Privacy Policy

Updated: May 04, 2026

1. Introduction

Biro Stan Upravljanje, d.o.o. respects the privacy of data subjects and processes personal data in accordance with applicable data protection regulations. This Privacy Policy provides information about which personal data we process, for what purposes, on which legal basis, and the rights of data subjects.

+385(0)22/244-712

opci.poslovi@upravljanje.hr

Obala Hrvatske ratne mornarice 2 22000 HR-Šibenik, Hrvatska

2. Data Controller

Biro Stan Upravljanje processes personal data in accordance with the provisions of EU Regulation 2016/679 of the European Parliament and Council of 27 April 2016 on the protection of individuals regarding the processing of personal data and the free movement of such data (General Data Protection Regulation, hereinafter: GDPR), the Act on the Implementation of the GDPR (NN 42/2018), and other applicable laws regulating this area.

For the purposes of this Privacy Policy, natural persons whose data is processed ("data subjects" as defined in the GDPR) are referred to as Users.

Biro Stan Upravljanje processes personal data based on:

• the performance of a contract or actions taken at the request of the data subject before entering into a contract (Art. 6(1)(b) GDPR),
• fulfilling legal obligations of the data controller (Art. 6(1)(c) GDPR),
• legitimate interests of Biro Stan Upravljanje, especially for communication, system security, and building management (Art. 6(1)(f) GDPR),
• consent of the data subject, where applicable (Art. 6(1)(a) GDPR).

3. Principles of Personal Data Protection

Biro Stan Upravljanje pays special attention to the following principles when processing personal data:

• lawfulness, fairness, and transparency: data processing must have a legal basis, and users must be informed about processing and its purposes;
• purpose limitation: data must be collected for explicit, legitimate purposes and not further processed incompatibly, except for archival, scientific, historical, or statistical purposes;
• data minimization: only data necessary for the stated purpose should be collected;
• accuracy: personal data must be accurate and kept up to date;
• storage limitation: data must be kept only as long as necessary for the purposes collected;
• integrity and confidentiality: data must be secured against unauthorized processing, loss, destruction, or damage;
• accountability: the data controller is responsible for compliance with these principles.

4. Data We Collect

Biro Stan Upravljanje processes personal data of Users accessing and using our website upravljanje.hr, as well as those using services available through our website. Personal data is usually provided directly by Users.

We collect personal data:

1. When using our website
2. When filling out the contact form

The following data may be collected:

• Full name
• Address
• Email address
• Phone number
• Through contact or reporting a malfunction
• Emergency intervention data for buildings, where the contact number differs from the page owner’s number
• Automatically collected data (e.g., IP address, browser technical data) solely for security and website functionality purposes

5. Purpose of Data Processing

Data is processed for the following purposes:

• Contacting users to resolve administrative or technical issues (Art. 6(1)(b) and (f) GDPR)
• Reporting malfunctions or issues in the building and coordinating required interventions (Art. 6(1)(b) GDPR)
• Providing information and communication related to website or building services (Art. 6(1)(f) GDPR)

6. Data Sharing

We may share personal data with the following recipients:

• Processors providing services according to this Privacy Policy under a legal agreement ensuring data protection;
• Third-party service providers assisting with payment processing, IT support, financial advisory services, etc., who are obligated to comply with GDPR and this Privacy Policy;
• Authorities, regulatory bodies, government agencies, courts, or third parties if disclosure is necessary for legal compliance, protection of rights, or vital interests;
• Any other persons (e.g., clients or third parties) with your consent.

Transfer of Personal Data to Third Countries
The data controller does not and will not transfer personal data to countries outside the EU or European Economic Area.

7. Data Security and Storage

Data is stored on secure servers and used only for purposes outlined in this Policy. Appropriate technical and organizational measures are taken to protect your data from unauthorized access, loss, or misuse.

8. Data Retention

Data is kept only as long as necessary for the purpose it was collected or as required by law.

9. User Rights

Users have the following rights under GDPR:

• Right of access – Users can obtain confirmation from Biro Stan Upravljanje whether their personal data is being processed and access details about purpose, data categories, recipients, storage periods, and sources.
• Right to rectification – Users can correct inaccurate personal data without undue delay.
• Right to erasure (“right to be forgotten”) – Users can request deletion of personal data if no lawful reason exists for further processing.
• Right to restriction of processing – Users can restrict processing in certain situations (accuracy dispute, unlawful processing, legal claims, objection pending).
• Right to data portability – Users can receive personal data in a structured, commonly used, machine-readable format and transfer it to another controller if processing is based on consent or contract and automated.
• Right to object – Users can object to processing based on legitimate interests at any time.

Exercising user rights:
For questions or requests regarding personal data, contact Biro Stan Upravljanje at: info@zadar-stan.hr.

Requests will be handled without undue delay in accordance with legal obligations, and you will be informed about actions taken.

If you believe Biro Stan Upravljanje is processing your data unlawfully and the issue cannot be resolved with us, you have the right to lodge a complaint with the Supervisory Authority (Agency for Personal Data Protection – AZOP).

10. Changes to the Privacy Policy

ZADAR-STAN may update, modify, or supplement this Privacy Policy periodically in response to legal, technical, or business developments. Updated policies take effect on the date of publication, and Users will be informed of significant changes.