At Varžak med d.o.o. we are committed to maintaining the trust and confidence of customers and visitors of our website, and subscribers to our newsletter. Here you’ll find information on how we as a data controller (hereinafter “the Data Controller”) treat data that we collect from customers and visitors of our website, or when someone subscribes to our newsletter.
1. SHOPPING ON THE WEBSITE
Each time you make a purchase on our website (or to some extent when you create an account on our website) you allow us, or it is necessary that we access some information that will due to its characteristics, allow us to identify you, such as your first name, last name, email address, billing address, shipping address or a phone number (hereinafter, “Personal Data”), whether for purposes of browsing, purchasing our products or using our services or functionalities, you will be subject to this Privacy and Cookies Policy, Terms and Conditions and other documents cited therein which are applicable at all times and should be reviewed to ensure you agree with them.
It is important to note that your credit or debit cards are never directly processed by us, but by our third party payment gateway service Braintree Payments (a PayPal company). That way your credit or debit card data is never stored on our website, even when you choose “save credit card” option. Instead it is saved in their closed system protected by multiple encryption to ensure additional layers of security.
Not providing certain compulsory information may mean that it will not be possible to manage your registration as a user or to use certain functionalities or services available through this website.
The user (you) hereby guarantees that the Personal Data provided is true and exact, and agrees to report any change or modification thereto. If you provide us with the Personal Data of third parties, you shall be responsible for having informed them and obtained their consent for these details to be provided for the purposes indicated in the corresponding sections of this Privacy and Cookies Policy. Any loss or damage caused to this website, to Data Controller or to any third party through the communication of erroneous, inaccurate or incomplete information on the registration forms shall be the sole responsibility of the user.
The Data Controller shall use Personal Data, if fitting, for the following purposes:
1.1. To manage your registration as a user of the website. The Personal Data you provide us with shall be used to identify you as a website user, and to give you access to its different functionalities, products and services that are available to you as a registered user.
1.2. The development, compliance and undertaking of the purchase contract for the products you have acquired or any other contract with us through the website. In particular, you must bear in mind that if you choose the option to save your card, you shall expressly authorise us to process the indicated details via our third party service provider Braintree Payments to be used as necessary for its activation and development. The card’s security code (CVV or CVC) shall only be used for making the purchase and shall not be subsequently stored or processed as part of the payment details. Consenting to the activation of this functionality means that your data will automatically appear in these fields when making future purchases, so you will not have to enter your details again for each new purchase as they will be considered as valid and in place. You can change or delete your cards at any time through the “My Account” section. We do not store and transmit your card details locally, but instead they are stored at our third party service provider Braintree Payments in accordance with the leading international standards of confidentiality and security for credit and debit cards, including multiple encryption (if you wish to know more about data security with Braintree Payments, you can read more about it here). The use of this function may require you to change your access password for security reasons. Remember that security when using the website also depends on the correct use and storage of certain confidential codes.
1.3. Contact you by email or telephone regarding updates or informative communications related to the functionalities, products or contracted services, including website security updates, when necessary or reasonable for their implementation.
1.4. Activation and execution of your requests which you have given through available channels of customer support linked to this website.
Data processing will last (i) as long as it is permitted by law, or (ii) undetermined time (i.e. until you request that part or all of your data is deleted), or (iii) until there is no need for the specific data. For example, data that is linked to your order will be kept and processed as long as the controller has to hold such data because of the existing laws, and such data will be deleted when this legal obligation ceases to be.
2. VISITING THE WEBSITE
When someone visits mediterra.hr we use a third party service called Google Tag Manager which helps us incorporate various analytics and tracking tools like Google Analytics and Facebook Pixel, so that we can collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site and to detect possible issues or bad user experience on our website, and so we could offer relevant ads over Google and Facebook (and their respective connected companies) platforms. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google or Facebook to make any attempt to find out the identities of those visiting our website. You can find more information on how cookies are used on this website in the Cookies Policy below.
If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.
3. NEWSLETTER SIGNUP
As part of the registration process for our newsletter, we collect personal information, but we limit those information to email only. We use that information for a couple of reasons: to tell you about stuff you’ve asked us to tell you about (new products, big news, new offers); to contact you if we need to obtain or provide additional information; to check our records are right and to check every now and then that you’re happy and satisfied. We don’t rent or trade email lists with other organisations and businesses.
Previously we have used a third party service, MailChimp, to collect the data and deliver the newsletter (up until 5th of May 2018). Since that date we have decided to move all the aggregated data in our own database so we could personally vouch for their security. MailChimp database has been erased after that so that your data would be present only in our system. We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve future newsletters.
You can unsubscribe to general mailings at any time of the day or night by clicking the “unsubscribe” link in any of our newsletters. Additionally, you can unsubscribe by visiting our Privacy Center and clicking on the “Unsubscribe” category or if you send us an email request to unsubscribe to [email protected]
4. LINKS TO OTHER WEBSITES
5. ACCESS TO YOUR PERSONAL INFORMATION
We undertake to respect the confidentiality of your Personal Data and to guarantee you can exercise your rights.You are entitled to exercise your rights of access, rectification, cancellation and opposition by visiting our Privacy Center or by sending an email request to [email protected]
6. CHANGES TO THIS PRIVACY NOTICE
We keep our privacy notice under regular review and update it when necessary. This privacy notice was last updated on 26th of September 2019.
7. INFORMATION ABOUT COOKIES