Privacy Policy and personal data protection statement
-
General Information
The document "Privacy Policy and Personal Data Protection Statement" of Navela d.o.o. (hereinafter referred to as: the Statement, Privacy Policy) applies to the services and operations of Navela d.o.o., Valica 15, 52000 Pula (hereinafter: Navela or the Company). This Statement describes what personal data we collect, how we process it, and the purposes for which we use it, as well as your rights regarding that data.
This document was created and adopted because we consider the protection of personal data to be very important and a fundamental part of all processes and corporate management within Navela d.o.o. It serves as a framework for how we handle all personal data collected as part of our operations. It is one of the organizational measures for compliance with Regulation (EU) 2016/679 of the European Parliament and Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation or GDPR) (hereinafter referred to as the Regulation).
This Privacy Policy does not apply to third parties, service providers, or suppliers. If we use external service providers to process your personal data, and personal data is processed as a result, this constitutes processing under instruction. In such cases, we, as the Data Controller, remain responsible for protecting your personal data.
​
Through this Statement, we aim to comply with legal requirements and safeguard all our users and visitors, with the following objectives:
-
Implementation of valid legal regulations for the protection of personal data;
-
Protection of personal data we encounter;
-
Openness and transparency with all users and data subjects;
-
Minimization of the risk of personal data breaches;
-
Education and information for all our users and data subjects;
-
Increasing transparency in personal data processing.
-
​
All data we access or process is handled with confidentiality and purpose, and according to the highest security standards. The entity responsible for data processing is:
​
Name: Misli More d.o.o.
Address: Valica 15, Pula
Tax ID (OIB): 62558167556
Email address: ac@winds.solutions
​
2. Types of Personal Data
​
Personal data refers to any information relating to an individual whose identity is known or can be determined. An individual whose identity can be determined is one who can be identified directly or indirectly, especially using identifiers such as name, identification number, location data, online identifiers, or by one or more factors specific to their physical, physiological, genetic, mental, economic, cultural, or social identity.
​
In the course of regular business operations, we use the following categories of personal data:
​
a) Core personal data:
-
Identification data (name, surname, unique identification number, address, photograph);
-
Financial information;
-
Online identifiers (cookies, IP addresses, MAC addresses, user identifiers, system logs);
-
Location data (geographic latitude, longitude, altitude, travel direction, recording time);
-
Contractual relationship information.
b) Aggregated traffic and transaction data, excluding the content of transactions or communications and the identification of participating individuals.
​
3. Sources of Personal Data
​
We collect personal data from several categories of data subjects during regular business operations. Depending on the purpose and legitimate interest for each processing activity, data subjects are classified into the following categories:
i) Clients: Business data about clients, their teams and their customers collected through services.
ii) Job candidates: Personal data submitted voluntarily during job applications.
iii) External collaborators: Data collected based on business cooperation agreements.
iv) Third parties: Data processed under the instructions of a Data Controller.
v) Public interest or official duties: Data processed as required by law or public interest.
​
4. Security
​
We have established information system security principles to ensure a high level of security for personal data processing. Measures include protection against unauthorized access, data minimization, pseudonymization, and continuous improvement in line with technological developments.
​
5. Methods of Data Collection​
​
We collect personal data based on legitimate interests and clearly defined purposes, ensuring lawful, fair, and transparent processing. Data subjects are informed of how their data is collected, used, disclosed, or otherwise processed.
​
6. Principles and Purposes of Data Processing
​
We process data lawfully, limiting it to what is necessary for the defined purpose. Data is not shared with third parties unless legally required or consented to by the data subject.
​
7. Cookies​
​
Our website uses cookies to store user preferences, assist with login, provide targeted advertisements, and analyze website performance. Cookies cannot execute programs or deliver viruses.
​
8. Retention Period
​
Personal data is retained only as long as necessary for the purposes defined or as required by law.
​
9. User Rights
​
You have the right to:
a) Correct incomplete or inaccurate data.
b) Request deletion of unlawfully processed data.
c) Access information about your processed data.
d) Restrict processing under certain conditions.
e) Data portability in a machine-readable format.
f) Object to data processing based on public or legitimate interest.
g) File a complaint if data protection regulations are violated.
​
For further details or to exercise your rights, contact us via the provided email.
​