We are glad that you have shown interest in our company, and please read the following text carefully before using our website. With this document we want to explain how we collect personal data for using our website, why and with who we share it, and how we protect your personal data that we use.
Data protection is an important priority for CS Management j.d.o.o. Using the website of our company is possible without submitting any personal data; however, if you are- as a visitor- interested in a particular service of the company through the contact form or you intend to request an offer through our website, the processing of personal data may become necessary.
The processing of personal data, such as the name, address, e-mail address or phone number of the data subject is in accordance with the General Data Protection Regulation (GDPR) and in accordance with the specific data protection prescribed on CS Management j.d.o.o. website. With this privacy statement, our company wants to inform the public about the scope and purpose of the personal data we collect, use and process. Furthermore, the applicant is informed through this privacy statement about all rights.
As a processor subject, CS Management j.d.o.o. has implemented a number of technical and organizational measures to ensure the most complete protection of personal data processed through this website. However, data transmission over the Internet can have security gaps, so absolute protection may not be guaranteed. For this reason, each applicant can provide his personal data (if necessary) by alternative methods of communication by: phone, email or mail.
Data Protection Statement for CS Management j.d.o.o. is based on the terms used by the European legislator to adopt the General Data Protection Regulation (GDPR). Our Privacy Statement should be legible and understandable to the general public, as well as to our customers and business partners. To ensure this, firstly we want to explain used terminology.
In this Privacy Statement, we use the following conditions:
a) Personal data
Personal data means all data relating to an identified or recognizable natural person (“respondent”). An identified natural person is one who can be identified directly or indirectly, in particular by reference to an identifier such as name, identification number, location data, online identifier and one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or the social identity for the natural person.
Respondent is any natural person identified or recognizable, whose personal data is processed by the data processor responsible for processing
c) Data processing
Data processing is any action or set of procedures performed on personal data or sets of personal data, whether automated such as collection, recording, organization, structuring, storage, adaptation or modification, search, publication by transmission, dissemination or otherwise by making available, aligning or combining restricting deleting or destroying.
d) Processing restriction
Processing Restriction means stored personal data with the aim of restricting their processing in the future.
e) Creating a profile
Creating a profile means any form of automated processing of personal data consisting of the use of personal data to asses certain personal aspects relating to a natural person, in particular to analyze or predict aspects relating to the natural person’s workplace, economic situation, health, personal preferences, interests, reliability, behaviors, locations or movements.
Means processing personal data in such a way that personal data can no longer be attributed to a particular respondent without the use of additional information, under condition that such additional information is kept separate and is subject to technical and organizational measures to ensure that personal data cannot be attributed to an individual whose identity is revealed or can be revealed.
g) The head of personal data processing or the person in charge as the head of personal data
Processing controller means a natural or legal person, public authority, agency or other subject which alone or together with others determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union law or the law of a Member State, the controller or special criteria for his appointment may be provided by Union law or the law of a Member State.
Processor means a natural or legal person, public authority, agency or other subject which processes personal data on behalf of the controller.
Recipient means a natural or legal person, public authority, agency or other subject to which personal data are revealed, whether or not he is a third party. However, public authorities which may receive personal data in the context of a particular investigation in accordance with the Union or Member State law shall not be considered as recipients; the processing of such data by those public authorities must comply with the applicable data protection rules according to the purposes of the processing.
j) Third party
Third party means a natural or legal person, public authority, agency or other subject other than the respondent, the controller, the processor or persons authorized to process personal data under the direct responsibility of the controller or processor.
Consent of the respondent means any voluntary, special, informed and unambiguous expression of the respondent’s wishes by which he gives his consent to the processing of personal data relating to him by statement.
The data controller under the General Regulation on Personal Dana Protection (GDPR) or other laws concerning personal dana applicable in the Member States of the EU is:
Director Vanja Bralo
CS Management j.d.o.o.
number: + 385 92 188 1308
By using cookies, CS Management j.d.o.o. provide more customer servicers to users, that would not be possible without setting cookies.
The respondent at any time can prevent the setting of cookies via our website using the appropriate setting of the internet browser used. Furthermore, already set cookies can be deleted at any time via a web browser or other software programs. This is possible in all popular internet browsers. If the respondent deactivates the setting of cookies in the used internet browser, not all functions on our website may be fully useful, usable or it will not be possible to use them.
Search engine owners inform you about how to manage cookies. Read more at the linked links.
CS Management j.d.o.o. website collects general data and information when the respondent or automated system accesses the website. This general data and the information collected by accessing the website is stored on the server in the form of log files. Website collects :(1) types and versions of Internet browsers, (2) the operating system of user, (3) the web page from which the access system reaches our site, (4) subpages, (5) date and the time of access to the Internet site, (6) the Internet Protocol (IP address) address, (7) the Internet service provider of the access system, and (8) any other similar data and information that may be used in the case of an attack on our information technology.
The CS Management j.d.o.o. website contains information that enables fast electronic contact with our company, as well as direct communication with us, which includes the email address. If the respondent contacts our team by e-mail or via the contact form, the personal data sent by the respondent in the specified way are automatically stored. Such personal data voluntarily submitted by the respondent shall be stored by the data controller for processing or possible contacting of the respondent in the future. Such information is not passed on to third parties.
The data obtained by the mentioned methods are stored within the electronic messages located on the computers of the data controller and these computers are protected by a password. The same data can be stored in backups in electronic form, and in case of backup recovery the data for which deletion is requested will be removed. The backup is stored for a maximum of one month on an electronic medium located in a cabinet containing a keyhole and the key is with the data controller.
The data controller processes and stores personal data of respondents for the time necessary to achieve the goal of holding personal data, or until a deadline permitted or required by European Union legislation or other legislators under whose jurisdiction the data controller processing.
If the purpose of storing personal data is not applicable or if the storage period prescribed by European Union legislation or another competent legislator has expired, personal data is routinely blocked or deleted in accordance with legal requirements.
a) Rights for confirmation of personal data
Each respondent has the legal right to obtain confirmation from the controller whether or not personal data about him or her are being processed. If the respondent wishes to use this right of confirmation, he may at any time contact the data controller
b) . The right to access information
Each respondent has the legal right to obtain from the controller of personal data information about his or her personal data stored, at any time, as well as a copy of all such data. Furthermore, EU provisions and regulations allow the respondent access to the following information:
If the respondent wishes to exercise this right of access to information, he may at any time contact the data controller.
c) The right to correction of personal data
Every respondent has the legal right guaranteed by the European Union Legislation to request the data controller at any time to correct inaccurate data about him without undue delay. The respondent has the right to fill in incomplete personal data, including an additional statement. If the respondent wishes to use this right to correction, he may at any time contact the data controller.
d) The right to delete personal data
Each respondent has the legal right under European Union law to ask the controller to delete personal data relating to him or her at any time without delay. The data controller has the obligation to delete without delay the personal data of the respondents where at least one of the following conditions is applicable, as long as the processing is not necessary:
If the controller has allowed the publication or transmission of the personal data, he shall delete the personal data in accordance with Article 17, paragraph 1, and the controller shall take reasonable steps, including technical measures, to take into account the available technology and implementation costs. other data controllers to delete all transferred data of the respondent, all copied data, until their processing is no longer required. CS Management employees j.d.o.o. will ensure implementation and measures in each individual case.
e) The right to restrict the processing of personal data
Each respondent has the legal right under European Union law to obtain the right from the controller of personal data processing, if one of the following conditions applies:
If one of the above conditions is met and the respondent wishes to request a restriction on the processing of personal data stored in CS Management j.d.o.o., he may at any time contact the data controller. The data controller of CS Management j.d.o.o. will organize the processing restriction.
f) The right to data portability
The respondent has the right to receive personal data relating to him, which he provided to the controller in a structured, commonly used and machine-readable format, and has the right to transfer this data to another controller without interference by the controller to whom the personal data were provided, if: processing shall be based on consent in accordance with Article 6 (1) (a) or Article 9, paragraph 2 (a) or on a contract in accordance with Article 6 (1) (b); and (b) processing is performed automatically. The articles refer to the articles of the General Regulation on Personal Data Protection (GDPR).
Furthermore, in using his right to data portability under Article 20 (1) of the General Data Protection Regulation (GDPR), the respondent has the right to have personal data transferred directly from one controller to another, where it is technically feasible and when it does not do so unfavorably, and it does not affect the rights and freedoms of other respondents. In order to use the right to data portability, the respondent may at any time contact any CS Management processing manager j.d.o.o.
g) The right to objection
The respondent has the right to object to the processing of personal data relating to him at any time, in accordance with Article 6 (1) of the General Data Protection Regulation (GDPR), point (e) or (f), including the creation of a profile based on these provisions. The controller may no longer process personal data unless the controller demonstrates that there are compelling legitimate reasons for the processing that go beyond the interests, rights and freedoms of the respondent or to set, pursue or defend legal claims.
If personal data is processed for the purposes of direct marketing, the respondent has the right at any time to object to the processing of personal data relating to him for the purposes of such marketing, which includes the creation of profiles to the extent associated with such direct marketing. Based on his own situation, the respondent has the right to object to the processing of personal data by the CS Management j.d.o.o. website, which is used for scientific research or statistical purposes under Article 89, Paragraph 1 of the General Regulation on Personal Data Protection, unless the processing is necessary for the purpose of the public interest.
If the respondent objects to the processing for the purposes of direct marketing, the respondent may at any time contact the controller of the processing of personal data, and his or her personal data may no longer be processed. In the context of the use of information society services, the respondent, despite Regulation 2002/58 / EC, may use his right to object by automated means using technical specifications.
h) Automated individual decision making, including profiling
Every respondent under European Union law has a guaranteed right not to have his personal data included in the automated processing of personal data, including profiling, which may create legal or similar consequences for him or her, as long as the decision is not part of an agreement between the respondent and the controller, or processing of personal data is either not permitted by the laws of the European Union or individual Member States which take appropriate measures to protect the rights, freedoms and interests of the respondents, or is not based on the explicit consent of the respondents.
If the decision is required for a contract between the respondent and the controller of personal data processing, or is based on the explicit consent of the respondent, the CS Management j.d.o.o. will implement measures that will protect the respondent's rights, freedoms and interests, the minimum right to human intervention by the data controller.
If the respondent wishes to use his or her rights regarding automated individual decision-making, he or she may at any time contact the personal data controller of the CS Management j.d.o.o.
i) The right to withdraw consent
Each respondent has the legal right under European Union law to request the withdrawal of their consent to the processing of their personal data at any time. If the respondent wishes to use the right to withdraw consent, he or she may at any time contact any data controller of CS Management j.d.o.o.
Article 6, Paragraph 1, Subparagraph (a) of the General Data Protection Regulation (GDPR) serves as the legal basis for the processing of transactions for which we have obtained consent for a specific purpose of personal data processing. If the processing of personal data is necessary for the performance of a contract to which the respondent is a party, such as when processing operations are necessary for the delivery of goods or the provision of any other service, the processing is based on Article 6 (1) (b) Personal Data Protection Regulation (GDPR). The same applies to processing operations that are necessary for the execution of pre-contractual measures, for example in the case of inquiries about our products or services. Whether our company is subject to a legal obligation to process personal data, such as to meet tax obligations, the processing is based on Article 6, Paragraph 1, Subparagraph (c) of the General Data Protection Regulation (GDPR). In rare cases, the processing of personal data may be necessary to protect the vital interests of the respondent or another natural person. This would be the case, for example, if a respondent is injured in our company and his or her name, age, health insurance information or other vital information should be passed on to a doctor, hospital or other third party. The processing will then be based on Article 6, Paragraph 1, Subparagraph (d) of the General Data Protection Regulation (GDPR). Finally, personal data processing operations may be based on Article 6, Paragraph 1, Subparagraph (f) of the General Data Protection Regulation (GDPR). This legal basis is used to process transactions that are not covered by any of the above legal bases, if the processing is necessary for the purpose of legitimate interests pursued by our company or a third party, unless such interests are neglected interests or fundamental rights and freedoms of respondent’s personal data. Such treatments are specifically allowed, as they have been specifically mentioned by the European legislator. He considered that a legitimate interest could be presumed if the respondent was a client of the data controller.
When the processing of personal data is based on Article 6, Paragraph 1, our legitimate interest is to conduct our business for the benefit of all our employees and shareholders.
The criteria used to determine the period of storage of personal data correspond to the maximum allowed legal period. After the expiration of that period, the relevant data is routinely deleted, until it is no longer necessary to perform the contract or initiate the contract.
Let us clarify that the provision of personal data is partially prescribed by law or may be the result of contractual provisions (eg. information on the contractual partner). Sometimes it may be necessary to enter into a contract submitted to us by the respondent, after which we must process them. The respondent, for example, is required to provide us with personal information when our company signs a contract with him. Refusal to provide personal data would result in the impossibility of concluding a contract. Before giving personal information, the respondent can contact any employee of the company. The employee explains to the respondent whether the provision of personal data is prescribed by law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide personal data and the consequences of not providing personal data.
As a responsible company and business partner, we do not use automatic processing of personal data and we also do not perform profiling.