Privacy policy Privacy policy

Privacy policy

GAVRILOVIĆ Prva hrvatska tvornica salame, sušena mesa i masti, M. Gavrilovića potomci, d.o.o., Gavrilovićev trg 1, 44250 Petrinja, Republic of Croatia, OIB 83570236060, abbreviated name Gavrilović d.o.o. (hereinafter: Gavrilović d.o.o. or the Controller) processes the personal data of users of its services and website visitors at www.gavrilovic.hr in accordance with the applicable regulations governing the protection of personal data (General Data Protection Regulation 2016/679, and the Act on the Implementation of the General Data Protection Regulation N.N. RH No. 42/2018).

 

We respect your privacy and process personal data fairly, lawfully and transparently, solely on the basis of valid legal grounds, or in accordance with your consent to the processing.

 

Please contact us if you have any questions or problems regarding the use of your personal information and we will be happy to help you.
This Privacy Policy (hereinafter: Policy) describes what personal information we collect, how we process it and for what purposes we use it, your rights related to your information, how we protect it, to whom we pass it on, how long we keep it…

 

Access to the website www.gavrilovic.hr is free and does not require registration.

 

By using this Website and/or our services, you consent to the processing of your personal data in the manner described in this Privacy Policy.

Definitions used in this Policy

Personal data

Any information relating to an identified natural person or an identifiable natural person.

Processing

Any action or set of actions performed on Personal data or a set of personal data.

Controller

A natural or legal person, public authority, agency or other body that, alone or jointly with others, determines the purposes and means of the processing of personal data.

Processor

A natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller.

Data subject

A natural person whose Personal data is processed.

Child

A natural person under 16 years of age.

Our principles of data protection

We process the collected personal data with the obligatory application of appropriate legal, technical and organisational security measures in order to prevent any unauthorised data processing. Access to your personal data is limited to those employees who need that information to provide our services. We continuously educate our employees about the importance of data confidentiality and protecting the privacy of your data. We only collect the data that is necessary for the processing in question and do not keep it longer than necessary, or determined by legal regulations.

We hereby promise to adhere to the following principles of data protection:

a) Processing is legal. Our processing activities have a legal basis. We always consider your rights before processing personal data. We will provide you with information about the processing upon request.

b) Processing is limited to its purpose. Our processing activities are consistent with the purpose for which the personal data was collected.

c) Processing is completed with minimal data. We collect and process the minimum amount of your personal data required for any purpose.

d) Processing is limited by the time interval. We will not keep your personal data longer than necessary, unless otherwise provided by law.

We will do our best to ensure the accuracy of the data.

We will do everything we can to ensure the integrity and confidentiality of the data.

Your rights regarding personal data

You as a data subject have certain rights regarding your personal data. If you want further information regarding these rights or wish to exercise any of them, please contact us via email using the details provided at the end of this Policy. Subject to certain exceptions permitted by law, you have the following rights:

a) Right to information – means that you have the right to know whether your private data is being processed, what data is collected, where it was obtained from, and why and by whom it is being processed.

b) Right to access – means that you have the right to access data collected about you and from you. This includes the right to request and obtain a copy of your collected personal data.

c) Right to rectification – means that you have the right to request the rectification or erasure of your personal data that is inaccurate or incomplete.

d) Right to erasure – implies that under certain circumstances, you may request the erasure of your private data from our records.

e) Right to restriction of processing – means that if certain conditions are met, you have the right to restrict the processing of your personal data.

f) Right to object to the processing – means that in certain cases, you have the right to object to the processing of your personal data, for example in the case of direct marketing.

g) Right to the objection to automatic processing – means that you have the right to object to automatic processing, including profiling, and not be subject to a decision based solely on automatic processing. You can exercise this right whenever there is a profiling outcome that causes legal effects that affect you or partially apply to you.

h) Right to data transfer – you have the right to obtain your personal data in a format that can be read by a device or, where feasible, by direct transfer from one Controller to another.

i) Right to appeal – if we refuse your request to a guaranteed right of access, we will provide you with the reason why this happened. If you are not satisfied with how your request is being handled, please don’t hesitate to contact us.

j) The right to the assistance of the supervisory authority – means that you have the right to assistance from the supervisory authority the Croatian Personal Data Protection Agency, Selska cesta 136, Republic of Croatia – 10 000 Zagreb, email: azop@azop.hr.

k) Right to withdraw consent – you have the right to withdraw all consent to the processing of your personal data.

We will review your request and provide you with a response within a reasonable time (and in any case within one month of your request, unless we tell you that we are entitled to a longer period allowed by applicable law). Please note, however, that certain personal data may be exempted from such requests under certain circumstances, for example, if we have to retain it due to the fact that by processing the data, we fulfil our legal obligations or need them to establish, enforce or defend legal requirements.

We may ask you to provide us with the information needed to verify your identity before we respond to any request you make.

If you would like to know more about these rights, when they may not apply or are exempt, please contact us for more details using the contacts listed at the end of this Policy.

Personal information we collect about you

Information automatically collected about you

This includes information that is automatically stored via cookies or other session tools. This information is used to improve the user experience. When you use or view the content of our site, your activities must be reported.

Publicly available information

We may collect information about you that is publicly available.

How we use your personal data

We use your personal information in order to provide information about the company Gavrilović d.o.o. and its products and to improve your user experience;

We only use your personal information on legal grounds such as legislation, contractual relations and legitimate interests (e.g. job applications, video surveillance, GPS) or with your consent (contests, promotions, marketing activities).

Open job applications

The data you send us through open job applications is processed exclusively for the purposes of performing the selection procedure for employment and is kept for a maximum of six months.

Video surveillance

If you find yourself in our premises at the address of the Gavrilović headquarters, we would like to inform you that the facilities are under video surveillance, of which you will be notified via stickers and a notice by the Controller. Video surveillance is used for the purpose of protecting people and property, intellectual property and food safety. The personal data collected is a video. Data provided by the data subject is processed within a period of 6 (six) months, and later only if so determined by a special contract or positive legal regulations or if the evidence is in judicial, administrative, arbitration or other equivalent proceedings.

GPS – official vehicles and mobile applications

Vehicles and mobile applications can be equipped with a GPS system that we use for the purpose of tracking vehicles to protect assets and tracking employees for the purpose of recording working hours. We keep the data we would collect using the GPS system for 6 (six) years. The data we collect includes GPS longitude and GPS latitude, UTC: input and output code and full name.

For promotions and contests

Gavrilović d.o.o. occasionally organises contests and competitions. Personal data collected in this way is only processed for the purpose of realising the competition or contest (e.g. the announcement of the winner’s name for contacting the winner, delivery of the prize, etc.). To participate in the contest or competition, we need your full name, e-mail, phone number and address for the delivery of the prize. We may also ask you for additional information defined by the rules of the contest or competition (e.g. invoice number from the purchased goods, etc.). We will delete the collected data after 6 months from the date of the announcement of the winner.

For contests, we also process your personal data necessary in order to fulfil the legal obligations.
We reserve the right to anonymise the collected personal data and to use such data. We will only use data outside the scope of the Policy when it is anonymous.
We may process your personal data for additional purposes, which are consistent with the original purpose for which the data was collected. To do this, we ensure the following:

a) the link between the purpose, context and nature of personal data is conducive to further processing;
b) further processing will in no way harm your interests and
c) there will always be certain protection for data processing.

We will always inform you about further processing and its purpose.

Marketing

We may collect and use your personal information for marketing by email, telephone and mail.

We may send you certain marketing communications (including electronic marketing communications to existing customers) if it is in our legitimate interest to do so for marketing and business development purposes.
However, we will always obtain your consent to direct marketing communications where required to do so by law, and if we intend to disclose your personal information to any third party for the purposes of such marketing.

If you wish to stop receiving marketing communications, you may contact us at any time using the contacts listed below or by email at marketing@gavrilovic.hr

Inquiries/Praises/Complaints

Your opinion is important to us!

If you have questions about our products, want to praise them or complain about them, on our page you will find the information that will allow you to get in touch with us in one of the following ways that suits you best:

– via our free consumer phone 0800 1690 every day from 00:00 to 24:00.
– by e-mail to the following address: jelica@gavrilovic.hr; reklamacije@gavrilovic.hr
– written by mail to the address Gavrilović d.o.o., Gavrilovićev trg 1, 44250 Petrinja with the indication “Complaint“.
– in person by submitting a written complaint at the address of the headquarters, Gavrilovićev trg 1, 44250 Petrinja.

The legal basis for data processing is a legal obligation, because we are obliged to ensure communication with you as our consumers and to respond to your inquiries and complaints in accordance with positive legal regulations.

The personal data necessary to process your inquiry/complaint are:

– name and surname
– phone/mobile number
– e-mail
– home address

In case you do not want to provide your data, we will not be able to process your inquiry/complaint.

If you contact us via the free consumer phone or via e-mail, the personal data you leave us is automatically stored and processed exclusively to respond to your inquiry/complaint.

Our complaints team will confirm the receipt of the complaint without delay, and will respond to you within 15 days from the day of receipt of the complaint and state the merits of the complaint.

Records of written consumer complaints are kept for five years from the date of receipt of the written complaint.

As a consumer, we will not forward your personal data to any third party contrary to the regulations governing the protection of personal data.

Our partner Hrvatski telekom d.o.o., Radnička cesta 21, 10000 Zagreb, is responsible for the free consumer telephone, which, in accordance with the contract, takes all necessary measures to protect your data.

Who else has access to your personal data

We do not share your personal information with strangers. In certain cases, personal data is provided to our trusted partners in order to provide a service or improve the user experience. We will share your personal information with the following third parties:

(a) our service providers and subcontractors, including, but not limited to, platform providers and technical support and service providers;

(b) public bodies and services;

(c) companies that assist us in our marketing, advertising and promotional activities;

(d) analysts and service providers who assist us in improving and optimising our website.

We only work with processing partners (Processors) under contracts, who have harmonised their business with the GDPR and who are able to provide an adequate level of protection for your personal data. We only pass on your personal data to third parties or public officials when we are legally obliged to do so. We may only disclose your personal information to third parties if you have given your consent or if there is another legal basis for doing so.

We may also disclose your personal information to third parties:

(a) if it is in our legitimate interest to do so and to develop our business, such as if all the assets of Gavrilović or any of its affiliates are acquired by a third party, in which case the personal data held by Gavrilović will be one of the transferred assets

(b) if we are under an obligation to disclose or share your personal information in order to comply with legal obligations, any lawful request from a government or law enforcement officer, and if we are required to comply with national security or law enforcement requirements or to prevent illegal activities.

(c) to protect our rights, the rights of our employees, business partners or others. This may include sharing personal data with other organisations to protect against fraud.

We will never share, sell or rent any of your personal information to a third party without notifying you and, if necessary, obtaining your consent. If you have given your consent to use your personal data in a certain way, but later change your mind, you can contact us to withdraw your consent using the contacts listed at the end of this Policy.

Protecting your data

We do our best to keep your personal data safe. We use secure protocols for communication and data transmission (such as HTTPS). We use anonymity and pseudonyms, where appropriate. We monitor our systems for possible vulnerabilities and attacks.

Although we do our best, we cannot guarantee complete information security. However, we promise to notify the authorities in case of a data breach. We will also notify you if there is a threat to your rights or interests. We will take all reasonable measures to prevent security breaches and provide assistance to the competent authorities if a breach occurs.

The main risks to your personal data during processing are loss, theft or misuse.

This could result in your personal data falling into the hands of someone else who could use it falsely or make information that you would rather keep private publicly available.

Gavrilović is committed to protecting personal data from loss, misuse, disclosure, alteration, unauthorised access, unavailability and destruction and takes all reasonable precautions to protect the confidentiality of personal data, including the application of appropriate organisational and technical measures.

Organisational measures include physical control of access to our premises, the implementation of internal policies, and employee training to ensure the confidentiality imposed on our employees and third parties.

Technical measures include requiring passwords to access our systems, using encryption and antivirus software, etc..
By providing us with your personal data, your personal data may be transferred via the internet. While we make every effort to protect the personal information that you provide to us, the transmission of information over the internet is not completely secure. Therefore, you acknowledge and agree that we cannot guarantee the security of your personal data transmitted on our website and that any such transfer is at your own risk. Once we receive your personal data, we will use strict procedures and security features to protect against unauthorised access.

If we have given you (or you have chosen) a password to use our site that allows you to access your online account, you are responsible for storing the password. Therefore, we ask you not to share your password with anyone.

We do not provide services directly to children or proactively collect their personal information. However, in some cases, when it arises from legal regulations or contractual relationships, we also obtain personal data on children. The data in the relevant parts of this Policy applies to both children and adults.

Keeping your data

We do not store your personal data for longer than necessary for the purposes for which the personal data is processed. The duration of the storage of personal data depends on the date, the purpose for which we collect and use it and/or, as appropriate, in accordance with the applicable laws and the establishment, exercise or defence of our legal rights. Our retention period policy is based on the following criteria:

(a) on legal provisions prescribing retention periods;

(b) contractual relations that stipulate duration;

(c) the cessation of the purpose for which the data was collected;

(d) the duration of judicial or other equivalent proceedings before the competent authorities;

(e) the legitimate interest of the controller.

If you have any questions regarding our Privacy Policy, please contact us using the contact information below.

Information on cookies

We use cookies and/or similar technologies to track user movements and collect user information. This is done in order to improve the user experience.

A cookie is a small text document stored on your computer. Cookies store information that helps a site work. You can control your cookies at the browser level. Choosing to disable cookies may interfere with the use of certain features.

We use cookies for the following purposes:

Necessary cookies – you need these cookies to use important functions on our site, such as logging in. These cookies do not collect any personal information.

Analytical cookies – we use these cookies to track the use and performance of our site and services.

Advertising cookies – these cookies are used to deliver advertisements that are relevant to you and in accordance with your interests. Additionally, they are used to limit the number of times you see an ad. They are most often placed on the site by the advertising network with the permission of the site operator. These cookies remember that you visited the site and this information is shared with other bodies, such as advertisers. Targeting and advertising cookies are often related to the functionality of the site, which is provided by other bodies.

You can find out more about cookies in our Cookie Policy.

Third-party websites and cookies

Our websites may from time to time contain links to websites operated by third parties, including partner networks. Please note that this privacy policy only applies to personal information we collect through our websites or that we receive from third party sources, and we cannot be held responsible for personal information about you that is collected and stored by third parties.

Third party websites have their own terms and conditions and privacy policy, and you should read them carefully before submitting personal information to this website. We do not endorse, or in any other way accept, any responsibility for the content of such third party websites or third party provisions in their terms and conditions.

Contact information

Gavrilović d.o.o.
HR, 44250 Petrinja, Gavrilovićev trg 1

Data protection
E-mail: zastita.podataka@gavrilovic.hr
Phone: +385 (0) 44 811 220

Amendments to the Privacy Policy

We reserve the right to make amendments to the Privacy Policy.
The last amendment was made [March 2020].

In the event of amendments to this Policy, we will notify you on this page and update the date of the amendment to the Privacy Policy.