Storm Computers Storm Computers

Privacy Policy

1. Introduction

STORM Computers d.o.o., Savica I 127, VAT No.: HR20142998436  (hereinafter referred to as STORM Computers), as the controller, processes and protects personal data concerning the users of its services and visitors of www.storm.hr, www.shop.franck.eu and the related microsites in accordance with the regulations applicable to personal data protection.

Provided below please find information about the treatment of personal data collected from users of the website, consumers, job applicants, contractors, competitions and other similar activities, which we collect through this website or otherwise.

 

2. Newsletter

Access to our website is free and requires no registration. If you would like to receive a newsletter about our offerings, new contents of our website or competitions, you can simply select to register your e-mail address using the relevant form and become duly subscribed. An e-mail confirmation of user’s subscription to the newsletter will be sent to the e-mail address registered by the data subject before the newsletter is sent for the first time, for double authentication purposes. Such confirmation is used to demonstrate whether or not the e-mail owner, being a data subject, agrees to receive the newsletter. The personal data collected as part of subscribing to the newsletter will only be used for the purposes of distributing our newsletter.

To manage newsletter subscriptions and distribution, STORM Computers uses the Mailchimp platform. The Mailchimp registers instances of newsletter opening and link clicks to offer statistical information on which contents are interesting to newsletter subscribers.

You can opt out of the newsletter at any time by selecting the option of withdrawing your consent within the newsletter received. If you withdraw your consent, this shall not affect the lawfulness of the processing completed prior to such withdrawal. Receiving of the newsletter is voluntary and the data subject shall not be responsible for any adverse consequences if he denies or withdraws his consent.

In case you withdraw your consent, you will no longer receive our newsletter and the canceled e-mail addresses will remain on our unsubscribe list for up to 5 years following the opt-out date to demonstrate STORM Computers compliance with the obligations imposed on it under the applicable law.

 

3. Queries and complaints

Our website contains forms and information that will allow you to quickly and directly contact us at storm@storm.hr.

If a user contacts the controller or processor by e-mail or using a contact form, the personal data submitted by him will be automatically stored and processed exclusively for the purpose of providing the requested information. The legal ground for data processing is a legal obligation because STORM Computers is required to communicate with its consumers and respond to complaints and instructions in accordance with the applicable law. In case you refuse to provide your information, we will not be able to handle your complaint or query.

The personal data necessary to resolve a complaint shall be retained for up to 5 years following their receipt date, in compliance with the regulations applicable to consumer rights.

 

4. Open job applications

STORM Computers receives open job applications through its e-mail address specified on the website. For this purpose, the processing involves the personal data of a job applicant which he voluntarily specified in the application and CV (full name, date of birth, contact particulars, prior work experience, professional qualifications, education degree, photograph).

Such open applications are received by an employee of the Human Resources Department who saves them in the relevant folders within the information system. Only authorized persons and processors authorized by STORM Computers for providing IT support are allowed access to open job applications.

The data you send us through open job applications are processed based on legitimate interest and solely for the purpose of recruiting new employees, and are retained for 12 months.

 

5. Job vacancies

In the course of the recruitment process, the job description is defined and a job vacancy is published. Depending on the job description, job vacancies are advertised through different facilities.

STORM Computers receives job applications and, for this purpose, the processing involves the personal data of a job applicant which he voluntarily specified in the application and CV (full name, date of birth, contact particulars, prior work experience, professional qualifications, education degree, photograph). Depending on the job description, STORM Computers also conducts professional and psychological tests and interviews for the purpose of selecting job applicants.  

Such data are retained until the job vacancy is finalized, but no more than one year following the finalization date of the job vacancy, provided that if a candidate’s data are desired to be retained for another job vacancy, consent must be obtained from such candidate. Participation in job vacancies is voluntary and candidates’ data are processed as activities preceding the execution of an employment contract.

If a candidate gives his consent to the retention of his data after the job vacancy is completed, such data may be retained for up to 2 years. If a candidate voluntarily provides his data for future job vacancies, he may at any time withdraw his consent without suffering any adverse consequences. Such withdrawal of consent does not affect the lawfulness of the processing completed up to the time of such withdrawal.

Only authorized persons are allowed access to data concerning job applicants. Psychological tests are conducted by a person duly licensed to conduct psychological tests and the interview with the psychologist and psychological tests are conducted in accordance with the applicable law.

 

6. Data tracking – Cookies and web analytics

STORM Computers stores “cookies” in your computer, which contain information about the user and are used to save user’s time while using STORM Computers’s website and for the purpose of tracking and directing user’s interests and providing services adapted to each user.

Many cookies contain the so-called cookie ID. Such cookie ID is a unique identifier of the cookie. It comprises a series of characters whereby websites and servers may be assigned to a specific web browser in which the cookie is stored.

By using cookies, STORM Computers is able to provide users of its website with a user-friendly experience that would not be possible to achieve without using cookies. Once the user accesses the website, the cookie is stored in the user’s computer system.

Necessary cookies are stored for the purpose of providing a service at user’s request, whereas the storage of any unnecessary cookies (e.g. cookies for advertising and analytics or functional cookies) requires data subject’s consent which may be given using the cookie management window.

The user may at any time disable cookies on our website by selecting the relevant setting of the web browser being used, and may thus permanently disable cookies. Furthermore, enabled cookies may be erased at any time using the web browser or other software. If the user disables cookies in the web browser used, all functions on our website may not be fully available.

STORM Computers uses cookies to track website traffic and obtain the necessary website performance information and in this process also uses the services of a third party named Google Analytics. STORM Computers also uses cookies to advertise STORM Computers products both on the website and on display networks, and third parties (including Google) display STORM Computers’s advertisements in cooperation with STORM Computers on websites across the internet. Please note that you can disable Google Analytics for advertising on the display network and adjust ads for Google Display Network using the Ad Settings Manager tool (http://www.google.com/settings/ads).

STORM Computers collects information that does not identify a specific end user, including the URL (Uniform Resource Locator) of the page visited by the user after leaving STORM Computers’s website, the type of browser used by the user, and user’s IP address (Internet Protocol Address). Authorized service providers and advertisers may automatically collect such information when you visit STORM Computers’s website or by using cookies or other tools. STORM Computers only uses such information for problem solving, to administer its website, to analyze trends, to collect demographic information, to analyze its compliance, or in cooperation with the relevant law enforcement authorities.

 

7. Social networks

STORM Computers uses social networks and channels to process data concerning persons following the published content, liking our posts and leaving their comments. STORM Computers collects data about its social network contacts for the purpose of sending promotions to specific target groups (anonymized information including gender, age, etc.). STORM Computers uses Meta Business Tools and LinkedIn Marketing Solutions. The information we send is information concerning your social network activities collected based on clicks and cookies, including but not limited to: information about your devices, the advertisements viewed by you or how you use the services (e.g. whether or not you have a Facebook account, whether or not you are logged in, etc.). In relation to personal data processing for such marketing purposes, such social networks are considered to be joint controllers with STORM Computers. For further information about personal data processing by such social networks, please read the Privacy Policy – MetaLinkedin.

 

8. Business cooperation

STORM Computers processes personal data of its business partners and personal data provided to STORM Computers by its business partners, which are necessary for the uninterrupted conduct of daily business, invoicing and performance of legal and contractual obligations (e.g. directors’ and contact persons’ names, IBAN, PIN).

STORM Computers processes data for the purpose of undertaking its commercial activities, selecting contractors and entering into and performing contracts. Data will be processed for the purpose of performing legally defined obligations (including tax and accounting obligations, obligations arising from public tendering or occupational safety regulations, for supplier qualification purposes), for contract administration, for receiving goods and/or services, for the conduct of judicial proceedings, for internal audit purposes (security, productivity, product quality, preservation of financial integrity), for management control purposes, and for certification purposes. The processing of data for such purposes requires no consent from the data subject because the legal ground for such personal data processing is a contractual obligation/pre-contractual measures. Such collection of data is required because otherwise STORM Computers will not be able to enter into contract or duly perform its relevant obligations.

 

9. Recording or photographing of events

Subject to legitimate interest, we record and photograph public events we organize or participate in as a sponsor. For such purpose, we publish on our website and social networks photographs and recordings of people participating in such events.

No consent is required for this purpose because such photographing and recording does not override data subjects’ rights and freedoms, for example, if no publicly exposed person is involved, if a person is photographed merged in a group of other people, and certain photographs may be blurred or trimmed to achieve a balance between our legitimate interest in promoting our events and data subjects’ rights.

 

10. Data export

STORM Computers forwards personal data to its processors. STORM Computers conducts investigations in the process of selecting its processors and checks that they use adequate controls to protect personal data. STORM Computers enters into a processing contract with each processor. Data are exported from the EU based on the Privacy Shield mechanism or, if necessary, after entering into the standard data protection clauses.

Such personal data may, subject to the purposes specified above, be disclosed to:

  • entities that need them to fulfill an order, deliver a parcel, send mail and e-mail, analyze data, process payments, or provide customer services, being our consultants;
  • processors providing or maintaining IT solutions;
  • law enforcement authorities and other public authorities if required by the applicable law or in good faith (e.g. to inform them of our compliance with the relevant legislation, to protect and defend our rights or property; or to have them act to protect service users’ personal safety in an emergency).

 

11. Personal data protection measures

STORM Computers implements appropriate technical and security measures for the purpose of ensuring the security and confidentiality of personal data and to prevent any unauthorized access to or unauthorized use of personal data or any technical equipment used by STORM Computers. In case of a security incident, which is considered to be a personal data breach under the General Data Protection Regulation, STORM Computers will conduct a risk assessment and, based on its results, take the necessary actions and notify the supervisory authority and data subjects.

To be able to take the necessary technical and integral data protection measures in our business, we:

  • ensure, based on advice from our data protection officer, that only the personal data necessary for each purpose are processed according to the relevant settings;
  • check whether or not the processing may represent high risk to data subjects’ rights and freedoms and, if necessary, conduct a data impact assessment;
  • control the export of data from the EU to be able to adopt the appropriate security measures;
  • verify processor’s technical and organizational measures; and
  • analyze the risk of personal data breach and act in compliance with the General Data Protection Regulation (notification of the supervisory authority and data subjects).

 

12. Data subject’s rights

The data subject may at any time request from us information about the processing of his personal data and may, subject to the applicable law, request to exercise the following rights:

  • right of access to personal data;
  • right to rectification or supplementation of personal data;
  • right to data erasure;
  • right to restriction of personal data processing, for example, if the accuracy of the personal data is challenged and verification is necessary;
  • right to withdraw consent to data processing;
  • right to object to the processing of his personal data; and
  • right to lodge a complaint with the Personal Data Protection Agency at azop.hr.

 

13. Applicable law and transfer of assets

All matters concerning this Privacy Policy shall be governed by the law of the Republic of Croatia. In the course of our business, we may sell or purchase certain assets. If another company acquires STORM Computers or part of our assets, the personal data collected by us may be transferred to such company.

 

14. Severability

If any provision of this Privacy Policy is held or declared invalid, illegal or unenforceable, such provision shall not apply to the extent it is invalid or unenforceable, whereas the remaining provisions shall continue in full force and effect.

 

15. Modifications and updates of this Privacy Policy

STORM Computers reserves the right to modify or update this Privacy Policy at any time without prior notice. Please check for any modifications or updates of our Privacy Policy from time to time on the website, where the updated effective date of this Privacy Policy will appear.