Privacy Policy

1. Person Responsible for Data Protection

Person who is responsible for data processing on our website:

• DPO

Accessing Our Website

When you visit our website, our servers temporarily save each access in a log file. As with any connection to a web server, the following technical data is recorded and stored without your intervention:

• the IP address of the requesting computer

• the name of the owner of the IP address range (usually your Internet access provider)

• the date and time of access

• the website from which access was made (referrer URL), including any search terms used

• the name and URL of the retrieved file

• the status code (e.g., error message)

• the operating system of your computer

• the browser you use type, version, and language

• the transmission protocol used (e.g., HTTP/1.1)

After 30 days, we automatically anonymize the recorded IP addresses to prevent identification of individual users. This data is collected to facilitate website usage, ensure system security and stability, optimize our internet offering, and for internal statistical purposes. This constitutes our legitimate interest in data processing under Article 6 (1) (f) GDPR.

In cases of attacks on the network infrastructure or unauthorized or abusive use of the website, the IP address and other data may be used for investigation and defense purposes, and, if necessary, used to identify and take civil or criminal action against the users concerned, in accordance with Article 6 (1) (f) GDPR.

3. Use of Our Contact Form

You may use our contact form to get in touch with us. The following information is required: Name, E-mail address and Message

We use this data solely to respond to your contact request in the best and most personalized way possible. This data processing is necessary to fulfill pre-contractual measures or is within our legitimate interest, per Art. 6 Para. 1 lit. b and f GDPR.*

4. Cookies

Cookies help make your visit to our website easier, more pleasant, and more meaningful. Cookies are information files that your web browser stores on your computer’s hard drive when you visit our website. For example, we use cookies to temporarily save your selected services and entries when filling out a form, so you do not have to re-enter information on other pages.

You can configure your browser to refuse cookies or notify you each time a cookie is saved.

Instructions for managing cookies in common browsers:

• Microsoft Windows Internet Explorer

• Microsoft Windows Internet Explorer Mobile

• Mozilla Firefox

• Google Chrome for desktop

• Google Chrome for Mobile

• Apple Safari for desktop

• Apple Safari for Mobile

Disabling cookies may mean that certain features of our website are unavailable.

5. Tracking Tools

a. General

For the purpose of tailoring and optimizing our website, we use Google Analytics, which creates pseudonymized usage profiles and uses cookies. The information generated by these cookies about your use of this website is transmitted to the servers of these service providers and stored there.

We may receive the following additional information:

Navigation path on the site, Duration of stay on the website or subpage, The subpage on which the website was left, Country, region, or city from where access was made, End device (type, version, color depth, resolution, width, and height of the browser window), and returning or new visitor.

This data helps evaluate website use, compile reports on website activity, and provide other services for market research and website optimization purposes. If required by law, this information may be shared with third parties who process it on behalf of ComIt International.

We do not store, keep or resell any data collected through this or any another tool for analytics purpose.

In addition to Google Analytics, we may also utilize other third-party analytics tools to enhance our understanding of user behavior and improve our services.

b. Google Analytics

Google Analytics is provided by Google Inc., a subsidiary of Alphabet Inc, based in the USA. The IP address collected by Google Analytics is anonymized and not combined with other Google data.

For further information, see Google Analytics. You can prevent data processing by this service at:https://tools.google.com/dlpage/gaoptout?hl=en

You have the right to:

• Access your personal data (if there is any)

• Request correction of your personal data (if there is any)

• Request deletion of your personal data (if there is any)

• Object to the processing of your personal data

• Withdraw consent at any time where we rely on your consent to process your personal data

To exercise these rights, please contact our DPO.

6. Email Correspondence

In compliance with Art. 957 ff OR, all business correspondence via email is archived in encrypted form for ten years and deleted thereafter. Email data are stored by Hetnzers servers.

7. Central storage and linking of data

We store the data specified in sections 3-6 in a central electronic data processing system. We base the processing of this data within the framework of the software on our legitimate interest within the meaning of Article 6 (1) (f) GDPR in customer-friendly and efficient customer data management.

8. Disclosure of data to third parties

We only pass on your personal data if you have expressly consented, if there is a legal obligation to do so or if this is necessary to enforce our rights, in particular to enforce claims arising from the contractual relationship. In addition, we pass on your data to third parties to the extent that this is necessary as part of the use of the website and contract processing (also outside the website), namely the processing of your bookings.

A service provider to whom the personal data collected via the website is passed on or who has or may have access to it is our web host Hetzner Online GmbH; Industriestr. 25; 91710 Gunzenhausen; Germany . The data is passed on for the purpose of providing and maintaining the functionality of our website. This is our legitimate interest within the meaning of Article 6 Paragraph 1 Letter f GDPR*.

9. Transfer of personal data abroad

We are entitled to transfer your personal data to third parties (commissioned service providers) abroad for the purposes of the data processing described in this data protection declaration. They are obliged to protect data to the same extent as we are. If the level of data protection in a country does not correspond to that in Serbia or Europe, we contractually ensure that the protection of your personal data corresponds to that in Serbia or the EU at all times.

10. Right to information, correction, deletion and restriction of processing; Right to data portability

You have the right to request information about the personal data we store about you. In addition, you have the right to correct incorrect data and the right to delete your personal data, provided that this does not conflict with a legal retention requirement or a permit that allows us to process the data.

You also have the right to request that we return the data that you have given us (right to data portability). You have the right to receive the data in a common file format.

Requests to exercise the rights of data subjects are accepted via the websites (contact data protection). In order to process your requests, we require proof of identity of the person making the request.

11. Data Securty

We use appropriate technical and organizational security measures to protect your personal data stored by us against manipulation, partial or complete loss and against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

You should always keep your access data confidential and close the browser window when you have finished communicating with us, especially if you share the computer with others.

We also take internal company data protection very seriously. We have obliged our employees and the service companies we commission to maintain confidentiality and to comply with data protection regulations.

12. Note on data transfers to the USA

For reasons of completeness, we would like to point out to users with residence or registered office in Serbia that there are surveillance measures in place by US authorities in the USA, which generally require the storage of all personal data of all persons whose data was transferred from Serbia to the USA. enabled. This is done without differentiation, limitation or exception based on the objective pursued and without an objective criterion that makes it possible to limit the US authorities’ access to the data and their subsequent use to very specific, strictly limited purposes that are consistent with both the access to this data and the intervention associated with its use.

We would also like to point out that there are no legal remedies in the USA for data subjects from Serbia that would allow them to gain access to the data concerning them and to obtain its correction or deletion, or no effective judicial protection against general US authorities have access rights. We explicitly inform those affected of this legal and factual situation in order to make an appropriately informed decision to consent to the use of their data.

We would like to point out to users residing in a member state of the EU that, from the perspective of the European Union – due, among other things, to the issues mentioned in this section – the USA does not have an adequate level of data protection. To the extent that we have explained in this data protection declaration that recipients of data (such as Google) are based in the USA, we will either establish contractual arrangements with these companies or by ensuring that these companies are certified under the EU or Serbia-US -Privacy Shield ensure that your data is protected with an appropriate level by our partners.

Effective Date: 01.10.2024

https://gdpr-info.eu/