GENERAL PERSONAL DATA PROTECTION CONDITIONS
While conducting payments on our web shop you are using HT Pay Way – an advanced system for secure acceptanc eof credit cards on the Internet.
HT Pay Way ensures complete privacy of your credit card data from the moment you type the m in tot he HT Pay Way payment form. Data required for billing is forwarded encrypted from your web browser to the bank that issued your payment card. Our store never comes into contact with your sensitive payment card data. Similarly, HT Pay Way operators cannot access your complete cardholder data. An isolated system core independently transmits and manages sensitive data while at the same time keeping it completely safe.
The form for entering paymentd ata is secured by an SSL transmission cipher of the greatest reliability. HT Pay Way fulfills all of the requirements for safe online payment prescribed by the leading credit card brands, operating in compliance to the PCI DSS Level 1 standard-the highest security standard of the payment card industry. Payments made by cards enroled with the 3-D Secure program are further authenticated by the issuing bank, confirming your identity through the use of a token or a password.
All information collected by HT Pay Way is considered a banking secret and treated accordingly. The information is used exclusively for the purposes for whicht hey were intended.Your sensitive data is fullys ecure and it’s privacy is guaranteed by the state of the art safeguard mechanisms. We collect only the data necessary for performing the work in accordance with the demanding prescribed procedures for online payment.
Security controls and operating procedures applied within the HT Pay Way infrastructure not only ensure current reliability of HT Pay Way but permanently maintain and enhance the security levels of protecting your credit card information by maintaining strict access controls, regular security andin-depth system checks for preventing network vulnerabilities.
DATA PROTECTION INFORMATION
MALEZA d.o.o. acts as the controller of personal data and collects it for sales contract fulfilment, product delivery, sales documentation, technical support and credit or debit card payment authorisation for which legal basis is laid down in Article 6(1)(b) of the General Data Protection Regulation. In other words, data processing is necessary for contract fulfilment in which the data subject is a party or in order to take action on the data subject’s request before the contract is concluded.
Furthermore, personal data is processed in order to store orders made by the buyers, to identify specific users and to analyse business activity for which the basis is laid down in Article 6(1)(f) of the General Data Protection Regulation, since data processing is necessary for the need to legitimately improve business activity and adapt according to the market needs.
In special cases, if you have given us your permission, your contact data can be used for direct marketing for which the legal basis is laid down in Article 6(1)(a) which states that the data subject has given their consent for personal data processing for one or more specific purposes.
With this privacy statement’s entry into force it is possible for existing users to receive an email from us in which you are asked to agree to receive our notifications via email, phone, SMS or e-messages because we cannot validate or locate in the archive your preferred method of contact, so we kindly ask of you to give us permission clearly and unambiguously if you want to continue receiving our promotions, or we will not be able to continue messaging you about them.
If you as a user have any questions regarding personal data protection, you can contact MALEZA d.o.o., located in Zagreb, Crvenog kriza 15 directly, or you can contact our data protection support via: firstname.lastname@example.org
The user as a data subject is responsible and obligated to browse and study www.maleza.hr.before sharing any personal data.
Processed personal data and personal data usage
On our website, www.maleza.hr, MALEZA d.o.o. collects the following personal subject data:
- name and surname,
- telephone number,
- email address,
- shipping address,
- billing address,
- postal code,
- date of birth,
- company and personal identification number (companies only).
Insight into personal user data can be granted to, when conducting their scope of work concerning buying and selling which users make with MALEZA d.o.o., legal persons that take part in sales contract fulfilment, for example delivery agencies, accounting agencies, IT support and similar with whom we determine the scope and the means of personal data protection through contractual agreements.
MALEZA d.o.o. can give the listed information to third parties in order to fulfil the contract, protect the users’ and MALEZA d.o.o.‘s interests and to stop the potential abuse, in order to get the best possible insight and understanding into individual user needs and requests, as well as to develop the highest possible quality of service provision by MALEZA d.o.o., which should result in increased user satisfaction for which legal basis is the legitimate interest of the controller described in Article 6(1)(f) of the General Data Protection Regulation.
Personal data storage
MALEZA d.o.o. will ensure that the personal user data is kept on a safe location (which includes a reasonable administrative, technical and physical protection in order to prevent unauthorised use, access, disclosure, copying or modification of personal data), access to which will be granted only to authorised MALEZA d.o.o. personnel.
MALEZA d.o.o. does not record or store users’ transaction data needed for card payment. MALEZA d.o.o. will protect personal data to the extent laid down in specific legal regulations (for example, data on financial transactions is stored for 11 years, as laid down by the Accounting Act) or until the right to use the data is repealed as per the data subjects’ wish if it does not interfere with the legal regulations.
The controller has taken the technical, personnel and organisational personal data protection measures necessary to protect personal data from accidental loss or destruction and from unauthorised access, modification, publication or any other form of abuse and has determined that it is the obligation of data processing personnel to sign a non-disclosure agreement.
Information regarding your rights
In accordance with applicable regulations on data privacy protection, you have the following rights:
- The right to information on your stored personal data
- The right to request corrections, erasure or restricted use of your personal data
- The right to objection to data processing for our own legitimate interest, public interest or profiling, except if we can prove that there are convincing, justified reasons above your interests, rights and freedoms, or that such processing is carried out because of validation, application or defence of legal requirements
- The right of data transmission
- The right to file a complaint to the Personal Data Protection Agency.
- At any point in time you can withdraw your consent regarding your personal data collection, processing or usage. For further info, read above to find out more on data processing based on your consent.
If you have any questions regarding your rights, you can contact our data protection support at: email@example.com
You will receive a response no later than 30 days after the filing date.
MALEZA d.o.o. finds personal data protection extremely important and has taken a number of precautions in order to protect the users’ personal data. The users can access their personal data on www.maleza.hr with a password and an email address.
Links to other websites
This Data Protection Information applies only to usage of data that MALEZA d.o.o. collects from data subjects.
Other websites that can be accessed via www.maleza.hr have their own confidentiality agreements and privacy policies. If a user visits another website through wwww.maleza.hr, MALEZA d.o.o. advises users to check the data confidentiality agreement of the website, since MALEZA d.o.o. is not responsible for conditions of work of other websites.
Together with personal data, MALEZA d.o.o. can gather users’ data that cannot be used to identify them, and are not considered to be personal data (such as data related to website usage, data about user’s computer, internet service provider, preferences, hobbies, interests, activities), that help MALEZA d.o.o. to design data presented to its users with better quality, accuracy and personal touch, to improve the website and for additional managing and adjustment of its content in order to meet user’s needs. Based on this data, MALEZA d.o.o. learns what content is more popular with certain types of users.
Cookies in users’ browsers allow MALEZA d.o.o. to provide adequate functionality of all features of the internet portal, to adjust certain content specifically to the needs of each individual user, and to constantly improve the Portal based on the visits analysis.
What is a cookie?
A Cookie is information stored on the user’s computer by a website that they have visited. Cookies normally save the user’s preferences and settings for the website, such as the preferred language or address. When a user visits the same website afterwards, their internet browser sends back the Cookies that belong to this site. This feature enables MALEZA d.o.o. to show information adjusted to each individual user’s needs.
Cookies can store a wide range of information, including personal information (such as the user’s name or e-mail address). However, this information can be saved only when the user enables the feature – websites cannot gain access to information that user did not give permission for, and they cannot access other files on the user’s computer. The default activities for storing and sending Cookies are not visible to users. However, the user can alter their internet browser settings in such a way that they can chose whether they want to approve or reject requests for storing Cookies, by deleting the saved Cookies automatically when the internet browser is closed, and the like.
Besides personal data, MALEZA d.o.o. can ask for other data from data subjects through which data subjects can be identified, but is not considered personal data (for example data on website usage, computer data, internet provider data, preferences, hobbies, interests, activities) and which provide MALEZA d.o.o. with higher quality, more precise and more personalised content for users, better websites and additional content customization for users. Based on these data, MALEZA d.o.o. gains information on the most popular content among specific users.
Changes in the Data Protection Information