Owner: Timac Agro d.o.o.
Owner’s address: Ulica Radoslava Cimermana 62b, 10000 Zagreb
Phone: + 385 1 6187 862
VAT number: 18901646767
Head of publications: Timac Agro d.o.o. – firstname.lastname@example.org
Webmaster: Timac Agro International – email@example.com
Website design: Agence Digitale R2
The data controller is Timac Agro d.o.o. with its office registered in Zagreb, Ulica Radoslava Cimermana 62b, Zagreb. The collected personal data will be controlled and processed by the Data Controller. In addition, personal data may be processed or jointly controlled by subsidiaries of the Data Controller.
This privacy notice applies to: (1) buyers of our goods and / or services and (2) representatives of our business partners, clients, customers, distributors and suppliers. This privacy notice does not apply to our headquarters and employees in the country as well as to employees of the Roullier Group, of which Timac Agro d.o.o. is a member.
The privacy notice describes the types of personal data or personal information we collect, how we use, process, secure and store it, with whom we share it, to whom we pass it, to whom we transfer it and the rights individuals can exercise regarding the use of their personal data. Also, it is specified how to contact us about our practice of privacy protection and how you can exercise your rights. Our privacy practices may vary from country to country in which we operate. To check local practices and legal requirements of other countries, please visit their local websites.
The Data We Collect
We may collect personal information about you in a variety of ways, for example through our websites and social media channels; at our events; by phone, email and fax or in our interactions with customers and suppliers.
We may collect personal information depending on the nature of the relationship, including but not limited to (as permitted by local law):
- contact information (such as name, address, email address and telephone number),
- information you provide to other legal or natural persons with whom you would like to be contacted in terms of a recommendation for cooperation, (the Controller assumes that the other person has previously authorized such communication) and
- other information you may provide us, by browsing or using contact forms on our website.
In addition, if you are a job candidate and applying for a position or submitting an open application, we may collect the following types of personal information (permitted under local law):
- history of employment and education,
- knowledge of foreign languages and other work-related skills,
- date of birth,
- citizenship and work status,
- information provided in references and
- other information from your CV, the information you provide about your business interests and your career, and other information about your employment qualifications.
In addition, if you are our buyer or business partner, for the purposes of legitimate business interests (and in accordance with local tax and financial legislation), we also collect and analyse the following types of data:
- production information (size, type of land, crop, production technology) and
- information required for signing sales contracts and other contractual obligations (legal representative, account number, OIB, details of contractual obligations, financial and tax reports, invoices and financial estimates).
How We Use the Data We Collect
The controller collects and uses data for the following purposes (as permitted by local law):
- for the purpose of managing the relationship between customers and sales representatives;
- if permitted by law and in accordance with the Notice on Advertising and Advertising of the Data Controller (which is incorporated herein by reference), sending promotional materials and other types of communication;
- when permitted by law to forward to others and manage attendance at special events, promotions, programs, offers, research, competitions and market research;
- answering questions and requests of individuals;
- managing, evaluating and improving our business (including developing, improving, analyzing and upgrading our services, managing our communications, performing data analytics and performing accounting, auditing and other internal affairs);
- fraud protection, identification and effort to prevent fraud and other illegal activities, claims and other obligations and;
- compliance with and application of applicable legal requirements, relevant industry standards, contractual obligations and our policies.
All data processing will be performed on the adequate legal bases which may include different categories, including:
- consent or explicit consent of the data owner, if required by applicable law,
- to ensure that we comply with the legal or contractual requirements or requirements required for the conclusion of the contract (e.g. processing of your personal data to enable the payment of salaries and taxes and contributions to them) and
- essential and necessary for the legitimate interest of the Data Controller.
The data controller may process personal data for certain legal business purposes, which includes some of the following:
- where the process allows us to improve, modify, personalize or otherwise improve our services / communications for the benefit of our clients and associates;
- identify and prevent fraud;
- improve the security of our site and information systems;
- to understand user interaction on our websites better;
- for the purposes of direct marketing;
- to provide you the communication that we think will be of interest to you via mail and
- to determine the effectiveness of promotional campaigns and advertisements.
Whenever we process data for these purposes, we will take your rights into account and ensure to maintain a high level of your rights. You have the right to object to such processing, and if you wish to do so please contact the person listed below. Please note that if you exercise your right to object, it may affect our ability to execute and provide services for your benefit.
How We Process and Store Personal Data
We process the personal data we collect, also by automated means, for the purposes defined above and for a specific period of time, which is in line with our internal retention policy, to ensure that personal data is not stored longer than necessary.
We maintain administrative, technical, and physical protection measures designed to protect the personal information you provide from accidental, unlawful, or unauthorized destruction, loss, alteration, access, disclosure, or use. To ensure adequate security and confidentiality of personal data, we have implemented the following security measures:
- Strong control of authentication authorization,
- strengthened network infrastructure and
- network monitoring solutions.
How Long We Keep the Data We Collect
Collected personal data are stored in our systems in a way that allows the identification of the owner of the data no longer than is necessary with respect to the purpose for which the data was collected or for which that data is further processed. We determine the time period taking into account the need to retain stored personal data in order to provide services established with the user to protect the legitimate interest of the Data Controller as described in the purpose and the existence of specific legal obligations that require processing and related storage in a certain time period.
Information We Forward
We may also disclose personal information about you (1) if it is our obligation by the law or legal process; (2) law enforcement agencies or other civil servants on the basis of a lawful request for disclosure; and (3) when we deem disclosure necessary or appropriate to prevent physical harm or financial loss, or in connection with the investigation of suspected or actual fraudulent or illegal activity. We also reserve the right to transfer personal information we hold about you in the event that we sell or transfer all or part of our business or assets (including in the event of reorganization, closure or liquidation).
When we transfer personal data from the European Union to countries or international organizations located outside European Union, the transfer is made on the basis of adequacy decisions by the European Commission, and in the absence of a decision on the adequacy of another legally permitted basis (a) legally binding and executive instrument between public organs or bodies; (b) binding corporate rules; (c) standard data protection clauses (formerly called the Model Clause) adopted by the Commission, etc.
Your rights as data owner
Where required by applicable law, the data owner may, in accordance with Article 15 to 22 of the GDPR, use the following specific rights:
a) Right of access: The data owner has the right of access to his personal data in respect of which his personal data are processed in accordance with the law.
b) Right to rectification: The data owner has the right to request the rectification of any inaccurate or incomplete information about him or her, in order to protect the accuracy of such information and adaptations for the processing of data.
c) Right to erasure: The data owner has the right to request that the Data Controller delete the information about it and no longer process that data.
d) Right to restrict processing: the data owner has the right to request that the Data Controller restrict the processing of its data.
e) Data transfer right: The data person has the right to request the transfer of data which means that the data owner may receive the initially submitted personal data in a structured and commonly used format or that the data owner may request the transfer of data to another Data Controller.
f) Right to object: The data holder who provides personal data to the Data Controller shall have the right to process data on a number of grounds at any time as set out in the GDPR, without the need to justify his or her decision.
g) Right not to be the subject of automated individual decision-making: The data owner has the right not to be the subject of a decision based solely on automatic processing, including profiling, where such profiling gives legal fact in relation to the data owner or similarly significantly affects him or her.
h) Right to file a complaint with a supervisory authority: Each data owner has the right to file a complaint with the supervisory authority, in particular in the EU Member State where he or she is resident, at the place or place of the alleged breach where the data subject considers that the processing of personal data relating to him or her is in breach of the GDPR.
Whenever the processing is based on consent, as in Article 7 of the GDPR, the data owner may withdraw his consent at any time. If you need more information about the processing of your personal data, please refer to the section How to Contact Us.
How to Contact Us
Timac Agro d.o.o.
Radoslava Cimermana 62b
10 000 Zagreb