1. INTRODUCTION

ARBOFIELD doo is obliged to provide personal data protection (by collecting only the essential, basic information about customers / users required to fulfill our obligations), informing customers of the manner of using the collected data, regularly giving customers the choice of using their data, including the ability to decide whether or not to remove their name from the lists used for marketing campaigns. All customer information is strictly kept and only accessible to employees whose data is necessary for doing business. All ARBOFIELD doo employees and business partners are responsible for compliance with the privacy policy.

We at ARBOFIELD doo are respectful of your privacy, we understand that it is important to you and that you care about how your information is used. These rules explain when, why and how we collect personal information from people visiting our website and agree to use any of our services or product purchases or who are requesting us to contact or contact us in any other way. These rules also provide a detailed description of the conditions under which we can disclose this data to others and how we care about their security. Please read our Privacy Policy in its entirety, but here we briefly state the principles we are dealing with in your business:

• We will never sell your personal information
• We will never share your personal information with a third party for the purpose of promoting this third party
• We will always be concerned about the security of your data by encryption, respecting all personal data protection regulations and applying security IT standards

We will never send you a promotional e-mail directly without your consent. To receive our newsletters and promotional messages, we are looking for your explicit opt-in and you can withdraw your opt-out at any time by using the "Outbound" link found in your email and so choose not to receive newsletters. You can also unsubscribe and send us an e-mail with an e-mail request at arbofield@arbofield.hr

If you are unsure or have questions about how your data is being collected or used, please contact us at arbofield@arbofield.hr Our Privacy Policy can be read in full below.

ABOUT US

ARBOFIELD doo is a trading company with headquarters in Jastrebarsko at: Antuna Mihanovića 3, 10450 Jastrebarsko, Croatia, Registered in the court register of the Commercial Court in Zagreb under MB: 04656407, OIB: 26251848826

The office address for customer contact is: ARBOFIELD doo, Antuna Mihanovića 3, 10450 Jastrebarsko, Croatia. Authorized person for the representation of the company is dr.sc. Nikola Lacković.

These Terms and Conditions (together with our terms and conditions and other terms of reference) are the basis of our processing of any personal information we collect or make available to you. Please read these Rules carefully to fully understand our position and practice regarding your personal information and how we treat them.

According to the GDPR (General Data Protection Regulation), ARBOFIELD doo, Antuna Mihanovića 3, 10450 Jastrebarsko, Croatia, OIB: 26251848826 acts as the processing manager.

3. WHEN WE CONFIRM YOUR PERSONAL DATA?

We may collect your personal information in the following ways:

We may collect and keep the personal information you enter when filling in forms on our website such as orders and queries, oral (telephone) bidding requests and the like. We may ask you for your personal information when you participate in using our applications and computer solutions or if you report a problem with our website.

If you contact us, we may collect and keep records of such correspondence, including any personal information you provide in the course of correspondence.

We may collect and keep the personal information you provided us within the survey we are asking you to fill in, although you are not required to respond.

We may collect and keep personal information regarding your visit to our web site, such as traffic data, location information, and other communication data for your own safety, for diagnostic purposes.

4. WHAT PERSONAL DATA WE CONCLUDE?

Personal information: name, surname, address, contact number, email address, date of birth, ID number, OIB

Photos and video footage: When creating photodocumentation as part of the arborist service we provide and using video surveillance at the headquarters of the company

Sales and Service Information: Purchase Information, including Buyer's Customer Identity, Contract Number and Warranty Information, Claims, Delivery, Support, and Services, including Objections and Requests.

As you browse our web site, we collect the following personal information within our logos: IP addresses (see below Cookies and IP addresses) while sending us a quote for services and services, we collect your company and contact information

5. WHERE ARE YOUR PERSONAL DATA RECOGNIZED AND EDUCATED?

By submitting your personal data, you are given the privilege of processing this data outside the European Economic Area. We will take all necessary steps to ensure that your personal information, regardless of where it is processed, is safe and handled in accordance with this Privacy Policy and GDPR.

6. HOW ARE YOUR PERSONAL DATA HOLD?

To safeguard the security of all data, we give the utmost attention and take appropriate steps in accordance with the regulations on the protection of personal data that are valid in the Republic of Croatia.

All personal data are stored behind the firewall in accordance with IT standards. Physical access to all personal data is protected by appropriate standards.

On all systems, penetration tests are regularly carried out and are constantly monitored to detect any vulnerabilities and attacks.

7. WHY DO YOU WANT TO USE PERSONAL DATA?

We use the personal information we collect about you in the following ways:

• for verification of your identity, delivery of products and provision of services you have agreed with us,
• for creating an account,
• to fulfill our obligations arising from the contracts you have entered into with us,
• to display the content of your web pages in the most effective way on your device,
• to answer your inquiries,
• to provide information,
• for the delivery of products and the service you request from us,
• in cases when you have given your permission to contact you,
• to send notification of changes related to our service,
• to send promotional e-mail messages,
• in cases where you have given your explicit privilege,
• to prevent fraud
• to detect, prevent and diagnose potential security vulnerabilities
• for a digital product claim

8. LEGAL BASES FOR COLLECTION AND PROCESSING

Personal Data Protection Regulations govern the assumptions under which personal data can be collected and used as legal grounds for collection and processing. These legal bases are as follows.

8.1. Execution of contractual obligations

When you contract to provide some of our services or deliver some of our products, we need to collect personal information to fulfill your contractual obligations (for example, to manage your account, issue service bills, contact you for customer support purposes, and more ).

8.2. Respect for legal obligations

Regulations in force in the Republic of Croatia oblige us to collect and process data for certain purposes, such as accounting purposes (eg billing) and submission of data in accordance with the requirements of judicial bodies.

8.3. Legitimate interests

As part of our daily business, we collect information for the needs of legitimate interests in a reasonable manner. For example, we collect and write IP addresses for protection against fraud and security, as well as for analyzing the use of our web site.

8.4. cajolement

In some cases, we may collect and process your personal information with your privacy, such as sending your newsletter and promotional emails. At any time, you can withdraw your privation to receive them.

9. WHAT WOULD YOU KNOW PERSONAL DATA?

Your data is only kept as long as necessary to fulfill the purpose for which it was collected. At the end of the retention period, we will either delete or anonymize personal information so that we can no longer associate with whom. Personal data related to any financial transaction are kept for at least 11 years, as the regulations in force in the Republic of Croatia are defined in this way.

10. WHAT DOES PERSONAL DATA SHARE?

Like many other websites, we use certain third-party services related to the functionality of the applications for which you have the right to use and edit your request. Below is a list of companies we share data with. The list does not include the services of companies with which we share anonymous bookkeeping information or provide services related to the maintenance of digital products and the functionality of the applications we are developing.

10.1. For now, there are no companies we share data with, except those who handle this information anonymously for the purposes listed above.

11. GOOGLE ANALYTICS

We use Google Analytics to collect anonymous user information about our websites to find out how often they visit our website, which pages they visit, the time they visit them, how long they stay and where they are from.

These data are collected through cookies and IP addresses, and the statistics obtained are used for the following purposes:

• to improve website usability,
• to track the success of a marketing campaign,
• to analyze behavior patterns on web pages

If you do not want Google Analytics to collect this information, you can install Google's plugin for your browser to prevent it. You can download the plugin here: https://tools.google.com/dlpage/gaoptout

More information on how Google uses the data collected from our web site can be found here: https://policies.google.com/privacy/partners?hl=en&gl=uk

12. NEWSLETTER AND MARKETING PORTS

Promotional emails are only sent if you have given your explicit opt-in, and your data will never be sold or forwarded to third parties for marketing purposes. If you have explicit permission to receive such messages, you can withdraw it at any time by contacting arbofield@arbofield.hr.

13. OVERVIEW OF YOUR PERSONAL DATA

We may disclose your personal information to third parties in the following circumstances:

• If a third party acquires part or full ownership of ARBOFIELD doo then the personal data of the user will become part of the property of a third party.
• If we have an obligation to disclose or share your personal information in order to comply with any statutory obligation, or to enforce your legal rights or to protect the rights, property, or safety of your users or other persons.
• This includes sharing information with other companies and organizations for the purposes of fraud prevention and security breaches.

14. EXTERNAL LIABILITIES

On our website we can set up links to the websites of their business partners. If you follow this link on any of these websites, please note that these sites apply their own privacy policy and ARBOFIELD Ltd. has no liability whatsoever regarding these policies. Please review these policies before entering or posting your personal information through these web sites.

15. YOUR RIGHTS TO GDPR

According to the GDPR, as of May 25, 2018, you have certain rights pertaining to your personal information, and are briefly described below.

15.1. The right to limit processing

You have the right to request a limit on the processing of your personal information when there is no legitimate interest in doing so:

• when you dispute the accuracy of your personal information, for a period in which our processing manager allows us to verify the accuracy of personal data.
• when you have filed a complaint about the processing of data (see below the Right to Objection) and we are considering whether our legitimate reasons for your reasons go beyond.
• when processing is illegal and you are opposed to deleting your personal information and instead seek to limit their use.
• when you no longer need personal data, but you are looking for them to set up, enforce or defend the legal requirements

You can realize your right at any time by contacting us (see below How can you contact us).

15.2. Right to access

GDPR gives you the right to ask us which personal information we have and how we handle them and give you access to these data. You can realize your right by contacting us (see below How can you contact us).

Please note that before processing any data access request we need to verify your identity, and we may also contact you further to make sure we understand what information you require. Once we confirm your identity, we will provide the requested information within 30 days.

We will provide you with information free of charge, however, we may charge an administrator fee if the claim is obviously unfounded or excessive, especially if it is repeated. In any case, if you are an existing user, you can access your personal information through your user interface.

15.3. Right to delete (Right to oblivion)

As a natural person you have the right to request the deletion of all of your personal information we have. However, keep in mind that this is not absolute right, so for example, does not exceed our legal obligation to keep accounting records.

Deleting your personal information may be required when your data is no longer necessary for the purpose for which it was originally collected or processed (for example, if you cancel all the services you have used with us). You can realize your right by contacting us (see below How can you contact us).

15.4. Right to fix

GDPR gives you the right to correct any personal information that is inaccurate or incomplete. Users can also refresh their personal information via the user interface, but you can contact us at any time (see How to contact us).

15.5. Right to data portability

You have the right to request the delivery of personal information that you have made available in a machine-readable form (see below How can you contact us).

15.6 Right to Objection

You have the right to file an objection to processing your personal information when there is no legitimate or legitimate reason to do so. You can realize your right by contacting us (see below How can you contact us).

16. AMENDMENTS TO OUR PRIVACY POLICY

We update our Privacy Policy as needed. For the same reason, please customers periodically review the potential changes page because they will not be explicitly informed about the changes.

17. HOW CAN YOU CONTACT US?

Your questions, comments and requirements regarding this Privacy Policy are welcome and you can contact us in the following ways:

• you can contact us via the web form at https://www.arbofield.hr/Contact
• you can email us at arbofield@arbofield.hr
• you can write to us at: ARBOFIELD doo, Antuna Mihanovića 3, 10450 Jastrebarsko, Croatia.

18. HOW DO YOU CONTACT THE SUPERVISORY BODY?

Even though we will do our utmost to correct any situation regarding your personal information that you are not happy about, if you feel that we do not handle your personal information correctly, you have the right to contact the supervisory authority. In this case, the supervisory body is the Personal Data Protection Agency (AZOP).

You can find contact information for AZOP here: http://azop.hr/zastita-podataka-croatia/detaljnije/kontaktirajte-nas

19. MINORS

We do not collect data on children. If we believe that such information has been passed to us without the consent of parents or guardians of children under the age of 16, we will remove them without delay.

Juveniles under 16 years of age may not use the ARBOFIELD Website www.arbofield.hr. No part of the web site www.arbofield.hr is designed to attract anyone under the age of 16.

The last version of these Privacy Policy has been published and entered into force on 30 May 2019.