devot logo

Privacy Policy

Before we start, we want to tell you straight away the most important thing – we have taken all security measures and steps to ensure your personal data are safe with us!

INTRODUCTION

With this Privacy Policy we wish to provide you with clear information on the processing and protection of your personal data which we collect in the course of our day-to-day business operations.

We want you to know that we take the protection of your personal data seriously and that is why we inform you here about why and how we collect your personal data.

The General Data Protection Regulation (better known as the "GDPR") and the Act Implementing the General Data Protection Regulation apply to this Privacy Policy.

This Privacy Policy includes the following chapters:

  1. WHO ARE WE?

  2. PERSONAL DATA

  3. HOW DO WE COLLECT YOUR PERSONAL DATA?

  4. SECURITY OF PROCESSING

  5. YOUR RIGHTS

  6. WHO DO WE SHARE YOUR PERSONAL DATA WITH?

  7. WHERE AND WHY DO WE TRANSFER YOUR PERSONAL DATA?

  8. WHO TO CONTACT IN CASE OF A PERSONAL DATA BREACH?

  9. CHANGES TO THE PRIVACY POLICY

1. WHO ARE WE?

We are DEVOT SOLUTIONS d.o.o., a company registered with the Commercial Court in Zagreb under registration number (MBS): 081033473, Croatian personal identification number (OIB): 03252244054, with its registered seat at Bani 30, Buzin, (“Devōt“) and we are the Controller controlling the processing of your personal data.

That means we collect and process your personal data.

2. PERSONAL DATA

Personal data is any information on the basis of which it is possible, directly or indirectly, to identify an individual.

Personal data is information such as your name, email address and similar data which directly disclose your identity as well as data such as your IP address and date of birth, which can indirectly lead to your identification.

3. WHAT PERSONAL DATA DO WE COLLECT, AND HOW?

In the course of its business Devōt does not make automated decisions that produce legal effects concerning you or significantly affect you, nor does it use your personal data so as to carry out evaluations of you / your conduct (so-called "profiling").

Here you can find information on (i) what personal data relating to you we collect, and how, (ii) why we collect it, (iii) the legal grounds on which we base the processing (collection) of this data and (iv) how long we maintain a record of your personal data.

Below is information on the personal data we collect about you when you use our website Devot (devot.team).

JOB APPLICATIONS

When you send us a job application via our website, we collect your CV, email address, name and IP address. We collect this data directly from you, by means of the contact form displayed on our website.

Why do we collect it?

We collect this data so that we can determine whether you are qualified for the job we offer and so that we can contact you back in case we want to work with you. We also collect and use this data when we believe that your qualifications are more desirable for some of our business associates, and in such cases we forward it to them, which we will inform you about and ask for your consent.

On the basis of what do we collect it?

On the basis of a legitimate interest and on the basis of your request, for the purpose of concluding or performing an agreement.

How long do we store it?

Personal data from job applications are kept for five years from the date of collection.

QUERIES

When you send us a query or contact us via customer support, LinkedIn, email or physical mail, we store your name, email address, company name, information about your potential project. We collect this data by means of the contact form displayed on our website. In case of contact via LinkedIn, bear in mind that we have no influence or control over how LinkedIn processes your data. You can find more about their privacy policy at: https://www.linkedin.com/legal/privacy-policy.

Why do we collect it?

We collect this data for potential business cooperation purposes or to be able to reply to your query.

On the basis of what do we collect it?

On the basis of a legitimate interest and in order to take actions at your request before concluding an agreement. Where the basis for processing is your consent, you have the right to withdraw your consent at any time, which will not affect the lawfulness of processing based on consent before its withdrawal.

How long do we store it?

We store personal data only for the necessary period of time, i.e. for the time we need your data in order to respond to your query or establish potential business cooperation. In the case of business cooperation, we will store the data for the periods set by mandatory legal rules.

BUSINESS COOPERATION

When we cooperate with others, we usually process data concerning persons representing legal persons (e.g. company directors), owners of sole proprietorships or natural persons-employees or persons otherwise connected with our business partners and clients. In doing so, we process identification and contact data of these persons. We collect this data directly from business partners but it is also possible to obtain it indirectly, from other persons connected with a partner or client, for cooperation purposes.

Why do we collect it?

We collect the above data in order to be able to perform our professional activity, provide services and exercise rights and obligations under concluded agreements. This processing is necessary for cooperation or to comply with our legal obligations. We can also process this data for our business organisation purposes.

On the basis of what do we collect them?

Where business cooperation is established, we process data because this is necessary for the performance of the agreement. Likewise, we can process them on the basis of a legitimate interest, e.g. to improve our business processes, maintain contacts with business partners, carry out promotional activities and provide information on services. Part of the processing is also carried out in order to comply with mandatory legal rules, e.g. in the fields of commercial, tax or criminal law, anti-money laundering regulations and the like.

How long do we store it?

We keep personal data that we process during business cooperation for as long as this is necessary for business cooperation, unless otherwise provided by mandatory rules (e.g. accounting regulations or anti-money laundering regulations).

COOKIES

And as icing on the cake, cookies.

A cookie is a small data file containing a series of characters that are sent to your computer when you visit our website.

You can find out which cookies we use on our website at Cookie Policy.

Children's personal data

Devōt does not collect and has no intention of collecting children's personal data, nor does it send children requests for the collection of personal data.

However, given that visitors of all age groups can navigate our website, if we find out that the collected data represents the personal data of a child under the age of sixteen (upon notification by a parent/guardian or in any other way), we automatically delete such data from our records.

4. SECURITY OF PROCESSING

Devōt is committed to protecting the security of your personal data.

Your personal data is protected by keeping all the personal data we collect in protected databases to which only authorised persons have access. Authorised persons are provided with a user name and a secure password which only they know.

By using a secure technology we protect the security of your personal data and take care to only collect for each particular processing activity personal data which is adequate, relevant and limited to what is necessary in relation to the purpose for which it is collected/processed.

If you have any questions about the security of your personal data, you can contact us at dpo@devot.team.

5. YOUR RIGHTS

Since this concerns your personal data, we wish to acquaint you with the five rights given to you by the GDPR:

Right of access

You have the right to access your personal data and can also request detailed information on the reasons why we collect it, the types/categories of personal data we collect, the envisaged period for which the personal data will be stored, who we share your personal data with and whether we transfer it outside the EEA and, if we do, what safeguards we use.

Right to rectification

If your personal data is inaccurate, incomplete or not kept up to date, you have the right to request that it be rectified or completed (which can be important for your reputation).

Right to erasure

You have the right to request the erasure of your personal data where one of the following grounds applies:

  • your personal data is no longer necessary for the fulfilment of the purpose for which it was collected;

  • you have withdrawn consent and there is no other legal ground for the processing;

  • you have objected to the processing (and we have no legitimate ground for the processing);

  • we have no legal ground for the processing of your data; or

  • his is required by EU or Croatian law;

  • personal data was collected for the purpose of offering services by electronic means to a person below the age of 16 years.

Right to restriction of processing

You have the right to request from us restriction of processing of the data relating to you where it is unclear when and whether the personal data will be erased when:

  • you have submitted a request for rectification of data (you consider it inaccurate);

  • you consider that there are no legal grounds for us to process the data relating to you but you do not wish us to erase it, but instead to restrict its processing;

  • you need your personal data to exercise legal claims and we no longer process it; or

  • you have objected to the processing of your personal data.

What does restricted processing mean?

This means that (in the above specified cases) your personal data, with the exception of storage and establishment and exercise of legal claims, may be processed only with your consent.

Right to data portability

You have the right to ask us to provide you in a structured format with your personal data that has been processed by us so that you can transmit it to another controller (which can be useful for you and save you time).

This applies only to cases where we have processed your personal data on the basis of your consent or an agreement concluded with you or pre-contractual acts.

Right to object

You have the right to lodge an objection at any time to processing, on grounds relating to your particular situation, if the processing of your data is based on our legitimate interest or if we process your data for direct marketing purposes.

In such situations we shall immediately stop processing your data unless there exist compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment and exercise of our legal claims, and we will inform you about this.

Right to lodge a complaint

If you consider that any right that you have relating to the protection of personal data has been violated by our processing, please contact us at: dpo@devot.team.

Notwithstanding the above, you always have the right to also lodge a complaint with the following supervisory authority: Croatian Personal Data Protection Agency (AZOP), Selska cesta 136, 10000 Zagreb, email: azop@azop.hr.

How can you exercise your rights?

You can exercise all of the above rights by sending an email at any time to: dpo@devot.team.

You can download the request for the exercise of your rights here.

6. WHO DO WE SHARE YOUR PERSONAL DATA WITH?

Devōt will not give your personal data to or share it with any third party for consideration.

Should your personal data be shared with any third parties, we will ensure that your data continues to be protected, that an adequate level of protection and security measures is provided and that these third parties adhere to the same rules as set out in this Privacy Policy, and we will inform you about this.

We may disclose your data to our processors, such as providers of accounting services, information and communication services and the like.

We conclude an agreement on the processing of your personal data with everyone with whom we share your personal data – and in this way we ensure that your personal data is also legally protected.

7. WHERE AND WHY DO WE TRANSFER YOUR PERSONAL DATA?

As a rule, we do not transfer your personal date outside the EEA.

Exceptionally, should your personal data be transferred outside the EEA, we will ensure that your data remains protected and that an appropriate level of protection and security measures is provided, and we will inform you about this.

We conclude an agreement on the processing of your personal data containing standard contractual clauses on data protection that were adopted by the European Commission with everyone outside the EEA to whom we transfer your personal data – and in this way we ensure that your personal data is also legally protected.

8. WHO TO CONTACT IN CASE OF A PERSONAL DATA BREACH?

However seriously we take our role as the controller of your personal data and strive to ensure your personal data is protected and secure, it is possible that a breach of your personal data takes place. If you believe that we have breached your personal data in any way whatsoever, you can send a request for the establishment of a breach to https://azop.hr/zahtjev-za-utvrdivanje-povrede-prava or by email to: azop@azop.hr.

Likewise, you can email us at: dpo@devot.team because we did not want your personal data to be breached and would really like to work with you to resolve the problem + help you further protect your personal data.

We also encourage you to contact us about any proposals you might have for improving the quality of protection of your personal data.

9. CHANGES TO THE PRIVACY POLICY

These privacy rules may change over time. All changes to the privacy rules will be published on our website and if the changes are significant, we will send you a special notification via email or a pop-up window on our website.