Molitio d.o.o. with its registered office at Spinčićeva ulica 2J, entered in the register of the Commercial Court in Split under MBS: 04678001 OIB: 44727073438 (hereinafter: MOLITIO), must collect and use certain data on individuals in its business. The purpose of this policy is to ensure that MOLITIO fully complies with its legal, organizational, and technical obligations with regard to the protection of personal data.
All MOLITIO employees are fully acquainted with the content of this policy and ensure its application when handling personal data or processing personal data.
Employees whose tasks include the handling of personal data are adequately educated regarding their tasks in relation to personal data protection.
This policy applies to all personal information held by MOLITIO in relation to any person, whether or not they have been, currently are, or will be a customer, supplier, or contact.
This policy is designed to prevent potential harm to MOLITIO and its employees and respondents and to ensure that the processing of personal data by MOLITIO is in full compliance with the law and other regulations.
2. Definition and application
Personal data are all data relating to an identified or identifiable individual, ie an individual who can be identified directly or indirectly, in particular by means of identifiers such as name, identification number, location data, network identifier, or by means of one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that individual.
Processing of personal data means any operation or set of operations performed on personal data or on sets of personal data, whether automated or non-automated means such as collection, recording, organization, structuring, storage, adaptation or modification, withdrawal, retrieval, inspection, use or utilization, disclosure by transmission, dissemination, publication or otherwise making available, harmonization or combination, restriction, deletion or destruction, and the performance of logical, mathematical and other operations with that data.
MOLITIO collects and processes personal data primarily for the purpose of providing services in its business. Therefore
MOLITIO has a need to collect and process certain types of data about individuals who come into contact with MOLITIO (respondents). MOLITIO handles this personal information adequately, regardless of how this information was collected, recorded, stored, and used – on paper or on other material.
At the time of submitting the data of the respondent to the MOLITIO, the respondent agrees that the MOLITIO processes his personal data, in accordance with the indicated purpose. The protection of the privacy of the respondent’s data is permanent, and at any time the respondent may exercise his rights, which are listed and explained below.
MOLITIO collects and processes personal data of respondents in accordance with the Personal Data Protection Act (OG 103/03, 118/06, 41/08, 130/11, 106/12), other Croatian regulations, Directive 95/46 / EC, and the General Regulation and the Protection of Personal Data (GDPR) (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016).
MOLITIO keeps the collected data in an appropriate manner and ensures their confidentiality.
MOLITIO will not pass the collected data to third parties without the permission of the respondent, except in cases when it is necessary to fulfill the legal obligations of MOLITIO, in cases when it is necessary to fulfill tasks performed in the public interest, or in cases when the respondent data, as well as in other competent regulations.
The respondent, in terms of personal data processed for him by MOLITIO, has the following rights:
a) The right to information
The respondent has the right at any time to request information on whether his personal data are being processed and for what purpose, who is the controller, contact details of the data protection officer, which categories of personal data are processed, for what period they are processed or stored, who is the source for obtaining his personal data, who are all recipients of his personal data, as well as the right to be informed of his other rights stated in this policy (right of access, right of rectification, right of deletion, right of restriction of processing, etc.).
b) Right of access
The respondent has the right to receive confirmation from the MOLITIO whether the personal data relating to him are processed, then to gain access to this data and information on:
– purpose of processing,
– categories of personal data processed;
– recipients or categories of recipients to whom the data have been disclosed or will be disclosed;
– if possible, the period for which the data are stored or the criteria by which it is possible to determine that period;
– to request from MOLITIO the correction or deletion of personal data or the restriction of the processing of personal data relating to the respondent or the right to object to such processing;
– the right to lodge a complaint with the supervisory authority;
– if personal data are not collected from respondents, any available information about their source;
– the existence of automated decision-making, which includes the development of profiles, with consequences.
c) Right to correction
The respondent has the right to obtain from the MOLITIO without undue delay the correction of inaccurate personal data relating to him. The respondent has the right to supplement incomplete personal data, including by giving an additional statement.
d) Right to erasure
The respondent has the right to MOLITIO immediately delete personal data relating to him if personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed if the respondent withdraws consent on which the processing is based and there is no other legal basis processing if the respondent objects to the processing if the personal data have been unlawfully processed if the personal data must be deleted in order to comply with a legal obligation under Union law or the law of the Member State to which the MOLITIO is subject if the personal data are collected.
This shall not apply if the processing is necessary (and to the extent necessary) to exercise the right to freedom of expression and information, to comply with a legal obligation requiring processing under Union law or the law of the Member State to which the MOLITIO is subject or to perform a public interest task. or in the exercise of the official authority of MOLITIO, for the public interest in the field of public health, for the purposes of archiving in the public interest, for the purposes of scientific or historical research, for the purpose of setting, realizing, or defending legal claims.
e) The right to lodge a complaint with the supervisory authority
Based on his special situation, the respondent has the right to object at any time to the processing of personal data relating to him, including the creation of profiles, in cases where the processing is necessary to perform a task of public interest or in the exercise of official authority MOLITIO. processing necessary for the legitimate interests of the MOLITIO or a third party. MOLITIO may no longer process personal data unless MOLITIO proves that there are compelling legitimate reasons for processing that go beyond the interests, rights, and freedoms of the respondent or to set, exercise or defend legal claims.
If personal data is processed for the purposes of direct marketing, the respondent has the right at any time to object to the processing of personal data relating to him for the purposes of such marketing, which includes the creation of profiles to the extent associated with such direct marketing.
f) The right to data portability
The respondent has the right to receive personal data relating to him, which he provided to the MOLITIO in a structured, commonly used, and machine format, and has the right, without interference by the MOLITIO, to transfer this data to another controller if the processing is based on his consent and if the processing is carried out automatically.
The respondent has the right to transfer directly from the MOLITIO to another controller if this is technically feasible, and this right must not adversely affect the rights and freedoms of others.
g) Rights related to automatic decision making and profiling
The respondent has the right not to be subject to a decision based solely on automated processing, including the creation of a profile, which produces legal effects relating to him or similarly significantly affects him, unless that decision is necessary for the conclusion or execution contract between the respondent and the MOLITIO if permitted by Union law or the law of the Member State to which the MOLITIO is subject or based on the express consent of the respondent.
h) The right to withdraw consent
The consent of the respondents is one of the legal bases for the processing of data related to the respondents. The respondent has the right to withdraw the consent he has given at any time. Withdrawal of consent does not affect the lawfulness of the data processing that was done before the withdrawal of consent.
i) The right to restrict processing
The respondent has to request a restriction on the processing of his personal data: if he disputes the accuracy of his personal data – for a period necessary for MOLITIO to check that accuracy if the processing of his personal data is illegal and does not request deletion but the only restriction of processing, if MOLITIO no longer needs his personal data, but he needs the existence of the same in order to fulfill his legal requirements, if he has filed an objection to processing he has the right to request a restriction of processing for the period until it is determined whether the legitimate reasons of MOLITIO for processing his reasons from the objection.
In order to exercise their rights, the respondent should contact the Personal Data Protection Officer by sending a written notice or request to the Personal Data Protection Officer Molitio d.o.o., by e-mail using his e-mail address provided by Molitio d.o.o. or by land mail to the address: Spinčićeva ulica 2J, 21000 Split, or by delivering a personal statement directly to the business premises of MOLITIO, with prior notice on the phone number +385 21 553 650, with identification by a valid personal document.
3. Personal data protection officer Molitio
has appointed a personal data protection officer:
Telephone: +385 21 553 650
e-mail address: email@example.com
All questions regarding personal data protection should be addressed to the personal data protection officer.
4. Principles of personal data protection Molitio
considers that the lawful and proper handling of personal data is very important and therefore ensures that personal data is treated lawfully and correctly. For this purpose, MOLITIO fully supports and adheres to the Data Protection Principles.
Data protection principles require that personal data:
– they must process fairly and lawfully and in particular that the conditions specified in the regulations may not be met must not be processed;
– are collected only for one or more specific and lawful purposes and may not be further processed in any way incompatible with those purposes;
– the processing must be adequate, relevant, and not excessive in relation to the purpose or purposes for which they are processed, and the data must be accurate and up-to-date;
– may not be kept longer than necessary for the applicable purpose;
– must be processed in accordance with the rights of the respondents in accordance with the applicable regulations:
– appropriate technical and organizational measures must be taken against unauthorized or illegal processing of personal data and against accidental loss, destruction or damage to personal data;
– may not be transferred to a country or territory outside the EU unless that country or territory ensures an adequate level of protection of the rights and freedoms of respondents with regard to the processing of personal data.
5. Molitio activities regarding Molitio data processing
undertakes the following activities related to data processing:
– fully respects the conditions of fair collection and processing of personal data;
– fulfills the obligation to specify the purpose for which personal data is processed;
– collects and processes adequate personal data and only to the extent necessary to meet operational needs or in accordance with all legal requirements;
– submits all necessary data to the Agency for Personal Data Protection;
– performs a strict check of the length of storage of personal data;
– ensures that the rights of persons whose data are processed can be fully exercised in accordance with the protection of personal data;
– takes appropriate technical and organizational security measures for the protection of personal data;
– ensures that personal data are not transferred abroad without insurance protection;
– treats all persons fairly and equitably, regardless of their age, religion, disability, gender, sexual orientation or ethnicity, when acting in relation to their information requests;
– establishes clear procedures for responding to requests for information.
MOLITIO may publish on its website the content of cookies for advertising and monitoring traffic statistics based on the interests and information of visitors to the MOLITIO website from social networks.
If the respondent uses content on MOLITIO social networks or applications, a cookie from the listed networks and applications could be stored on the respondent’s device from which he accesses the MOLITIO website.
Visitors have the right to exclude cookies. Internet browsers are usually programmed to accept cookies by default, but respondents can easily adjust this by changing their browser settings. If the respondent wishes to restrict or block all cookies that include MOLITIO websites/applications (which may prevent the use of certain parts of the website) or other websites/applications, the respondent may do so in the browser settings.
In case of a personal data breach that is likely to cause a high risk to the rights and freedoms of the respondent, MOLITIO without undue delay notifies the respondent of a personal data breach, unless MOLITIO has taken appropriate technical and organizational protection measures and these measures have been applied to personal data affected by a personal data breach. data, in particular those that make personal data incomprehensible to any person who is not authorized to access it, ie if the MOLITIO has taken subsequent measures to ensure that there is no longer a high risk to the rights and freedoms of respondents or if this would require a disproportionate effort, in which case the MOLITIO will apply public information or a similar measure by which respondents are informed in an equally effective manner.
6. Examination and check
MOLITIO reserves the right to update this policy if necessary to reflect best practice and to ensure compliance with any changes or alterations to the protection of personal data.
Molitio d.o.o. adheres to the applicable regulations in order to protect the privacy of guest and/or user data and in particular the EU General Data Protection Regulation (GDPR).
The user or guest can send a question regarding personal data to e-mail at any time
info@movecroatia or call +385 21 553 650.
What is personal information?
The personal data we use are: Name, Surname, e-mail, Mobile number, Address, Postal code, City, Country, Region, IP address, RFID tags, and cookies on the website, photo, video, OIB.
What type of personal data is collected and processed by Molitio d.o.o.?
When confirming a reservation Molitio d.o.o. will request the following information from the guest: name, surname, e-mail, mobile / telephone number, address, postal code, city, state, region.
When registering a guest or user on the list of recipients of e-mails Molitio d.o.o. will request the following information from the guest: name, surname, e-mail, mobile / phone number, address, postal code, city, country, region, while when registering will also ask for a password and username.
After the person registers as the recipient of the notification, he has access to the profile and the change of the entered data. All data that Users enter by logging in to the list of recipients of e-mails about news and discounts are protected by name and password.
In addition to this information, we automatically collect information from your computer, which may include an IP address, and there are situations in which we automatically collect other types of information such as the date and time of access to www.pinandpin.com, hardware, software, or Internet information. the browser you are using as well as your computer’s operating system and the version of the application and your language settings. We may also collect information about clicks and pages displayed to you. Molitio recommends guests/users to take care of their login password for the website account www.movecroatia.com. We recommend combining uppercase and lowercase letters and numbers when choosing a character combination for a password and be sure to use a password of at least six characters.
For what purpose Molitio d.o.o. collects and processes personal data?
Molitio collects and processes personal data of guests or users in order to conduct a secure authentication of guests or users who access the website www.movecroatia.com, the implementation of contracts for the consumption of services, communication with guests or users, any legal proceedings related to the implementation of the contract, and in part we also apply automated processing processes in order to constantly improve our processes in the interest of guests or users, to make the offer for guests more individual and to adapt our offer of products and services to the habits and needs of guests or users.
Molitio collects and processes personal data of guests or users of notifications about news and discounts for the purpose of sending notifications, invites to participate in contests via e-mail, social networks, or other communication channels, possible legal proceedings related to the implementation of the contract, to create a user profile with the aim of receiving individual information, market research and improving the efficiency and quality of our services.
We do not collect data on children. If we are satisfied that such data has been transferred to us without the consent of the parents or guardians of children under the age of 16, we will remove it without delay.
Minors under the age of 16 may not use the Website www.movecroatia.com. No part of this website is designed to attract anyone under the age of 16.
What is the legal basis for the processing of personal data?
The user who signs up to receive notifications about products and opportunities by entering their data on the website www.pinandpin.com and by double confirming the correctness of the mail address, gives consent to the processing of their personal data. The User may withdraw the consent at any time by notifying the e-mail address of the Personal Data Protection Officer info@movecroatia or by calling +385 21 553 650 (Mon-Fri: 8 am – 4 pm).
With which recipients Molitio d.o.o. share personal information?
Molitio will not share the personal data of the guest or user with other parties, except in cases when this is explicitly prescribed by law and at the request of a public authority.
Processing of personal data in the process of credit and debit card payments
Molitio at the time of payment on the website www.pinandpin.com, as a condition of payment for products and services by credit or debit cards, requires the consent of the guest or user to activate the payment process through an authorized and registered operator of online payment systems by credit or debit cards.
Molitio has taken and will continue to take all measures to ensure that such contractual partner/operator of card processing and payment services (credit or debit) appropriately and fully applies all provisions of the EU General Data Protection Regulation (GDPR). For this purpose, the personal data of the guest or user (name and surname, address, card data) are temporarily stored by the operator, who stores this data in accordance with PCI DSS certification, the highest level of protection and confidentiality. The guest or user activates the process of card processing and payment by confirming (clicking) on the “pay” link. Personal data: name, surname, e-mail, mobile / telephone number, address, postal code, city, country Card data: payment card number
The following data are processed:
– for the purpose of processing transactions initiated by the guest or user;
– for the purposes of providing the Card Storage service, ie for the purpose of electronic storage of personal and card data of the guest or user. The processing of personal data will last as long as necessary for the execution of the Agreement, ie the fulfillment of the purpose of the processing of personal data, as follows:
– for the provision of online authorization services – 13 months from the day of conducting an individual transaction or debit day
– for the provision of the Card Storage service – until the expiration of the duration of an individual payment card, ie the expiration of the deadline provided for the provision of the online authorization service, depending on which occurs later.
The Contracting Partner (operator) gains access to personal data collected by Molitio, ie the Processing Manager who will provide and/or provide access to personal data, while for card data the Processing Manager authorizes the Executor (operator) to collect them on behalf of the Processing Manager. The controller maintains formal control and ownership of the collected personal data, while card data, due to their sensitive nature, is collected and processed exclusively within the system under the control of the Processor, where they are subject to additional levels of protection.
The Seller informs the guest or the user that the Contracting Partner (operator) does not store the security code (CVV) from the (debit, credit) card of the Buyer. CVV is a three-digit or four-digit number that the guest or user enters separately during the card payment process. This number will continue to be entered by the guest or user as an additional security check. Molitio, therefore, warns the guest or user to take care of the information stated on the card so that this information would not be available to third parties and so as not to be misused.
The period in which personal data will be stored
Molitio stores personal data of registered guests or users of the website www.pinandpin.com for the period while the purpose of processing is achieved, which is the period until the moment when the registration is active and six months after the termination of registration of the guest or user in which period complaints from the previous period. Molitio stores the personal data of the Recipient of news and discounts for the period until the purpose of processing is achieved, which is the period until the registration is active, or until the User unsubscribes from the list of recipients of e-mails about news and discounts.
Access and correction of personal data
The guest or user at any time has the opportunity to access their personal data by registering on the site and access to the “profile” where they can review their personal data shared on the site www.pinandpin.com.
The guest or user can request and receive from Molitio complete information about the personal data stored, as well as their correction by sending an e-mail to the e-mail address of the personal data protection officer: firstname.lastname@example.org
Deletion of personal data (right to forget)
The guest or user has the right to request the deletion of personal data at any time (right to forget). The guest or user can do so by requesting the e-mail address of the personal data protection officer email@example.com and the data will be deleted within thirty days. Reservation data via the website remain stored in the account for the reservation in question in accordance with other legal obligations.
The user has the option of submitting a request for deletion in each notification received from Molitio by e-mail, or can send an e-mail to the e-mail address of the personal data protection officer firstname.lastname@example.org stating that his personal data is deleted. Molitio d.o.o. has appointed a Personal Data Protection Officer in accordance with the relevant regulations, whom you can contact in connection with all issues related to the processing of your personal data or the exercise of your rights to personal data protection. Contact: email@example.com or +385 21 553 650 (Mon-Fri: 8 am – 4 pm).
The right to object
If, despite all the measures taken for the protection of personal data, you believe that you have grounds for objection, please contact the e-mail address of the personal data protection officer firstname.lastname@example.org
Security measures for personal data protection
The collected data is in electronic form and protected by an SSL certificate that encrypts the data and thus ensures that communication between the guest’s computer or the user and the site www.pinandpin.com takes place via a secure protocol. Molitio takes data protection seriously and takes various precautions to protect personal data. Unfortunately, no data transmission over the Internet, or any wireless network, can be 100% secure. As a consequence, although Molitio implements reasonable data protection safeguards, it cannot guarantee the protection of any information transmitted to or from the www.movecroatia.com website and is not responsible for the actions of any third party that receives such information.
Does www.movecroatia.com have third-party cookies?
We use several external services that store limited cookies for the user. These cookies are set for the normal functioning of certain features that make it easier for users to access the content as well as share it with other Internet services.
By sharing the content of the site www.movecroatia.com on social networks, it sets cookies.
Measurement of attendance