Personal data and privacy
Law firm Glinska & Mišković d.o.o., Ulica grada Vukovara 269f, 10 000 Zagreb, OIB: 23426318088 (hereinafter: “GM” or “Data controller”) considers the protection of your personal data to be of the highest priority and protects your personal data as strictly confidential.
- General information
GM, as Data controller, processes personal data in accordance with the provisions of EU Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, hereinafter: “GDPR”), the Act on Implementation of the General Regulation on Data Protection (Official Gazette 42/2018) and other applicable legal regulations governing the subject area.
- Personal data we collect
GM collects and processes personal data related to the provision of legal services, personal data collected in the recruitment process, personal data collected during your visit to our website, personal data collected through video surveillance.
- Personal data we collect with regards to provision of legal services
During the provision of legal services, we collect and further process the following personal data relating to potential or existing parties and their counterparties: name, postal address, personal identification number, date / place of birth, identification document, telephone / fax number, e-mail address, their function, payment information, bank account or financial condition information, and other details related to potential or actual transactions, disputes, or other matters.
Also, in regular business contacts between our law firm and other business associates (e.g., other advisors, court interpreters, etc.), we may collect personal information from those other associates and / or their agents. The personal information collected typically includes name, mailing address, telephone / fax number, email address, and function. This type of information is usually collected through personal contacts (e.g. by exchanging business cards) and / or further communication (e.g. by e-mail or telephone).
- Personal data collected during the recruiting process
Personal data collected in this regard includes data collected on the basis of open job applications or CV data and / or other information that the CV usually contains and / or usually related to interviews in the recruitment process such as name, postal address, personal identification number, date / place of birth, telephone / fax number, e-mail address, information on education and previous work experience and photographs.
If a candidate has not been offered a job on a particular occasion, with the consent of that candidate, the personal data collected may be stored in our database for future consideration.
- Personal data collected through video-surveillance
Our business premises are under video surveillance to ensure adequate protection of persons and property. Therefore, we may collect personal data or video images of our visitors through video surveillance, including potential and / or existing parties and their representatives, counterparties and their representatives, other business partners and service providers.
- Personal data collected during your visit to this web page
When visiting our website and using certain functionalities of our website, we collect and further process your personal data such as IP address, which Internet browsers you use and the time of your visit to our website.
- Legal basis of data processing
GM is collecting personal data on the following legal basis:
- fulfillment of our contractual obligations or on the basis of the power of attorney provided by the Data subject;
- if the processing is necessary for the legitimate interests of the GM or a third party (e.g. video surveillance and maintenance of our website);
III. when necessary to comply with GM’s legal obligations as a controller (e.g. anti-money laundering compliance);
- for any additional purposes based on consent when data subjects access our website or otherwise provide us with personal information (e.g. through a job application).
- The purposes of data processing
GM utilizes the aforementioned data for the following purposes:
- for the purpose of providing legal services;
- for the purpose of compliance with legal obligations;
iii. for employment purposes;
- for the purpose of protection of persons and property;
- for the purpose of contacting data subjects, if necessary or appropriate;
- for the purpose of managing and maintaining our website;
vii. for the purpose of enforcement of our claims.
GM will process only personal data that are appropriate, relevant and limited to what is necessary in relation to the purposes for which the personal data are processed.
GM undertakes appropriate and reasonable measures to ensure that the personal data it processes are accurate and up-to-date and also undertakes organizational, personnel and technical measures to protect personal data.
- More information about “cookies”
- Forwarding personal data to third parties
With regards to the aforementioned purpose, your personal data can be forwarded to the following categories of persons:
- relevant services and public authorities when required by applicable law or in good faith (e.g. to comply with the law or during legal proceedings against GM; to protect and defend the rights or property of GM or, in urgent circumstances, to protecting the personal safety of GM clients or the public);
- entities that maintain our information systems;
iii. persons authorized by GM to process personal Data, who are subject to an appropriate legal obligation of confidentiality (GM associates, who are subject to an appropriate obligation of confidentiality);
If we transfer personal data outside the European Economic Area, we will, as required by applicable laws and regulations, ensure that the rights of data subjects are adequately protected by appropriate safeguards such as standard contractual clauses.
GM will process your Personal Data only for the time necessary to achieve the purposes described above, i.e. in accordance with the minimum legal retention periods set by certain regulations as follows:
- Accounting Act (Official Gazette no. 78/15, 134/15, 120/16, 116/18, 42/20, 47/20) – 1 years;
- The Law on the Legal Profession (Official Gazette no. 09/94, 117/08, 50/09, 75/09, 18/11 – 10 years);
- Anti-Money Laundering and Terrorism Financing Act (Official Gazette no. 108/17, 39/19) – 5 years/10 years.
Once personal information is no longer required for the purpose for which it was collected, we will delete or anonymize that personal information so that it is no longer in a form that allows the identification of respondents.
- The rights of data subjects
As a client or in general as a data subject under the GDPR, and subject to a relationship of confidentiality between a lawyer and a client, you have the following rights:
- The right of access to one’s personal data (obtain confirmation as to whether or not personal data relating to the data subject in question are processed and, if applicable, access to such personal data);
- The right to rectify personal data (the right to request the correction or supplementation of any personal data if it is found to be inaccurate or incomplete);
- The right to withdraw consent if processing takes place on the basis of consent;
- The right to delete personal data (the right to request the deletion of personal data if they are no longer necessary for processing for a specific purpose);
- The right to transfer personal data (the right to request GM to provide you with personal data and, if possible, to transfer personal data directly to another controller, if applicable);
- The right to limit processing;
- The right to object;
- The right to complain to the supervisory authority.
In the event that data subjects decide to exercise one of the above rights, GM will act without undue delay at the request of the data subject and we will provide information on actions taken without undue delay and in any case within one month of receiving the request.
If the data subject’s requests are obviously unfounded or excessive, especially due to their frequent repetition, we reserve the right to:
- charge a reasonable fee taking into account the administrative costs of providing the information or notification or handling the request; or
- refuse to act upon request.
- Security measures used for the protection of personal data
Please note that we have taken and are taking appropriate organizational and technical measures to ensure the protection of your personal data, in particular from unauthorized, illegal or accidental access, processing, loss, use and unauthorized alteration.
Despite our efforts to ensure a reasonably high standard of due diligence at all times, we cannot rule out that other persons will access or use the information you have provided online. In addition, we cannot assume any responsibility for the disclosure of data in the event of data transmission errors and / or unauthorized access by third parties that we did not cause (e.g. hacking of e-mail or telephone accounts, interception of fax messages).
- Contact information
In case you have any questions feel free to contact us at firstname.lastname@example.org.
You can also contact the Personal Data Protection Agency of the Republic of Croatia at the telephone number 00385 (0) 1 4609-000 or by e-mail email@example.com or at the address Agency for Personal Data Protection, Martićeva ulica 14, HR – 10 000 Zagreb, Croatia.
Published on 12 April 2021