Privacy Policy

PRIVACY POLICY
GLOBAL COMPACT NETWORK CROATIA


Privacy Policy and Legal Responsibility for Content / Website Owner

In this privacy policy ("Privacy Policy"), Global Compact Network Croatia (hereinafter: GCMH) explains how we collect and otherwise process personal data.

The term "personal data" or "data" refers to all information that relates to a specific or identifiable person.

If you provide us with personal data of other persons (e.g., your colleagues), please ensure that these persons are aware of this Privacy Policy and that you share their data with us only if you are authorized to do so and if this personal data is accurate.

This Privacy Policy is aligned with the EU General Data Protection Regulation ("GDPR") and other relevant regulations applicable in the Republic of Croatia. The terms used are not gender-specific.



1. DATA CONTROLLER INFORMATION

Global Compact Network Croatia (hereinafter: GCMH), Radnička cesta 37a, 10000 Zagreb, Croatia.
Tel: +385 (0)91 6145439
Email: info@globalcompact.hr



2. CATEGORIES AND TYPES OF PERSONAL DATA WE PROCESS

GCMH processes personal data of potential members and members, business partners, service providers, and external collaborators.

Depending on the purpose, we process the following types of personal data:

  • Full name
  • Job title
  • Postal address, email address, phone number
  • Date of birth, age of the individual
  • Personal identification number (OIB), ID card number
  • IP address or domain name of the computer through which individuals accessed our website



3. PURPOSES OF PERSONAL DATA PROCESSING, LEGAL BASES, AND RETENTION PERIODS

3.1. The purpose of processing your data may be:

  • Implementation of activities defined by the GCMH Statute to achieve the organization’s objectives
  • Informing members about the work of GCMH bodies
  • Informing members of GCMH bodies (e.g., meetings or sessions)
  • Contacting non-member representatives to encourage membership, especially those who have attended our training sessions and/or other events
  • Informing the public about GCMH activities through media
  • Other purposes about which individuals are informed in accordance with the provisions of the General Data Protection Regulation

3.2. The legal bases for data processing may be:

  • Fulfillment of GCMH's legal obligation (applicable legal regulations that GCMH must comply with)
  • Conclusion or execution of a contract
  • Legitimate interest (if it outweighs the interest of the data subject in preventing processing)
  • Your consent
  • Another legal basis in accordance with GDPR

3.3. Retention periods:

We process your personal data until the purpose for which it was collected is fulfilled. After the purpose ceases, we no longer use your personal data, but they remain stored in our system for as long as required by legal regulations. Certain data is retained as follows:

  • Permanently, considering its historical significance for us (e.g., data on governing body members)
  • As long as necessary for fulfilling obligations towards members
  • Data collected through event registration is retained for two years after the year in which the event took place
  • Data collected based on consent is retained until you withdraw your consent



4. TECHNICAL AND ORGANIZATIONAL MEASURES FOR DATA PROTECTION

Our technical and organizational protection measures include:

  • Adhering to strict security procedures to minimize the risk of data destruction, unauthorized disclosure, unauthorized access to your data, and other violations
  • Storing equipment and premises containing personal data in a secure environment with restricted physical access
  • Using firewalls, strong passwords, antivirus programs, encryption, and pseudonymization for data protection
  • Restricting access to personal data only to authorized personnel in our organization, determined by internal decisions
  • Binding our employees to confidentiality regarding all data they become aware of in their work
  • Regular training for employees to ensure a satisfactory level of awareness about personal data protection



5. YOUR RIGHTS REGARDING PERSONAL DATA PROCESSING

Regarding the data we process about you, you have the right to:

  • Access your data and be informed about which data we process, how we process it, for what purpose, and the retention periods applied
  • Correction and/or supplementation
  • Deletion (right to be forgotten)
  • Restriction of processing
  • Data portability to you or third parties
  • Withdrawal of consent
  • Objection to data processing

In exercising these rights, exceptions may apply under the General Data Protection Regulation. For example, if the processing is not based on a contract/consent or if data portability is technically unfeasible, there is no obligation to comply with the portability request.

To submit a request regarding these rights, please contact:
Email: info@globalcompact.hr
By mail or in person: Global Compact Network Croatia, Radnička cesta 37a, 10000 Zagreb, Croatia

We will respond as soon as possible, but no later than 30 days.

If you believe that our data processing does not comply with regulations, you may file a complaint directly with the competent supervisory authority.

In Croatia, the competent supervisory authority is:
Croatian Personal Data Protection Agency (AZOP)
Ulica grada Vukovara 54, 10000 Zagreb, Croatia
+385 (0)1 4609 000
www.azop.hr

If you withdraw your consent, the data processing carried out before the withdrawal remains lawful.


6. DATA RECIPIENTS / CATEGORIES OF RECIPIENTS, DATA TRANSFER TO THIRD COUNTRIES, AND AUTOMATED DECISION-MAKING

GCMH is a local network of UN Global Compact (hereinafter: UNGC).

UNGC is the world's largest initiative for sustainable development and corporate sustainability, with over 20,000 members worldwide. As a special initiative of the UN Secretary-General, UNGC has been given the mandate to guide and support the business community worldwide in making progress and achieving the Sustainable Development Goals and the 2030 Agenda.

Local UNGC networks, including GCMH, enhance corporate sustainability at the national and regional levels, helping companies understand local opportunities, challenges, and expectations.

To achieve this goal and to inform UNGC, we share certain personal data with them through the Global Compact Office, which is located in the United States (hereinafter: USA). For this purpose, we have signed an agreement that contains specific provisions to ensure the protection and security of your data in accordance with the General Data Protection Regulation (GDPR).

For more information on how UNGC processes your personal data, please read their privacy policy here: UNGC Privacy Policy

In our operations, we also use external support services (e.g., accounting services, marketing and PR services, IT services, services for creating and maintaining websites and social media, etc.), and they are also recipients of data. With external service providers, we sign contracts that ensure adequate protection of your data in accordance with the General Data Protection Regulation.

If in the future we cooperate with other organizations and/or business entities with which we will be joint controllers of personal data (jointly determining the purposes and methods of processing data), we will regulate shared and individual responsibilities with them to ensure the protection and security of the data we process.

Certain activities (training sessions, meetings, etc.) are conducted via Zoom.
For information on how Zoom processes your data, please read their privacy policy here: Zoom Privacy Policy

Additionally, in order to inform the public and members, we use LinkedIn, which processes your data as described in their privacy policy: LinkedIn Privacy Policy

Other partner organizations, lecturers, and public authorities may also be recipients of data within the framework of the cooperation we have with them or as required by law.



7. USE OF COOKIES

Our website applies cookies, which are text files that the website you visit stores through the internet browser you use on your computer.

Cookies are used for the proper functioning of all website features and to enhance the user experience. Cookies can be either temporary (stored only during visits to the website) or permanent (remain stored on the user's computer after the visit).

For the GCMH website to function properly and securely, cookies that ensure this must always be enabled (necessary cookies). Necessary cookies are pre-enabled and cannot be disabled in browser settings or in our cookie banner.

In addition, you can change your internet browser settings to choose whether to allow or reject requests to store cookies, to delete stored cookies automatically when closing the internet browser, and more. Internet browsers are usually set by default to accept cookies, but you can easily adjust this by changing your browser settings.

By disabling cookies, you decide whether to allow cookies to be stored on your computer.
For information on cookie settings, choose the browser you use (Chrome, Firefox, Edge, etc.).


8. DATA PROTECTION IMPACT ASSESSMENT

We do not process personal data in a way that poses a high risk to individuals' rights. If such processing ever becomes necessary, we will conduct a data protection impact assessment in accordance with GDPR.



9. CHANGES TO THE PRIVACY POLICY

We regularly update this Privacy Policy and reserve the right to amend it, informing you via our website in accordance with transparency principles.