Last updated: 16 June 2022

    Privacy Policy

    1. Purpose of this policy

    We respect your privacy and aim to comply with all data protection regulations that apply to our handling and processing of personal data. At the end of the policy, we give definitions of important terms such as Personal data, Processing, Controller, and Processor.

    2. Scope of Oradian's privacy policy

    2.1 Who and what this policy applies to

    This Privacy Policy applies to the personal data you give to us when we communicate with you as a customer or as someone who wants to find out more about Oradian. For example, if you browse our website or if you apply to receive the Oradian newsletter, this policy applies to you.

    The policy explains who we are, how we collect, share and use personal data you provide us with, what your data protection rights are, and how you can exercise such rights.

    There are separate privacy policies if you apply for a job with us or work for Oradian currently. You may also be asked to sign a separate contract about extra data you give to us through using our products and services.

    2.2 Who we are

    This Privacy Policy applies to handling and processing your personal data that we collect as Oradian and our affiliated companies, referred to as 'we' or 'us' in this policy. We are the data controller. This means we decide how and why your data is processed.

    Registered name: ORADIAN doo.

    Registered address: Oradian, Hebrangova ul. 32, 10000, Zagreb, Croatia. Registered with the court register of the Commercial Court in Zagreb, under registration number (MBS): 080761088, PIN: 98019965582.

    2.3 Information we collect about you

    Personal data is information that may be used to identify you. When using our services, filling out forms on our website or while attending our events, via emails and social media and customer support we may collect this information from you:

    • Your contact details: email and postal address, telephone number
    • Other personal data: name, surname, country of residence
    • Information about your financial institution and your job: name of the financial institution, your job title and similar data

    3. How your data is collected and used

    3.1 Data that you give to us

    The data you give to us is generally collected when you complete and submit forms on our website and social media such as Facebook and LinkedIn, fill out our questionnaires or when you contact us directly. Data that you give is based on your consent, which you can withdraw at any time.

    3.2 Data that we collect

    We may also collect your personal data through:

    • Cookies and similar technologies: we may collect your usage data such as site preferences whenever you interact with our websites and services, provided that you have agreed to cookies and similar technologies
    • Third parties: we may collect your personal data held and processed by third parties such as Google AdWords, Facebook, LinkedIn, MailChimp, if you have given the consent to those third parties to share your personal data with us

    3.3 How we use your data

    • To provide any services you request, or to carry out any aspect of the contract you have entered into with us, or want to enter into with us
    • For marketing and sharing information on social sites, with your consent. This includes content that you upload
    • To send you information that you ask for, or to respond to your questions or complaints
    • To operate, improve and tailor our websites and social sites

    4. Legal basis for using your data

    We have a legal basis for collecting and using your data. Generally, this legal basis is one of the following reasons:

    • You have given your permission for us to process your personal data for a specific purpose
    • Processing your data is necessary for a contract that you have entered with us or want to enter with us (performance of contract)
    • Processing your data is necessary for our legitimate interests or the legitimate interests of a third party, as long as these do not outweigh your data protection rights and interests
    • Comply with any relevant legal or regulatory requirements

    5. How your data is stored and shared

    5.1 Sharing your data

    We generally do not disclose your personal data to third parties that are not directly linked to us. We may share your personal data with the following:

    • Our affiliated companies
    • Third-party service providers and partners who provide data processing services to us such as accountants, technical support providers, etc.
    • Any competent law enforcement body, regulatory authority, government agency, court of law or other third party where a disclosure is necessary either to comply with any law or regulatory obligations or to exercise and protect our legal rights and interests
    • A potential or actual buyer in relation to any potential or actual purchase, merger or acquisition of a whole or any part of our business
    • Any person as long as you have given your consent for us to disclose your personal data to them

    5.2 Sharing your data outside of the European Economic Area

    Some of the service providers that we use in connection with our website, marketing and the services we provide are based outside the European Economic Area (EEA). This means that certain personal data may be transferred outside the EEA. Where your personal data is transferred from within the EU to outside the EEA, we have undertaken security measures and appropriate safeguards to protect your data.

    5.3 How we keep your data secure

    We strive to protect your personal data by undertaking appropriate physical, technical and organisational measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We limit access to your personal data to employees that have a need to access your personal data.

    5.4 Automated decision-making system

    We do not use an automated decision-making system to process your personal data. If we decide to use one in the future, we will inform you about it by changing this Privacy Policy.

    5.5 How long we keep your data

    We store your personal data only for as long as necessary for the purposes we collected the data for and to comply with any legal, accounting or reporting requirements. For example, we keep the data collected for the purposes of direct marketing for five years. Once your data is no longer needed, we will securely delete it.

    6. Your rights

    • Right to access your personal data
    • Right to correct any data that's inaccurate
    • Right to erasure ("right to be forgotten")
    • Right to restrict the use of your data
    • Right to object to use of your personal data
    • Right to port your data
    • Right to lodge a complaint with us or with the Croatian Personal Data Protection Agency or any other EU supervisory authority

    7. Changes to this Privacy Policy

    We are always looking for new ways to improve the protection of your personal data so we may update this Privacy Policy from time to time. We will post any changes to this Privacy Policy on our website.

    8. Definitions

    8.1 Personal data

    'Personal data' means any information relating to an identified or identifiable natural person ('data subject').

    8.2 Processing

    'Processing' means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means.

    8.3 Controller

    'Controller' means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

    8.4 Processor

    'Processor' means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

    9. Contact us

    Your opinion matters to us, if you have any questions about our Privacy Policy, please contact us or our Data Protection Officer. Email: dpo@oradian.com