– Read me carefully! –
1. PRIVACY POLICY/ (GDPR) COMPLIANCE STATEMENT
Company Jedanaest Devet Ltd. through its brand “Hotel Photographers” is committed to protecting and respecting your privacy and this Privacy Policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be handled and hereby also confirms our compliance with the EU General Data Protection Regulation (GDPR), in force from 25 May 2018.
The GDPR provides a set of rights and protections for EU citizens in terms of the data that individuals and organizations hold about them, and the responsibilities of those organizations on what data they can hold, how they can process and use that data, and how individuals can access or request changes to or deletion of the data held about them.
In this Privacy Policy/Statement of Compliance we will lay out what data we hold, for what purposes, our legal obligations which cannot be breached without your consent as well as your rights regarding this data. Both co-owners, Igor Šeler and Siniša Uštulica, have read and agreed to all points of the Policy/Statement and are aware of its implications and your rights.
Please be aware that we are not responsible for the privacy practices of any third parties, such as our partners, and we urge you to familiarize yourself with their privacy terms when giving out any personal data.
2. WHAT INFORMATION WE MAY COLLECT AND HOLD AND FOR WHAT PURPOSE
We may collect the following information from our clients and users of our products and services (be they private person or a legal entity, business or a brand)
1. E-mail address
– Email addresses of people who have emailed us directly through the online contact form or our Price Estimator 2.0 and to whom we have replied – automatically saved in mail server software
– E-mail addresses we were referred to with direct permission to contact them
-Those who have used the online form to opt in to receive news from Hotel Photographers and have willingly chosen to be notified (This data comprises Email Address, First Name and Family Name )
– Explicitly given email addresses – orally or via business cards on gatherings and meetings
*** To be able to maintain the relationship, for the purposes of sending invoices, notifications about final product statuses, activities and current offers, and occasional updates and/or marketing
2. First/Last Name/Hotel or Business name
– Gained through direct e-mail contact, via the web form, contacted via inbox on Facebook or Instagram
-Be it a private person or a person (owner, employee, outside associate, hotel manager) representing or speaking on behalf of a brand, organization, specific department within the business that deals in marketing, acquisition of new products, content management, accounting…
*** In order to be able to personalize the communication
3. Company/Brand/Hotel name and VAT number
-Gained through direct communication
*** To be able to issue an invoice
4. Address (business location)
– Explicitly given as necessary to get to the location
*** The address of your establishment where we’ll take the photographs/videos and for invoice purposes
5. Log of previous services
– For all previous customers
*** In order to be able to keep track of the preferences of our clients, customize the experience and judge the interest in a potential new opportunities (marketing purposes) and speed up repetitive business
6. Method of payment and associated information
– For all previous customers
***Necessary for invoices
3. ALL YOUR DATA IS STORED OFFLINE IN A SPREADSHEET FORMAT AND IS USED:
– To communicate with you regarding product status, provide information and ask for relevant information to complete the contracted business
– To operate and improve our products and services;
– To develop, improve, and protect the products;
– For market research;
– To improve customer service;
– To personalize user experience;
– To run a promotion, contest, survey or other related feature;
!!! Your data is not disclosed, sold, leased rented or otherwise discloses to any third party and is used exclusively for Hotel Photographers purposes, excluding the cases below:
-To public authorities, such as law enforcement, if we are legally required to do so or if we need to protect our rights;
– To our subsidiaries and affiliates; or a subsequent owner, co-owner or operator of Hotel Photographers in connection with a corporate merger, consolidation, restructuring, or the sale of substantially all of our stock and/or assets or other corporate reorganization
4. INDIVIDUALS’ RIGHTS
We acknowledge the rights of an individual/legal entity as specified in the GDPR and will make best efforts to respond to any requests from individuals in association with these rights within the one month timescale required by GDPR. Rights recognized:
– The right to be informed about what personal data we hold about you
– The right of access
– The right to rectification – you can have incomplete, incorrect, outdated, or unnecessary personal data corrected, deleted, or updated
– The right to erasure “right to be forgotten” -right to opt out of receiving electronic direct marketing and be completely erased from the data base
– The right to restrict processing
– The right to data portability
– The right to object
– The right not to be subject to automated decision-making including profiling
5. OUR LEGAL BASIS FOR COLLECTING YOUR DATA
Data is collected and processed under the legal basis of ‘Legitimate Interests’ via the three-part test:
Identify a legitimate interest:
By signing up for a newsletter or expressing interest in our product via any communication channel or social network in use, by purchasing a product/service, individuals have expressed a legitimate interest in the work.
Show that the processing is necessary to achieve it:
Since we do business internationally, communication via email is absolutely fundamental
Balance it against the individual’s interests, rights and freedoms:
The individual has the absolute right to request complete deletion of their data at any time and will be removed from data base immediately
6. PROTECTION AND DATA BREACHES
Data is used in a way which has minimal privacy impact and only that necessary for the operations stated is collected. Reasonable steps are taken to prevent data breaches, including the use of secure servers and strong password protection of devices and online accounts. We recognize the need to notify the superimposed structures in case of data breach.