Privacy policy
1. Introduction
This Privacy Policy explains how CRIMSON, with its registered office in Zagreb (hereinafter referred to as the “Data Controller”), collects, uses, processes, and protects the personal data of users of the website https://crimson.hr/.
We respect your privacy and are committed to protecting your personal data in accordance with:
- the General Data Protection Regulation (GDPR)
- the Act on the Implementation of the General Data Protection Regulation (Official Gazette No. 42/2018)
- other applicable regulations of the Republic of Croatia
2. Definitions
- Personal Data: any information relating to an identified or identifiable individual
- Processing: any operation performed on personal data (such as collection, storage, use, etc.)
- Data Subject: any natural person whose personal data is being processed
- Data Controller: the entity that determines the purposes and means of processing personal data
3. Types of Data We Collect
3.1 Data You Provide Directly
- First and last name
- Email address
- Phone number
- Company name (if applicable)
- Any other information you provide via the contact form
3.2 Data Collected Automatically
- IP address
- Browser and device information
- Time of access and duration of visit
- Pages visited
3.3 Data Collected via Cookies
Details on the use of cookies are described in a separate section of this document.
4. Purposes and Legal Bases for Processing
We process your personal data for the following purposes:
| Purpose | Legal Basis |
|---|---|
| Responding to inquiries | Consent / Legitimate interest |
| Performance of services or contract | Contractual obligation |
| Sending newsletters | Consent |
| Analytics and website improvement | Legitimate interest |
| Compliance with legal obligations | Legal obligation |
5. Use of Cookies
Our website uses cookies for the following purposes:
- Ensuring the technical functionality of the website
- Usage analysis (e.g., Google Analytics)
- Marketing purposes
Types of Cookies:
- Essential cookies – necessary for the operation of the website
- Analytics cookies – used for statistical analysis
- Marketing cookies – used for personalized advertising
Users can manage or disable cookies at any time through their browser settings.
6. Sharing of Personal Data
We may share your personal data with:
- Hosting providers (e.g., servers and cloud services)
- IT partners responsible for website maintenance
- Accounting and legal advisors
- Competent public authorities (where legally required)
All data processors are bound by confidentiality and are required to ensure the protection of personal data.
7. Data Retention Period
We retain personal data:
- For as long as necessary to fulfill the purpose of processing
- Until consent is withdrawn (where processing is based on consent)
- In accordance with legal retention periods (e.g., accounting data for up to 11 years)
8. Your Rights
In accordance with the GDPR, you have the following rights:
- Right of access to your personal data
- Right to rectification
- Right to erasure (“right to be forgotten”)
- Right to restriction of processing
- Right to data portability
- Right to object
You also have the right to lodge a complaint with the supervisory authority:
Personal Data Protection Agency (AZOP)
9. Data Security
We apply appropriate technical and organizational measures, including:
- SSL encryption
- Access control to data
- Regular system updates
For any questions or requests regarding the protection of personal data, please contact:
CRIMSON
Zagreb
info@crimson.hr
Let's talk
Have a question or ready to get started? We’re here to help every step of the way.
