Statement on personal data protection
We undertake to protect the personal data of customers by collecting only basic information about customers / users that is necessary to fulfill obligations. The data will not be misused nor will it be left to a third party without the consent of the buyer (except for the data necessary for business partners to deliver the purchased product).
User data is strictly kept and is available only to employees who need this data to do their job. Our employees are responsible for respecting the principles of privacy protection.
As the company Sretan planet j.d.o.o., we do not record your credit card number or store transaction data, and we use the services of a third party, an authorized bank, which protects your data with encryption to collect credit cards.
The following discloses our information gathering, use and dissemination practices solely for the Website located at www.bepure.hr (the "Website").
If you want to ask us anything about these terms and conditions or have any comments on or about our website, please email our customer service at email@example.com.
What Personal Data we collect?
We collect Personal Information from you when you provide it to us directly and through your use of the Website, including when you register with us, purchase products, review products, participate in our interactive features or otherwise interact with us on the Website. This information may include:
- Information you provide to us when you use our Website (e.g. your name, contact details, gender, product reviews, and any information which you add to your account profile).
- Email address (Records of your interactions with us - if you contact our customer service team, register to our Website or make purchase).
- Transaction and billing information if you make any purchases from us or using our Website (e.g. credit/debit card details and delivery information).
- User name (if you register on our Website)
- Information collected automatically, using cookies and other tracking technologies (e.g. which pages you viewed and whether you clicked on a link in one of our email updates).
The General Data Protection Regulation (GDPR) is a European law that manages all the collection and processing of personal data of individuals within the EU.
According to the GDPR, it is the legal responsibility of Us to secure the collection and processing of personal data according to the law.
With the General Data Protection Regulation (GDPR), we want to ensure that you fully understand the information we hold about you and the reasons we hold it.
We collect your data:
- When you create an account.
- When you visit our website and use your account to place an order.
- When you contact us through an email.
- When you sign up to our newsletter.
- When you review our products.
- When you’ve given a third party permission to share the information they hold about you with us (e.g. card information).
How is Your Personal Data Used?
We will not collect any personal data from you we do not need to provide and oversee this service to you. No third parties have access to your personal data unless the law allows them to do so.
Your information is used primarily to process your order. If your order is to be delivered to you, we will share your name and address details with our courier company.
Depending on how you use our Website, your interactions with us, and the permissions you give us, the purposes for which we use your personal data include:
- To fulfill your order and maintain your online account.
- To manage and respond to any queries or complaints to our customer service team.
- To personalize the Website to you and show you content we think you will be most interested in, based on your account information, your purchase history and your browsing activity.
- To improve and maintain the Website, and monitor its usage.
- For market research, e.g. your Data will be used to contact you regarding surveys and feedback which help improve our service to you.
- To provide you with marketing information about our content, products, and services. If you have consented to receive marketing material from us, you may unsubscribe at any time.
- For security purposes, to investigate fraud and where necessary to protect ourselves and third parties. Your data will be shared with the relevant authorities in any cases of fraud or theft.
- To comply with our legal and regulatory obligations.
How do we protect your data?
Our website is secured by “https” technology.
We do not store any card details, these are all held and processed by our third party providers (PayPal).
When paying at our online store, you use CorvusPay - an advanced system for secure acceptance of payment cards online.
CorvusPay ensures the complete confidentiality of your card data from the moment you enter it in the CorvusPay payment form. Payment information is encrypted and transmitted from your web browser to the bank that issued your card. Our store never comes in contact with complete information about your payment card. Also, data is inaccessible even to CorvusPay system employees. The isolated core independently transmits and manages sensitive data, keeping it completely secure.
The form for entering payment data is provided with the SSL transport code of the highest reliability. All stored data is additionally protected by encryption, using a cryptographic device certified according to the FIPS 140-2 Level 3 standard. CorvusPay meets all the requirements related to the security of online payments prescribed by leading card brands, it operates in accordance with the standard - PCI DSS Level 1 - the highest security standard of the payment card industry. When paying with cards included in the 3-D Secure program, your bank, in addition to the validity of the card itself, additionally confirms your identity with a token or password.
Corvus Info considers all collected information to be a bank secret and treats it accordingly. The information is used exclusively for the purposes for which it is intended. Your sensitive data is completely secure, and its privacy is guaranteed by the most modern security mechanisms. Only the data necessary to perform the work in accordance with the prescribed demanding procedures for online payment are collected.
The security controls and operating procedures applied to our infrastructure ensure the current reliability of the CorvusPay system. In addition, by maintaining strict access control, regular security monitoring and in-depth checks to prevent network vulnerabilities, and planned implementation of information security provisions, they permanently maintain and improve the level of system security by protecting your card data.
How long do we keep your data?
We will never keep your data longer than necessary. Order details will be kept on file indefinitely to ensure we can contact you in case of an issue.
Under the new GDPR, you are entitled to:
You have certain rights in respect of your personal data, including the right to access and correct your personal data, and, in specific circumstances, to transfer your personal data to another entity in a commonly-used format.
You have the right to object to your personal data being used for certain purposes, like marketing. You can opt-out of marketing at any time.
You have the right to request erasure of your personal data. This includes erasing your personal data when our purposes for processing your personal data have come to an end.
You have the right to request erasure of your personal data if you object to our processing of your personal data based on legitimate interests and we have no overriding legitimate grounds to continue to process your personal data.
You also have the right to request erasure of your personal data when our processing was based on your consent which you have withdrawn.
If you have any questions or concerns regarding your personal data, contact us at firstname.lastname@example.org.