Gesta d.o.o. attaches particular importance to the privacy rights of Internet users and undertakes to protect their personal data in accordance The EU General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR). No personal data is requested from visitors to enable them to consult the website www.shop.gesta.hr

This Privacy Policy, hereinafter referred to as the “Policy”, outlines our practices regarding information that we may collect on the website and their use.

1. Identity of the Data Controller

The company Think Ink j.d.o.o., as identified below, acts as the Data Controller in respect of the personal data collected on the Website :

Gesta d.o.o.
VATID: HR86153446709
Ivana Severa 20, 42000 Varaždin, Croatia, EU

2. Scope and acceptance of this current Policy

This current Policy only applies to information collected from our Website and does not apply to information collected from other sources, especially, but not limited to, Facebook®, Twitter®, YouTube® or any other Website or third party social networks.

By using our Website, you agree to the terms of this current Policy. If you refuse the terms of this current Policy, we invite you not to use our Website or to not provide us with any personal information.

3. Data collected on our Website
3.1 What Data ?

We collect and process your name, address, email address, password, phone number, IP address, connection data and navigation data, order history, preferences and interests, products consulted, incidents of deliveries, claims.

The mandatory or optional nature of the data is reported to you during collection by an asterisk. Some data is collected automatically because of your actions on the Website.

We also measure audience, we measure for example the number of pages viewed, the number of visits to the Website, as well as the activity of visitors to the Website and their frequency of return.

3.2 When ?

We collect the information that you provide us, especially when:

you create your customer account “My account”
you subscribe at our different newsletters
you order on our Website
you browse on our Website and view products

3.3 Purposes of the collection of Personal Data

Each form on the site restricts to the strictest necessary the collection of personal data and indicates systematically :

the purposes of the collection of personal data
the mandatory or optional nature of the data
In any case, Gesta d.o.o. may not use this personal data for a purpose other than that explicitly announced on the form and accepted by the user. Likewise, this personal data may not be transmitted or transferred to third parties without an explicit mention of this possibility on the form.

3.4 Recipient of Personal Data

Personal data collected on our Site is for Gesta d.o.o. (customer service, shipment service & accounting service).

Finally, Gesta d.o.o. may disclose Personal Data to judicial authorities, law enforcement or any other authority where required by law.

3.5 Transfer of data outside the EU

You are informed that data concerning you may be transmitted by Gesta d.o.o. for needs of the purposes defined in these conditions to companies located in countries outside the European Union that do not have an adequate level of protection with regard to Personal Data protection.

Prior to the transfer outside the European Union, Gesta d.o.o. will implement any procedure required to obtain the necessary guarantees to secure such transfers.

Currently, no personal data has been transferred outside the European Union.

3.6 Retention time

Gesta d.o.o. keeps your personal data for as long as it is necessary to achieve the purposes for which it was collected. As a general rule, Gesta d.o.o. keeps your personal data for the duration strictly required to manage the commercial relationship with you. However, Gesta d.o.o. shall retain your personal data used for commercial prospecting purposes for an additional period of three years from the end of the commercial relationship.
In addition, Gesta d.o.o. may keep some of your personal data for a longer period, in particular when it is required to do so by virtue of a legal obligation or when this data is necessary to establish proof of a right or a contract. In this case, your personal data will be archived and retained for the duration imposed by the applicable regulations, or for the duration of the applicable legal prescription.
When your personal data is no longer required, Gesta d.o.o. will ensure that it is deleted or made anonymous.

4. Your rights

You may also revoke your consent to any processing of your personal data based on your consent. You may ask Gesta d.o.o. to limit the processing of your personal data (i.e. to keep them without using them) when: their accuracy is disputed; their processing is illicit but you do not want them to be deleted; they are still necessary for the establishment, exercise or defence of legal rights; Gesta d.o.o. verifies the existence of compelling reasons in the context of the exercise of your right to object. Gesta d.o.o. may continue to use your personal data following a request for restriction: with your consent; for the establishment, exercise or defence of legal rights; or to protect the rights of any other natural or legal person. You may also object to any processing of your personal data that is based on Gesta d.o.o.’s “legitimate interest”. If you exercise this right, Gesta d.o.o. shall cease processing, unless Gesta d.o.o. demonstrates the existence of legitimate and compelling reasons that prevail over your fundamental rights and freedoms, or for the establishment, exercise or defence of rights in court.

To exercise this right, you can :

Go to your customer area and in the category “My personal data”
Or

Contact the service of Gesta d.o.o. by email at the address info@gesta.hr or by post to the following address :

Gesta d.o.o.
Ivana Severa 20, 42000 Varaždin
Croatia

In order to exercise your rights in accordance with the conditions set out above and in the event that Gesta d.o.o. has doubts about the author of the request, Gesta d.o.o. may ask you to prove your identity by mentioning your surname, first name and e-mail address and to provide a copy of a valid identity document with your request.

A reply will be sent to you within a maximum of one (1) month following the date of receipt of the request.

If necessary, this period may be extended by two (2) months by Gesta d.o.o., which will inform you of the extension, depending on the complexity and/or number of requests.

In the event of a request for the deletion of your personal data and/or in the event of the exercise of your right to request the deletion of your personal data, Gesta d.o.o. may however retain them in the form of interim archiving for the time necessary to meet its legal obligations, or for evidentiary purposes during the applicable limitation period.

5. Security

The security of your Personal Data is very important to us. The personal data collected on the Website www.shop.gesta.hr are treated according to secure protocols which considerably limit the risks of interception or recovery by third parties.

However, due to the open nature of the internet, we can not exclude acts of hacking, or unauthorized access by third parties. By continuing to use our Website, you accept these risks.

In the limit of what is authorized by the applicable laws, we disclaim any responsibility in case of direct or indirect damage, losses, costs, whether contractual, delictual, including negligence, that you could suffer in case of unauthorized access, loss or alteration of your personal data. Gesta