Personal data protection policy
Q Experience d.o.o. with all its heads, directors and managers of organizational units and employees is committed to implement the obligation to protect personal data of respondents under the Act Implementing the General Regulation on Data Protection OG 42/2018 and the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27th 2016 on the protection of individuals in connection with the processing of personal data and on the free movement of such data.
Q Experience d.o.o. recognizes the importance of privacy, security and data protection for employee respondents, external collaborators, business partners and clients. That is why our goal is to implement the protection of personal data for all of them and to implement a system that will enable this.
The purpose of collecting personal data from respondents is based on the law requirements, in order to comply with legal obligations, fulfill contractual obligations or on the consent of respondents. The respondent is regularly informed about all data we receive from other sources, so if they are needed for further processing, the consent of the respondent will be requested. The respondent may always withdraw consent to the processing of his data in certain records. It may also request the deletion of data using the principle of forgetting personal data.
Protecting the privacy of respondents’ data is a permanent obligation of Q Experience d.o.o. as a manager and RK MREŽA USLUGA d.o.o. as the executor and all persons who are in any way in contact with the data.
The data collected from the respondents is kept in appropriate manner, in accordance with the law, ensuring all organizational, technical and programmatic protection measures in accordance with their confidentiality. All data must be protected from loss, destruction, alteration / falsification, manipulation and unauthorized access, as well as against unauthorized disclosure. The collected data will not be transferred to third parties without the legal basis or explicit permission of the respondent.
For everything that the respondent considers inappropriate in the processing of personal data, he should inform the data protection officer and appropriate corrective measures will be taken.
Collection and processing of data from natural persons under the age of 16 is permitted only with the legal permission or consent of a parent or legal guardian.
This statement on the personal data protection policy of the respondents will be made public, and obliges all employees to adhere to it and implement it in practice. Any violation of it will be treated as a serious duty violation.