This Privacy Policy is based on the General Data Protection Regulation (GDPR) and other laws governing the privacy of the individual. It specifies which personal data we collect, how and why do we process, use and protect them as well as what your rights related to your data are.

The privacy of individuals and the protection of personal data are fundamental human rights. It is our duty to protect the privacy of individuals whose personal data we process and store. We are responsible for your data, which are collected and processed only when necessary.

Random Red d.o.o. (Ltd) adheres to the following principles in order to protect the privacy of our employees, associates, clients and end users:

• we do not collect more personal data than is necessary;
• we do not use personal data for purposes not listed;
• we do not store personal data when no longer needed;
• we never sell, borrow, distribute or publicly disclose personal data;
• we do not send personal data to third parties without your knowledge;
• we do not use any automated processing and decision making or profiling;
• we continuously ensure that personal data is securely stored.

This Privacy Policy, as well as our website, is designed to ensure a high level of protection of your personal data and your privacy, and will be continuously updated and improved. Upon reading this Privacy Policy, if you have any questions about the protection of personal data or want to share your ideas and recommendations, please contact us on info@randomred.eu.

This Privacy Policy was updated on April 11, 2022.

Best regards,
Random Red d.o.o. (Ltd)

DATA CONTROLLER

Random Red d.o.o. (Ltd) collects and processes personal data thus performing the role of a data controller. The role of the data controller is to pinpoint the purpose and methods of processing personal data and ensure your privacy. Our official name and information:

Random Red d.o.o. (Ltd)
Ivana Zajca 40
HR-31000 Osijek
OIB (VAT ID): 63563051700

YOUR DATA WE COLLECT

In accordance with the GDPR and other laws governing the protection of personal data, we collect only those personal data that are necessary to meet our legal and contractual obligations.

SECURITY OF PERSONAL DATA

When Random Red collects information about you, we ensure that your personal information is protected from accidental or unlawful destruction, loss, alteration, unauthorized disclosure or third parties’ access to personal information to be transferred, stored or otherwise processed. This is done through appropriate technical and organizational measures to ensure the security, integrity and confidentiality of personal data.

We collect and process personal data in a way that ensures adequate security and confidentiality in their processing and enables the effective application of data protection principles, reducing the amount of data, the scope of their processing, storage period and their availability. We take all appropriate technical and organizational measures to prevent accidental or unlawful destruction, loss, alteration, unauthorized use, disclosure or third parties access to data.

All data controllers and data processors are obliged to keep personal data by signing a confidentiality statement.

ACCESS TO PERSONAL DATA

We provide access to your personal data only to external collaborators who act as subcontracted data processors using our explicit instructions thus ensuring a high level of your personal data protection. These business associates are obliged to protect confidentiality in accordance with the General Data Protection Regulation, this Policy and signed contracts, which specify handling your personal data, i.e. they can neither process your personal data without being told to nor forward it to third parties.

Granting access to personal data to other legal or natural persons is in accordance with the purpose of collecting data and applicable regulations. Your personal data will not be forwarded to third parties for direct marketing purposes unless you give your consent.

In certain circumstances, when relevant regulations bind us, we are legally obliged to forward your personal data. The legal obligation may arise from national or EU laws.

COOKIES

The website https://randomred.eu/ uses the so-called cookies. Cookies are small text files placed on your hard drive, which help to customise the Internet browser interface. There are several types of cookies, such as technical, analytical, marketing, etc. Our site uses only technical cookies (necessary cookies that cannot be excluded) that are necessary for the functioning of the website. Functional, analytical or marketing cookies, which you should enable by an active affirmative response, are not used by our website.

TIME PERIOD OF PERSONAL DATA STORAGE

We process your personal data until the purpose of personal data processing is achieved upon which we no longer use your personal data. They remain in our storage system as required by legal regulations on archiving.

YOUR RIGHTS

To exercise your rights listed below, you may contact us in writing or via email using our contact information provided on our website:

1. RIGHT OF ACCESS your personal data;
2. RIGHT TO CORRECT your personal data;
3. RIGHT TO DELETE your personal data;
4. RIGHT TO RESTRICT the processing of your personal data;
5. RIGHT TO OBJECT to the processing of your personal data.

1. The right of access to personal data
   
   Using a user’s written consent (e.g. via e-mail), Random Red, as the data controller, provides the user with an access to personal data processed about them, informs them about the processing purpose, types of processed data, recipients or categories of recipients to whom personal data have been or will be disclosed, estimated processing period or criteria used to determine that period.

• The right to correct inaccurate data
  
  Being the data controller, Random Red will enable the correction of inaccurate personal data in each individual case when determined that the collected personal data are inaccurate or has been changed.

• The right to delete personal data
  
  Random Red will delete the user's personal data in the following cases:
  
  a) when the user’s personal data are no longer necessary to achieve the processing purpose, i.e. termination of the processing purpose unless a special law prescribes the storage period of personal data (for example, when a special law prescribes permanent data storage);
  b) when the user withdraws one’s consent as a legal basis for data processing and there is no other legal basis for data processing;
  c) when the user objects to data processing (see more under the Right to object);
  d) when personal data have been illegally processed;
  e) where personal data must be deleted in order to meet legal obligations under the European Union law or the Member State law to which the data controller is a subject.

• The right to restrict data processing
  
  Random Red will limit personal data processing in cases when the user disputes data accuracy, processing is illegal and the user opposes to data deletion seeking to restrict their use instead, when the data controller no longer needs personal data for processing but the user requests data for meeting legal requirements as well as when the user objects to personal data processing including developing user profiles.

• The right to object
  
  The user has the right to object to the processing of one’s personal data if the data are not legally processed by the data controller. In this case, Random Red, as the data controller, will stop processing personal data.

CONTACT INFORMATION

If you have any questions regarding the processing of your personal data, you can contact us at one of the contacts available at https://randomred.eu/.

RIGHT TO COMPLAIN WITH THE COMPETENT AUTHORITY

You can file a complaint directly with the competent supervisory authority at any time, especially in an EU country where you reside, work or where the alleged breach happened if you believe that our processing of your personal data is illegal.

Direct contacts of the competent supervisory body in the Republic of Croatia are:

PERSONAL DATA PROTECTION AGENCY (AZOP)

Selska cesta 136
HR - 10 000 Zagreb
Phone: +385 1 4609 000
Fax: +385 1 4609 099
E-mail: azop@azop.hr
Web: http://www.azop.hr

IMPROVING PRIVACY POLICY

We regularly update the Privacy Policy to ensure that it is accurate and up-to-date; however, we reserve the right to change its content if we deem it necessary. You will be informed about all changes in a timely manner via our website or in another appropriate way in accordance with the principle of transparency.