The General Data Protection Regulation (GDPR) is a binding legislative act applicable in the Republic of Croatia and all EU member states since May 25, 2018. Its goal is to protect personal data, give citizens control over their personal data, and establish a high and uniform level of data protection in the European Union.
Personal data refers to any information relating to an individual whose identity is established or can be established. An individual whose identity can be established is a person who can be identified directly or indirectly.
Golden Darts d.o.o. has established business processes, roles, and responsibilities to ensure compliance with fundamental principles of personal data protection:
Golden Darts d.o.o. processes personal data only if at least one of the following applies:
Golden Darts d.o.o. provides clear information about data processing to establish trust. Individuals can exercise their rights at any time, without charges, unless requests are excessive.
Personal data is processed only for specific, lawful purposes and not used in a way incompatible with those purposes.
Only relevant and necessary personal data is collected and processed.
Golden Darts d.o.o. ensures personal data is accurate, complete, and up-to-date. Individuals are responsible for providing correct information.
Personal data is retained only as long as necessary for lawful purposes and is securely deleted or anonymized afterward.
Golden Darts d.o.o. implements appropriate technical and organizational measures to protect personal data against unauthorized or unlawful processing and accidental loss, destruction, or damage.
Processes and systems are in place to demonstrate compliance with GDPR.