Privacy policy

This website inclusively all offered services and products is provided by Welltodo d.o.o. (LLC) Dane Duića 7, located in 10000 Zagreb, Croatia (further on “Service provider”) as the data controller in accordance with the General Data Protection Directive (GDPR).

The protection of your personal data is very important for us. Therefore, we provide detailed information on how we collect and use your data.

Persons under the age of 18 may not use our services.

1. Business purpose

The Service provider presents on this website informatively its products and services, which he is providing to his users e.g. he gives future customers the possibility of establishing a contact with the Service provider.

All information published on this website by us is assembled with care and for general information purposes. We provide no guarantee for the accuracy, completeness and topicality of the information on the website welltodo.hr and websites which are referred to via hyperlinks. We assume no liability for losses or any damages incurred by any visitor of this website through the use or misuse of information published on this website. We accept no responsibility for the contents of third-party websites which may be entered per link via our website.

2. Where personal data is collected and processed?

In general, you can visit our website without providing us your personal data. In this case only data will be collected, which cannot be referred to a person, like e.g. the URL-path, date and time, access status and the type and kind of operating system of the used web browser.

If you want to send us a request using our contact form, the following data will be collected: first- and last name, email address, phone number and your text message.

Server-Log-Files

The website provider automatically collects and stores information in so-called Server-log Files, which are automatically transmitted from the visitors’ browser to the provider. The following data is collected: browser type/ browser version, operating system used, referrer URL, host name of the accessing computer and time of the server request. These data are anonymous and can not be assigned to a particular person. These data will not be combined with data from other sources. These data will be checked by the Service Provider if there are clear indications of a breach of the law.
The basis for the data processing is Article 6 (1) (b) of the EU GDPR which allows the processing of data to fulfill a contract or for measures preliminary to a contract.

wpDiscuz

If you post a comment, your comment with email, name and website URL will be stored by us using the wpDiscuz plugin by gVectors. Find detailed information at https://wpdiscuz.com

You can delete your comments anytime by yourself.

3. Purposes and legal basis of data processing on our website

3.1. Legal basis for the processing of personal data

In general, your personal data are collected and processed following the specifications of the GDPR for the purposes listed below:

a) Fulfilling our contractual obligations according to Art. 6 §1b GDPR
b) Fulfilling legal obligations according to Art.6 §1c GDPR
c) If you have given your consent according Art.6 §1a GDPR
d) A legitimate interest according to Art.6 §1f GDPR

We use the data (phone, email, etc.) provided by you without your permission for purposes, which are in relation to our business relationship and contract fulfillment (according to point 3.1. a)) (like e.g. invoice creation, your enquiries, lost password, necessary contacting) or are required for fulfillment of legal obligations (according to point 3.1. b)) respectively because we have a legitimate interest to design the usage of our website as efficient as possible (according to point d)).

3.2. Statistical analyzes and user-compatible design (Cookies)

3.2.1. Usage of cookies

To design our website appealing and to make some functions possible, we use on several pages so-called cookies. We transmit persistent cookies (also Session-Cookies), which remain also after closing your browser on your device to allow us to recognize your browser and your next visit.

What are cookies? Cookies are small alphanumeric text-files which your browser can save on your device. You can set your browser to inform you about every cookie-save to decide if you want to save the cookie or not. If you do not accept some cookies, we point out, that in this case probably some functions of this website won‘t work properly.

The above-mentioned data processing is carried out based on our legitimate interest according to point 3.1. d) of this Privacy policy.

3.2.2. Google Analytics

This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States. Because of the activation of IP anonymizing on these pages, your IP will be shortened by Google within the EU member states or other signatories of the Agreement on the European Economic Area. Only at exceptional cases the full IP-address will be transmitted to servers of Google in the USA and shortened there. This data transmission occurs based on the EU-US-Privacy-Shield-Certification of Google, which is available under the following URL:

https://www.privacyshield.gov/participant?id=a2zt0000000001L5AAI.

On behalf of the operator of this website Google will use these informations, to analyze the usage of the website, to assemble reports of the website activities and to deliver further website and internet usage related services. The IP-address submitted within the use of Google Analytics in your browser will not be merged with other data of Google.

You can avoid the saving of cookies by adjusting the appropriate settings in your browser; please note that in this case some functions of this website will not be entirely usable. Furthermore you can avoid the recording of website related data (incl. your IP-address) which is being created by the cookie as well as avoid the processing of this data by Google, by downloading and installing the browser-plugin under the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

Please notice, that the opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.

Alternatively, you can prevent Google from collecting your data on this website with clicking on “Managing Cookies”

Further information on terms of use and data privacy you can find under http://www.google.com/analytics/terms/us.html and http://www.google.com/intl/hr/policies/privacy/.

The use of cookies takes place based on a legitimate interest by us according to point 3.1. d) of this privacy policy.

3.2.3. WP Statistics

This website uses WP Statistics a WordPress plugin for web analysis. The provider of this plugin is wp-statistics.com owned by VeronaLabs. This plugin collects and stores data from visitors to our site. Collecting and storing of this data serves the single purpose of website analysis. The use of the WordPress Statistics plugin and the storing of Cookies takes place in accordance with Article 6 (1) (f) of the European General Data Protection Regulation (further on EU GDPR).

This data is processed in anonymous form for creating simple statistics, without saving the IP-addresses. IP anonymization has been activated in the WordPress Statistics plugin, therefore user profiles are created anonymously by using a pseudonym. A personal identification of a visitor is not possible. Cookies are used for collecting and storing usage data (read more about cookies at point 3.2.1. Usage of cookies). The information which is generated by the cookie is transferred to the server of this website and stored. The server is located in Croatia and is subject to Croatian data protection. We will not pass or sell your data to third parties.

The following data is stored:
• anonymized IP address
• origin of visitors (country, used search engines, links etc.)
• date and time of the page view
• which page was loaded (landing page or other pages)
• the number of accesses
• if the visitor of our website arrived via a search engine: the (“search words”).

You can find more information regarding this on the developers’ homepage: https://wp-statistics.com

3.2.4. Third-party Affiliate Cookies

Elementor, a third party affiliate marketing network, uses cookies to help make sure we get a commission when you buy a product after clicking on a link or ad banner that takes you to their site.These cookies and/or web beacons are collected by the companies and/or advertising networks, and we do not have access to this information. You can read the Elementor’s Privacy Policy.

Envato Elements, a third party affiliate marketing network, uses cookies to help make sure we get a commission when you buy a product after clicking on a link or ad banner that takes you to their site. These cookies and/or web beacons are collected by the companies and/or advertising networks, and we do not have access to this information.You can read the Envato Element’s Privacy Policy.

Dreamstime, a third party affiliate marketing network, uses cookies to help make sure we get a commission when you buy a product after clicking on a link or ad banner that takes you to their site. These cookies and/or web beacons are collected by the companies and/or advertising networks, and we do not have access to this information.You can read the Dreamstime Privacy Policy.

Please read our Advertisement/ Affiliate-Disclosure under point 8. of this Privacy Policy and here.

3.3. Online-Marketing

This website uses the following services for marketing purposes:

3.3.1. Google Ad Sense

The website welltodo.hr uses Google AdSense, a promotional ads service of the Google Inc. (1600 Amphitheater Pkxy, Mountain View, CA 94043-1351, USA; ”Google”). Google AdSense uses “cookies”, which are being saved on your computer and makes the analyzing of website usage and automatically displaying of ads possible. Google AdSense also uses so called Web-Beacons (small invisible graphics) to collect informations. By using a web-beacon actions like visitor traffic on the website can be recorded and collected.

With the cookie and/or web-beacon created information about your website usage (incl. your anonymized IP) will be transmitted and stored on a server of Google in the USA. This data transfer takes place according to current data protection law, especially considering the eu-us-privacy-shield-certification by Google, wich can be found under following URL: https://www.privacyshield.gov/participant?id=a2zt00000000001L5AAI.

Google will use this information to evaluate the website usage regarding to ads, to assemble reports of website activities and of ads for website operators and to deliver further services regarding the website and internet usage. Also, will Google these informations handover to third parties, as long as it is prescribed by law or third parties process this data in behalf of Google. Google will in no case associate your IP-address with other data of Google. Also, will third parties place cookies in your browser and by this the collected data in anonymized form for ad purposes and for advertising of their products. All information about the usage of your pseudonymous data you will find here https://policies.google.com/privacy?hl=en. You can contradict the use of your pseudonymous data by installing a browser add-on. You can download it here https://www.google.com/settings/u/0/ads/plugin?hl=en.

You can use the Opt-Out possibilities under https://adssettings.google.com/authenticated and there accordingly http://www.youronlinechoices.com/hr/your-ad-choices

3.3.2. Google AdWords

This website uses Google AdWords, a service of the Google Inc. (1600 Amphitheater Pkxy, Mountain View, CA 94043-1351, USA; ”Google”). Google AdWords is a service for internet advertising which allows advertisers to place ads within Google search results and within the Google-Advertising-Network.

Purpose of Google AdWords is the promotion of our website by showing ads on third-party websites and within the search results of the Goolge search engine and showing ads of foreign parties on our site.

Within Google AdWords Conversion-Tracking will also be used. A cookie for conversion tracking will be set, if a user clicks on an ad placed by Google. These cookies expire after 30 days and do not serve to identify the user. If a user visits certain sites, and the cookie is not expired, Google and we can recognize that the user has clicked on the ad and has been redirected to this website. Every AdWords-customer gets another cookie. Cookies can not be tracked across websites of other AdWords-customers. Information collected by conversion-cookies, serves for creation of visit statistics for AdWords-customers, which have decided to use Conversion-tracking. The customers will know the total count of users, which clicked on their ad and has been redirected to a page with a embedded Conversion-tracking-tag. They do not receive any information with which they can recognize the visitor.

Therefore personal information like e.g. visited websites by the person will be stored with the help of conversion-cookies. With every visit of our website personal information, including IP-address of the visitor’s used internet connection, will be send and stored at Google USA. Google will, under certain circumstances, share personal data collected with this technical process with third parties.

If you don’t want to take part in the Tracking, you can disagree to this use by easily deactivating the Google Conversion-Tracking Cookie over your internet browser under user settings. After that you will not be included in the Conversion-Tracking statistics. At the following internet address you can find further information about data protection regulations from Google: https://policies.google.com/privacy?gl=en

3.3.3. Social networks
Social networks are integrated on our website only by link. Additional information is provided in our disclaimer under point 9.

As the provider of this website we also have publicly available profiles in social networks like Facebook and Instagram.
By visiting our social media presence many data-security relevant processing operations are initiated. Because we cannot oversee them exactly, we would ask you to read the Terms and Conditions and the Privacy Policy of the corresponding Social media portals.

Facebook

We have a Facebook-profile. Provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to the statement of Facebook the collected data can also be transferred to the US or third countries.

We have signed a Controller Addendum agreement with Facebook about a joint processing. This agreement shall specify for which processing operations we respectively Facebook is responsible for, when you visit our website. You can read this agreement under the following link: https://www.facebook.com/legal/terms/page_controller_addendum
You can adopt your advertising preferences in your User-Account. To do so, please click on the following link and log-in: https://www.facebook.com/settings?tab=ads
For more details please read the Privacy Policy of Facebook: https://www.facebook.com/about/privacy/

Instagram

We have an Instagram-profile. Provider of this service is Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. More details on how your personal data is collected and proceeded, you can read in the Privacy Policy of Instagram: https://help.instagram.com/519522125107875

3.3.4. Security and protection
Google reCAPTCHA

This website uses Google reCAPTCHA to check and prevent automated servers (“bots”) from accessing and interacting with our website. This is a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 (hereinafter: Google). This service allows Google to determine from which website your request has been sent and from which IP address the reCAPTCHA input box has been used. In addition to your IP address, Google may collect other information necessary to provide and guarantee this service. Through certification according to the EU-US Privacy Shield

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Google guarantees that it will follow the EU’s data protection regulations when processing data in the United States.

The legal basis is accordingly to point 3.1. d) of this Privacy Policy. Our legitimate interest lies in the security of our website and in the prevention of unwanted, automated access in the form of spam or similar.

Google offers detailed information at https://policies.google.com/privacy concerning the general handling of your user data.

WORDFENCE

This website uses WordFence, a security software provided by: Defiant, Inc., 800 5th Ave Ste 4100, Seattle, WA 98104, USA – wordfence.com. We have signed the provided EU-US data protection agreement with the provider. Wordfence collects the IP address when users visit our website, as well as data related to the users‘ behavior on our website like e.g. Header-information or accessed URLs, against internet-based attacks. In this process the IP-address of the user is detected and compared with a list of known attackers and cookies are set for registered users. If a user attempt to gain unauthorized access to e.g. the web administration or perform automated access to the website like e.g. by automated scripts, his IP-address can be stored and disabled for any further access.
More information about the used cookies and their function you can read in our Cookie Policy.

4. Disclosure of data

We handle your personal data strictly confidential and do not refer them to a third party.

Your data will only be disclosed within a normal business processes to our external service provider, an invoice- and accountancy service. Your data will be processed by us and our service provider within the EU.

A further disclosure of your data takes place only on legal duty like e.g. prosecution. We are obliged by law to give information on request.

We would also like to point out, that all data you have given us will not be sold or distributed to third parties for economic reasons.

The processing takes place on the basis of our legitimate interest accordingly to point 3.1. d) of this Privacy policy.

5. How long will your data be stored?

Your personal data will be processed and stored as long as it is necessary for legal and contractual obligations.

If you register with us, your data will be deleted only, if we receive a cancellation-request from you. In this case, your data will be deleted after 14 days if its storage is not required for fulfilling of trade- or tax-law retention requirements. Otherwise the data will be disabled for further use until expiry.

If your data is submitted to third parties within contract processing, these parties are responsible for storage and cancellation of your data.

6. Place of processing

The processing of your data takes place within the EU.
Specified services referred to in point 2.4., could transfer collected data to third countries.

7. How do we use your data?

This Privacy policy is related to our use of data.

If you use services of third parties, their Privacy policy and Terms shall apply. They won‘t be checked by us. We point out as a precaution to check the user conditions by yourself before using their services.

By clicking on one of the links which are positioned on our website you will be forwarded to a website of another provider. In this regard we draw your attention to our disclaimer point 8 and our Affiliate-Disclosure.

8. Disclaimer for foreign links

On our webpage welltodo.hr we refer to other webpages on the internet with links. For all these links we declare explicitly that we do not have any influence on design and contents of these linked sites and therefore dissociate ourselves from all third party linked sites on https://welltodo.hr and reject ownership of such sites.

Usage of Google Webfonts

This website uses external fonts „Google Fonts“, a Service of Google Inc. (“Google”). Inclusion of these fonts is performed by a server call usually a server operated by Google in the USA. Thereby data is transferred regarding which website the visitor has accessed. In this process, the IP address of the visitor’s browser is stored by Google. More information you can find in the Privacy Policy of Google, which you can reach via the following links:
https://www.google.com/fonts#AboutPlace:about
https://www.google.com/policies/privacy/

Affiliate-links / Advertisement-links

On our website advertising links, so-called “Affiliate”-Links are embedded. These links are marked with (*) or named “advertisement”. If a visitor of our website clicks on an Affiliate-Link/Advertisement-Link and via that link buys a certain product or books a paid service of the provider, we receive a provision from that online-shop or provider. The price of the product or service remains for the visitor respectively customer the same.
The General Terms and Conditions and the Data protection regulations of the relevant Online-shop or provider shall apply.

Embedded Contents of Third-Party Websites

On this website third-party content, like videos, pictures etc. is embedded in some places and contributions. This also implies that the provider of these contents perceives the visitor’s IP address, because the content transfer to the browser of the respective user/visitor can not be proceeded without the IP-address. Thus, the IP-address is needed for the presentation of the content.

9. Data safety and encoding

This website uses a secure connection provided by Let’s Encrypt. The TLS-encryption ensures, that the online transmitted data cannot be viewed by third parties, even if they record the full data traffic. A TLS encryption can be recognized by the extension “https://” in the address-bar. Additionally, depending on your browser, a safety lock or key symbol will be displayed in the address-bar of your browser. The communicated data will be saved on a server of our hosting-provider within the EU.

10. Your rights, according to the GDPR

The concerned party has the following rights:

1. the right, according to Art.15 GDPR, to receive information about your personal data stored by us, as well as information on type and purpose of your data processing, information about recipients of personal data and the storage duration of your personal data.

2. the right of data correction or completion, if the data is incorrect or incomplete. (Art. 16(2) GDPR)

3. the right of erasing or blocking of your personal data according to the requirement in Art. 17 GDPR.

4. the right to withdraw your consent for processing your data, which you have provided for the future at any time. The withdrawal can be made via the contact below.

5. the right, to demand restrictions in how we process your personal data according to Art. 18 GDPR

6. the right, according to Art. 20 GDPR, to receive the data you have made available to us as well as to request that your personal data has to be transferred to another controller.

Should you have further questions regarding collection, processing or use of your personal data or if you have information-, blocking-, deletion- or correction-wishes regarding your personal data, which you want to submit to us, as well as revocation of any consents granted, you can freely contact us as the responsible:

Welltodo d.o.o., Dane Duića 7, 10000 Zagreb, Croatia
Contact data: Tel.: 00385 (0)1 6131 778
E-Mail: info@welltodo.hr

Or via our contact form

For complaints you can at any time contact the privacy-supervisory-authority of the EU or the EU member states.

11. Changes to this Privacy policy

As we are constantly refining our services and the functionalities of our website, this can influence the usage of personal data so this Privacy policy will be changed from time to time. Therefore, we invite you to keep yourself informed of the current status. The current version is available on our website.

Status as of 25th November 2019.