Privacy Policy

THE CROATIAN CHAMBER OF ECONOMY, Rooseveltov trg 2, 10 000 Zagreb, E-mail: hgk@hgk.hr;

Tel.: +385 1 456-1555, 0800 1852

This privacy policy describes and provides information with regard to the processing of your personal data by the Croatian Chamber of Economy (hereinafter referred to as: CCE) as a data controller.

Pursuant to the Act on the Croatian Chamber of Economy (Official Gazette Nos: 66/91, 73/91), CCE is an independent professional business organization, which promotes, represents, and aligns the common interests of its members before state authorities and other bodies in Croatia and abroad.

 

1. Data Protection Officer’s details

Tel.: +3851 456 7431, E-mail: zastitapodataka@hgk.hr 

 

2. Purpose and legal basis for processing of personal data

2.1 We process your personal data necessary for the exercise of official authority of CCE within the meaning of Article 6(1)(e) of Regulation (EU) 2016/679 of the European parliament and the of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter: General Data Protection Regulation, GDPR), by virtue of exercising official authority as follows:

  • issuing of EU certificates
  • distribution of licences for international cargo transport
  • issuing of certificates of origin
  • issuing of ATA carnet
  • keeping a register of real estate brokers
  • keeping a directory of real estate agents
  • conducting professional examination for real estate agents
  • issuing of certificates of entry in the CEE’s register of press publishers and distributors
  • coordinating timetables for regular (scheduled) passenger transport in road traffic.

2.2 We process your personal data in compliance with our legal obligations within the meaning of Article 6(1)(c) of GDPR for the purposes of:

  • representing and aligning the interests of CCE members
  • developing a business information system
  • keeping records of registered companies
  • knowledge innovation and education of the workforce in the economy
  • providing consulting services to CCE members
  • providing assistance with the establishment of start-ups and transformation of existing businesses
  • addressing requests for the exercise of rights of access to information
  • employment in the Croatian Chamber of Economy.

2.3 We process your personal data on the basis of a legitimate interest within the meaning of Article 6(1)(f) of GDPR for the purposes of:

  • participating in our training events, workshops, and lectures (including invitations, keeping attendance lists and minutes as well as visual recording for media coverage)
  • participating in delegations and trade fairs
  • providing information through our newsletter and publications
  • inclusion in the database of business partners
  • keeping records of visitors to the CCE premises
  • video surveillance for the protection of persons and property.

2.4 We process your personal data on the basis of consent within the meaning of Article 6(1)(a) of GDPR for the purposes of:

  • better functioning of all features of the website and providing a better experience for the user.

 

3. Processing of personal data by means of video surveillance

CCE processes personal data by means of video surveillance in order to protect persons and property. Such processing of personal data is based on the legitimate interest of CCE as a data controller. Recordings obtained through the video surveillance system are kept for a period no longer than 6 months, except where the recordings are exempt and are to be used as evidence in court, administrative, arbitration or other proceedings. Recordings are supplied only at the request of the competent authorities (police, court), where necessary for the purpose of carrying out the procedure laid down by law.

 

4. Cookies

In order to ensure a proper performance of the website of the Croatian Chamber of Economy, its improvement and enhancement of your browsing experience, this website must store a small amount of information on your computer or a mobile device in the form of cookies.

Cookies are small text files that a website stores on your terminal equipment (computer or mobile device) when you visit the site.

What types of cookies does CCE use?

Examples of each of the four main types of cookies are provided below so that you can better understand what types of cookies are used on the webiste of the Croatian Chamber of Economy and for what purpose.

 

Essential cookies

Some of the functionalities that are enabled by essential cookies are:

  • Storing settings for optimised video reproduction, such as buffer size and screen resolution information.
  • Reading browser settings for the optimised website display on the screen.
  • Tracing misuse of our website and services.
  • Equal website uploading so as to keep it accessible.

 

Functional cookies

We use functional cookies to personalise content and save your preferences. Some of the possibilities that functional cookies provide are:

  • Storing preferences such as language, location, number of search results to be displayed, etc.
  • Storing your registration or login information so that you do not have to keep re-entering them whenever you come back to the site.
  • Remembering the content according to your interests in order to display the selected content category.

 

Statistical cookies

For the purposes of website analytics, we use third-party cookies – Google Analytics. Further information on third-part cookies is available at the following link: Google Analytics. Some of the functionalities enabled by analytical cookies are:

  • Tracking the number of visitors to our website.
  • Tracking the time each visitor spends on our website.
  • Sequencing the user’s visits to different sites of the Croatian Chamber of Economy.
  • Assessing the parts of our website that require improvement.
  • Website optimisation.
  • Requesting feedback for specific parts of the website.

 

Marketing (targeting) cookies

Marketing cookies are third-party cookies and are set on the website of the Croatian Chamber of Economy when embedding videos from third parties. Some of the functionalities of these cookies are:

  • Enabling a third party to track your visits and, consequently, assess your interests.
  • Enabling a third party to check your selection of advertising content.
  • Allowing a third party to track the number of visitors selecting advertising content.
  • Transmitting information about your browsing habits to other websites.
  • Enabling the use of third-party services displaying advertising content adapted to your needs, interests, or preferences.
  • Enabling third parties to determine which advertising content, advertising technologies and networks are most efficient for you.
  • Enabling tracking of advertising contents already displayed, so that you always get the new ones.

For more information about online marketing cookies and online privacy, please see the guidelines developed by the advertising industry available at: http://www.youronlinechoices.com/hr/.

 

5. Your rights regarding processing of personal data

The General Data Protection Regulation governs the processing and protection of personal data, including any rights the data subject may exercise.

Your rights pursuant to the General Data Protection Regulation are as follows:

 

Right of access (Article 15) – you have the right of access at all times to your personal data that we process. You are entitled to request a detailed information about the purpose of processing your personal data, the type or category of personal data concerned, including consultation of your personal data, recipients, or categories of recipients of personal data, and the envisaged period for which personal data will be stored.

 

Right to rectification (Article 16)– you have the right to obtain at all times the rectification of inaccurate personal data or have incomplete personal data completed.

 

Right to erasure (“Right to be forgotten”) (Article 17)– you have the right to obtain the erasure of personal data concerning you, where one of the following grounds applies:

  • your personal data are no longer necessary in relation to the purposes for which they were collected or processed;
  • you withdraw the consent on which the processing is based pursuant to point (a) of Article 6(1) or point (a) of Article 9(2) of the General Data Protection Regulation, and where there is no other legal ground for processing;
  • you object to processing of your personal data pursuant to Article 21(1) of the General Data Protection Regulation, and where there are no overriding legitimate grounds for processing;
  • your personal data have been unlawfully processed;
  • the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;
  • the personal data have been collected in relation to the offer of information society services referred to in Article 8(1).

Exceptions related to the exercise of the aforementioned right are provided for in Article 17(3) of the General Dana Protection Regulation.

The corresponding rights shall not apply to the extent that processing is necessary:

  • for exercising the right of freedom of expression and information;
  • for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
  • for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) in so far as the right referred to in paragraph 1 is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
  • for the establishment, exercise, or defence of legal claims.

 

Right to restriction of processing (Article 18) – you have the right to obtain restriction of processing where one of the following applies:

  • you contest the accuracy of the personal data;
  • the processing is unlawful and you oppose the erasure of the personal data;
  • the controller no longer needs the personal data for the purposes of the processing, but you require them for the establishment, exercise, or defence of legal claims;
  • you have objected to processing of your personal data.

 

Right to object (Article 21) – you have the right to put forward an objection to the processing of your personal data in the exercise of official authority or for the purpose of our legitimate interest.

 

Right to lodge a complaint– you have the right to lodge a complaint if you consider that the processing of personal data infringes the General Data Protection Regulation or other regulations concerning the protection of personal data. The supervisory authority for the protection of personal data in the Republic of Croatia is the Croatian Personal Data Protection Agency (AZOP).

For the purposes of exercising your rights, this website provides request forms which are to be submitted to the Croatian Chamber of Economy by post or electronically.

The request forms can be accessed via following links:

Request form for exercising data subject’s right of access

Request form for exercising data subject’s right to erasure

Request form for exercising data subject’s right to rectification

Request form for exercising data subject’s right to restriction of processing

Request form for exercising data subject’s right to object

 

6. Recipients of the personal data

Your personal data will not be transmitted to third parties for the purposes of direct marketing. In certain cases, access to your personal data may be granted to ICT service providers acting as data processors that provide IT solutions support services to the controller. We have concluded contracts with data processors, specifying in detail the treatment of personal data. Therefore, they cannot process your personal data without our explicit instruction to do so and forward them to third parties.

Under certain circumstances, we are required to transmit your data at the request of competent authorities (police, court), where necessary to implement a lawful procedure.

In certain cases provided for by law, we are legally committed to submit your personal data to competent state authorities, based on a legitimate request.

Legal obligation may derive from national or EU legislation.

For instance, when organising trade fairs and participating in delegations your personal data need to be transmitted to other recipients, within a scope that is necessary to meet the specified purpose.

 

7. Security of processing

We collect and process personal data in such a way as to ensure appropriate security and confidentiality and enable effective application of data protection principles, data minimisation, scope of the processing, storage period, and their accessibility.

We take all appropriate technical and organisational safeguard measures to prevent accidental or unlawful destruction, loss, alteration, unauthorised use, disclosure, consultation, or access to data.

Personal data protection policy is governed by internal regulations of the data controller.

 

8. Storage period

We process your personal data until the purpose of personal data processing has been fulfilled.

With the termination of the purpose for which the personal data have been collected we no longer use your personal data and we keep them stored in our filing system for a time period as provided for in regulations governing the preservation of archives.

Data collected on the basis of consent are stored in the data controller filing system for as long as the consent is valid. Once the consent has been withdrawn, the data are deleted from the system.

Data collected through the video surveillance system are stored for a maximum period of 6 months, after which they are deleted from the system.

 

9. Sources for personal data collection

We collect data from CCE members or in relation to the provision of services to our members, whether you provide them to us directly (primarily by e-mail or other means of communication) or we collect them, for example, during consultations, processing of requests and event registration.

We also collect data from public registers and sources.

 

10. Additional information

If you have any questions regarding the processing of your personal data, you can contact us at:

E-mail: hgk@hgk.hr; Tel.: +385 1 456-1555, 0800 1852

E-mail: zastitapodataka@hgk.hr; Tel.: +3851 456 7431,

 

11. Changes to the Privacy Policy

We regularly update the privacy policy to keep it accurate and up-to-date and we reserve the right to change its content, where deemed necessary.

We shall keep you duly informed about any modifications and amendments via our website in compliance with the principle of transparency.