Privacy Policy

The company Polyclinic Dr. Ivan Drinković, Ulica Bogoslava Šuleka 5, Zagreb, OIB: 64514247517, (hereinafter “we”), as the service provider of the website www.drinkovic.hr will take all measures to protect your privacy and your personal data.

In this document you will find information relating to the privacy of personal data collected through the use of the website www.drinkovic.hr or personal data from persons who contact us in any other way.

For the purpose of full transparency and maximum security when using our pages, we ask you to carefully read this document so that you can more easily understand what data we collect from you and how we use that data. If you do not agree with these terms, please leave and do not access or use the website www.drinkovic.hr.

If you agree with the rules, electronic confirmation means that you confirm that you have read, understood, and agree with these Privacy Rules and that you give us consent for the collection, processing, and sharing of data in accordance with this document and legal provisions. All matters not specifically regulated by this document are governed by the General Terms and Conditions of the website www.drinkovic.hr.

For easier understanding, it is necessary to highlight the following terms:

1. “Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data – General Data Protection Regulation (EU GDPR)

2. “Personal data” – means any data relating to an individual whose identity has been established or can be established (“data subject”); an individual whose identity can be established is a person who can be identified directly or indirectly, in particular by means of an identifier such as a name, identification number, location data, online identifier or by means of one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that individual;

3. “Processing” -means any operation or set of operations which is performed on personal data or on sets of personal data, whether by automated or non-automated means such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

4. “Pseudonymization” – means the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data cannot be attributed to an individual whose identity has been established or can be established;

5. “Filing system” – means any structured set of personal data accessible according to specific criteria, whether centralized, decentralized or dispersed on a functional or geographical basis;

6. “ Controller” – means a natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union law or the law of a Member State, the controller or specific criteria for its appointment may be provided for by Union law or the law of a Member State;

7. “Processor” – means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;

8. “Consent” – of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;

9. “Personal data breach” – means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed.

In the following points, we would like to inform you about the processing of personal data when visiting and using our website. Personal data are all data that identify you, e.g. first name, surname, address, email address, telephone number, and user behavior.

If you have any questions regarding the protection of personal data, please contact us by e-mail at tajnistvo@drinkovic.hr

1. Controller

Controller: Polyclinic Dr. Ivan Drinković, Ulica Bogoslava Šuleka 5, Zagreb, OIB: 64514247517, e-mail:tajnistvo@drinkovic.hr.

Data Protection Officer: The user may at any time direct all inquiries, requests, uncertainties, petitions, or complaints to the data protection officer at the e-mail: tajnistvo@drinkovic.hr

2. Purpose and legal basis for collecting personal data

We process your personal data in various situations for different purposes. When visiting our website, where we also use cookies, we also use your data to monitor the number of visits and to improve our services. Polyclinic Dr. Ivan Drinković collects and uses personal data in order to enable you to perform activities through the website www.drinkovic.hr, all for the purpose of improving the operation of the website www.drinkovic.hr, creating a database of its users, for marketing purposes, to contact you or deliver marketing notifications, improve our advertising and promotional efforts, and analyze the use of the website www.drinkovic.hr. We may also use personal data for statistical purposes, then for problem solving, carrying out administrative tasks, and establishing contact with you.

By providing your personal data and accepting these General Terms of Personal Data Protection, you agree that Polyclinic Dr. Ivan Drinković informs you about promotional activities and services it offers.

In addition to your personal data, Polyclinic Dr. Ivan Drinković may also collect from you other data that cannot identify you and are not considered personal data (for example, data on the way the pages are used, data about your computer, Internet provider, your preferences, hobbies, interests, activities), which enable us to select data for the user in a higher-quality, more precise, and more personal way, i.e. in order to improve the pages and additionally direct and adapt their content to the audience visiting them. Based on these data, we learn which content is most popular among which audience.

We may collect the following types of data:

• Contact data – first name, surname, date of birth, address, contact number, email address

• Website usage – the way you use our website, including information collected through cookies and other tracking technologies

• Video recordings – in the case of presentations at fairs, conferences, and other similar events, we may cover the event by taking photographs or recording video material

• Information about our services– including user identity, invoice or contract number, and information about the fact of using our services

• Information on user history– level of satisfaction, received offers, including quantity and date of use, complaint history, service history.

The use of personal data in accordance with personal data protection regulations must be justified on one of the legal “grounds”.

The legal grounds for use are legitimate interest, the consent of the data subject, performance of a contractual obligation, and fulfillment of legal obligations.

Legitimate interest: This processing is based on the legitimate interest of the company Polyclinic Dr. Ivan Drinković in promoting and providing information about its services, as well as for the purpose of maintaining the highest standards of sales of services from its offer. The fundamental rights and freedoms of existing and potential users have been weighed against the interest of the company Polyclinic Dr. Ivan Drinković to process personal data for the stated purpose.

Consent: Polyclinic Dr. Ivan Drinković uses direct marketing based on your personal data in order to inform you about news and promotions in our offer, special benefits, presentations of new services, as well as our appearances at fairs, conferences, and other events exclusively with your consent. Consent for direct marketing may be withdrawn at any time. Any person may also object at any time to the processing of data for the above purpose.

Performance of a contractual obligation: The processing is based on the fulfillment of an obligation undertaken by contract.

For the purpose of fulfilling legal obligations: The processing is based on the obligation of the company Polyclinic Dr. Ivan Drinković to fulfill its legal obligations as Controller, for example on the basis of accounting and bookkeeping regulations.

3. How we collect personal data

Polyclinic Dr. Ivan Drinković collects your personal data, among other things, in the following cases:

• if you contact us directly to request information or schedule our services

• when you engage in certain activities on the website www.drinkovic.hr, such as ordering services, subscribing to the newsletter or filling out surveys, communications and comments, sending us feedback, requesting information about our services, applying to a job advertisement, we may ask you to provide certain additional personal data

• if you use our services

• if you respond to our direct marketing campaigns, for example by filling out a data entry form on our website

• if our partners or principals provide us with your data in a permitted manner

Note: if you are under 16 years of age, please do not provide us with any data without the approval of a parent or guardian.

4. What personal data do we collect?

If you only browse our web pages, then we collect the following personal data within our logs:

– IP addresses (see below Cookies)

If you use our services, then we collect the following personal data:

• First and last name

• OIB

• Address

• Email address

• Telephone numbers

• information about your computer or mobile device (e.g. your IP address and browser type, device type)

• information about how you use our services (e.g. which pages you viewed, the time when you viewed them, and what you clicked).

Although we do not actively collect them, we may store any personal data you disclose during live chat, in support requests (tickets), or in e-mail messages.

5. Cookies and IP addresses

5.1. When do we collect cookies?

When you visit the page only for information purposes, e.g. if you do not wish to register or otherwise provide information about yourself, in that case we collect only the personal data that your browser transmits to our server. If you wish to visit our website, please note that we collect the following data which are technically necessary for us in order to display our website to you and to ensure its stability:

IP address

Date and time of access

Operating system

Time zone difference compared to Greenwich Mean Time (GMT)

Content of the request (specific page)

Access status/HTTP status code

Javascript activation

Java disabled / enabled

Cookies enabled / disabled

Amount of transferred data

URL data about the previously visited page

Browser type

Operating system and its interface

Language and version of browser software

The legal basis for the processing of pseudonymous data described under point 2.1 is Art. 6 para. 1 f) of the General Regulation, namely legitimate interest (improvement of the website and user experience for users and data protection).

5.2.  In addition to the aforementioned data, cookies are stored on your computer when you visit our website. Cookies are small text files stored on your hard drive through the browser you use, through which certain information travels to the source that sets the cookies. Cookies cannot run programs or transmit viruses to your computer. They serve to make the Internet simpler and more efficient for the user.

5.3.  Use of cookies:

a) This website uses the following types of cookies, the scope and functioning of which are explained below:

Temporary cookies (see b).

Persistent cookies (see c).

b) Temporary cookies are automatically deleted when you close your browser. They mainly refer to session cookies. They store so-called session identifiers, which can be assigned to an ordinary session depending on your browser request. This makes it possible to recognize your computer when you revisit our website. Session cookies are deleted when you log out or when you close your browser.

c) Persistent cookies are automatically deleted after a certain period which depends on the cookie. You can delete cookies yourself at any time in your browser’s security settings.

d) You can configure browser settings according to your own wishes and can, for example, refuse the acceptance of third-party cookies or all cookies. Please note that in that case you may not be able to use all functions of the website.

e) We use cookies in order to identify you during subsequent visits, in the event that you have registered on our website. If not, you have to log in during every visit to our website.

f) The Flash cookies used are not collected by your browser, but by your Flash plug-in. We also use HTML5 storage objects which are stored on your mobile device. These objects store the necessary data independently of your browser and do not automatically have an expiration date. If you do not want the processing of Flash cookies, you must install an appropriate add-on, e.g. “Better Privacy” for the Mozilla Firefox browser (https://addons.mozilla.org/de/firefox/addon/betterprivacy/) or Adobe Flash cookie remover for Google Chrome. You can prevent the use of HTML5 storage objects by using private mode while using your browser. We also recommend that you regularly manually delete your cookies and browsing history.

(4) Of course, you can also browse our website without using cookies. Internet browsers are set to accept cookies. In general, you can deactivate the use of cookies at any time through your browser settings. Please use your browser’s help functions to find out how you can change these settings. Please note that some features of our website may sometimes partially or completely not function if you disable the use of cookies.

(5) The legal basis for data processing in accordance with the above is Article 6 (1) point f) of the GDPR. Our interests in data processing mainly arise from the desire to enable the use of the website in a way that ensures its operational stability and security. We store personal data, unless otherwise stated, only for as long as is necessary to achieve the desired functions.

(6) If we use contracted service providers for individual functions of our offers or if we use your data for advertising purposes, we will inform you in detail about this. We will also specify certain criteria for the storage period.

6. Plug-ins

Google Analytics

Like many other websites, we use Google Analytics to collect anonymous data about users of our websites, in order to find out how often they visit our websites, which pages they visit, what time they visit them, how long they stay, and which country they come from. These data are collected using cookies and IP addresses, and the resulting statistics are used for the following purposes:  to improve website usability. to monitor the success of marketing campaigns. to analyze behavior patterns.

More information on how Google uses data collected from our websites can be found here: https://policies.google.com/privacy/partners?hl=hr&gl=uk

a) The website uses Google Analytics, and the web analytics services are provided by Google, LLC. (“Google”). Google Analytics also uses cookies, that is, text files that are stored on your computer and enable the analysis of your use of the website. The information generated by the cookie relating to your use of this website is transmitted to a Google server in the USA and stored there. By activating IP anonymization of the website, Google will shorten your IP address within the member states of the European Union or other parties included in the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.

b) Google will, on our behalf, use these data for the purpose of analyzing your use of the website, and will prepare reports on website activities and provide us with information about other products and services related to website activity and Internet use.

c) Google may not associate the IP address obtained from your browser with any other data stored by Google. Google may also transfer these data to third parties if required by law or if those third parties process these data on behalf of Google.

d) You can delete cookies on your computer at any time via the appropriate menu in your browser or by deleting them from your hard drive. For more information, select the Help menu in your browser.

e) You can refuse the use of cookies by selecting the appropriate settings in your browser; however, we recommend that in this case you may not have access to the full functionality of this website. You can also prevent the sending of data about your use of the website (including your IP address), generated by the cookie, to Google and can prevent the processing of the data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en

f) Further information is available at http://tools.google.com/dlpage/gaoptout?hl=en. We would like to emphasize that the code “_anonymizeIp();” has been added to Google Analytics on the website in order to guarantee anonymity when collecting IP addresses (so-called IP address masking).

Google Maps

This website uses the Google Maps API for the visual display of geographical information. When using Google Maps, Google also collects, processes, and uses data about the use of map functions by visitors. More information about the processing of Google’s data can be found in Google’s Privacy Policy. You can also change your personal data protection settings in the Data Protection Center.

Google Web Fonts

Google Fonts are used to improve the visual presentation of various data on this website. Web fonts are transferred to the browser cache when opening the page so that they can be used in displays. If your browser does not support Google Web Fonts or does not allow access, the text will be displayed in a default font.

The data provided when connecting to the page are sent to domains of specific sources such as fonts.googleapis.com or fonts.gstatic.com. These data are not associated with data that can be collected or used during simultaneous use of Google services.

In your browser, you can set fonts not to be downloaded from Google servers (e.g. by installing add-ons such as NoScript or Ghostery for Firefox.). If your browser does not support Google Fonts or if you prohibit access to Google servers, the text will be displayed in a default font.

Mailchimp

We use MailChimp as the newsletter subscription automation platform. By clicking the ‘Subscribe’ button, you agree that your e-mail address will be stored in the MailChimp database in order to be processed in accordance with their privacy policy and terms of use.

Mailchimp privacy policy can be found at https://mailchimp.com/legal/privacy/

You can withdraw your consent at any time by clicking the ‘unsubscribe’ (or ‘unsubscribe’) link in the footer of the email message.

Hubspot

We use the service of HubSpot, Inc., HubSpot Ireland Limited under the name Hubspot (www.hubspot.com) to send e-mail messages to users about registration and newsletter status. Hubspot is a cloud-based e-mail service that enables the user reliable e-mail delivery to its customers. HubSpot, Inc., HubSpot Ireland Limited collects data about users who use their website www.hubspot.com and about users who use the products and services offered on their website, including the development, analysis, transfer, and management of emails. HubSpot, Inc., HubSpot Ireland Limited also collects data from end users (customers). Depending on the means used to notify the end user of the status, THubSpot, Inc., HubSpot Ireland Limited collects data from end users such as e-mail address, telephone number, IP address. The data collected by HubSpot, Inc., HubSpot Ireland Limited may be transferred to third countries (United States of America, Ireland, and other countries in which the service providers of HubSpot, Inc., HubSpot Ireland Limited are located) On the Hubspot website you can read more about the method, purpose, processing, your rights, and the storage period of your data: https://legal.hubspot.com/privacy-policy

This website uses Google Tag Manager. This service enables the management of website tags via an interface. Google Tag Manager only implements tags. This means that cookies are not used and personal data are not collected. Google Tag Manager triggers other tags which may, as needed, collect data. However, Google Tag Manager does not access those data. If deactivation has been carried out at the domain or cookie level, it remains valid for all tracking tags if implemented with Google Tag Manager.</span

Google Remarketing

We use the Google Remarketing application in order to contact you again within a period of 12 months. With this application, after visiting our website, our ads can be displayed when you continue to use the Internet. This is done using cookies, which are used by Google to record and evaluate your usage behavior when visiting various websites. In this way, Google can determine your previous visits to our website. According to Google’s own statements, Google does not combine data collected in the context of remarketing with your personal data that Google may store. According to Google, in particular pseudonymization is used for remarketing.

You can prevent inclusion in the tracking process in various ways:

a) by setting your browser software accordingly, in particular by suppressing third-party cookies, you will not receive ads from third-party providers;

b) by deactivating conversion tracking cookies, by setting your browser so that the domain https://support.google.com/ads/answer/7395996 blocks cookies, whereby this setting is deleted when you delete cookies;

c) by deactivating interest-based ads for providers participating in the self-regulation campaign “About Ads” via the link http://www.aboutads.info/choices, whereby this setting is deleted when you delete cookies;

 d) by permanently deactivating Firefox, Internet Explorer, or Google Chrome in browsers at the link http://www.google.com/settings/ads/plugin,

e) by setting your cookie settings accordingly (click here). Please note that in this case you may not be able to fully use all functions of this offer.

For more information on the purpose and scope of Google’s data collection and processing, please see https://policies.google.com/privacy?hl=hr and https://services.google.com/sitestats/hr.html.  In addition, you can also find additional information on the website of the Network Advertising Initiative (NAI) http://www.networkadvertising.org . Google has joined the EU-US Privacy Shield: https://www.privacyshield.gov/eu-us-framework.

Facebook Pixel

This website also uses the remarketing function “Custom Audience” of Facebook Inc. (“Facebook”) in order to contact you again within 180 days. This enables users of the website to see ads according to their interests (“Facebook ads”) when visiting the social network Facebook or other websites. Your browser automatically establishes a direct connection with the Facebook server.

We have no influence on the scope and further use of the data collected by Facebook through the use of this tool and therefore inform you according to our knowledge: By integrating Facebook Custom Audience, Facebook receives the information that you have called up a web page corresponding to ours or clicked on our ad.

If you are registered for the Facebook service, Facebook can associate your visit with your account. Even if you are not registered with Facebook or have not logged in, it is possible that the service provider may obtain and store your IP address and other identification data. The “Facebook Custom Audiences” function can be deactivated in the Cookie settings and for logged-in users at https://www.facebook.com/settings/?tab=ads#_.

For more information about data processing via Facebook, visit https://www.facebook.com/about/privacy.

Social plug-ins

Our social plug-ins (“plug-ins”) use social networks.

In order to raise the level of protection of your data when visiting our website, the plug-ins are not disabled, but are only integrated into the page via an HTML link (the so-called “Shariff solution”). This integration ensures that no connection is established with the servers of the provider of a particular social network when our page containing such plug-ins is opened. Clicking one of the buttons opens a new window in your browser and opens the page of the specific service provider, where you can (if necessary after entering login data) e.g. press the Share button.

The purpose and scope of the collected data and the further processing and use of the data by providers on their pages, as well as your rights and settings for the protection of your privacy, can be found in the data protection information of the following providers:

• Instagram (1601 p. California Ave, Palo Alto, CA 94304, USA)

• Facebook Inc. (1601 p. California Ave, Palo Alto, CA 94304, USA)

• Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043 USA)

• Twitter Inc. (795 Folsom St., Suite 600, San Francisco, CA 94107, USA)

7. Newsletter

(1) After giving your consent, you can subscribe to our newsletter, through which we inform you about our current interesting offers. The advertised services are listed in the statement of consent.

(2) We use a ‘double opt-in’ procedure when subscribing to our newsletter. This means that after you register, we will send mail to the mailbox at the email address you provided, in which we will ask you to confirm that you wish to receive our newsletter. If you do not confirm the registration within [24 hours], your data will be blocked and automatically deleted after one month. In addition, we will store your IP address and the time of registration and confirmation. The purpose of this procedure is to give you the possibility to prove your registration and, if necessary, to clarify all circumstances in the event of misuse of your personal data.

(3) The only mandatory data you need to provide us when subscribing to the newsletter is your email address. Providing other data is voluntary, and these data are used so that we can address you personally. After your confirmation, we will store your email address for the purpose of sending news. The legal basis is Art. 6 (1) point a GDPR.

(4) You can withdraw your consent to the sending of the newsletter at any time, and thus cancel the sending of news. You can confirm the withdrawal of consent by clicking on the link contained in every sent newsletter e-mail.

(5) We emphasize that when sending our newsletters, we evaluate user behavior. For the purpose of this analysis, the sent email messages contain so-called web beacons or tracking pixels, which are one-pixel image files stored on our website. During the evaluation, we associate the mentioned data and web beacons with your email address and a special identification.

You may object to this type of tracking at any time by clicking on a separately designated link received by e-mail or by informing us by e-mail. The data are stored for the period during which you are subscribed to news. After cancellation, we store the data anonymously for statistics.

If you contact us (e.g. via form or e-mail), we will store details about you for the purpose of processing the request and for any additional questions. We will delete the mentioned data after they are no longer needed for storage or we will restrict processing if there are statutory obligations to retain them. We only store and use other personal data if we obtain your approval or if it is legally possible to do so without special approval.

8. Processing of personal data via video surveillance

• purpose: protection of persons and property

• legal basis: legitimate interest of the personal data controller

• recipients: we may provide video recordings upon request to competent authorities (police, court) if necessary for conducting proceedings based on special regulations

• retention: recordings obtained through the video surveillance system are kept for a maximum of six months or longer if they are extracted as evidence in court, administrative, arbitration, or other proceedings

• the rights of data subjects are explained in point 13.

9. Retention period of personal data?

We store and process personal data only for as long as necessary to fulfill a specific legitimate purpose, unless a longer retention period is prescribed by applicable regulations for a particular purpose.

In the event of giving consent for marketing, we keep the data for as long as the consent is not withdrawn.

In the event of rejected offers, where no consent for marketing has been given, we keep the data related to the offer for one year, and in the event that you request deletion from us, they will be deleted immediately.

Personal data collected for the purpose of fulfilling the Controller’s contractual obligations are generally retained in accordance with applicable accounting regulations or until you request their deletion, in which case only data on completed transactions are permanently retained.

Personal data that are no longer needed are either irreversibly anonymized or destroyed in a secure manner.

 10. How do we keep your data secure?

We devote the greatest possible attention to maintaining the security of all data and take all appropriate steps in accordance with personal data protection regulations applicable in the Republic of Croatia.

We use various security measures, including encryption and authentication, in order to protect and maintain the security, integrity, and availability of your data.

Among other things, we also use the following measures:

• strictly limited personal access to your data according to the “need-to-access” principle

• secure transfer of collected data,

• installation of firewalls on IT systems for the purpose of prohibiting unauthorized access

• continuous monitoring of access to IT systems in order to detect and prevent misuse of personal data.

All your data are stored on our secure servers and the secure servers of our partners and are accessed and used in accordance with our security rules and standards (or equivalent standards of our subcontractors or business partners).

We may forward your personal data for use to providers of information and communication solutions and services who act as processors. We have concluded contracts with the said processors in which the handling of personal data is prescribed in detail, therefore they are not able to process your personal data without our order and forward them to third parties.

The protection of the privacy of your data is permanent, and Polyclinic Dr. Ivan Drinković takes all measures necessary to protect them in accordance with applicable regulations and good practices. We process personal data in a secure manner, including protection against unauthorized or unlawful processing and against loss.

The user can access personal data on the website www.drinkovic.hr using a password and e-mail address. It is recommended that the user not disclose the password to anyone. In addition, the user’s personal identification information is stored on a server that can only be accessed by selected persons and service providers. You are obliged to take care of the security of your user password and change it periodically.

No transmission of data over the Internet, or any wireless network, can be 100% secure, and therefore Polyclinic Dr. Ivan Drinković cannot guarantee the protection of any information transmitted to, or from, the website www.drinkovic.hr and is not responsible for the actions of any third party to whom such data become available.

11. Where do we store and process your personal data?

The personal data we collect from you are stored on our servers. However, we may share these data with third parties with whom we cooperate for business purposes in order to fulfill the service provision contract towards you, and who may be located outside the European Economic Area. By sending your personal data, you give consent to the processing of these data outside the European Economic Area. We will take all necessary steps so that your personal data, regardless of where they are processed, are secure and treated in accordance with these Privacy Rules and the GDPR.

12. Your data privacy rights

We are pleased to inform you about your rights related to the General Data Protection Regulation. According to the GDPR, from 25 May 2018 onwards you have certain rights relating to your personal data, and we briefly describe them below:

Right of access

You have the right to request confirmation of whether data concerning you are being processed and information about those data according to Art. 14 GDPR. You can exercise your right by contacting us (see below How you can contact us).

Please note that before processing any request for access to data, we must confirm your identity, and it is also possible that we will contact you additionally to make sure that we understood which data you are requesting. Once we confirm your identity, we will provide you with the requested information within 30 days. We will provide you with the requested information free of charge; however, we may charge an administrative fee if the request is manifestly unfounded or excessive, especially if it is repeated.

Right to rectification

In accordance with Article 16 GDPR, you have the right to request completion or correction of inaccurate data concerning you.

Right to erasure (Right to be forgotten)

In accordance with Article 17 GDPR, you have the right to request deletion of relevant data if no legal obligations prevent such deletion.

Right to restriction of processing

You have the right to request restriction in data processing in accordance with Art. 18.

Right to data portability

You have the right to request obtaining the data you have provided to us in accordance with Art. 20 GDPR and additionally request transfer to other processors

Right to object

You have the right to object to future processing in accordance with Art. 21 GDPR at any time. You can exercise your right by contacting us (see below How you can contact us).

Right to withdraw

You have the right to withdraw your consent at any time in accordance with Art. 7, Para. 3 GDPR, relating to the future.

Right to inform supervisory authorities

In accordance with Art. 77 GDPR, you have the right to lodge a complaint with the competent supervisory authorities.

13. Confidentiality of third-party data

On our website, we may place links to the websites of our business partners. If you follow that link to any of those websites, please note that those websites are subject to their own privacy policies and that Polyclinic Dr. Ivan Drinković has no responsibility whatsoever in relation to those policies. Please review such policies before entering or submitting your personal data on or through such websites.

These Personal Data Privacy Rules apply only to the use and utilization of data that Polyclinic Dr. Ivan Drinković collects from data subjects. Other websites that may be accessed via the website www.drinkovic.hr have their own confidentiality and data collection statements and methods of their use and publication on them.

If you switch to any such page, we recommend that the user review that page’s data confidentiality statement. Polyclinic Dr. Ivan Drinković is not responsible for the methods and terms of operation of third parties.

We reserve the right to amend these Privacy Rules at any time, for any reason. You will be notified of any change to these Privacy Rules on our website. Amendments and supplements to the general personal data protection terms enter into force immediately after their publication on the website www.drinkovic.hr.

We may periodically remind you of the Privacy Rules by e-mail, while the valid version of the Privacy Rules is always available on the website.

14. Changes to our Privacy Rules

We regularly review and update our Privacy Statement as needed and reserve the right to change our privacy rules. Therefore, we ask you to read the Privacy Statement from time to time and to apply the one that is valid at that time.

15. How can you contact us?

Your questions, comments, and requests related to the Privacy Statement are welcome and in connection with this you can contact us by e-mail message at tajnistvo@drinkovic.hr.

You may contact us at the above address if you wish to exercise any of your rights listed below.

At any time you have the right to:

• ask us to provide you with additional information about how we use your data

• have us send you a printout of the personal data you have given us

• ask us to correct any inaccuracies in the data we hold

• ask us to delete any data in relation to which we no longer have a legal basis for use,

• in cases where processing is based on consent and in relation to any direct marketing, withdraw your consent with effect for the future so that we stop such specific processing

• object to any processing [including profiling] based on legitimate interest due to your specific situation, unless the reasons for carrying out such processing outweigh the right to protection of personal data

• ask us to restrict the way we use your data, e.g. while the objection is being processed

• the right to data portability