Privacy Policy

General Information

This Privacy Policy explains what personal data we collect through this website and in connection with our services, how we process, use, and protect that data, and what your rights are under the General Data Protection Regulation (GDPR) and applicable laws of the Republic of Croatia. The Privacy Policy is written in plain and understandable language in accordance with the guidelines of the Personal Data Protection Agency (AZOP).

The data controller is:

  • Name: Augustini d.o.o.
  • Registered office: Bani 102, Buzin, 10010 Zagreb
  • OIB (Tax ID): 71823033614
  • Phone: +385 (0)1 66 08 886
  • Email: igurnost.podataka@augustini.hr
  • Website: https://augustini.hr/

Types of data we process

Through this website and in the course of our business activities, we may process the following categories of personal data:

  • Contact data: first and last name, email address, phone number, company name, job title, address.
  • Inquiry and offer data: message content, project details, files you voluntarily provide to us.
  • Service delivery data: information required for preparing quotes, contracts, invoices, and delivery notes.
  • Website usage data: IP address, date and time of access, browser and device information, cookie and analytics data, if active.
  • Newsletter / marketing communications data (if applicable): first and last name, email address, communication preferences.

We process only the data that is necessary for achieving the purpose of processing and that has been collected lawfully and transparently.

Purposes and legal bases of processing

We process your personal data for the following purposes and on the following legal bases:

  • Responding to inquiries and requests
    • Purpose: processing inquiries submitted via contact form, email, or phone; providing information and preparing quotes.
    • Legal basis: our legitimate interest in communicating with existing and potential clients and, where necessary, taking steps at your request prior to entering into a contract (Art. 6(1)(f) and (b) GDPR).
  • Contract performance and service delivery
    • Purpose: entering into and performing contracts, preparing orders, invoices, and documentation.
    • Legal basis: performance of a contract to which you are a party or taking steps at your request prior to entering into a contract (Art. 6(1)(b) GDPR).
  • Compliance with legal obligations
    • Purpose: keeping business records, issuing invoices, retaining documentation, etc.
    • Legal basis: compliance with legal obligations arising from Croatian tax and accounting regulations (Art. 6(1)(c) GDPR).
  • Sending newsletters and marketing communications (if applicable)
    • Purpose: informing about news, services, promotions, and events.
    • Legal basis: your consent, which you may withdraw at any time.
  • Website analytics and service improvement (if using analytics)
    • Purpose: tracking website visits and user behaviour to optimize content and functionality.
    • Legal basis: our legitimate interest in improving services or consent, depending on how cookies and analytics tools are configured.

Who we share your data with

We may share your personal data only with recipients who are necessary for achieving the above-mentioned purposes, in accordance with the principles of confidentiality and data minimisation.

Potential categories of recipients include:

  • Hosting and website maintenance service providers.
  • External partners (e.g. accounting services, IT support, marketing agencies) with whom we have signed appropriate data processing agreements (DPA).
  • Competent public authorities, when required or necessary by law for conducting legal proceedings.

We do not sell, rent, or transfer personal data to third parties for their own independent marketing purposes. Data is not transferred to third countries outside the EU/EEA; if such a transfer were to occur, it would be subject to adequate safeguards prescribed by the GDPR.

Data retention period

We retain personal data only for as long as necessary to fulfil the purpose for which it is processed or as required by applicable regulations.

Indicatively:

  • Contact data: up to 1 year after the last communication, unless a business relationship has been established.
  • Client data and billing data: at least 11 years in accordance with Croatian accounting regulations.
  • Newsletter / marketing data (if applicable): until consent is withdrawn or subscription cancelled.
  • Technical and analytics data (logs, cookies): in accordance with internal rules and cookie policies, usually a few months, unless a shorter or longer retention period is necessary for security reasons.

Upon expiry of the retention period, personal data is deleted, anonymised, or archived in a secure manner, where a legal obligation exists.

Cookies and third-party tools

This website may use cookies and similar technologies to ensure proper functioning, improve user experience, and analyse traffic.

  • Essential cookies: required for the website to function properly and cannot be excluded from our systems.
  • Analytics cookies (e.g. Google Analytics – if used): used to track visits and usage patterns, usually based on user consent.
  • Marketing cookies (if used): used to display targeted ads and measure campaign effectiveness.

Detailed information about cookie usage, retention periods, and management options can be found in our separate Cookie Policy.

Data protection measures

We implement appropriate technical and organisational security measures to ensure confidentiality, integrity, and availability of personal data. These include, among other things:

  • Controlled access to systems and data (passwords, authorisations).
  • Use of secure backups and antivirus protection.
  • We work only with reliable service providers who apply appropriate protection measures.

All persons who process personal data on our behalf are obliged to maintain confidentiality and act in accordance with applicable regulations and our internal procedures.

Your rights

Under the GDPR, you have the following rights in relation to the processing of your personal data:

  • Right of access: you have the right to know what personal data we process about you and to request access to that data.
  • Right to rectification: you have the right to request correction of inaccurate or completion of incomplete data.
  • Right to erasure (“right to be forgotten”): you have the right to request deletion of personal data when it is no longer necessary for the purposes for which it was collected and when you withdraw consent, provided there is no other legal basis for processing.
  • Right to restriction of processing: in certain situations you may request restriction of processing.
  • Right to data portability: where processing is based on consent or contract and is carried out automatically, you may request transfer of your data to another controller.
  • Right to object: you have the right to object to processing based on legitimate interest, including profiling.
  • If the processing is based on consent, you have the right to withdraw your consent at any time, without affecting the lawfulness of processing carried out before its withdrawal.

To exercise your rights, you can contact us using the details listed in the “General Information” section of this Privacy Policy. We will respond to your request without undue delay, and no later than the period specified under the GDPR.

You also have the right to lodge a complaint with the supervisory authority — the Croatian Personal Data Protection Agency (AZOP), Selska cesta 136, 10000 Zagreb, email: azop@azop.hr, website: https://azop.hr.

Changes to the Privacy Policy

We reserve the right to amend this Privacy Policy whenever necessary, for example due to changes in our services, technology, or applicable legislation. The updated version will always be published on this website with the effective date indicated.
 
24 April 2026