your personal data only for as long as is necessary to fulfill the purposes for which we collected it. The above includes fulfilling our obligations in accordance with mandatory regulations.

In order to determine the appropriate retention period for personal data, we take into account the amount, nature, and sensitivity of personal data, the potential risk of harm due to unauthorized use or disclosure of your personal data, the purposes for which we process your personal data, whether we can achieve these purposes in other ways, and applicable legal requirements.

Please note that in some circumstances we may anonymize your personal information so that it can no longer be linked to you (i.e., you cannot be identified from it), for research or statistical purposes, in which case the remaining information is no longer considered personal information and may be used without restrictions.

In some cases, we may also keep your personal data for longer than is necessary to fulfill the purpose for which it was originally collected. These are situations when personal data are necessary for establishing or deciding on a legal claim or if personal data is evidence in a judicial, administrative, arbitration, or other procedure.

 

If you want to find out more information about the retention period of your personal data, you can contact us using the information indicated in this Policy.

WHO HAS ACCESS TO YOUR PERSONAL INFORMATION?

Your personal data is processed and archived in the information system of CETIS-ZG, based in Sv. Nedelja. Your personal data is kept and stored in the company’s official premises at its headquarters.

Our authorized personnel will access personal data only as needed to perform their work tasks and if it is necessary to achieve the purposes described in this Policy.

Your personal data may also be disclosed to public authorities and public bodies that have the authority to process them in the performance of their tasks, in accordance with legal regulations (e.g., the Croatian Pension Insurance Institute, the Croatian Health Insurance Fund, the Tax Administration, etc.).

HOW WE PROTECT YOUR DATA

The security of your personal data is extremely important to us.

Through information security management controls determined by the international certificate ISO 27001, CETIS-ZG ensures an adequate level of security related to the confidentiality, integrity and availability of all information resources of the company, regardless of possible threats to which they are exposed. The established information security management system defines, implements, monitors, checks, maintains, and improves processes and controls related to information security in proportion to identified risks, all with the aim of achieving a secure environment for the data we process.

DATA TRANSFER OUTSIDE EU/EEA

As a rule, we do not transfer or make available your personal data outside the European Economic Area (EEA). If such a transfer becomes necessary, we will take all needed measures in accordance with the requirements of the General Data Protection Regulation (GDPR) to ensure approximately the same level of protection of personal data as you can expect within the European Economic Area.

WHAT ARE YOUR RIGHTS AND HOW YOU CAN EXERCISE THEM

We would like to inform you that regarding the processing of your personal data, you have legal rights that you can exercise, including:

  • The right of access – you can ask us for information on which personal data we process, including requesting a copy of that data. You will not have to pay a fee to access your personal data (or to exercise any other right). However, we may charge you a reasonable fee if your request is manifestly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in such circumstances.

In order to identify you with certainty and enable you to exercise your right of access, we may need to ask you for additional information. This is a security measure to ensure that personal information is not disclosed to a person who is not entitled to receive it. We may also contact you for additional information regarding your request to expedite our response.

  • Right to rectification – you can request the rectification of inaccurate personal data we hold about you. This right is subject to certain limitations and we will need to verify the accuracy of any new information you provide.
  • Right to withdraw consent – if we process your personal data based on your consent as a legal basis for processing, you can withdraw this consent at any time. Please note that the withdrawal of consent does not affect the legality of the processing of data based on consent before it was withdrawn.
  • The right to data transfer – if we process your personal data based on your consent or to implement a contract concluded with you, you have the right to request the transfer of your data to another data controller when this is technically feasible.
  • Right to restriction of processing – you have the right to request that we stop using your personal data for a certain period if you believe that we are not processing them in accordance with the law.
  • Right to deletion – you can ask us to delete your personal data in cases where we process them based on your consent or on the basis of a legitimate interest as a legal basis for processing or in any other case provided for by regulation.
  • The right to object – if you are not satisfied with the processing of personal data that we carry out based on the realization of one of our legitimate interests.
  • The right to object to automated decision-making – you have the right to request that no decisions about you be made based solely on automated processing, including profiling, if such decisions produce legal effects or similarly significant impacts on you (the right to “human intervention”).
  • The right to submit a complaint to the supervisory authority – if you have not been able to solve a problem or you believe that your rights have been violated in connection with the processing of personal data, you can file a complaint with the Croatian Personal Data Protection Agency, Selska cesta 136, HR – 10000 ZAGREB (www.azop.hr).

 

You can submit your requests for exercising your rights to our contact information indicated in this notice. We strive to respond to all justified requests without delay and within one month of receipt. Occasionally it may take us more than a month if your request is particularly complex or you have submitted a large number of requests. In this case, we will inform you about the extension of the deadline and the reasons for the extension.