PERSONAL DATA PROTECTION
I. Validity and Application of this Policy
This policy of privacy and protection of personal data refers to the website www.diditattoo.hr (hereinafter: website) managed by DIDI , trade for tattooing and design, vl. Vladimir Kolačko, Varaždin, Đure Sudete 7 (hereinafter: provider). The policy applies to all users of the website.
By using the website, the user confirms that he/she understands, accepts and agrees to all the provisions of this privacy and personal data protection policy.
This policy may be changed or amended at any time without notice or notification. By using the website after this policy has been changed, the user confirms that he/she agrees to the changes.
Based on the exclusively informative character of this website, it is especially emphasized that the legal and business obligations of the provider or other obligations, in any form, solely based on the information made available here are of course excluded.
II. What data about users does the provider collect?
Personal and other data that the provider collects about users - natural persons via the website or with its help, and the purpose of processing (use) of that data are listed in the table below:
Data type | Where/when is data collected? | Purpose of data processing | Data retention time |
– first and last name – email address – telephone All data is mandatory, unless otherwise specified for a particular piece of data. | When filling out a contact form for information about our products and services by the user. By filling out the form, the user gives consent to contact the bidder. | Preparing an offer, responding to information about products and services, and sending the aforementioned to the entered email address | Until revoked (unsubscribed) by the user. |
III. Data processing
Without your consent, the provider does not collect personal data on the website. It is up to you whether you want to disclose your personal information to him, for example, in the contact form. If you provide personal information on the website, it is purely on a voluntary basis.
The provider will use the collected user data exclusively for the purposes specified in the table under point II of this policy. Before using the collected data for any other purpose, the provider will obtain the user's consent.
The provider will not deliver the collected data to third parties, unless there is a legal basis for this (eg a request from a court or other authorities, etc.).
The User is aware of and agrees that the Provider may entrust certain tasks related to the collected data to third parties (contractual data processors). Third parties will process the entrusted data exclusively within the limits of the Provider's authorization and in accordance with the purposes defined in the table under point II. of this policy.
IV. Data protection and retention period
The Provider will store all user data in accordance with this policy and the requirements for the protection of personal data set out in the legislation of the Republic of Croatia and European Union regulations.
The user is aware of and agrees that the provider will keep the data provided to him for the period specified in the table under point II of this policy.
Other data may be kept for as long as is strictly necessary to achieve the purpose for which the data was collected, and must then be permanently deleted or effectively anonymized so that the specific data can no longer be associated with a specific user.
V. User rights
By sending a request to the user, the user may request that the provider confirm whether it collects or processes data relating to the user and what data it collects and processes.
By sending a request to info@diditattoo.hr, the user may request that the provider send him an electronic copy of the data relating to the user. Before providing a copy of the data, the provider has the right to request that the user prove his identity in an appropriate manner. If the provider still doubts the identity of the user, he may reject his request.
By sending a request to info@diditattoo.hr, the user may request that the provider permanently delete the data relating to him/her. Before deleting the data, the provider has the right to request that the user prove his/her identity in an appropriate manner. If the provider still doubts the user's identity, it may reject his/her request.
VI. Exclusion of liability
The provider is not responsible for any damage that may occur to the user because it has provided the provider with incorrect, false, incomplete or out-of-date data related to the user.
The provider is not liable for any damage that may occur to the user because his/her data has been accessed, obtained, changed or otherwise processed by unauthorized third parties without the provider's express consent or permission and despite the provider's usual care.
The user is obliged to immediately inform the provider of any suspicion of misuse of their personal data or in case of suspicion of unauthorized access to such data.
When a contractual relationship is established between the provider and the user, in any case the exclusion and limitation of the provider's liability are subject to the provisions regulating that relationship (contract, general terms and conditions, etc.).
VII. Final provisions
The invalidity of any provision of this policy, regardless of the reasons for such invalidity, does not mean the invalidity of the policy as a whole. In such case, the invalid provision shall be deemed not to have been stated, and the policy shall continue to be valid without it.
The legal relations between the user and the provider are governed by the laws of the Republic of Croatia and the law of the European Community. The competent court in Varaždin, Republic of Croatia, shall have jurisdiction over any disputes.