Properticopropertico
BackBuy

Privacy policy

How we collect, use and protect your personal data when you use the Propertico platform, in accordance with the General Data Protection Regulation (GDPR) and the Croatian legal framework.

Last modified: 1 April 2026
Effective from: 1 April 2026

01 Introduction and legal framework

Pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (Official Journal of the European Union L 119, 4 May 2016, p. 1; hereinafter: the General Data Protection Regulation), which has been in full effect from 25 May 2018 in the Republic of Croatia and all member states of the European Union, as well as the Act on the Implementation of the General Data Protection Regulation (Narodne novine no. 42/18; hereinafter: the Act), the Labour Act (Narodne novine nos. 93/14 and 127/17) and the Occupational Safety and Health Act (Narodne novine nos. 71/14, 118/14 and 154/14), i.e. in accordance with the legal framework for the protection of personal data in the Republic of Croatia and the European Union and with best European practice, Croator d.o.o. (hereinafter: CROATOR), entered in the court register of the Commercial Court in Rijeka, as the controller of the personal data of users of its services and customers, has drawn up this Privacy Policy for the protection of personal data of users of services and customers.

The Privacy Policy is a unilaterally binding legal act based on the fundamental principles of personal-data processing, which regulates what user data is collected, how that data is processed and for what purposes it is used. The Privacy Policy also informs users of services and/or customers about their rights in the collection and further processing of personal data, all for the purpose of protecting their privacy in the broader sense.

The Privacy Policy applies to all services offered by CROATOR, with the aim of clearly and transparently informing users about the procedures for processing their personal data and about their rights. Users may at any time contact the company with a request to change, supplement and/or update the data relating to them, as well as to withdraw consent and request the cessation of further processing of personal data.

02 Data controller and contact

The party responsible for processing personal data is:

Croator d.o.o.
Milutina Barača 62
Rijeka
OIB: 80383547539
Entered in the court register of the Commercial Court in Rijeka

All inquiries related to personal-data protection can be sent to the listed email address and we will respond in the shortest possible time.

03 Principles of personal-data processing

The Privacy Policy is based on the following principles of personal-data processing:

  • the principle of lawfulness, transparency and best practice;
  • the principle of limited processing and data minimisation;
  • the principle of accuracy and completeness of personal data;
  • the principle of storage limitation;
  • the principle of integrity and confidentiality of data;
  • the principle of accountability;
  • the principle of trust and fair processing;
  • the principle of opportuneness (purpose of processing);
  • the principle of processing in an unnamed (anonymised) form.

04 Methods of collecting personal data

Directly from the user

Users themselves provide data to CROATOR as the controller, to the extent that is relevant to providing the appropriate services, sales or some other connection between the user and the website https://propertico.hr/. For the purpose of providing the relevant services, the user is required to provide CROATOR with the data needed to establish a contractual relationship for the provision of a particular service and/or the sale of particular products.

The customer/user may provide data verbally or in writing at the headquarters of CROATOR, by email sent to one of the company's official addresses, and via the CROATOR website https://propertico.hr/.

From other publicly available sources

From other publicly available sources of data on companies and natural persons within companies, on internet portals, in telephone directories that contain such data and other publicly available services, solely for the purposes for which they were initially collected.

Automatically, by visiting the website

When the CROATOR website, applications and portal are visited, data associated with online identifiers (internet protocol addresses and cookie identifiers, such as Google Analytics for tracking user and/or customer interaction) is collected automatically. These online identifiers may leave traces which, combined with other identifiers and information provided by internet service servers, may serve to identify the user and/or customer.

The quantity, i.e. the scope, of personal data that CROATOR collects depends on the type of service that CROATOR provides to its users and/or customers, as well as on the legal basis on which the data is collected. CROATOR continuously takes care to collect only the strictly necessary scope of personal data required to achieve the legally established purpose for which the data is processed.

Data on potential users

CROATOR also collects data on potential users and/or customers of its services and/or products. This data includes basic information (first name and last name, email address) as well as the interests of potential users and/or customers who contact the company wishing to be informed about and/or offered specific products and services.

05 Types of personal data

Data most commonly provided by the customer/user includes:

  • first name and last name;
  • address;
  • personal identification number (OIB);
  • contact telephone and/or mobile number;
  • email contact details (email address);
  • data from the personal identity card;
  • bank account and card number details for the purposes of settling payment obligations.

06 Place of processing and storage

Where personal data is processed

CROATOR processes users'/customers' personal data in the Republic of Croatia.

Where the collected data is stored

Data is processed in such a way that all or part of the information about customers/users/data subjects is stored in the controller's databases.

07 Technical and organisational protection measures

The controller implements technical and organisational measures to ensure an appropriate level of security. The controller also takes measures to ensure that any individual acting under the controller's authority who has access to personal data does not process that data unless instructed to do so by the controller.

Taking into account the nature, scope, context and purposes of processing, as well as the risks of varying likelihood and severity for the rights and freedoms of natural persons, the controller implements appropriate technical and organisational measures in line with security policies in order to ensure, and to be able to demonstrate, that processing is carried out in accordance with the General Data Protection Regulation.

08 Purpose of collection and processing

CROATOR collects and further processes personal data of users and/or customers for the purpose of concluding and performing contracts, completing purchases or service interventions on equipment, delivering ordered products, advising and assisting in product use, providing appropriate additional and/or extended product warranties, handling complaints from users and/or customers, and other activities connected with the conclusion and performance of contracts in accordance with applicable regulations.

The processing of personal data of users and/or customers for the aforementioned purposes is a necessity and a legal basis for concluding a contract. If the user and/or customer refuses to provide essential data, CROATOR will not be able to conclude a contract and/or take certain actions related to the performance of a concluded contract.

Organising prize competitions

CROATOR occasionally organises prize competitions, in which case data is used to notify winners of their prize.

Direct marketing

Contact details of users and/or customers may be used to send promotional messages about CROATOR's products and services if the customer/user has given consent.

Video recordings

CROATOR uses surveillance cameras for the protection of persons and property.

09 Retention period

Depending on the purpose and legal basis on which the personal data of users and/or customers is collected, CROATOR is, in certain cases, obliged to retain personal data for a period of time prescribed for that particular purpose by applicable regulations, or until the purpose ceases. Once the statutory retention period that requires CROATOR to keep certain personal data has expired, or once the purpose ceases, the data is deleted.

In cases where the basis for the collection and processing of data is the user's and/or customer's consent, personal data is retained for 10 years.

Data processed on the basis of the user's and/or customer's consent may also be deleted before the period set out in this Policy expires, if such deletion is requested by the user and/or customer, or where the user and/or customer objects to such processing in writing via the internet using the published email address: [email protected].

10 Exercising user rights

If the user believes that there has been an irregularity in the processing of their personal data, they can exercise their rights via the published contact details or by email at [email protected]. The user and/or customer also has the right to lodge a complaint with the national supervisory authority.

11 Disclosure to third parties

CROATOR discloses customers'/users' personal data to third parties (including competent authorities) in the following cases:

  • to fulfil CROATOR's legal obligations, where such processing is necessary to protect the essential interests of the customer/user;
  • to fulfil a contractual obligation and carry out work on behalf of the customer/user where it is necessary to engage a third party as a processor.

12 Processing in the employment context

Employees' personal data may only be collected, processed, used and disclosed to third parties where this is provided for by law or where it is necessary for the exercise of rights and obligations arising from or connected with the employment relationship.

For the purpose of exercising rights and obligations arising from the employment relationship, the controller will collect, process, use and disclose to third parties only those personal data that are necessary for that purpose, and will only disclose such data at the request of courts and other state or public authorities.

13 Cookies policy

This Cookies Policy explains what cookies are and how we use them, the types of cookies we use, what data we collect using cookies and how that information is used, and how to control your cookie settings. You can change or withdraw your consent from the Cookie Statement on our website at any time.

Your consent applies to the following domains: https://propertico.hr/.

What cookies are

Cookies are small text files used to store small amounts of data. They are stored on your device when a website loads in your browser. These cookies help us make the website work correctly, make it more secure, provide a better user experience, and help us understand how the website is performing: what works and where it needs improvement.

How we use cookies

Like most online services, our website uses first-party and third-party cookies for several purposes. First-party cookies are mostly necessary for the website to function correctly and do not collect any of your personally identifiable data.

The third-party cookies used on our website are mainly intended to help us understand how the website performs, how you interact with our website, to protect our services, to display ads that are relevant to you, and ultimately to provide you with an improved user experience and help speed up future interactions with our website.

Types of cookies we use

  • Essential: some cookies are essential for you to be able to experience the full functionality of our site. They allow us to maintain user sessions and prevent any security threats. They do not collect or store any personal information. For example, these cookies allow you to log in to your account, add products to your basket and check out securely.
  • Statistics: these cookies store information such as the number of visitors to the website, the number of unique visitors, which pages have been visited, the source of the visit and so on. This data helps us understand and analyse how well the website performs and where it needs improvement.
  • Marketing: our website may display advertisements. These cookies are used to personalise the ads shown to you and help us track the effectiveness of advertising campaigns. The information stored in these cookies may also be used by third-party ad providers to display advertisements on other websites in the browser.
  • Functional: cookies that help with certain non-essential functions on our website. These functions include embedding content such as videos or sharing website content on social media platforms.
  • Preferences: these cookies help us store your settings and browsing preferences, such as language preferences, so that you have a better and more efficient experience on future visits to the website.

How to control your cookie settings

If you decide to change your settings during a browsing session, you can click the "Privacy and cookies policy" tab on the screen. This will re-display the consent notice, which allows you to change your settings or completely withdraw your consent.

In addition, different browsers offer different methods for blocking and deleting cookies used by websites. You can change the settings of your browser to block or delete cookies. To learn more about managing and deleting cookies, visit en.wikipedia.org/wiki/HTTP_cookie or www.allaboutcookies.org.