info@zagrebdean.com         +385 1 6555 270
GLOBAL PRIVACY STATEMENT

According to the Personal Data Protection Regulation (GDPR EU 2016/679 OF THE EUROPEAN PARLIAMENT AND COUNCIL of 27 April 2016) ZAGREB-DEAN Ltd.  and associated companies ("ZAGREB-DEAN” and/or "We") are committed to protecting and respecting your privacy.

This Global Privacy Policy, together with our Terms of Use, Terms and Conditions, our Data Protection Letter (if applicable) and any other documents referred to in any of the aforementioned (together the "Policy”) describes the types of personal information we collect, how we use the information, with whom we share it, how you can exercise your rights on your personal data and the choices you can make about our use of the information.  
We also describe the measures we take to protect the security of the information and how you can cont1act us about our privacy practices. In some cases, and where applicable, we may ask you to sign a separate form of letter ("Data Protection Letter”) to indicate your explicit consent to our processing of your personal data for the purposes set out in the Policy. 
However, please note that the absence of (i) such a request, or (ii) a Data Protection Letter signed by you, is not intended to be conclusive of this issue and we shall be entitled to conclude that, by visiting us at any of our approved web sites; applications; or Portals, or using our other digital assets or agreeing to receive Services from us, you are accepting and consenting to the practices described in the Policy. Notwithstanding this, you have the right to contact us to object to, or make certain requests in relation to, the processing of your personal data (as explained further in the Your Rights section of this policy).
Our privacy practices may vary among the countries in which we operate to reflect local practices and legal requirements ("Applicable Data Protection Laws”). In most cases this will be the law of the country in which you are located.
According to Applicable Data Protection Laws, you may be entitled to know the identity of your "Data Controller” i.e. the legal entity which determines why and how your personal data is processed. This will generally be the case when are you located within the European Economic Area. 

Your relevant Data Controller may vary, depending on how you are receiving services from us. For example:
1. Corporate Clients: If you are being relocated as part of your employment, your relevant Data Controller may be your relevant employer who has engaged us to provide services to you. In such case, this Policy may not apply to you and please refer, instead, to your employer’s privacy policy or employee handbook for further information as to how your personal data may be handled. Even if this Policy does not directly apply to you, ZAGREB-DEAN, as a "Data Processor” within the meaning of Applicable Data Protection Laws, will process the personal data under the Data Controller’s sole instructions, and will take all steps necessary to preserve the security and confidentiality of the personal data, and prevent their alteration, damage, or access by unauthorized persons.
2. Direct Consumers / Individuals: If you are engaging ZAGREB-DEAN directly to provide services for you, then your relevant Data Controller is likely to be that particular ZAGREB-DEAN  entity which is providing those services to you, and this will typically be that ZAGREB-DEAN entity which is based in your current location and which processes your personal data and which is named in any relevant correspondence with you. 
3. Referred / Partners: If you normally deal with one of our business partners, but have been referred to us to receive specific services at the bequest of that business partner, then that business partner may be your relevant Data Controller. In such case, this Policy may not apply to you and please refer, instead, to that business partner’s privacy policy. Even if this Policy does not directly apply to you, ZAGREB-DEAN, as a Data Processor, will process the personal data under the Data Controller’s sole instructions, and will take all steps necessary to preserve the security and the confidentiality of the personal data, and prevent their alteration, damage, or access by unauthorized persons.

If you have any questions in regard to the above, please contact us at info@zagrebdean.com 

INFORMATION WE COLLECT FROM YOU
We may collect personal information (including personally identifiable information or, where relevant, sensitive personal data within the meaning of Applicable Data Protection Law) about you and/or your family ("Your Data”) in the following ways:
• Information you give us. This is information that you and/or your family give us by filling in forms on our websites or other digital assets or by corresponding with us by phone, email or otherwise. This includes when you use our websites or other digital assets or inquire about, or use, any of our immigration, moving, relocation and/or assignment services (the "Services”).  The information may include without limitation your and /or your family’s name, address, e-mail address, phone number or other contact details, marital status, age, occupation, role/title/area of responsibilities, financial and credit card information, personal description and photograph and other information (including as required by laws and regulations addressing insurance and related matters or as required to provide the Services).  Sensitive personal data may include, for example, data about criminal convictions, physical health and medical records, sexual orientation, racial or ethnic origin and religious beliefs for visa applications (where required to be provided under law) and information you tell us as part of your relocation preferences (for example, your preferred choice of religious schools or proximity to certain places of worship).
• Of course, you are not required to supply any of the information that we may request, notably sensitive data, although this might limit the Services we are able to offer you.  While we make every effort to ensure that Your Data is accurate, complete and up to date, you can help us considerably in this by promptly notifying us if there are any changes to Your Data (please contact us at info@zagrebdean.com). We do not collect or process any sensitive data without obtaining your prior explicit consent.
• Information we collect about you. We, our service providers and other business partners collect certain information by using automated means, such as cookies, when you interact with our advertisements, mobile applications, or visit our websites, pages or other digital assets. This information may include your IP address, browser type, operating system, the full URLs, referring URLs and information on actions taken or interaction with our digital assets. We may use third-party web analytics services on our websites and other digital assets, to help us analyse how visitors use our websites and other digital assets. We, our service providers and our business partners may also collect information about your activities on our websites and other digital assets for use in providing you with content and advertising tailored to your individual interests. The information collected for these purposes may include details about things like the particular pages or advertisements you view on our websites and the actions you take on our websites and or other digital assets. 
• Information we may receive from other sources. We are working closely with third parties (including, for example, your employer, business partners and sub-contractors (including in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies, financial institutions, financial advisers, external medical bodies, disclosure and criminal check services, police forces and courts) and may receive information about you from them). These third parties may be based outside of the EEA (see the Storage and transfer of Your Data section for more information).

COOKIE USE
A cookie is a small textual data base, which some internet servers inscribe on your PC during your visits to an internet page. A cookie does not read the data from your PC the data contained in other servers' cookies, inscribed on your disc. If you have configured your internet browser in such a way, you will be warned during each cookie inscription on your PC. You can also configure your internet browser to disable cookie inscription on your PC.

Cookies we use:
PHPSESSID – Contains session php code.
CMS_EU_COOCKIE – Contains the identification of whether you accept the use of cookies on our site.
LANG_CMS – Contains the identification of which language you use our site.

USE OF YOUR DATA
We may use Your Data in the following ways:
• to provide you and/or your family with the Services (as applicable);
• to administer, operate, facilitate and manage your and/or your family’s relationship and/or account with us, and to otherwise, including contacting you or, if applicable, your designated representative(s) by post, telephone, email etc.;
• to provide you, or permit selected third parties to provide you, with information (such as relocation research), recommendations or advice concerning our offers, promotions, products and services, including those products and services which you request from us. If you are an existing customer (and save for where this is permitted under Applicable Data Protection Laws or where you have provided your consent to further marketing) we will only contact you by electronic means (email) with information about goods and services similar to those which were the subject of a previous sale or negotiation of a sale to you. If you are a new customer, and where we permit selected third parties to use Your Data, we (or they) will contact you by electronic means only if you have consented to this, save for where this is otherwise permitted under Applicable Data Protection Laws. If you do not want us to use Your Data in this way, or to pass your details on to third parties for marketing purposes, then please indicate your preference on the form on which we collect Your Data;
• to notify you about changes to the Services;
• to operate, evaluate and improve our business (including developing new products and services, troubleshooting, data analysis, testing and research and statistical and survey purposes); managing our communications; determining the effectiveness of and optimizing our advertising; analysing our products, services, websites, mobile applications and any other digital assets; facilitating the functionality of our websites, mobile applications and any other digital assets; to ensure the content of our site is presented in the most effective manner for you and for your computer; and performing accounting, auditing, billing, reconciliation and collection activities;
• as may be required by applicable laws and regulations or requested by any relevant judicial process or governmental agency; and
• to comply with industry standards and our policies.

DISCLOSURE OF YOUR DATA
 We may share Your Data with:
• Any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006, subject to the terms of this Global Privacy Policy.
• Selected third parties including:
1. business partners, suppliers and sub-contractors for the performance of the Services (as applicable) or any other contract we enter into with them or you;
2. your employer, external medical bodies, disclosure and criminal check services, police forces and courts and relevant immigration authorities for the purpose of preparing and processing your visa application.
3. Tax Administration, Customs Control, Customs Office, Ministry of the Interior and other authorized institutions controlling import and export. Your personal information will be provided only to an official request for which your consent is not required.

We may also disclose Your Data to third parties:
In the event that we sell or buy any business or assets, in which case we may disclose Your Data to the prospective seller or buyer of such business or assets.
If ZAGREB-DEAN or substantially all of its assets are acquired by a third party, in which case Your Data may be one of the transferred assets.

As the case may be, one or more of the above may be located outside of the European Economic Area.

STORAGE AND TRANSFER OF YOUR DATA
ZAGREB-DEAN  is a global business.  To offer and perform our services, we may need to transfer your personal information among several countries.  The personal information that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA") or Switzerland, including the United States of America.  Those countries may not have the same data protection laws as the country in which you initially provided the information.  It may also be processed by staff operating outside the EEA who work for us or for one of our business partners or sub-contractors. This includes staff engaged in, among other things, providing you and/or your family with the Services (as applicable), the processing of your payment details and the provision of support services.  We will take all steps reasonably necessary to ensure that Your Data is processed and treated securely and in accordance with this Global Privacy Policy and with the Applicable Data Protection Law.
The security of Your Data is important to us.  We are committed to protecting the information we collect.  We maintain administrative, technical and physical safeguards designed to protect the personal information you provide or we collect against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use.  All information you provide to us is stored on our secure servers.  We use SSL encryption on a number of our websites from which we transfer certain personal information.
We store Your Data only for as long as it is necessary to fulfil the purpose for which it was collected, unless otherwise required or authorized by Applicable Data Protection Law.  We take measures to destroy or permanently de-identify Your Data if required by law or if Your Data is no longer required for the purpose for which we collected it. As per Croatian law the deadline for keeping your business documentation with your personal information is 10 years. Upon expiration of this deadline, your personal information will be destroyed.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our websites or other digital assets, you are responsible for keeping this password confidential.  We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect Your Data, we cannot guarantee the security of Your Data transmitted to our websites or other digital assets that are in the public domain; any transmission is at your own risk.  Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. 

YOUR RIGHTS
Under Applicable Data Protection Law, you may have certain rights regarding the personal information we maintain about you.  We also offer you certain choices about what personal information we collect from you, how we use that information, and how we communicate with you.
You can choose not to provide personal information to us.  You also may refrain from submitting information directly to us.  However, if you do not provide Your Data when requested, or if you exercise your rights you and/or your family may not be able to benefit from the Services (as applicable), and we may not be able to provide you with information about our products, services and promotions.
To the extent provided by Applicable Data Protection Law, you may withdraw any consent you previously provided to us, or object at any time to the processing of Your Data.  We will apply your preferences going forward.  In some circumstances, withdrawing your consent to our use or disclosure of Your Data will mean that you cannot take advantage of certain Services.
In addition you may have the right to: obtain confirmation that we hold personal information about you, request access to and receive information about the personal information we maintain about you, receive copies of the personal information we maintain about you, update and correct inaccuracies in your personal information, object to the processing of your personal information, and have the information blocked, anonymized or deleted, as appropriate. The right to access personal information may be limited in some circumstances by local law requirements including Applicable Data Protection Law.  To exercise these rights, please contact info@zagrebdean.com
You have the right to ask us not to process Your Data for marketing purposes.  We will inform you (before collecting Your Data) and obtain your prior consent where required by the Applicable Data Protection Law if we intend to use Your Data for such purposes or if we intend to disclose Your Data to any third party for such purposes.  You can exercise your right to prevent such processing by advising us of your preferences before we collect Your Data, including on the form that is used to collect Your Data.  You can also exercise the right at any time by contacting us at info@zagrebdean.com.

The rights above are likely to apply to you if you are based in Europe.

Our websites or other digital assets may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates.  If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies.  Please check these policies before you submit any personal data to these websites.
If you provide us with any information or material relating to another individual, you should make sure that the sharing with us and our further use as described to you from time to time is in line with applicable laws, so for example you should duly inform that individual on the processing of her/his personal data and obtain her/his consent, as may be necessary under Applicable Data Protection Laws.

ACCESS TO INFORMATION
Applicable Data Protection Law may give you the right to access information held about you. This will usually be the case where you are based in Europe.  Any access request may be subject to a fee, where permitted under Applicable Data Protection Law.  Any request should be made in writing, and the best way for you to do so is to contact us at the address stated below.  As we must be able to identify the person making the request, and because a fee may be due, we request that you confirm any request made by you via different means by contacting us at the address stated below. 
Due to technological constraints and/or information security considerations, it may be inappropriate to use social media to supply information in response to any request by you for access to information, and so please provide an alternative delivery address for our response. We may reject requests where we are entitled to do so under Applicable Data Protection Laws, which may include where the request is manifestly unreasonable, in particular due to its repetitive or systematic nature, require disproportionate effort and/or risks the privacy or confidentiality of others.

DATA SECURITY AND INTEGRITY
The security, integrity and confidentiality of Your Data is very important to us. We have implemented controls to protect Your Data from unauthorised access, modification, disclosure and misuse.  We encrypt our data in transit and constantly review new technologies to protect Your Data.  Please bear in mind that despite our best efforts to safe guard Your Data, no security measures are perfect or impenetrable.

CHANGES TO OUR GLOBAL PRIVACY POLICY
Any changes we make to our Global Privacy Policy in the future will be posted on this page and, where appropriate, notified to you by e-mail.  Please check back frequently to see any updates or changes to our Global Privacy Policy.

HOW TO CONTACT US 
If you have any questions or comments about this Global Privacy Policy, our privacy practices or if you would like us to update information or preferences you provided to us, please e-mail us at: info@zagrebdean.com write to us at:

ZAGREB-DEAN d.o.o.
XIV PODBREŽJE 19
HR-10 020 Zagreb