Data Protection

 

General Data Protection Regulation

 

DICTA Ltd has harmonized its business with EU Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.

Collecting of personal data

Visitors can visit our web page without revealing their personal data. This means that web page visitor's data is not collected, apart from their IP address. Visitors can voluntarily send their personal data to our e-mail address with the purpose of contacting them or sending them an offer. In that case it is considered implicit consent to the processing of the personal data. It is also considered implicit consent filling in the contact form used to send e-mails and/or to register. Collected personal data will not be disclosed to unauthorised third parties, with the exception of law requirements. Visitors (customers) have the right to access their data at any moment and to rectify their data. DICTA Ltd collects the minimum of data incompatible with initial purposes which are deleted after processing has finished. For the purpose of sales relationship personal data will be transferred to the third parties. Personal data regarding credit cards will be transferred to banks, and personal data regarding delivery of products will be transferred to delivery companies.

Cookies

A cookie is a small amount of data generated by a web site and saved on your computer or smart phone. Cookies are used to improve user experience, to increase web page's efficiency as well as to record the user's browsing activity.  

By turning off and/or blocking cookies the visitor can still visit our web page. But there is a possibility the web site might not function properly and the access to certain functions of web site will take longer than usual.

Consent management

Consent means any freely given, informed and unambiguous indication of the data subject's wishes he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her. DICTA Ltd cooperates mostly with natural persons and with legal persons. Relations with natural persons requires consent, but relations with legal persons does not require consent because they are legal entity. The protection of personal data of legal persons is based on legal legitimacy. Consents are signed with Dicta Ltd employees. Visitors (customers) have the right to erasure and to rectify their data at any moment.

Time limits on keeping data

DICTA Ltd is obliged to keep the personal data for as long as it is required by law depending on the purpose. If the period is not defined by law, the keeping of personal data ends with the completion of the purpose for which the data is collected. Deadline for keeping customers personal data is two years, that is, the expiration of warranty. 

Technical and organisational measures

Dicta Ltd established a wide range of technical and organisational security measures according to the estimated risks in order to protect personal data. Those security measures are in regard to protection of company's documents, protection of computers, rules of conduct for the employees, contracted relations with our outer service provider, periodical audit of the protection of personal data system and numerous other measures.

GDPR rights of the data subject

Every data subject has the following rights according to GDPR Regulation:

  • right of access by the data subject
  • information to be provided where personal data are collected from the data subject
  • right to data portability
  • right to erasure
  • right to object
  • right rectify data if it is incomplete or incorrect
  • right to erasure („right to be forgotten“)

Exercising this right is to be implemented via our official controller, telephone number +385 51 215 255; zastita-privatnosti@dicta.hr