About us Industry Services Projects News Careers Contact
About us Industry Services Projects News Careers Contact
Hrvatski Deutsch

06.02.2023.

Privacy Policy

ATO INŽENJERING d.o.o. takes care of the privacy of all persons with whom it comes into contact in any way. Your trust is very important to us and we do everything to protect you and your personal data from possible abuses.

The purpose of this policy is to inform you as a respondent about how we process and protect your personal data and how you can exercise your privacy rights.

On May 25, 2018, the application of the General Data Protection Regulation of the European Union (hereinafter: the Regulation) began in all member states of the European Union, including Croatia. We have brought our actions in line with the requirements of the Regulation regarding the processing and protection of personal data, as regulated in this Privacy Policy (hereinafter: Policy).

The controller of your personal data is the commercial company ATO INŽENJERING d.o.o. Osijek, Vukovarska 217 b, OIB: 39189977018 (hereinafter: Controller or Company).

Purposes of processing

Depending on the purpose, the collection of personal data may be a legal or contractual obligation or a necessary condition for the conclusion of a contract. The provision of personal data to fulfill a contractual obligation is a necessary condition for the conclusion and/or performance of a contract. You have the right to refuse to provide this data, but in this case we will not be able to enter into a specific contract with you, i.e. we will not be able to fulfill our obligations under these contracts. We collect and process personal data:

  • employees
  • applicants
  • business partners
  • users of our website

As part of our business, we may collect the following categories of personal data according to the categories of respondents: Former and current employees:

  • all data required by positive labor law and accounting regulations (e.g. first name, last name, address, OIB, year of birth, JMBG, etc.),
  • data required for internal communication within the company (e.g. business photos, etc.),
  • data required for the performance of duties at the workplace, such as the organization of trips abroad, the receipt of work-related benefits, etc. (e.g. travel document number, driving license, details of dependent family members, number and age structure of children, etc.).

Candidates for employment:

  • contact details (e.g. first name, last name, e-mail address, cell phone number, etc.),
  • data from the CV (e.g. details of education, previous employment, length of service, etc.),
  • test results.

Business partners and other interested parties:

  • contact data (e.g. first name, last name, e-mail address, cell phone number, etc.),
  • data required for the conclusion of the contract (e.g. first name, surname, address, OIB, etc.),
  • data required for the execution of the contract (e.g. first name, surname, IBAN, etc.).

You can visit our website without disclosing your personal data. We do not collect any personal data about you (such as your name and contact details) when you visit this website unless you voluntarily make a request (when you enter your name and contact email). By entering personal data in the fields provided, you consent to the use of this data for the purpose for which it was provided.

We do not process data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, data concerning health or data concerning a person’s sex life or sexual orientation.

Legal basis for processing

We collect and process the personal data of employees in order to fulfill our legal obligations to keep employee and working time records, to pay wages and other remuneration, to apply for mandatory insurance and to fulfill tax and accounting obligations.

We collect and process personal data from business partners for the purpose of concluding and executing contracts, i.e. to fulfill legal obligations for accounting with customers and suppliers and to calculate and pay public charges.

We collect only personal data that are necessary for us to achieve the purpose for which you entrust us with your personal data.

We collect data directly from you during personal communication, from your business cards, electronic mail or mail that you send us in paper form to our address and through publicly available sources (e.g. Poslovna.hr., court register, etc.).

When you send us an electronic mail (e-mail) with your personally identifiable information, regardless of whether it is an electronic mail with a question or a comment, we use that information only for the purpose of fulfilling your requests.

The data we collect will only be used for the purposes for which you have provided us with your data, and for any other purpose we will ask for your consent, except where the law requires otherwise.

No automated decision-making will be carried out on the basis of your personal data.

Recipients of personal data

We transfer personal data about employees to HZZO, HZMO and MFRH PU or to other recipients who are legally obliged to do so. Data about employees is transferred with the consent of the employee, unless the personal data is transferred to fulfil legal obligations or to execute a contract.

In carrying out our activities, we use partners and subcontractors for work that we do not carry out ourselves. If necessary, we provide them with information that may contain your personal data. For example, the delivery service needs to know your name and address in order to deliver the mail we send.

We only provide our partners and subcontractors with the personal data necessary to carry out their work and we oblige them with confidentiality agreements to keep and protect your personal data to ensure that your privacy is also protected in these situations.

In addition, we may only disclose personal data in accordance with legal obligations.

Your personal data will not be transferred to other countries or other international organizations.

Duration of storage of personal data

We retain your personal data until the purpose for which it was collected has been fulfilled and all contractual rights and obligations have been fulfilled, but no later than the expiry of all legal obligations in connection with the storage of personal data.

Once the retention period has expired, the personal data will be removed from the system and the archives.

Rights of the respondents

Every respondent has the right to request access to, rectification, erasure, restriction of processing or objection to their personal data, as well as the right to data portability.

Right to rectification – If we process your personal data that is incomplete or inaccurate, you can ask us to rectify and complete it at any time.

Right to erasure – You can ask us to erase personal data if we have processed it unlawfully or if this processing interferes with your protected interests. Please note that there are reasons that prevent immediate erasure, for example statutory archiving obligations.

Right to restriction of processing – you can ask us to restrict the processing of your data

  • if you contest the accuracy of personal data for a period enabling us to verify the accuracy of such data,
  • if the data processing was unlawful but you oppose the erasure and request the restriction of the use of the data instead,
  • if we no longer need the data for the intended purposes but you request it for the establishment, exercise or defence of legal claims or
  • if you have objected to the processing of such data.

Right to object – The respondent has the right to object at any time to the processing of personal data concerning him or her. In this case, we may no longer process the personal data of the data subject unless there are legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.

The right to the possibility of data transfer – You can ask us to deliver the data you have entrusted to us in a structured, commonly used and machine-readable format if we process this data based on the consent you have given us or for the purpose of fulfilling our contract and if the processing is carried out using automated process.

In order to process your request, we expect and request the submission of your request in writing.

We are obliged to respond to each of your requests within one month of their receipt.

Processing based on consent

If we process personal data based on your consent, you have the right to withdraw such consent at any time. Withdrawal of consent does not affect the legality of the processing of your personal data before giving the declaration of withdrawal.

Personal data protection measures

The company ATO INŽENJERING d.o.o. applies technical and organizational security measures to protect your personal data against unintentional or illegal deletion, changes or losses, as well as unauthorized transfer or access.

We store the collected data in a secure manner in the company’s space, to which only authorized persons have access, and in a database on the company’s network server, with strictly limited access via Active Directory and monitored via a log file.

Cookies – Cookies

When you access our website, we can store information on your computer in the form of cookies, used to record information about your previous visits. The cookie does not contain your personal data, but enables faster and more efficient activation of information, data and settings you have previously communicated accessing and using the website.

If you do not want us to recognize your computer, you can prohibit receiving cookies by selecting that option in the Tools/Options menu in your browser.

Data automatically collected on our website

We automatically collect data in server log files such as your IP address, browser type, redirect/exit pages and operating system. We use this information to understand how visitors move through our website and to manage our website and technical solutions in a way that improves your use of our website.

Links to other websites

This privacy policy applies only to our website and not to other websites or applications operated by third parties. We may provide links to other websites and applications that we believe may be of interest to you. We are not responsible for the personal data protection practices of those websites or applications.

Changes to the Privacy Policy

The privacy policy may be changed in accordance with legislation. We will not notify respondents or website users of these changes. Instead, we recommend that you periodically check this page for any changes. By using the website after the policy has been changed, the user confirms his agreement with the changes.

The right to complain

If you believe that we have violated Croatian or European regulations on the protection of personal data when processing your data, please contact us to clarify any questions.

For the protection of rights in connection with the personal data you have entrusted us and for all requests and complaints regarding your personal data, you can contact us in writing at the address: ATO INŽENJERING d.o.o., Vukovarska 217 b, 31000 Osijek, or by email at [email protected].

You also have the right to submit a complaint to the Agency for the Protection of Personal Data. The Privacy Policy is valid from May 25, 2018.

This site is registered on wpml.org as a development site.