Data we collect

We collect data from users and any third party who visits our website https://neon-tech.eu and uses the services we provide through the website, exclusively in the manner described in this privacy policy. During data collection, there is a possibility of collecting “Personal Data” of users, as defined by the General Data Protection Regulation of the European Parliament and Council from April 27, 2016, number 2016/679 (GDPR Regulation). When we use the term “Data” in this policy, we describe both “Personal Data” and any other data we collect from users or third parties on our website. We collect data in the following ways:

  • Registration Data: a user is any person who creates a user account in accordance with our General Terms of Service (hereinafter: General Terms). During registration, the user enters the data listed in our General Terms. Where possible, the user is informed that certain data is not mandatory. However, if the data is mandatory, the user cannot create a user account without entering this data. User Data: to create a user account, the user enters their email address, phone number, password, internet domain, and/or similar user data. Additionally, a user who purchases a product or starts the purchase process provides us with data to create an invoice, such as a credit card, bank details, postal address, and potentially a Personal Identification Number if it is an R1 business account.
  • Email for the purpose of delivering our special offers. The email is stored in our “newsletter” database and is automatically delivered to all contacts in the database. Along with the email, instructions on how you can request the deletion of your data from the database and stop further email delivery are always provided.
  • Login Data: our servers automatically collect data when a user or third party accesses our site and services and stores them in so-called “log file” files. This “log file” may contain “Internet Protocol (IP)” address, the address of the website that referred to our site, internet browser and its settings, the date and time the service was used, browser settings, language preferences, and cookies. We collect location data of users and third parties who visit our site.
  • Cookies: We use cookies and similar technologies to collect data on our website. For more information, see our Cookie Policy.
  • Third-Party Services: We may have third-party software implemented on our website. Such software includes social networks, advertising, content search engines, payment service providers, etc.
  • Additional Information: We collect any data you send us via email. We retain data from emails if necessary to provide services or respond to your inquiry. We strive to verify the identity of the person for data received in this way to ensure the application of the transparency principle. We may also collect and process any other data you provide to us in writing, via social networks, job applications, etc.

Legal basis for processing personal data

We collect and process personal data always in accordance with the legal norms of the Republic of Croatia and the European Union. Every user who creates a user account must accept our Privacy Policy. Personal data is always collected in accordance with this Privacy Policy and the General Terms. The most common legal basis is user consent. The user gives consent before creating a user account. Users and third parties are always asked when accessing our site to accept the use of cookies when their consent is required. In a limited amount, it is sometimes inevitable to collect a small amount of cookies, so-called “technical cookies,” even when the user or third party has not accepted the cookies. Such collected data does not contain personal data that is processed.

Email for data processing inquiries

Any of our users or third parties who access our site can contact us via email at [email protected] for information on the processing of their personal data. We will respond within 30 days to any inquiry we can answer and provide information we are required to provide. Such information includes: information on the data we collect and process, data we can delete, information on consent and how to withdraw consent, etc.

How we process personal data

We always process personal data lawfully, with efforts to ensure transparent information. We process data in accordance with the Privacy Policy and General Terms, and especially in accordance with the GDPR Regulation. The most common legal basis is consent. However, sometimes the legal basis is a legitimate interest in providing our services. More precisely, we process data:

  • to provide, improve, maintain, or protect our service, website, and business. This includes data processing to perform our service in accordance with the General Terms, preventing deficiencies, errors, security breaches, and technical difficulties,
  • to analyze and monitor usage, trends, and other user activities, as prescribed by law or other legally binding act,
  • to communicate with users, respond to their requests, comments, and questions,
  • to develop and provide new services and products and new opportunities for our users,
  • to offer users new services, inform them about new services, benefits, promotions, via email, other mail, or telephone communication,
  • for billing, processing invoices, and other administrative purposes when prescribed by law,
  • to investigate and prevent security issues and misuse.

Data disclosure

It may happen that we disclose or share user data with third parties in the following cases:

  • explicit user consent, where we share data only to the extent the user has consented,
  • when we have contests or competitions and the user wins a prize, in accordance with the General Terms, the user is required to provide us with personal data such as name, surname, address, passport number or ID card number, allowing us to see the photo, passport, or ID card, and send us a photo with the won prize or similar. We will share and disclose only the data about the name, surname, and city or country of the user who won the prize, and the user’s photo only when they consent,
  • if we use a third party to perform our obligations or as a business partner for personal data processing. Third parties may provide us with services such as delivery, IT services, data storage, etc. We always sign data protection agreements with such third parties,
  • if a government body requests us to provide certain data about our users in accordance with legal provisions, provided we have no justifiable reason to suspect that such disclosure is not in accordance with the law or other regulation,
  • to exercise our rights, prevent fraud, and ensure security, including exercising rights under the contract.

User rights

It may happen that we disclose or share user data with third parties in the following cases:

  • Right of Access: You have the right to obtain confirmation whether personal data concerning you is being processed and, if so, access to personal data and the following information: purpose of processing, categories of personal data, recipients to whom personal data have been disclosed, and the retention period.
  • Right to Rectification: You have the right to obtain without undue delay the rectification of inaccurate personal data concerning you.
  • Right to Erasure: You have the right to request the deletion of personal data concerning you, and such data will be deleted if the legal conditions are met; if the conditions are not met, you will be informed why the data cannot be deleted.
  • Right to Restriction of Processing: You have the right to obtain the restriction of processing if the preconditions defined in GDPR Article 18 are met.
  • Right to Data Portability: You have the right to receive personal data concerning you, in a structured, commonly used, and machine-readable format, and you have the right to transfer those data to another data controller if the data processing is based on consent or a contract and if the processing is carried out by automated means.
  • Right to Object: You have the right to object at any time, based on your particular situation, to the processing of personal data concerning you. Objections are submitted via email to [email protected], with the subject “Objection to Data Processing.”
  • You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

How we protect your data

We have taken appropriate technical and organizational security measures to protect all personal data in our databases from loss and unauthorized access. All our business partners are contractually obligated to protect the personal data of our users. Additionally, each of our employees is committed to keeping all personal data as a business secret.

Data retention periods

We retain data based on consent permanently or until such consent is withdrawn. At any time, you have the right to inform us that you are withdrawing your consent for data processing. Along with withdrawing consent, you can request the deletion of your personal data and other rights under the General Data Protection Regulation. We are required to retain some personal data according to applicable regulations. For example, we are required to retain personal data related to invoice issuance for a period of 11 years. At any time, you have the right to be informed why certain data cannot be deleted. After the retention period expires, we permanently delete or anonymize personal data so they can no longer be linked to you.