We are extremely dedicated to the protection of personal data as well as to the protection of the privacy of our clients and visitors of our website, and we pay special attention to it. We collect and process all personal data in accordance with the principles and other rules contained in the GDPR, as well as in other applicable legislation, and exclusively in the scope and purpose set therein. Since your contribution and you being informed are also important elements for the successful and complete protection of your personal data, please read this Policy in order to be familiar with the ways in which we protect your personal data, which personal data we collect and process, and for which purpose and on what basis on what legal basis do we conduct these activities.
Collecting personal data
For the purpose of fulfilling our contractual obligations and enabling the full functionality of our GDi ENSEMBLE W4 software and W4 WORKFORCE MANAGEMENT mobile application, we may collect, store and use the following types of your personal data:
(a) data about your computer and about your visits to and use of this website (including your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths);
(b) data that you provide to us when registering with our website (including your email address);
(c) data that you provide when completing your profile on our website (including your name, profile pictures, employment details);
(d) data which you have provided to us when using our online contact forms or when subscribing to our email notifications and/or newsletters (including your name and email address);
(e) data that you post to our website for publication on the internet (including your user name, your profile pictures and the content of your posts);
(f) data contained in or relating to any communication that you send to us or send through our website (including the communication content and metadata associated with the communication);
(g) data about your location (our W4 WORKFORCE MANAGEMENT mobile application includes a user location tracking option and when the user is active, the user’s location is periodically collected and stored even when the application is closed or in the background. Authorized users in the user’s organization can view the history user location),
(h) Your photos and videos (for the full functionality of our W4 WORKFORCE MANAGEMENT mobile application, the user can collect selected files from the device or take pictures using the device’s camera),
(i) application and performance data (W4 WORKFORCE MANAGEMENT mobile application collects information for application analytics, application health monitoring, and diagnosing and fixing errors or crashes)
(j) application notifications (for the purpose of informing users about work-related events, the W4 WORKFORCE MANAGEMENT mobile application accesses and collects the identifier of mobile devices) and
(k) any other personal data which you have provided to us.
If, in order to fulfill our contractual obligations, we need certain third parties’ personal data of, we must first receive the written consent of that third party for the collection and processing of their personal data in accordance with this Policy.
Use of personal data
Personal data submitted to us through our website will be used for the purposes specified in this Policy or on the relevant pages of the website.
We may use your personal data to:
(a) administer our website and business activities;
(b) personalize our website for you;
(c) enable your use of the services available on our website;
(d) for marketing commercial communications;
(e) send you email notifications that you have specifically requested;
(f) send you our email newsletter, if you have requested it (you can inform us at any time if you no longer wish to receive our newsletter);
(g) send you marketing communications relating to our business or the businesses of carefully-selected third parties which we think may be of interest to you, by post, email or similar technology (you can inform us at any time if you no longer require marketing communications);
(h) provide third parties with statistical data about our users (but those third parties will not be able to identify any individual user from that data);
(i) deal with enquirers and complaints made by or about you relating to our website;
(j) keep our website secure and prevent fraud and illegal activities; and
(k) verify compliance with the terms and conditions governing the use of our website (including monitoring private messages sent through our website private messaging service).
If you submit personal data for publication on our website, we will use them in accordance with your consent and to the extent necessary for the performance of our contractual obligations and in accordance with the principles and other provisions set out in the GDPR. Your privacy settings where in use can be used to limit the publication of your data on our website and can be adjusted using privacy controls on the website.
Unless necessary for meeting our contractual obligations to you or if requested by competent authorities – all as provided under the provisions of the GDPR, we will not, without your express consent, provide your personal data to any third party.
Disclosing of personal data
We may disclose your personal data to any of our employees, officers, insurers, professional advisers, agents, suppliers, or subcontractors insofar as reasonably necessary for the purposes set out in this Policy, provisions of the GDPR and other applicable legislation.
We may disclose your personal data to any member of our group of companies (this means our subsidiaries, our ultimate holding company and all its subsidiaries) insofar as reasonably necessary for the purposes set out in this Policy, provisions of the GDPR and other applicable legislation.
We may disclose your personal data:
(a) to the extent that we are required to do so by applicable legislation;
(b) in connection with any ongoing or prospective court, administrative or any other legal proceedings before court or other competent authorities;
(c) in order to establish, exercise or defend our legal rights (including providing data to others for the purposes of prevention of illegal activities, irregularities, fraud and reducing credit risk);
(d) to the purchaser (or prospective purchaser) of any business or asset that we are (or are contemplating) selling; and
(e) to any person who we reasonably believe may apply to a court or other competent authority for disclosure of that personal data where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal data.
Except as provided in this Policy, we will not provide your personal data to third parties.
International transfers of personal data
Personal data that we collect may be stored, processed and transferred between any of the countries in which we operate in order to enable us to use the information in accordance with this Policy, provisions of the GDPR and other applicable legislation.
Data that we collect may be transferred to the following countries which do not have data protection laws equivalent to those in force in the European Economic Area: United States of America, Russia, Japan, China and India.
Personal data that you voluntarily publish on our website or submit for publication on our website may be available, via the internet, around the world. We cannot prevent the use or misuse of such information by others.
By accepting this Policy, you expressly provide consent to the transfers of personal data as provided in this Section 5.
Retaining personal data
This Section 6 sets out our data retention policies and procedure, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal data.
Personal data that we process for any contractual or legal purpose or purposes shall not be kept for longer than is necessary for that purpose(s)/.
Notwithstanding the other provisions of this Section 6, we will retain documents (including electronic documents) containing personal data:
(a) to the extent that we are required to do so by applicable legislation;
(b) if we believe that the documents may be relevant to any ongoing or prospective court, administrative or any other legal proceedings before court or other competent authorities; and
(c) in order to establish, exercise or defend our legal rights (including providing data to others for the purposes of fraud prevention and reducing credit risk).
Security of personal data
We take reasonable technical and organizational precautions to prevent the loss, misuse, or alteration of your personal data.
We will store all the personal data you provide on our secure (password- and firewall-protected) servers.
All electronic financial transactions entered into through our website will be protected by encryption technology.
You acknowledge that the transmission of data over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
You are responsible for keeping the password you use for accessing our website confidential; we will not ask you for your password (except when you log in to our website).
We may update this Policy from time to time by publishing a new version on our website. We advise and instruct you to periodically visit our website to ensure that you are informed and aware of any changes to this Policy.
You may instruct us to provide you with your personal data we hold and such provision will be subject to:
(a) the applicable legislation and
(b) the supply of appropriate evidence of your identity (for this purpose, we will usually accept a photocopy of your national identification card / passport certified by the public notary or the bank plus an the documents showing your current correct address.
We may withhold personal data that you request to the extent permitted by law.
You may at any time withdraw consent to use your personal data for marketing purposes.
In practice, you will usually either expressly agree in advance to our use of your personal data for marketing purposes, or we will provide you with an opportunity to opt out of the use of your personal data for marketing purposes.
Pursuant to the provisions of the General Data Protection Regulation, you are authorized, in whole or in part, to withdraw your consent to the processing of personal data at any time. This must be done in such a way that we are notified in writing according to the following information:
GDI GRUPA d.o.o. Baštijanova 52a, HR-10000 Zagreb, Croatia.
Upon receipt of the statement of withdrawal of consent, we will confirm receipt in writing, and the personal data included in the statement of withdrawal will no longer be processed. Also, the GDPR stipulates that you have the following rights:
- the right to access to your personal data and to be informed about the method of their processing;
- the right to for personal data to be rectified/the right to request changes to personal data;
- the right to erasure of personal data (the so-called “right to be forgotten”);
- the right to restriction of processing of personal data;
- the right to portability of personal data in a machine-readable form and
- the right to object/the right to withdraw consent and to object to the processing of personal data.
In accordance with the provisions of the GDPR, website visitors and our clients – contractual partners have the right to complain to the supervisory authority:
AGENCIJA ZA ZAŠTITU OSOBNIH PODATAKA (English: PERSONAL DATA PROTECTION AGENCY (AZOP)
with headquarters at: Selska cesta 136, 10000 Zagreb, Croatia
In addition to right to complain to AZOP, visitors of our website and our clients have the right to complain to any supervisory body in the European Union.
If you want to see, or be given, a copy of data that GDi holds about you, you will need to make your request using our SAR (subject access request) request form. Your request must include enough information about yourself and the data that you are seeking to enable GDi to identify you and your data, and you must provide proof of identity.
To submit a request, please complete and return our subject access request form. You can put in a request:
- by downloading, completing, printing, and sending us a paper version of the subject access request form OR
- by sending us an electronic copy of the completed form via email.
For further information about access enquiries please contact firstname.lastname@example.org or telephone + 385-1-366-7666
Third party websites
Our website includes hyperlinks to, and details of, third party websites.
We have no control over, and are not responsible for, the privacy policies and practices of third parties. Please always take all necessary measures to protect your computer so that your visits to various websites are safe.
Please let us know (in one of the ways provided for in point 12 below of this Policy) if the personal data that we hold about you needs to be corrected or updated
This website is owned and operated by GDi GROUP LLC (Croatian: GDi GRUPA d.o.o.).
We are registered in Croatia under registration number MBS 080587777 before Commercial Court Zagreb, and our registered seat is at Baštijanova 52a, HR-10000 Zagreb, Croatia.
Our principal place of business is at Baštijanova 52a, HR-10000 Zagreb, Croatia.
You can contact us:
(a) by post, using the postal address given above;
(b) using our website contact form;
(c) by telephone, on the contact number published on our website; or
(d) via email address: email@example.com
Photography and video:
Photography and video recording may be used during GDi organised events, training sessions and other occasions. Use of the video and photographic media may be used for, but not limited to, publication on the GDi corporate website, Facebook, and LinkedIn pages. If you wish not to be photographed or recorded via video during such occasions, then please inform us beforehand or at the start of the event or occasion.
The protection of personal data of natural and legal persons is defined by the provisions of the General Data Protection Regulation (GDPR). The wording of the General Data Protection Regulation (GDPR) is available in the languages of the European Union at the following link.