Privacy police
Fit Invest d.o.o. with its registered office in Zagreb, Croatia, Josipa Marohnića 3, 10000, entered into the register of Commercial Court in Zagreb, MBS 030282383, OIB 36598567890
PERSONAL DATA PROCESSING PRINCIPLES INFORMATION FOR CLIENTS AND BUSINESS PARTNERS
(Privacy Policy)
INTRODUCTORY INFORMATION
Dear clients, business partners and visitors,
these principles inform you on how Fit Invest d.o.o. (hereinafter: „the Company“) collects, processes, uses and transmits your personal data (hereinafter: “personal data processing”).
Personal data mean information relating to a certain person who can be identified based on this information or in connection with other information.
The most common examples of personal data processed by the Company within its everyday business activity are identification data of clients and business partners (natural persons) or representatives, employees, coworkers or members of statutory bodies of business partners (legal persons), information on your membership or a concluded contract, contact details (in particular residence address, e-mail address and phone number) and also records of visitors of Company premises.
CONTENT
- Who is the controller of your personal data?
- What personal data about you and for what purpose does the Company process?
- What sources does the Company use to obtain your personal data?
- Does the Company share your personal data with other persons?
- Does the Company transmit personal data to countries outside EEA?
- How are your personal data secured?
- How long will the Company store your personal data?
- What are your rights connected to personal data processing?
- What are cookies?
- Inquiries and contacts
- Amendments to the Privacy policy
WHO IS THE CONTROLLER OF YOUR PERSONAL DATA?
The controller of your personal data is Fit Invest d.o.o. with its registered office in Zagreb, Croatia, Josipa Marohnića 3, 10000, entered into the register of Commercial Court in Zagreb, MBS 030282383, OIB 36598567890.
The Company defines in what manner and for what purpose your personal data will be processed. You can find the Company´s contact details in the chapter “Inquiries and Contacts” below.
The Company and other companies owned by it, i.e.:
H.O.L.S. d.o.o. with its registered office in Zagreb, Croatia, Josipa Marohnića 3 are collectively designated herein as “Fit Invest Group” acting under single Fit Invest brand.
WHAT PERSONAL DATA ABOUT YOU AND FOR WHAT PURPOSE DOES THE COMPANY PROCESS?
In the below table you will find what personal data, for what reason and for what purpose the Company processes in relation to clients, business partners and visitors.
a) Clients
| Personal data (Categories and examples) | Purpose of processing | Legal ground for processing |
| Basic identification and contact data: name and surname,date of birth,e-mail, phone number,address | Conclusion and performance of contract and related communication,fulfillment of legal obligations,records and enforcement of eventual claims. | Conclusion and performance of contract,legitimate interest of Company in enforcing claims. |
| Data relating to contract with client: membership type,membership duration,financial and invoicing terms. | Performance of relevant contract,fulfillment of legal obligations. | Conclusion and performance of contract. |
| Photography | Using photography for entry card | Relevant person´s consent. |
| Security data: camera system records,access system records. | Protection of Company property, clients and other persons,protection against thefts and other criminal activity,escape route check. | Legitimate interest of Company in providing entry check and protection of Company property, clients and other persons. |
| Data for marketing purposes name and surname,e-mail, telephone number, address,information on current membership,entitlements to discounts and benefits. | Promotion and support for sale and Company services,Sending information on new services and products or other marketing/commercial messages. | relevant person´s consent with receiving commercial messages and with processing for marketing purposes,legitimate interest in addressing clients via direct marketing and sending commercial messages. |
| Data about visits on our website: IP addresses or cookies. | Records of visitors and improvements to our services and for statistical and analytical purposes. More information in „What are cookies?“ chapter below. | Legitimate interest of Company concerning information on visits on our website,consent with such processing if required. |
| Personal data (Categories and examples) | Purpose of processing | Legal ground for processing |
| Basic identification and contact data: name and surname,position, company,e-mail, telephone number,address,payment and delivery data. | Conclusion and performance of contract and related communication,records and enforcement of eventual claims. | Conclusion and performance of contract,legitimate interest of Company in enforcing claims |
| Data for marketing purposes name and surname,position, companye-mail, phone number,entitlements to discounts and benefits. | Promotion and support for sale and Company services,sending information on new services and products or other marketing/commercial messages. | relevant person´s consent (even with giving business card) or granted consent with receiving commercial messages and processing for marketing purposes,legitimate interest in addressing clients via direct marketing and sending commercial messages. |
c) Company visitors
| Personal data (Categories and examples) | Purpose of processing | Legal ground for processing |
| Image of persons in the scope of CCTV operationsrecords of visitors. | Protection of Company property, employees and other persons,protection against thefts and other criminal activity,checking persons staying in Company premises. | Legitimate interest of Company in providing entry check and protection of Company property, employees and other persons. |
WHAT SOURCES DOES THE COMPANY USE TO OBTAIN YOUR PERSONAL DATA?
The Company obtains personal data which are subsequently processed directly from its clients or from business partners or from visitors staying in Company premises.
DOES THE COMPANY SHARE YOUR PERSONAL DATA WITH OTHER PERSONS?
a) External service providers
In order to be able to fulfill their duties the Company provides certain personal data of clients, business partners and/or visitors to the external service providers, which include bookkeeping, accounting, legal advisory, claims administration, marketing, promotion and IT.
External service providers are cleared by the Company and they provide sufficient guarantees regarding privacy and protection of personal data of clients, business partners and/or visitors.
b) Fit Invest Group companies
The Company may share personal data within the Fit Invest Group companies. Each time the Company needs to share your personal data, it will do so only in minimal scope, when it is necessary and it will share them only with selected employees from the Fit Invest Group.
The Fit Invest Group adopts suitable measures to ensure that these selected employees shall be bound by the obligation to maintain these personal data in confidentiality.
b) Disclosure of personal data to third parties
The Company may share personal data with third parties when it is necessary and has a legal basis to do so.
Moreover, in accordance with legal regulations concerning personal data protection, under certain circumstances the Company is obliged to share personal data of clients, business partners and/or visitors with third parties which are not the mentioned external service providers or members of the Fit Invest Group.
These third parties include in particular:
- administrative and similar bodies (financial authorities),
- financial institutions (banks, insurance companies),
- police, prosecution office,
- external advisors.
DOES THE COMPANY TRANSMIT PERSONAL DATA TO COUNTRIES OUTSIDE EEA?
The Company may transmit your personal data outside the European Economic Area only if it has legal basis for making such data a transfer.
HOW ARE YOUR PERSONAL DATA SECURED?
In order to ensure confidentiality, integrity and availability of your personal data, the Company uses modern IT security systems. The Company maintains suitable technical and organizational security measures against illegal or unauthorized personal data processing and against accidental loss or damage of personal data.
The access to your personal data is provided only to persons who need them to fulfill their work duties and they are bound by legal or contractual confidentiality obligation.
HOW LONG WILL THE COMPANY STORE YOUR PERSONAL DATA?
The Company stores your personal data only for the period for which it needs them for the purpose for which they have been collected, eventually for the protection of Company´s legitimate interests or for the period for which consent with processing has been granted.
In relation to Clients:
The Company stores your personal data for the duration of the contract concluded with you and after its execution for the purposes of recording and enforcement of claims, fulfilling obligations arising from legal provisions, in particular tax and accounting, statistical and archiving for a maximum period of 11 years.
If any of that data is used as the evidence in court, administrative, arbitration or other equivalent procedure data are processed until the final completion of that procedure.
In the case of processing your data based on consent the Company will process them until the consent is withdrawn or until you object to the processing.
In relation to Business partners:
The Company stores your personal data for the duration of the contract concluded with you and after its execution for the purposes of recording and enforcement of claims, fulfilling obligations arising from legal provisions, in particular tax and accounting, statistical and archiving for a maximum period of 11 years.
If any of that data is used as the evidence in court, administrative, arbitration or other equivalent procedure data are processed until the final completion of that procedure.
In the case of processing your data based on consent the Company will process them until the consent is withdrawn or until you object to the processing.
In relation to Company visitors:
The Company stores your data recorded by CCTV no longer than 6 months.
WHAT ARE YOUR RIGHTS CONNECTED TO PERSONAL DATA PROCESSING?
You can assert any of the below listed rights under the set conditions. These rights are given to you by legal regulations concerning personal data protection, in particular by the General Data Protection Regulation (GDPR):
- the right to clear, transparent and comprehensible information on how your personal data are used and what your rights are;
- the right to recall the granted consent with personal data processing at any time and free of charge, either by mail, e-mail or in person at our address listed below;
- the right to access to personal data and provision of additional information related to their processing by the Company, or processors;
- the right to rectification of incorrect or incomplete personal data;
- the right to deletion of personal data, in particular if (i) they are no longer necessary for further processing; (ii) the consent with their processing has been recalled; (iii) the data subject justifiably objected against the processing, (iv) they were processed unlawfully; or (v) they must be deleted under legal regulations;
- the right to restrict processing of personal data, if (i) the data subject contests the accuracy of personal data, for the period until the Company verifies their accuracy; (ii) the processing is unlawful; (iii) the Company no longer needs them but the personal data are needed by the data subject for the purposes of asserting his legal claims and (iv) the data subject objects against personal data processing, until the Company verifies whether its legitimate interests prevail over data subject´s interests;
- the right to lodge objections against personal data processing if the data are processed for the purposes of Company´s legitimate interests. If you lodge an objection against further processing for direct marketing purposes, your personal data will no longer be processed for these purposes;
- the right to obtain his personal data and transfer them to other controller while adhering to legal conditions;
- the right to file a complaint to Croatian Data Protection Authority, Selska cesta 136, 10000 Zagreb , if you believe the Company is violating the obligations resulting from legal regulations for personal data protection.
We will react to your requests for assertion of rights within the statutory period, usually at the latest within 1 month following delivery of your request. If our reaction requires longer time in exceptional cases, we will inform you.
WHAT ARE COOKIES?
Cookies are small data files necessary for correct functioning of pages and we therefore place them in your computer just as the majority of websites. Cookies are text files that websites place in your computer or mobile device when you start using a website. For a certain period, the websites can remember actions and settings you made on those websites. Thanks to this you do not need to enter these data again when you re-visit the website and go through individual sections of the web.
We use cookies mainly for marketing purposes, collection of statistical data and web traffic analysis so we can continue to improve our website and perfect our services we offer. The information on how you use our web is thus shared with our partners in the field of advertising and analysis, namely Google. To see how Google hands cookies, read the following document at https://www.google.com/policies/technologies/cookies/.
INQUIRIES AND CONTACTS
If you want to use any of your rights in relation to processing of your personal data or if you have other inquiry or complaint regarding their processing, contact us, please, by mail or e-mail using the below listed contact details.
Fit Invest d.o.o.
Josipa Marohnića 3, Zagreb, Croatia, e-mail: privacy@thefitness.hr
AMENDMENTS TO THE privacy policy
It is possible that the Company decides to amend or update this privacy policy. The current version of the privacy policy will always be available at Company´s website (www.thefitness.hr), in the Personal Data Protection section.