What is a cookie?
A cookie is a piece of information that the visited website stores on your computer. The information that is usually being saved by cookies is your settings or the settings of the website, such as the chosen language or address. Later on, upon opening that same website, the Internet browser sends back the cookies that belong to that very site. This enables the website to show you information adjusted to your needs.
Cookies can also store personal information, such as a name or an e-mail address. However, that information cannot be stored without your permission. Websites cannot be granted access to the information that you have not given to anyone and in no way can they access the other files on your computer. The settings of your Internet browser can always be changed, in order for you to be able to decide whether you want to admit or deny the saving of cookies, or delete the saved cookies automatically when closing the Internet browser.
What are temporary cookies?
Temporary cookies are also called session cookies. They are automatically removed from the computer once the Internet browser has been closed.
What are permanent cookies?
Permanent or stored cookies remain on your computer after you close your Internet browser. Websites use them to store information, such as a sign-in name and password so that you do not have to sign in each time you go to a particular site.
What are first-party cookies?
First-party cookies come from the website that you are viewing and can be either persistent or temporary. Websites might use these cookies to store information that they will reuse the next time you go to that site.
What are third-party cookies?
Third-party cookies come from other websites’ advertisements (such as pop up or banner ads) on the website you are viewing. Websites use these cookies to track your web use for marketing purposes.
We use temporary and permanent cookies with the sole purpose of enabling you a better user experience on our site. The collected data is anonymous, and the individual user data cannot be seen.
Končar Electrical Industry Inc. respects your privacy and undertakes to protect your personal data in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation). ), the Act on the Implementation of the General Data Protection Regulation (Official Gazette 42/2018) and other relevant regulations applicable in the Republic of Croatia.
Končar Electrical Industry Inc. is very serious about protecting the privacy of your personal data and implements all technical and organisational measures required by best practices, Croatian laws and the General Data Protection Regulation (EC 2016/679) – GDPR.
The specific purpose and method of processing of your personal data depend on the type of business relationship based on which your data is collected.
The information system of Končar Electrical Industry Inc. is protected in accordance with the best practices and standards, by physical solutions and applications developed by industry leaders. The logical and physical access to system components is managed in compliance with the applicable standards and the users are regularly trained and informed about the importance of information security and data protection.
DATA PROTECTION PRINCIPLES
Končar Electrical Industry Inc. processes personal data as follows:
- Lawfully – processing is permitted by law and subject to legally mandated restrictions.
- Fairly – respecting the nature of our relationship with you, putting in place the necessary safeguards, and facilitating the exercise of your rights.
- Transparently – by making all the information clear and easily accessible within the restrictions set by the General Data Protection Regulation.
- With purpose limitation – personal data processing is limited to the purpose for which it was collected.
- With limited storage period – storing the data in a form that allows data subjects to be identified for no longer than is necessary for the purposes for which the personal data is processed, and storing them for longer periods only if permitted by the Regulation.
- With data minimisation – processing only the data that is directly relevant and limited to what is necessary to accomplish a specific purpose.
- Observing data accuracy – ensuring that the data is accurate and up to date, and erasing any inaccurate data in accordance with the requirements of the Regulation.
- Protecting data integrity and confidentiality – implementing technical and organisational measures, ensuring appropriate security of the personal data depending on the risk, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
Lawfulness, i.e., legal grounds of data processing may include the following:
- Compliance with a legal obligation to which Končar Electrical Industry Inc. is subject,
- Your consent,
- Legitimate interests pursued by us, to the extent such interests override the interests of the data subject which require that the data not be processed, or
- Other legal grounds in accordance with the Regulation.
- Fulfilment of contractual obligations – when processing is necessary to fulfil the contract that you are a party to or to take action at your request prior to concluding the contract.
- Satisfaction of legitimate interests – when necessary, we process personal data in order to satisfy the legitimate interests important for our operations. Such legitimate interests may include the following:
- Fulfilment of your requests so you could help us develop, deliver and improve our products and services, or fulfilment of our internal needs, such as audit, data analysis and research for purposes of improving our products, services and communication with our users,
- Answering your inquiries and comments,
- Conducting legal proceedings and maintaining records of legal proceedings,
- Discovering perpetrators of criminal offences and fraud prevention,
- Protection of persons and property,
- Other purposes of which data subjects are informed in accordance with the General Data Protection Regulation.
Končar Electrical Industry Inc. undertakes to protect your personal data and will not disclose or make it available to third parties without your express consent, except:
- To service providers we hire as data processors for tasks related to the execution of contracts to which you are a party (such as consultants and alike),
- To market research agencies as our service providers when personal data is used for contacting for the purpose of market research,
- To competent authorities for the purpose of completing the tasks within their scope of duties (Tax Administration, Ministry of the Interior),
- Whenever Končar Electrical Industry Inc. is legally obligated to disclose such data.
Končar Electrical Industry Inc. shall carefully regulate its contractual relationships with third parties and ensure that personal data is protected appropriately and in accordance with the requirements of the Regulation.
Where personal data processing includes international transfer of such data, Končar Electrical Industry Inc. will inform you of the intent to transfer personal data to a third country or an international organisation, on the existence or non-existence of a decision on appropriateness adopted by the European Commission, as well as on appropriate safeguards and the manner of obtaining the copies thereof where such transfer is subject to appropriate safeguards in accordance with Article 46 of the Regulation, subject to the application of binding corporate rules in accordance with Article 47 of the Regulation, or, if that is the case, in accordance with Article 49, paragraph 1, sub-paragraph 2 of the Regulation. Each international transfer of personal data to third countries will be carried out in accordance with Chapter V. of the Regulation.
Regardless of the legal grounds for data processing, you have the following rights:
- Right of access and right to have your data rectified or amended,
- Right to personal data erasure (“right to be forgotten”),
- Right to restriction of processing or right to object to your personal data being processed,
- Right to have your data transferred to you or to third parties,
- Where data is collected based on consent, you can always withdraw your consent without any detrimental consequences,
- Right to submit an objection to the national supervisory authority – in Croatia, specifically, to the Croatian Personal Data Protection Agency (more on www.azop.hr).
All the rights are subject to proportionate restrictions, in accordance with the Regulation.
Please e-mail your written request to: firstname.lastname@example.org , submit it in person or send it by mail to Končar Elektroindustrija d.d, Fallerovo šetalište 22, 10000 Zagreb.
Končar Electrical Industry Inc. will only store your personal data for as long as necessary to fulfil its legal or contractual obligation or legitimate interest.
In case your personal data is processed based on your consent, the data is stored until you withdraw the consent. Withdrawing your consent has no effect on the legality of data processing based on such consent prior to its withdrawal.
If you provide your data by registering for a specific event, we will destroy it shortly after the event ends, no later than within 30 days.
DATA PROTECTION BY DESIGN AND BY DEFAULT
Končar Electrical Industry Inc. protects your data, and therefore, taking into account the state of the art, the cost of implementation and the nature, scope, context and purposes of processing, as well as the risks of varying likelihood and severity for rights and freedoms of natural persons posed by the processing, Končar implements, both at the time of the determination of the means for processing and at the time of the processing itself, appropriate technical and organisational measures, designed to implement data-protection principles.
Končar Electrical Industry Inc. also implements appropriate technical and organisational measures for ensuring that, by default, only the personal data necessary for each specific processing purpose is processed.
RECORDS OF PROCESSING ACTIVITIES
As the Controller, Končar Electrical Industry Inc. maintains records of processing activities, which contain the following:
- The name and contact details of the Controller;
- The purposes of the processing;
- A description of the categories of data subjects and categories of personal data;
- Where applicable, transfers of personal data to a third country or an international organisation, including the identification of that third country or international organisation and, if necessary, documentation of suitable safeguards;
- Where possible, the envisaged time limits for erasure of different categories of data;
- Where possible, a general description of the technical and organisational security measures.
PERSONAL DATA BREACH MANAGEMENT
In the case of a personal data breach, Končar Electrical Industry Inc. shall, without undue delay and, where feasible, no later than 72 hours after having become aware of it, notify the personal data breach to the Personal Data Protection Agency, in accordance with the Regulation, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons.
Where stipulated by the Regulation, Končar Electrical Industry Inc. shall communicate the personal data breach to the data subject without undue delay.
DATA PROTECTION IMPACT ASSESSMENT
Končar Electrical Industry Inc. does not conduct the type of processing likely to result in a high risk to the rights and freedoms of data subjects. However, if a certain type of processing meets the criteria for being high-risk, Končar Electrical Industry Inc. shall, prior to the processing, carry out an assessment of the impact of the envisaged processing operations on the protection of personal data, in accordance with the Regulation.