PRIVACY POLICY

1. INTRODUCTION

This Privacy Policy explains how Pro mimato d.o.o. collects, uses, processes, and protects your personal data in accordance with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”).

It also outlines your rights regarding your personal data and how you can exercise them.

By interacting with us (e.g. visiting our website, making a purchase, or contacting us), you acknowledge that your personal data will be processed in accordance with this Privacy Policy.

If you have any questions, please contact us at: pro-mimato@pro-mimato.hr

2. WHO WE ARE (DATA CONTROLLER)

Pro mimato d.o.o.
Oranice 36, 10090 Zagreb, Croatia
VAT ID (OIB): 21315367878
Director: Mira Marić

In accordance with GDPR, Pro mimato d.o.o. acts as the data controller for your personal data.

3. WHAT ARE PERSONAL DATA?

“Personal data” means any information relating to an identified or identifiable natural person.

This includes, for example:

• name and surname

• email address

• home/delivery address

• phone number

• IP address

• purchase history

• preferences and behaviour

4. HOW WE COLLECT DATA

We may collect your personal data:

• directly from you (e.g. account registration, purchases, contact forms)

• automatically (e.g. cookies, website usage data)

• from third parties (e.g. payment providers, social media platforms)

Some fields are mandatory (marked with *), as they are necessary for:

• contract performance

• service provision

• legal compliance

Failure to provide such data may prevent us from delivering services.

5. TYPES OF DATA WE PROCESS AND PURPOSES

We process your personal data for the following purposes:

Account creation and management

Data:

• name, email, address, phone number

• login credentials

• order history

Purpose:

• account management

• customer support

• order processing

Legal basis:

• performance of a contract

• legitimate interest

Orders and purchases

Data:

• identification and contact details

• delivery and billing address

• transaction data

Purpose:

• order processing and delivery

• payment management

• fraud prevention

Legal basis:

• performance of a contract

• legal obligation

• legitimate interest

Marketing and newsletters

Data:

• email address

• preferences

Purpose:

• sending promotional content

Legal basis:

• consent

You may withdraw your consent at any time via the unsubscribe link.

Customer support and inquiries

Data:

• contact details

• communication content

Purpose:

• responding to inquiries

Legal basis:

• consent

• legitimate interest

Website usage and cookies

Data:

• IP address

• browser/device data

• browsing behaviour

Purpose:

• website functionality

• analytics

• security

• marketing (if consented)

Legal basis:

• consent (for non-essential cookies)

• legitimate interest (for essential cookies)

6. COOKIES

We use cookies to:

• ensure proper website functionality

• improve user experience

• analyse traffic

• personalise content and advertising

You can manage or disable cookies via your browser settings.

For more details, please refer to our Cookie Policy.

7. AUTOMATED DECISION-MAKING AND PROFILING

We may use automated tools to:

• detect fraud

• personalise offers

This may include profiling based on your behaviour and preferences.

You have the right to:

• object to profiling

• request human intervention

8. WHO WE SHARE DATA WITH

We may share your personal data with:

Service providers (processors)

• payment providers

• delivery services

• IT and hosting providers

• marketing and analytics providers

They process data only on our behalf and under contractual obligations.

Authorities

Where required by law.

Business transfers

In case of merger, acquisition, or sale of business.

We do not sell your personal data.

9. INTERNATIONAL DATA TRANSFERS

Your data may be transferred outside the European Economic Area (EEA).

In such cases, we ensure appropriate safeguards, such as:

• Standard Contractual Clauses approved by the European Commission

10. DATA RETENTION

We retain your data only as long as necessary:

• for the duration of the contractual relationship

• as required by law (e.g. accounting obligations)

• until you withdraw consent (for marketing)

After that, data is deleted or anonymised.

11. DATA SECURITY

We implement appropriate technical and organisational measures to protect your data against:

• unauthorised access

• loss

• misuse

However, internet transmission is not completely secure, and you provide data at your own risk.

12. THIRD-PARTY LINKS AND SOCIAL MEDIA

Our website may contain links to third-party websites.

We are not responsible for their privacy practices.

If you log in via social media, certain profile data may be shared depending on your settings.

13. YOUR RIGHTS UNDER GDPR

You have the following rights:

• Right to access your data

• Right to rectification (correction)

• Right to erasure (“right to be forgotten”)

• Right to restriction of processing

• Right to data portability

• Right to object (including direct marketing and profiling)

• Right to withdraw consent at any time

• Right to lodge a complaint with a supervisory authority

In Croatia, the supervisory authority is:
Croatian Personal Data Protection Agency (AZOP)

14. CONTACT

For all questions or requests regarding your personal data, please contact:

Email: pro-mimato@pro-mimato.hr