Privacy and Personal Data Protection Statement
Pursuant to Article 3 and Article 7 of the Personal Data Protection Act (Official Gazette 103/03, 118/06, 41/08,130/11, 106/12), Jantar d.o.o., A.B. Šimića 28 – Split, OIB: 85166931594 and Učilište JANTAR, A.B. Šimića 28 – Split, OIB: 96425511135 (hereinafter jointly referred to as: JANTAR) ensure the protection of all personal data they collect for the purpose of performing their business obligations.
JANTAR is compliant with the General Data Protection Regulation GDPR.
Personal Data
Personal data is any data that can unambiguously identify a person, i.e. determine their identity (such as name and surname, address, OIB, JMBG, ID card number, passport number, bank card number, etc.) as well as any other data, the unauthorized use of which may cause material and moral damage to that person. Processing of personal data is any action or set of actions performed on personal data, such as collection, storage, organization, updating, adaptation, withdrawal, inspection, disclosure by transmission, publication (or otherwise made available), classification or combination, blocking, deletion or destruction, and the implementation of logical, mathematical and other operations with this data.
JANTAR collects the following data for the purpose of conducting regular business:
basic personal data of a person: name and surname, OIB, date of birth, gender, address and place of residence. Basic personal data is collected for the purpose of basic operations for performing regular activities such as entering work logs, issuing contracts, issuing certificates, issuing invoices, carrying out necessary business correspondence, etc.
additional contact data of the person: telephone/mobile number or numbers, e-mail address, additional addresses (residence, etc.). The data is used for carrying out business correspondence, and for communication for promotional purposes (sending “newsletters”, information about new services/products, sending promotional materials, etc.) exclusively with the person’s permission
additional personal data: name and surname of parents, place of birth, citizenship. Additional personal data is used for maintaining mandatory civil registers in educational programs, and when printing business documents (for example, a certificate of completion of a course)
bank account data. The data is used for the purpose of carrying out financial operations (for example, refunds)
data on guardians of minors: name and surname of guardian, gender, OIB, date of birth, residential address, contact telephone/mobile numbers, contact e-mail address. The data is used for the purpose of conducting regular business with minors for whom other legal or natural persons are legally responsible.
JANTAR collects data in several ways:
- directly in the premises where it carries out its activities
- by telephone
- by e-mail correspondence
- by forms available on the website jantar.hr
JANTAR respects the privacy of all persons whose data is collected in any of the above-mentioned ways, and the collected personal data is processed with great care. All collected data is strictly kept and is available only to employees who need the data to perform their work. All JANTAR employees and business partners are responsible for respecting the principles of privacy protection. JANTAR may not use the collected data without authorization or make it available to third parties, except in cases where a special law permits it or it is necessary for the purpose of fulfilling contractual obligations.
Store and Retention of Personal Data
Personal data may be stored in:
- Physical form
- Electronic form
Data in physical form is stored in specially designated locations with limited access, and is accessible only to authorized persons trained in data protection.
Data in electronic form is stored in a special IT system designed for data storage and processing in accordance with JANTAR’s business activities. Access to data by JANTAR employees is limited by user authorizations for each individual employee, and access to data is only granted to those persons for whom the data is necessary for the performance of regular business operations.
Personal Data Protection
JANTAR attaches great importance to the protection of collected personal data, and takes all possible steps to protect data from unauthorized access or use by unauthorized persons.
All JANTAR employees are required to respect the principles of personal data protection, undergo adequate training on the method of collecting, processing and protecting personal data, and submit a written statement on the obligation to keep personal data.
All measures taken by JANTAR for the purpose of protecting personal data are in compliance with:
- Personal Data Protection Act
- EU General Data Protection Regulation (GDPR)
- EU Data Protection Directive (DPD)
Right to Acess Personal Data
Every person has the right to submit a request to the authorized person of JANTAR in order to exercise the right to access their personal data, and to supplement, amend, delete, etc. If it is determined that any of the personal data is incorrect, JANTAR will update the data according to the user’s request.
In the event that an individual requests the suspension of processing or deletion of personal data, they can notify JANTAR employees in writing:
- by e-mail to the address [email protected]
- by mail to the address JANTAR, A.B. Šimića 28, 21000 Split
- by delivering a written request in person at the office address, A.B. Šimića 70, 21000 Split
In the event of the above request, JANTAR will delete contact telephone and mobile phone numbers, contact e-mail address, and IBAN from the records. All other data is necessary for the performance of business obligations (for example: issuing transcripts of certificates at the request of the user, issuing certificates of course completion, etc.), and in certain situations must be kept in the archive due to legal obligations. The remaining personal data will be kept exclusively for the stated purposes, while JANTAR will suspend the processing of personal data until today.
Data Privacy Violation
Any person who believes that any of their rights guaranteed by the Personal Data Protection Act have been violated has the right to file a request for determination of a violation of rights with the Personal Data Protection Agency.
In the event of a potential violation of the privacy of data from our systems or the systems of any of our partners, JANTAR will notify all relevant persons and competent authorities within 72 hours of the violation, if it is obvious that personal data from which the identity of the data owner can be determined has been stolen and/or stored due to the violation
Communication via eletronic mail (e-mail)
JANTAR uses the collected e-mail addresses as a regular form of communication with clients and students. Communication via e-mail is carried out via the Simple Main Transfer Protocol (SMTP). Our SMTP servers are protected by TLS (sometimes known as SSL), which ensures that the content of the e-mail is encrypted using SHA-2, 256-bit cryptography before being sent over the Internet.
JANTAR undertakes that communication via e-mail will not be transferred to any third party, except in cases where special law permits or is necessary for the purpose of fulfilling contractual obligations.
All communication via e-mail that serves the purpose of regular business operations (communication related to the course, communication about financial obligations, information about significant changes and upgrades, generation of user accounts for access to JANTAR’s information systems, etc.) is considered necessary for the performance of JANTAR’s business obligations, and as such is an integral part of communication between JANTAR employees and persons whose data JANTAR collects for the purpose of regular business operations.
JANTAR may also use the collected e-mail addresses for promotional purposes, such as sending newsletters, sending notifications about new services and products, sending information about events and promotions, etc. JANTAR undertakes to use e-mail addresses for communication for promotional purposes only in cases where the person has given explicit permission for this use of the e-mail address.
Monitoring of Website Visits
Like most websites, www.jantar.hr uses Google Analytics (GA) to analyze visitor behavior on our websites. The collected data is used to determine visitor trends and interests and to better understand our clients’ requests. Although GA records data such as your geographic location, your device, internet browser and operating system, none of this data can personally identify you. GA also records the IP address of your computer, which could be used for personal identification, but JANTAR does not have access to this data.
In order to make your visit to our websites as functional and convenient as possible, GA uses a certain amount of information, so-called cookies. They are used to ensure that the website works optimally and to improve the browsing and usage experience for visitors, and details about them can be found in Google’s developer guides. By visiting and using the website www.jantar.hr, each visitor agrees to the use of cookies, which can also be blocked. Disabling cookies on your web browser will stop GA from tracking any part of your visit to any part of the website. In this case, visitors can still browse the website, with the note that in this case some features will not be available.
For more information about the privacy policy of the Google Analytics platform, you can find out via the following link
https://policies.google.com/privacy?hl=hr
Changes to the Privacy and Personal Data Protection Statement
This statement may change from time to time in accordance with the legislative framework and/or industry developments. JANTAR is not obliged to personally notify each client of changes to this Statement, but in such a case the Statement itself will be updated on the website www.jantar.hr.
We recommend that all clients periodically check the specified website in order to be informed about possible changes to the Privacy Statement and protection of personal data.