Intersnack Adria d.o.o.

Privacy statement

Introductory provisions

Thank you for showing interest in our company and our online content. Intersnack Adria d.o.o. (hereinafter: ISA, we, us, our, etc.) is the owner of the website at the address Intersnack.hr (hereinafter ISA web).

The use of ISA web is possible without the submission of any personal data. However, if you want to use the special services of our company through ISA web, the personal data processing may become necessary. We have created the privacy statement you are reading with the purpose of presenting the concern for the privacy of our customers and users, as well as providing information on the way of collecting and processing the personal data of our customers and users that is carried out on our website.

With the present Privacy Statement, we intend to inform the users of our ISA web about the nature, scope and purpose of the personal data that we collect, process and use. This Privacy Statement shall also provide information regarding your rights.

As the Data Controller, we have implemented technical and organizational measures to ensure the complete protection of personal data processed through the present website. However, data transfers based on the Internet may have security flaws, and that is why we draw your attention to the fact that we cannot guarantee absolute data protection. For this reason each user can submit, free of charge, personal data which are necessary for the use and/or purchase of certain services through alternative means of communication (e.g. via phone, mail, etc.).

Please read this Privacy Statement with due attention in order to understand how we collect, use, process and protect your personal data.

Name and address

The Data Controller whose function is implementing the General Data Protection Regulation (GDPR) and other personal data protection laws that apply in the European Union member states, as other provisions related to data protection is: Intersnack Adria d.o.o., Pepe Bukača 11, Hercegovac, Croatia. E-mail: gdpr@intersnack.hr.

Data Protection Coordinator

In accordance with the Management Board's decision, the company did not appoint a special Data Protection Officer. Instead, they appointed a Data Protection Coordinator who can be contacted for any questions or complaints related to our privacy policy or other questions regarding personal data use. The name and contact information of our Data Protection Coordinator are as follows: Donika Grgić, e-mail: gdpr@intersnack.hr.

Cookies

Session cookies are temporary cookies that expire (and are automatically deleted) when you close your internet browser. We use them to provide access to content and enable services you can access when you log in with your data at www.intersnack.hr.

Persistent cookies usually expire later in the future and remain in your browser until they expire, or until you manually delete them. www.intersnack.hr does not use persistent cookies for functions such as "remembering" that the user is logged in on the page, which makes it easier for you as a registered user to use www.intersnack.hr. We also do not use persistent cookies in order to understand better the user's habits and improve the site according to the user's usage patterns.

Personal data collection and processing

Through the ISA web, we collect only those personal data that you, as a user of our ISA web, enter independently. Data is collected through available web forms, or through contact with our employees via e-mail. The data collection is necessary for the execution of our services and marketing of products, billing, issuing invoices, delivery of purchased goods and services, as for the fulfillment of the guarantee arising as a consequence of the business relationship. Such data is collected based on the terms of data use.

Through the user account and contact with employees, we can collect the following personal data: name, surname, street, house number, city, postal code, e-mail address, telephone number.

We use the information collected when creating a user account on our website for the following activities:

  • Inquiries (general inquiries)
  • Journalist inquiry
  • Product complaint
  • Praise
  • Complaint

When using this general data and information ISA we do not draw any conclusions about the user. We need this information in order to: correctly deliver the content of our website and respond to inquiries; optimize the content of our websites, as well as advertisements, and provide information to law enforcement authorities in cases where this is necessary. With the aim of increasing the protection and security of data, as well as ensuring the optimal level of protection of the personal data we process, ISA can analyze the collected personal data. Anonymous server log data is stored separately from any personal data provided to us by the user.

The General Data Protection Regulation (GDPR) stipulates our right (legitimate interest) to process your personal data for the purposes of direct promotion (marketing) and profile creation in connection with such promotion, to the extent that this is not against your interests, freedoms and rights. However, in order to ensure a more complete protection of your personal data, rights and interests, before processing your personal data for the purpose of direct promotion (marketing), we will request your express consent for such processing.

Links to third parties

On our website we do not offer or provide any third party services or products.

Protection of your data

The security of your personal data is extremely important to us. Therefore, we have ensured that your personal data is processed and used in a safe manner and in accordance with all applicable legal regulations and best practices. We implement appropriate technical, physical and organizational measures to protect data from security risks, including accidental, unauthorized, illegal or otherwise unwanted data access, data destruction, loss or disclosure. We ensure a level of security that corresponds to the risks of data processing.

Your data is stored on a protected internal server infrastructure to which external access is denied to anyone, except persons authorized to maintain it, and access to personal data is only available to our authorized employees, i.e. contractual collaborators with limited processing rights in accordance with rules contained in this Privacy Policy.

Storage and period of data storage

We store and protect your personal data for the duration of your business relationship with us, i.e. for the time necessary to achieve the corresponding described purposes, i.e. for the time you want to stay in contact with us and/or for the time you agree to receive our notifications according to selected settings you informed us about when providing your personal data, or until you withdraw the consent you gave us for particular purposes.

After your deregistration, we will store your personal data for a maximum of 12 (in letters: twelve) months from the date of receipt of your deregistration for the purpose of records in case of possible subsequent inquiries, requests or disputes, unless that, for specific purposes, a special (shorter or longer) storage period for your personal data has been determined, either based on the provisions of applicable legal regulations, or for the protection of legitimate interests, both ours and yours, or the interests of third parties.

In any case, if we receive your deregistration, revocation of consent, request to limit the processing of your personal data, or any similar complaint, we will immediately interrupt any communication of a marketing nature with you and deactivate your personal data, and their storage within a certain period shall be the only way of their processing before their permanent deletion, or destruction in another manner.

All data is stored in the databases and repositories of our servers. We do not transfer or store stored data in countries outside the European Union.

Your rights under the General Data Protection Regulation

The users of our services have the following rights based on the General Data Protection Regulation (GDPR):

  • Right of access: At any time, you have the right to request confirmation as to whether your personal data is being processed, and if your personal data is being processed, to receive information on how your personal data is being processed. You may also request access to your personal data, as specified in Article 15 of the General Data Protection Regulation (GDPR), including the right to receive a copy of the personal data being processed; Upon your request to exercise the right of access, we will deliver to you data and information in electronic form (e-mail), unless you have specified an e-mail address in your request or have specifically requested delivery by mail.
  • The right to have your personal data corrected: You have the right to request the correction of your incorrect personal data without undue delay, also by providing an additional statement.
  • Right to deletion: You have the right to delete data at any time if one of the following conditions is met:
    • the data are not necessary in relation to the purposes for which they were collected or otherwise processed;
    • you withdraw the consent on which the data processing is based (marketing and special categories of data) and there is no other legal basis for the processing;
    • personal data were illegally processed;
    • personal data must be deleted in order to comply with legal obligations based on other legal regulations;
    • when you file a complaint based on Art. 21 of the Regulation, and there is no stronger legitimate interest for processing.
  • The right to restrict data processing: You have the right to ask us to restrict the processing of your personal data if you dispute the accuracy of such data, if the processing is illegal and you object to data deletion, if you have objected to the processing of your data and if we no longer need the data, but you need them to establish, exercise or defend legal claims.
  • The right to data transfer: You have the right to request the transfer of your personal data to another Data Controller if the processing is based on consent, or is carried out for the purpose of executing a contract in which the respondent is a party or in order to take actions at your request before entering into a contract, and if the processing is carried out by automated processing. You have the right to a direct transfer from one Data Controller to another, if this is technically possible.
  • The right to withdraw your consent: If we process your data based on your consent, you can withdraw your consent at any time by sending a request to our e-mail info@intersnack.hr without affecting the legality of processing based on that consent.
  • The right to object to the automated processing of personal data and profiling: We use your data to personalize and adapt services and advertising (marketing) materials to you. We personalize services and materials through the creation of profiles that help us understand your interests in more detail. Creating a profile does not in any way limit you in the choice of services we provide.

We apply automated decision-making in such a way that, depending on the created profile or data you have provided, the computer program without human intervention delivers you an offer and/or promotional (marketing) material. The described automated decision-making does not limit you in any way in choosing the services we provide. You have the right to object to automated data processing and profiling at any time.

  • The right to file a complaint with the competent authority: If you believe that the processing of personal data is contrary to the General Data Protection Regulation, you have the right to file a complaint to the competent supervisory authority at any time. In the Republic of Croatia such authority is represented by the Personal Data Protection Agency, Martićeva 14, 10 000 Zagreb.
  • Administrative cost: The service is free of charge, and only in exceptional cases an administrative fee will be charged. In the event that the prerequisites for charging an administrative fee are met, we will inform you of such a cost that we have the right to charge before it occurs based on the General Data Protection Regulation (GDPR).

Notification on personal data breach

In the event of a personal data breach, we will notify you and the competent supervisory authority by e-mail within 72 hours on the extent of the breach, the data involved, the possible impact on our services and our planned measures to secure data and limit any adverse effects on individuals, unless it is unlikely that a breach of personal data will cause a risk to the rights and freedoms of an individual, and in the following cases:

  • if there are technical and organizational protection measures (such as encryption) that have been applied to the personal data affected by the personal data breach, which make the data unintelligible to any person who is not authorized to access it;
  • if we took the follow-up measures to ensure that a high risk to the rights and freedoms of individuals is no longer likely to occur;
  • if this would require a disproportionate effort (in this case, we will inform you through means of public notification or a similar equally effective measure).

A breach of personal data is considered any breach of security that leads to accidental or illegal destruction, loss, alteration, unauthorized disclosure or access to personal data that has been processed, stored or transmitted.

Your Consent

By using this website, you are giving your consent to this Privacy Statement.

Changes of our Privacy Policy

In the event of changes to our Privacy Policy, we will notify you about that on this page and update the Privacy Policy change date below as follows.

This Privacy Policy was modified last time on February 10, 2023.

Further information on data protection with etracker can be found here.