Privacy Policy

The controller of your personal data is: Borvalta d.o.o. Ilica 256, 10000 Zagreb, Croatia OIB: 47829163058 Email: info@borvalta.com For all data protection inquiries, you may contact us at the above email address.

We collect the following categories of personal data: • Identification data: first and last name • Contact data: email address • Communication data: content of messages you send through the contact form • Technical data: IP address, browser type, operating system, device information • Usage data: pages visited, visit duration, clicks We do not collect special categories of personal data (e.g., health data, religious beliefs).

We process your personal data based on the following legal grounds: • Consent (Art. 6(1)(a) GDPR): for analytics and marketing cookies • Legitimate interest (Art. 6(1)(f) GDPR): for improving our services and system security • Performance of contract (Art. 6(1)(b) GDPR): for processing your inquiries Purposes of processing include: • Responding to your inquiries • Improving user experience • Analyzing website usage • Displaying relevant content

We may share your personal data with the following categories of recipients: • Google LLC (Google Analytics, Google Ads) — based on your consent • Hosting service providers — for technical support of the website • Government authorities — when legally required We do not sell your personal data to third parties.

Some of our service providers (e.g., Google) are located in the USA. Data transfers to third countries are carried out based on Standard Contractual Clauses (SCC) approved by the European Commission, ensuring an adequate level of protection for your data.

We retain your personal data only as long as necessary to fulfill the purpose for which it was collected: • Contact form data: up to 2 years from last communication • Technical data (cookies): depending on the cookie type, maximum 24 months • Legally required data: according to the legally prescribed period

Under GDPR, you have the following rights: • Right of access: You may request information on whether we process your personal data. • Right to rectification: You may request correction of inaccurate data. • Right to erasure: You may request deletion of your data ("right to be forgotten"). • Right to restriction: You may request restriction of processing your data. • Right to portability: You may request transfer of data in a structured format. • Right to object: You may object to processing based on legitimate interest. • Right to withdraw consent: You may withdraw consent at any time without affecting the lawfulness of processing before withdrawal. To exercise any of these rights, contact us at info@borvalta.com.

If you believe that the processing of your personal data violates GDPR or Croatian data protection regulations, you have the right to lodge a complaint with the Personal Data Protection Agency (AZOP): Personal Data Protection Agency Franje Račkog 9, 10000 Zagreb www.azop.hr

We may update this Privacy Policy from time to time. All changes will be published on this page with an indication of the last update date. We recommend reviewing this page periodically.