This privacy policy was last updated on December 19, 2023 and applies to citizens of the European Economic Area.

BY PLANK d.o.o., Zagreb, Lovranska 10

General Provision on Personal Data Protection has globally influenced the awareness of the importance of personal data protection and how they are handled. This has prompted us to elevate our standards and interpretation, presenting them to users in a simple and direct manner.

BY PLANK operates in accordance with the laws of the Republic of Croatia.

Below, we inform you about the purposes for which we collect and use your personal data and how you can control these processes and exercise your rights.

Personal data processing is managed by:

 BY PLANK, Lovranska 10, Zagreb, Hrvatska
e-mail: info@byplank.com

What information do we have about you?

Personal data or personal information refers to all information about individuals by which a person can be identified. Depending on the situation, we may collect different types of personal data about you, including:

  • Your general identification data (name, gender);
  • Your contact information (address, email, phone number);
  • Data about activities/interactions with us, including potential future interactions;
  • Demographic and interest data.

For what purposes do we use your personal data and why is it justified?

We will process your personal data if we have an appropriate legal basis for it and if:

  • We have obtained your prior consent;
  • Processing is necessary to fulfill contractual obligations towards you or to take pre-contractual steps at your request;
  • Processing is necessary to act in accordance with our rights or legal obligations; or
  • Processing is necessary to achieve our legitimate interests and does not excessively affect your interests or fundamental rights and freedoms.

Please note that when processing data based on the above grounds, we always strive to balance our legitimate reason and the protection of your personal data.

We process your personal data with a defined purpose and only process those personal data that are relevant to achieving that purpose.

Where do we collect your personal data?

We collect your personal data during:

  • Use of our website;
  • Inquiries for purchasing products;
  • Ordering products.

Use of the Website

We use Google Analytics to collect traffic information and analyze visitors to our website. During basic information collection, we do not collect any personal data about you. If you consent to demographic and interest tracking and remarketing, the data that Google has about you will be forwarded to us within an aggregate report about our website. By choosing remarketing, you allow Google to serve ads based on your interests. More information can be found here: https://adssettings.google.com/authenticated

Embedded content from other websites

Some parts of our website contain content embedded from other websites through code. Accessing this content works the same way as if you had accessed it on the website where it is placed, and by doing so, you may download cookies that you would otherwise download by visiting that website.

Typical embedded content includes content from pages that share videos, images, etc., and these pages may collect your IP address, browser and operating system information, store and download cookies to your browser, embed interaction tracking with embedded content, including linking interactions to your account on that service if you are logged in at the time.

Link to the privacy policies of the services we use are below: Facebook: https://www.facebook.com/about/privacy/

Cookies

Cookies are strings of information that websites store on your browser at the time of visit or acceptance, which your browser then delivers to the website upon subsequent visits.

We use cookies to track our visitors, and the services embedded in our site also use cookies. To use these services, you must enable the acceptance of these cookies, and if you wish to remove them from your browser, the following are links to instructions for removing cookies:

Read more about cookies and their use here.

Orders in our webshop

When ordering, you provide the data necessary to process your order and make the purchase. Our employees processing your order have access to this data, and when delivering your orders, your name, address, and in some cases, phone and email address are provided to our contracted partner (GLS Croatia d.o.o., Stupničke Šipkovine 22, 10255, Donji Stupnik) for package delivery.

Your account data will be stored due to legal regulations for the period specified by law.

Contact form and email

We use Microsoft Outlook to process all internal emails and communication with clients.

Microsoft’s privacy policy:

https://privacy.microsoft.com/en-gb/privacystatement

When we receive your email, we will receive your email address, IP address, and the information you provided in the contact form or message. We keep email communication in our database only as long as necessary, until either the communication ends or a contractual obligation is fulfilled, such as a purchase.

Newsletter Notifications

For sending newsletters and managing recipient lists and unsubscribe records, we use the MailChimp platform and take all necessary measures to protect data in accordance with the General Data Protection Regulation (GDPR) and Croatian laws and regulations.

Each newsletter contains a link to update data, consents you have given us, or submit a request to remove your contact from the list.

MailChimp’s Privacy Policy:

https://mailchimp.com/privacy

Protection of Children and Minors

This website is intended for adults and does not intend to collect personal data from children. Therefore, we advise all visitors under the age of 18 not to disclose or enter any personal data into our services. If we discover that a minor has entered personal data, we will remove it to the extent technically possible.

Who do we share your personal data with?

During our business operations, your personal data may be accessed by or shared with the following categories of recipients, according to the principle of those who need to know:

  • Our partners;
  • Individuals and legal entities (third parties) – processors;

The level of sharing your data with each individual depends on the specific purpose of processing.

All our data processors have the same or higher security standards as we do. Where necessary, and to further increase the level of protection of your personal data, we have signed a Data Processing Agreement with data processors.

The above-mentioned third parties are contractually obligated to maintain the confidentiality and security of your personal data in accordance with applicable law.

Your personal data may also be accessed or forwarded to any national and/or international regulatory, executive, or public body or court, where we are obligated to do so by law or regulation or at their request.

If at any time there is a need to transfer your personal data to third parties for a reason other than the one originally collected or after obtaining your consent, we will allow you to express your choice.

How do we protect your personal data?

We have implemented appropriate technical and organizational measures to provide a level of security and confidentiality for your personal data.

The SSL certificate ensures the security of our site through data encryption, which is transmitted from your device to our server.

Our computer systems and third-party systems are protected by technical and organizational measures from unauthorized access, modification, or dissemination of your data, as well as from loss or deletion.

Our employees are trained in proper handling and storage of personal data.

How long do we retain your personal data?

Personal data collected based on the law must be kept for as long as prescribed by law or regulation. Data collected for legitimate interest purposes will be stored in our records for a period of 5 years after your last interaction with us, unless otherwise indicated. Other data collected based on consent will be kept in a guest database for the period specified in the consent you provided us.

What are your rights and how can you exercise them?

 We provide you with the following rights:
– Right of access (information about the scope and type) to your data
– Right to rectification (concerns data provided by you)
– Right to be forgotten
– Right to object to the use of personal data
– Right to data portability, i.e., the right to retrieve personal data or transfer it to another data controller without hindrance on our part.

Right of Access

You have the right to access information about your personal data that we hold and keep in memory. If you are the legal guardian of a user, you also have the right to information about the personal data of the person under your guardianship.

Right to Correction

You have the right to correct inaccurate personal data concerning you, which we will do within a reasonable period.

Right to Erasure (Right to be Forgotten)

 You have the right to obtain anonymization of your personal data without undue delay if there is no legal reason for further processing of that data on our part (e.g., if the data are no longer necessary for the purposes for which they were processed). If such a legal reason exists, we will inform you in detail as part of our response to your request for deletion.

Right to Object to the Use of Personal Data

If the processing of your personal data is based on the pursuit of our legitimate interests, you have the right to object to such processing of personal data to the extent that the processing concerns your data. If we demonstrate compelling legitimate grounds for processing that outweigh your interests, rights, and freedoms or if it is necessary for the establishment, exercise, or defense of our legal claims, your objection will not be upheld.

Right to Data Portability

 You have the right to receive the personal data you provided to us in a structured, commonly used, and machine-readable format and to transmit them to another controller without hindrance from our side.

You can submit your request to the email address: info@byplank.com

How will you be informed about changes to our Privacy Policy?

Any future changes in the processing of your personal data will be communicated to you in advance through a separate notice on this website.

If you have further questions regarding the processing of your personal data, we invite you to contact us:

Legal notice

Online store

www.byplank.com and all the data on it, product images, graphics, and video elements on the online site are protected and may not be reproduced or used without prior written permission.

BY PLANK d.o.o.,Lovranska 10, Zagreb, Hrvatska
e-mail: info@byplank.com