IKOM Industry of communal equipment and measuring devices, a joint stock company (hereinafter referred to as IKOM or Data Controller) respects privacy and protects the personal data of its users in accordance with the General Data Protection Regulation (EU) 679/2016.
This Privacy Policy (hereinafter: Policy) governs the manner of data collection, data processing, purposes of data collection, and the rights of data subjects regarding the data processed by IKOM.
The purpose of the Policy is to clearly and transparently inform data subjects about the procedures for processing their personal data and their rights.
The term 'user' or 'data subject' in this Policy refers to all individuals to whom IKOM provides or has provided services, as well as all other individuals who have given their consent to the processing of personal data.
For the protection of personal data, the Data Controller is IKOM Industrija komunalne opreme i mjerila, a joint stock company, VAT ID: 86247075815, Kovinska ulica 7, Zagreb, info@ikom-mjerila.hr.
IKOM is a company registered in accordance with the positive regulations of the Republic of Croatia, engaged in the production and sale of water meters, as well as related products (meter fittings, various types of cabinets for gas and water meters, and remote reading systems, etc.), and provides services for meter installation and consumption reading.
Primarily, we process personal data collected during a business relationship, such as name, surname, VAT ID, address, data about real estate owned, etc. However, if necessary for the execution of our business activities and unrelated to a specific contractual or business relationship, we collect data from public sources (e.g., land registries, cadastre) or they are legitimately communicated to us by contractual partners or third parties.
We collect data subjects' personal data by accessing and using our website https://ikom-mjerila.hr/ or by sending inquiries via email to info@ikom-mjerila.hr, prodaja@ikom-mjerila.hr, or other email addresses listed on our website. In this way, we usually collect and process the following types of data: Unique ID and technical information about your computer, tablet, or mobile phone, IP address, geographic location, and pages you access. To the extent you give explicit consent and provide the data yourself, we also process: name, phone number, email address, address, etc.
Essential information about data processing when accessing and using the website is described in the Cookie Policy.
We use data subjects' personal data to fulfill contractual obligations, when processing is necessary for the performance of a contract in which the data subject is a party or for taking steps at the request of the data subject prior to entering into a contract. When necessary, we process personal data to satisfy legitimate interests essential to our business.
We use the data for identification and communication with users and for providing services requested by users, such as responding to questions via email and handling complaints and grievances. Additionally, we use the data to optimize and improve our services and content. We will not transmit your personal data to third parties.
Our processing of your personal data is based on the following legal grounds:
The purpose of processing personal data through video surveillance is to protect the safety of persons (employees) and property of the Data Controller. The legal basis for processing personal data is the legitimate interest of the Data Controller.
Personal data collected through video surveillance will be used for the purpose of protecting the persons and property of the Data Controller and will not be transmitted to unauthorized third parties, except where there is a legitimate interest and to competent authorities upon their request and for justified purposes (e.g., police, court).
Recordings obtained through video surveillance will be kept by the Data Controller for a maximum of six months, unless a longer retention period is prescribed by other law or if they are evidence in judicial, administrative, arbitration, or other equivalent proceedings.
We retain your personal data for the period necessary to achieve the purposes described above, within the deadlines prescribed by law and other regulations.
It is possible that we may be obliged to retain some personal data for a longer period or permanently, as provided for by relevant regulations.
The Data Controller will keep the personal data of data subjects accurate and up-to-date, based on the data provided by the data subject or as determined by the Data Controller in the provision of services.
If a judicial, administrative, or out-of-court proceeding is initiated, personal data will be processed until the final conclusion of such proceedings or the achievement of a legitimate interest in another manner.
After the expiry of the processing period, we will securely delete or destroy your data.
The period of cookie storage is specifically stated in our Cookie Policy.
Access to your personal data is restricted to authorized persons explicitly responsible for the collection, processing, and use of specific personal data within the scope of their job duties (hereinafter: authorized persons).
Authorized persons are required to maintain the confidentiality of personal data and act in accordance with applicable regulations.
To the extent necessary to achieve the purposes for which personal data is collected and/or processed, we may share your personal data with third parties/recipients such as:
a. Service providers engaged as Data Processors (e.g., providers of IT infrastructure maintenance services, hosting services, cloud storage and email services)
b. state and public authorities, judicial authorities, legal entities with public authority or legal entities in private ownership, when we are required to provide personal data of data subjects based on legal obligations.
We transmit your personal data only to the extent necessary to fulfill the respective purpose of lawful processing. In doing so, we ensure that each recipient of personal data provides appropriate technical and organizational measures to protect your personal data to the fullest extent possible.
To protect your personal data, we take appropriate technical and organizational security measures in accordance with applicable privacy and personal data protection regulations.
We collect and process personal data in a manner that ensures appropriate security and confidentiality in their processing, enabling the effective implementation of data protection principles, reducing the amount of data, the scope of their processing, the period of retention, and their availability.
We take all appropriate technical and organizational measures to protect data subjects' personal data from accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure, or access, and from all forms of unlawful and/or excessive processing.
All employees of the data controller are committed to safeguarding personal data by signing a confidentiality statement.
Within the framework of personal data protection, data subjects have the following rights:
a. the right to access their personal data, i.e., the right to request confirmation of whether their personal data is being processed and, if such data is processed, the right to request access to and information about the processing and a copy of the personal data being processed;
b. the right to rectification of inaccurate and completion of incomplete data;
c. the right to erasure of personal data, especially if such data is no longer necessary for the purposes for which it was collected, if it is unlawfully processed, if there is an obligation to erase it to comply with legal obligations, or if you have withdrawn your consent;
d. the right to restriction of processing of personal data;
e. the right to data portability;
f. the right to object to the processing of personal data.
The Data Controller will take all measures to enable data subjects to exercise the aforementioned rights, but in certain cases, the exercise of these rights may be limited or excluded, and the data subject will be informed thereof in due course.
For any additional information, inquiries, requests, or complaints related to the processing of personal data, you can contact us via email at: info@ikom-mjerila.hr
We will respond to your request as soon as possible, but in any case within one month of receiving the request. This period may be extended by an additional two months as necessary, taking into account the complexity and number of requests received by the Data Controller. In case of extension, we will inform you of the extension and the reasons for the extension.
For all other inquiries, contact us at info@ikom-mjerila.hr
We regularly update the Privacy Policy to ensure its accuracy and timeliness, and reserve the right to change its content if deemed necessary. You will be promptly informed of any changes and amendments through our website in accordance with the principle of transparency.