Privacy Policy

Fleksbit Ltd.
Oreškovićeva 6N/2-5th floor, Zagreb, VAT number: 58823819803
represented by manager Tomislav Gligora

In order to exercise the right of personal data protection in accordance with General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), in this document we explain when and why we collect and process personal data.


Please read this document carefully to be familiar with the terms and conditions of use of your personal data in Fleksbit, as the Head of Personal Data Processing.

Purpose of collecting personal data

When contacting you, we may ask you to share your personal information with us for the following purposes:

  • Receiving information about Fleksbit services and news
  • Participation in Fleksbit web activities on the Internet, including our channels/social media et al
  • Save your data for future interactions and communication with Fleksbit
  • Potential employment at Fleksbit
  • Assistance in the development of services tailored to your needs and their continuous improvement
  • Helping to improve our services and enabling Fleksbit to keep you informed
  • Troubleshooting service issues
  • Receiving customized messages, special offers and promotional content in accordance with your interests, based on the information you share with us, or collected through cookies or similar techniques while using Fleksbit website/social media. If you want more information on how we use cookies, click HERE.

If you do business with Flexbit as a customer, supplier or business partner, we will ask you to share your personal information with us for the following purposes:

  • Fulfilment of the legal obligation towards state authorities in terms of information on the status of the contractual relationship
  • Customer Relationship Management
  • Ensuring access to information
  • Employment
  • Other types of communication
  • Analysis and understanding of customer interaction
  • Answering questions or resolving requests for service

In general, we process your personal information only for the purposes for which you were informed of. These purposes may be based on legal requirements that Fleksbit must comply with, based on the contract that Fleksbit has entered into with you, and based on personal consent.

Personal information that Fleksbit may collect

When interacting with Fleksbit in person, via email, phone, web or social networks, we may request or receive certain information such as:

  • Name and surname
  • Registration number and OIB
  • Copy of ID card
  • Date of birth
  • Place and country of birth
  • Citizenship
  • Name and surname of the parent/guardian (if a minor)
  • Sex
  • Address and place of residence
  • History of business relationship
  • Agreement data (not just consent)
  • Data on downloaded documentation
  • Payment information
  • Visit record
  • Recordings
  • Photograph of the face
  • A message or inquiry from a User which may include information about a past or current business relationship

We may also collect personal information through cookies or similar techniques, including, but not limited to, the following:

  • IP address
  • Cookie ID
  • The internet browser used

When you communicate with Fleksbit as a supplier or business partner, we may collect the following information:

  • Name and surname
  • Email address
  • Phone number
  • Business address
  • Name and address of the company you work for
  • Personal details that might be relevant to the business relationship, e.g., your professional experience and similar

Ways of collecting personal data

You can share personal information with Fleksbit through (not limited to):

  • Communication with Fleksbit (may be related to the service, through an inquiry or request you have sent us)
  • Communication with one of the Fleksbit employees in person, by e-mail, telephone, in writing or orally
  • Ordering a service
  • Participation in activities on social networks related to the promotion of Fleksbit
  • Request to receive messages on a mobile phone/device
  • By subscribing to the Fleksbit Newsletter
  • Voluntary participation in surveys
  • Cookies on your computer or mobile device when you visit our website
  • Social media monitoring: Fleksbit can search the Internet for relevant and publicly available content and use it to improve its services, address customer requirements and provide targeted marketing content.

When you communicate with Fleksbit as a supplier or business partner, potential employee and similar data collection is done through:

  • Concluding agreements on cooperation and/or employment
  • Providing Fleksbit services
  • Communication with Fleksbit
  • Developing partnerships
  • When accessing Fleksbit business premises
  • Participation in fairs, events or promotions
  • Voluntary participation in surveys

If you do not want Fleksbit to use personal data that you did not provide yourself, you can let us know at any time at the e-mail address: [email protected]

Sharing personal information with others

We may share your personal information with service providers, business partners and other third parties, in accordance with applicable law and the business agreements we have with such institutions. In certain cases, when not required by law, your personal data may be passed on to third parties such as accounting services, companies that provide customer record software, Croatian Health Insurance Fund et al. Fleksbit hereby confirms that a contract on the transfer and processing of personal data (the so-called DPA contract) has been concluded with all suppliers (third parties) who are not part of the legal obligations, which clearly prescribes the obligations of suppliers to treat personal data obtained in this regard in accordance with the law and other positive regulations, and that they are themselves fully compliant with the GDPR and that they apply adequate organizational and technical data protection measures.

If we are required by law to obtain your consent, or for any other reason believe that your consent is required in certain circumstances, we will request it before sharing your personal information.

After you provide us with your personal data, it is possible to update, change or request their deletion via the e-mail address: [email protected]. You can ask other privacy questions or make your privacy complaints at the same address. In order to prevent unauthorized requests, in the process of exercising your rights, we will ask you to fill in the form for exercising the rights of the subjects (natural persons) and forward them to us.

Scope related to the Internet

Social networks

If you are a member of various social networks such as Facebook, Twitter, Instagram, LinkedIn, etc., you should be familiar with the tools provided by these sites and choosing how to share personal information on social media profiles.

In addition, depending on the choice related to settings on various social networks, certain personal information may be shared with Fleksbit; for example, information about your online activities, social media profiles (e.g. interests, marital status, gender, username, photo, comments and content you have posted/shared, etc.).

Links to other websites

On the Fleksbit website, you can find links to other websites with useful information. Such websites may operate independently of Fleksbit and may have their own privacy notices, statements or policies. We strongly encourage you to review them to find out how your personal information may be processed in connection with those websites, as we are not responsible for the content of websites that are not owned or operated by Fleksbit, nor for their use or privacy practices.

Please note that we accept and take our responsibility to protect the personal information you entrust to us, from loss, misuse or unauthorized access very seriously.

For all additional information, contact us via e-mail at: [email protected].

Video surveillance

Fleksbit uses its own video surveillance to protect property and persons, and we inform visitors in advance (existing and potential customers, visitors, suppliers, external associates and others who access the business premises) that Fleksbit video surveillance monitors access to the business premises and the premises. Video surveillance is used exclusively for that and only that purpose.

The basis for conducting video surveillance in terms of protection of valuable property and protection of persons accessing the area was declared an institute of legitimate interest and for that purpose a Proportionality Test and adequate DPIA risk analysis and impact assessment were conducted.

The manner of use, management and archiving of recordings is regulated by the internal Ordinance on video surveillance and adequate organizational and technical data protection measures are applied.

There are prominent notices on the site that the space is under video surveillance.

All questions regarding video surveillance can be submitted in person, by e-mail or by mail to the address Oreškovićeva 6N / 2- 5th floor, 10000 Zagreb, Croatia or by e-mail at [email protected].

Legitimate interest

Fleksbit is a high-tech software development company where the source code is a solution of great material value and Fleksbit considers it its obligation to maximally preserve its own intangible assets. In addition, the business premises used by the company are largely filled with extremely valuable IT and other equipment, and in this sense Fleksbit uses video surveillance to protect property and persons and to prevent criminal offenses by third parties who may try to access the premises without authorization. It is important to note that photography and video recording are NOT made public. It is also important to note that the recordings are protected by adequate organizational and technical measures, and all third parties involved in the processing of recordings and photographs are contractually obliged to comply with the GDPR through the so-called DPA contract (Data Processing Agreement).

How do we store data?

We store and process only those data and from those users who have given their personal consent for their processing and / or in accordance with contractual obligations. The protection of the privacy of personal data is permanent and we take all measures to protect them in accordance with the General Regulation on Personal Data Protection.

How do we protect the User’s personal data?

Fleksbit Ltd. has established a number of technical and organizational measures for the protection of personal data according to the assessed risks for personal data. These measures are related to the protection of office documents, computer protection and rules of conduct for employees, contractual relations with external service providers.

Your possibilities

We want to get to know you better so we can provide you a better service, while respecting your choice as to how we use your personal information.

1. Consent
You may be asked to give your consent for the collection of data and their use.

2. Right to Erasure
You may request all your previously consented personal data to be erased, unless there is a legal impediment for deletion of which we will inform you adequately.

3. Data Transferability
You can transfer your personal data from one electronic processing system to another without data controller interference.

4. Revocation of consent
It is your right to withdraw your consent in whole or in part, without consequences and explanations, and to request the cessation of the processing of your personal data and marketing activities directed towards you. You can submit the revocation in person, by e-mail or by mail to the address Oreškovićeva 6N / 2-V kat, 10000 Zagreb, Croatia or by e-mail at [email protected].

5. The right to restrict data processing
The subject has the right to obtain a processing restriction from the processing manager if:

  • the subject disputes the accuracy of personal data, for the period during which the head of processing was allowed to verify the accuracy of personal data;
  • the processing is illegal and the subject opposes to the deletion of personal data and requests a restriction of its use instead;
  • the head of processing no longer needs personal data for the purposes of processing, but the subject requests them in order to set, realize or defend legal claims;
  • the subject has submitted an objection to the processing pursuant to Article 21 (1) of the General Data Protection Regulation pending confirmation of whether the legitimate reasons of the head of processing exceed the reasons of the subject.