Privacy Policy

RADIO DEEJAY d.o.o., 10360 Sesvete, Vicka Gecana 5 (owner of the website deejay.hr, hereinafter referred to as “Web”) as the Data Controller, hereinafter referred to as (“We”) in accordance with the principle of transparency and the provisions of the General Data Protection Regulation (GDPR) on February 20, 2024, adopts the following:

DATA PROTECTION POLICY

Dear visitor,

Since our goal is to ensure that you can surf our Web as safely and carefree as possible, we have paid special attention to the protection of your personal data. The purpose of this Privacy Policy is to explain to you in the clearest and simplest way possible which personal data we collect, how long we collect them for, why we collect them, who has access to your personal data, what rights you have and how you can use them. You will be timely informed about possible amendments and supplements to the Policy, including through publication on the Web.

**What is personal data?**

If you are interested in the exact legal definition of personal data, click on “Who wants to know more”. Simply put, personal data includes information such as your email address/home address/mobile phone number/name, surname, etc. Personal data can also include numerical identifiers such as the IP address of a computer, the MAC address of a mobile phone, or cookies, provided that you can be identified based on these data.

**How and why do we collect personal data? How do we collect personal data?:**

Directly from you; when you sign up for our newsletter, when you buy from us, when you participate in a contest, when you contact us via email or social media.
Automatically – when you surf our Web, we automatically collect the following data:
- Geolocation only if you have enabled it,
- Information about the device you are using (model, device identifier, mobile network, etc.),
- Usage service records that may contain IP addresses, time and duration of access, type of browser, how you access the Web, pages viewed or functionalities used in the mobile application, errors during use, etc.
From third parties – through social media platforms

Important! Our website is not intended for persons under the age of 16. We advise all parents and guardians to teach children how to handle personal data on the internet safely and responsibly.

**And why do we use your personal data?**

**For the purpose of communicating with you –** If you send us an email or a message via social networks, we collect your personal data: name and surname, email address or the name of your social network account, the content of your inquiry. Personal data will only be used to respond to your inquiry or to provide information or an answer regarding what you have shown interest in. The legal basis for processing personal data is our legitimate interest.

**Direct marketing (via newsletter) –** Interested in news, promotions, and offers from our Web? In that case, you can sign up for the newsletter, and then we process your personal data (name and surname, email address) to be able to regularly send them to you via email. The legal basis for processing personal data in this case is your consent. When you get bored of us, you can freely withdraw the given consent and unsubscribe from the marketing mailing list through the link available in every email marketing message.

**Contests –** We often tend to be generous, so we organize contests (giveaway). To be able to participate in the contest, we will ask you for certain personal data, which includes name and surname, address, phone number (if you win a prize, so we know where to send it), and your creative work/photo/answer you sent to participate in the contest. Providing personal data is voluntary, but if you refuse to provide them, your application for the contest will be considered invalid. Details on the processing of personal data in the case of organizing a contest will be specified in the special contest rules that we will publish on the Web.

**Maintenance and security of the Website –** To make our Web as safe for surfing as possible, we use a third-party program (firewall), which checks if the page functions as it should and protects against malicious software. For this purpose, data collected automatically (IP address, log.) are processed based on our legitimate interest.

**Processing orders and delivery of purchased products –** We also collect your data when purchasing products from our assortment via the Webshop. Data marked with an asterisk (*) are data that are necessary to complete your purchase, and in case of refusal to provide them, we will not be able to fulfill your order. Personal data are used for the purpose of processing your order and delivering the purchased product to the indicated address. The legal basis for processing personal data in this case is the fulfillment of the contract (sales contract) in which you are a contractual party. We emphasize that we do not store bank card data when you

buy through the webshop and payment is made through the CorvusPay payment gateway. Keep in mind that the CorvusPay payment gateway has its privacy rules, and we are not responsible or liable for them.

**Complaints –** Not satisfied with the purchased product? In that case, you have the right to file a complaint, and it is our legal duty to inform you about the right to file a complaint and respond to it. Personal data contained in your written complaint (for example, name and surname, address, data about the purchased product, date of purchase, description of the defect) will be processed for the purpose of resolving the submitted complaint (claim). The legal basis is our legal obligation as a trader to respond to you as a consumer on the submitted complaint.

**Exchange/return of purchased product –** Don’t like what you bought? We collect your data (name and surname, product data, date of purchase, payment method) when you have the right to return or exchange the product, to be able to exchange the purchased product.

**Development and improvement of our services and products –** Our goal is to be as good as possible and learn from our customers. When you buy a product from us or contact us, we may send you an email to rate the purchased product or communication with us. Our legitimate interest is to improve our business and actively work on the development of our sales assortment.

**Fulfilling our legal obligations –** We are obliged to process some personal data to fulfill legal obligations prescribed by applicable laws (For example, the Consumer Protection Act, tax and accounting regulations, etc.).

**User Account –** To make a purchase on our Web, you need to register and open a user account. When opening a user account, we will ask you for: name and surname, address, city, county, postal code, phone number, email address, company name. Data marked with an asterisk (*) are data that are necessary to open a user account. You are not obliged to give us the mentioned data, but in case of refusal, we will not be able to open a user account. The data will be processed for the purpose of opening and managing the user account and executing the purchase.

**Cookies**

**What are cookies?**

Cookies are small text files that can be stored on your computer, tablet, or mobile device, used by your web browser. Information collected by cookies and similar technologies may include data about your web login, login details, location, IP address, information about the browser, information about the device, duration of the visit, ads you browse, pages you visited, etc. Most of the cookies we use are so-called “session cookies” that are deleted when a particular browser session ends. There are some persistent cookies with which we can recognize you as a visitor.

**Don’t want cookies?**

Cookies can be disabled in the web browser settings.

(links for individual browsers can be found below in the text)
https://support.google.com/accounts/answer/61416
https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy
https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies

**A brief about our cookies**

Our Web uses cookies (hereinafter referred to as Cookies) to:
– Ensure the proper functioning and functionality of our Web (Necessary cookies)
– Improve your user experience (Functional cookies).
– Third-party cookies for remarketing advertising, advertising based on your interests (Marketing cookies)
– Cookies for analysis and website visit statistics (Google Analytics, Facebook pixel, Gemius SA cookies, and necessary analytical cookies), to enable certain technical features such as analytics and thus ensure a positive user experience, and improve the quality and content of offered services.
**Learn more about cookies and the various types in the Cookie policy**
– **Links to other websites and social networks**
Our Web contains links to other websites and to Web user accounts on the social networks Instagram and Facebook. If you visit other websites through the links contained on the Web, keep in mind that these websites have their privacy policies, and we recommend that you familiarize yourself with them.

In case you communicate with us through social networks, for example, share our posts on social networks, the social network server will register the visit to our Web and store certain data and use them

for further purposes. We have no influence on the scope of the use of personal data by the social network server. We recommend that you familiarize yourself with the privacy policies of FB and Instagram.

**Who do we share personal data with?**

Depending on the purpose for which they are collected, we may share your data with third parties who help us provide digital services, maintain the Web, Advertising Agencies, marketing, digital advertising, and advertising on social networks, third parties necessary for delivering the prize

**Security and storage of personal data**

We store personal data within the European Economic Area, only as long as necessary for the purpose for which they were collected except where we are subject to a legal obligation to keep personal data or in other justified cases. Personal data in digital form are stored in our IT systems and on servers of reliable partners whose location is in Germany. We take all necessary organizational and technical measures to ensure that personal data are secure and protected from loss, destruction, alteration, forgery, manipulation, and/or unauthorized access. We commit to inform you and/or the competent authority if there is a breach of your personal data. We take measures to ensure that the data we collect and process are in accordance with the provisions of these Rules and legal requirements. If we share personal data with third parties, we use appropriate legal and technical mechanisms to protect personal data from breach.

**Your rights**

**Right to withdraw given consent**

When the processing of personal data is based on your consent, you have the right to withdraw your consent at any time. Withdrawal of consent does not affect the legality of the processing based on consent before its withdrawal. Consent for sending newsletters can be withdrawn by clicking on unsubscribe, consent for given cookies is located in the Cookie settings.

**Right to access personal data**

You can ask us what personal data we collect, for what purposes, about the expected period in which the data will be stored or about the criteria used to determine that period, the existence of automated decision-making.

**Right to correction of inaccurate or incomplete data and the right to deletion**

Accuracy is important to us. Therefore, if your data are inaccurate and/or outdated, you have the right to request us to correct the data. In certain cases, you have the right to request the deletion of your data, i.e., the so-called right to be forgotten. We note that the right to be forgotten is not an absolute right, and in certain cases, we have the right to refuse your request.

**Right to object to processing based on our legitimate interests**

You can object to the processing of data at any time when the processing of data is based on legitimate interests. After the objection is lodged, we may no longer process personal data unless we prove that there are compelling legitimate reasons for processing that override your interests, rights, and freedoms, or if the data are processed for the establishment, exercise, or defense of legal claims.

**Right to information and data portability**

We are obliged to process personal data transparently and clearly, and you have the right to receive easily understandable information on how we use your personal data. For this purpose, we have published these Rules, to explain why they are processed in the simplest way possible.

**Right to lodge a complaint with the competent authority**

If you believe that we have violated your personal data and you do not want to resolve the problem first with us, you have the right to lodge a complaint with the supervisory authority, i.e., the Personal Data Protection Agency.

**Right to restriction**

The processing of personal data can be restricted if A/ the accuracy of personal data is contested for a period that allows the Controller to verify the accuracy of personal data, B/ if we no longer need personal data, but you require them for the establishment, exercise, or defense of legal rights, C/ if you have objected to processing based on legitimate interests, in the period in which it is expected to confirm whether the legitimate interests of the controller override your rights, and D/ If the processing is unlawful, but you oppose the deletion of the data and request a restriction instead.

**How to exercise your rights**

You can exercise your rights by submitting a request via this email address info@deejay.hr or to the company address: Vicka Gecana 5, 10360 Zagreb with the note “Personal Data Protection”. To process your request, we have the right to request verification of your identity.