Privacy police
Privacy policy
Privacy policy – Fit Invest d.o.o.
Fit Invest d.o.o. with its registered office in Zagreb, Slavonska avenija 6, Croatia, entered into the register of Commercial Court in Zagreb, MBS: 030282383, OIB: 36598567890.
PERSONAL DATA PROCESSING PRINCIPLES
INFORMATION FOR CLIENTS AND BUSINESS PARTNERS
(Privacy Policy)
INTRODUCTORY INFORMATION
Dear clients, business partners and visitors,
these principles inform you on how Fit Invest d.o.o. (hereinafter: „the Company “) collects, processes, uses and transmits your personal data (hereinafter: “personal data processing”).
Personal data means information relating to a certain person who can be identified based on this information or in connection with other information.
CONTENT
- Who is the controller of your personal data?
- Which personal data about you and for which purpose does the Company process?
- What sources does the Company use to obtain your personal data?
- Does the Company share your personal data with other persons?
- Does the Company transmit personal data to countries outside EEA?
- How are your personal data secured?
- How long will the Company store your personal data?
- What are your rights connected to personal data processing?
- What are cookies?
- Inquiries and contacts.
- Amendments to the Privacy policy.
WHO IS THE CONTROLLER OF YOUR PERSONAL DATA?
The controller of your personal data is Fit Invest d.o.o. with its registered office in Zagreb, Slavonska avenija 6, Croatia, entered into the register of Commercial Court in Zagreb, MBS: 030282383, OIB: 36598567890.
The Company defines in what manner, and for what purpose your personal data will be processed. You can find the Company´s contact details in the chapter “Inquiries and Contacts”, below.
The Company and another company owned by it, i.e.:
ČRNOMEREC SPORT d.o.o. with its registered office in Zagreb, Croatia, Slavonska avenija 6, are collectively designated herein as “Fit Invest Group” acting under single Fit Invest brand.
WHICH PERSONAL DATA ABOUT YOU AND FOR WHICH PURPOSE DOES THE COMPANY PROCESS?
In the table below you will find what personal data, on which legal basis and for what purposes the Company processes in relation to clients, business partners and visitors.
a) Clients
| Personal data (Categories and examples) | Purpose of processing | Legal basis for processing |
| Basic identification and contact data: name and surname, date of birth, e-mail, phone number, address. | Conclusion and performance of the contract and related communication, fulfillment of legal obligations, records and enforcement of eventual claims. | Conclusion and performance of the contract, legitimate interest of Company in enforcing claims. |
| Data relating to contract with client: membership type, membership duration, financial and invoicing terms. | Performance of relevant contract, fulfillment of legal obligations. | Conclusion and performance of contract. |
| Photography. | Using photography for entry card. | Relevant person´s consent. |
| Security data: camera system records, access system records. | Protection of Company property, clients and other persons, protection against thefts and other criminal activities, escape route check. | Legitimate interest of Company in providing entry checks and protection of Company property, clients and other persons. |
| Data for marketing purposes: name and surname, e-mail, telephone number, address, information on current membership, entitlements to discounts and benefits. | Promotion and support for sale and Company services, sending information on new services and products or other marketing/commercial messages. | Relevant person´s consent for receiving commercial messages and processing for marketing purposes, legitimate interest in addressing clients via direct marketing and sending commercial messages. |
| Data about visits on our website: IP addresses or cookies. | Records of visitors and improvements to our services and for statistical and analytical purposes. More information about cookies in „What are cookies?” chapter below. | Legitimate interest of Company concerning information on visits on our website. |
b) Business partners
| Personal data (Categories and examples) | Purpose of processing | Legal basis for processing |
| Basic identification and contact data: name and surname or company name, position, e-mail, telephone number, address, payment and delivery data. | Conclusion and performance of contract and related communication, records and enforcement of eventual claims. | Conclusion and performance of contract, legitimate interest of Company in enforcing claims. |
| Data for marketing purposes: name and surname or company name, position, e-mail, phone number, entitlements to discounts and benefits. | Promotion and support for sale and Company services, sending information on new services and products or other marketing/commercial messages. | Relevant person´s consent (even with giving business card) or granted consent for receiving commercial messages and processing for marketing purposes, legitimate interest in addressing clients via direct marketing and sending commercial messages. |
c) Company visitors
| Personal data (Categories and examples) | Purpose of processing | Legal basis for processing |
| Recording of persons in the scope of video surveillance, records of visitors. | Protection of Company property, employees and other persons, protection against thefts and other criminal activities, checking persons staying in Company premises. | Legitimate interest of Company in providing entry checks and protection of Company property, employees and other persons. |
WHAT SOURCES DOES THE COMPANY USE TO OBTAIN YOUR PERSONAL DATA?
The Company obtains personal data which are subsequently processed directly from its clients or from business partners or from visitors staying on Company premises.
DOES THE COMPANY SHARE YOUR PERSONAL DATA WITH OTHER PERSONS?
a) External service providers
To be able to fulfill its duties, the Company provides certain personal data of clients, business partners and/or visitors to the external service providers, which include bookkeeping, accounting, legal advisory, claims administration, marketing, promotion and IT.
External service providers are cleared up by the Company, and they provide sufficient guarantees regarding privacy and protection of personal data of clients, business partners and/or visitors.
b) Fit Invest Group companies
The Company may share personal data within the Fit Invest Group companies. Each time the Company needs to share your personal data, it will do so only in minimal scope, when it is necessary, and it will share them only with selected employees from the Fit Invest Group.
The Fit Invest Group adopts suitable measures to ensure that these selected employees shall be bound by the obligation to maintain these personal data confidentiality.
b) Disclosure of personal data to third parties
The Company may share personal data with third parties when it is necessary and has a legal basis to do so.
Moreover, in accordance with legal regulations concerning personal data protection, under certain circumstances the Company is obliged to share personal data of clients, business partners and/or visitors with third parties which are not the mentioned external service providers or members of the Fit Invest Group.
These third parties include in particular:
- administrative and similar bodies (financial authorities),
- financial institutions (banks, insurance companies),
- police, prosecution office,
- external advisors.
DOES THE COMPANY TRANSMIT PERSONAL DATA TO COUNTRIES OUTSIDE EEA?
The Company may transmit your personal data outside the European Economic Area only if it has legal basis for making such data transfer.
HOW ARE YOUR PERSONAL DATA SECURED?
To ensure confidentiality, integrity and availability of your personal data, the Company uses modern IT security systems. The Company maintains suitable technical and organizational security measures against illegal or unauthorized personal data processing and against accidental loss or damage of personal data.
The access to your personal data is provided only to persons who need them to fulfill their work duties, and they are bound by legal or contractual confidentiality obligation.
HOW LONG WILL THE COMPANY STORE YOUR PERSONAL DATA?
The Company stores your personal data only for the period for which it needs them for the purpose for which they have been collected, eventually for the protection of legitimate interests of the Company or for the period for which consent for processing has been granted.
In relation to Clients:
The Company stores your personal data for the duration of the contract concluded with you and after its execution for the purposes of recording and enforcement of claims, fulfilling obligations arising from legal provisions, in particular tax and accounting, statistical and archiving for a maximum period of 11 years.
If any of that data is used as evidence in court, administrative, arbitration or other equivalent procedure, data are processed and stored until the final completion of that procedure.
In the case of processing your data based on consent the Company will process them until the consent is withdrawn or until you object to the processing.
In relation to Business partners:
The Company stores your personal data for the duration of the contract concluded with you and after its execution for the purposes of recording and enforcement of claims, fulfilling obligations arising from legal provisions, in particular tax and accounting, statistical and archiving for a maximum period of 11 years.
If any of that data is used as evidence in court, administrative, arbitration or other equivalent procedure, data are processed and stored until the final completion of that procedure.
In the case of processing your data based on consent the Company will process them until the consent is withdrawn or until you object to the processing.
In relation to Company visitors:
The Company stores your data recorded by video surveillance within 1 month.
WHAT ARE YOUR RIGHTS CONNECTED TO PERSONAL DATA PROCESSING?
You can assert any of the below listed rights under the set conditions. These rights are given to you by the General Data Protection Regulation (GDPR):
- the right to withdraw the granted consent for personal data processing (if the data processing is carried out based on your consent) at any time and free of charge, either by mail, e-mail or in person at our address listed below;
- the right to access personal data and provision of additional information related to their processing by the Company, or processors;
- the right to rectify incorrect or incomplete personal data;
- the right to erasure of personal data, in particular if (i) they are no longer necessary for further processing; (ii) the consent for their processing has been withdrawn; (iii) the data subject objected to the processing; (iv) they were processed unlawfully; or (v) they must be deleted under legal regulations;
- the right to restrict processing of personal data, if (i) the data subject contests the accuracy of personal data, for the period until the Company verifies their accuracy; (ii) the processing is unlawful; (iii) the Company no longer needs them but the personal data are needed by the data subject for the purposes of asserting his legal claims; (iv) the data subject objects to personal data processing, until the Company verifies whether its legitimate interests prevail over data subject´s interests;
- the right to file objection to personal data processing if the data are processed for the purposes of Company´s legitimate interests. If you file an objection to further processing for direct marketing purposes, your personal data will no longer be processed for these purposes;
- the right to obtain your personal data and transfer them to other controller while adhering to legal conditions;
- the right to file a request for determination of violating of rights to Croatian Data Protection Authority, if you believe the Company is violating the obligations resulting from legal regulations for personal data protection.
We will respond to your requests for assertion of rights within the statutory period, usually at the latest within 1 month following delivery of your request. If our respond requires longer time in exceptional cases, we will inform you.
WHAT ARE COOKIES?
Cookies are small data files necessary for correct functioning of web pages, and we therefore place them in your computer just as the majority of websites. Cookies are text files that websites place in your computer or mobile device when you start using a website. For a certain period, the websites can remember actions and settings you made on those websites. Thanks to this you do not need to enter these data again when you re-visit the website and go through individual sections of the web.
We use cookies mainly for marketing purposes, collection of statistical data and web traffic analysis so we can continue to improve our website and perfect the services we offer. The information on how you use our web is thus shared with our partners in the field of advertising and analysis, namely Google. To see how Google uses cookies, read the following document at https://www.google.com/policies/technologies/cookies/.
INQUIRIES AND CONTACTS.
If you want to use any of your rights in relation to processing your personal data or if you have another inquiry or complaint regarding their processing, contact us, please, by mail or e-mail using the below listed contact details.
Fit Invest d.o.o.
Slavonska avenija 6, Zagreb, Croatia, e-mail: privacy@thefitness.hr
AMENDMENTS TO THE PRIVACY POLICY
It is possible that the Company will decide to amend or update this privacy policy. The current version of the privacy policy will always be available at Company´s website (www.thefitness.hr), in the Personal Data Protection section.