top of page
image00017-removebg-preview.png

PRIVACY POLICY

Last updated: 4 August 2025

 

Welcome to the website of Poliklinika Kranjčec (www.poliklinika-kranjcec.com). Your privacy is extremely important to us, and we are committed to protecting personal data in accordance with the General Data Protection Regulation (GDPR) and all relevant Croatian legislation.

 

 

 

 

1. Data Controller

 

 

  • Name: Poliklinika Kranjčec d.o.o.

  • Registered office: Ulica Tomislava Ivčića 20b, 23000 Zadar, Croatia

  • VAT / OIB: 77468505537

  • Telephone: +385 23 324 881

  • E-mail: poliklinika.kranjcec@gmail.com

 

 

 

 

 

2. Categories of Personal Data We Collect

 

 

  • Identification data (e.g., first and last name, VAT/OIB, date of birth).

  • Contact data (e.g., address, telephone number, e-mail).

  • Health data (e.g., medical history, diagnoses, test results, medical images).

  • Technical data (e.g., IP address, device type, browser, cookies).

  • Marketing data (e.g., preferences, reactions to campaigns).

 

 

We collect data through web forms, telephone and e-mail enquiries, when concluding contracts and providing healthcare services, and automatically when you visit our website.

 

 

 

 

3. Purposes of Processing and Legal Basis

 

 

  • Scheduling appointments and providing healthcare services – performance of a contract and legal obligation.

  • Maintaining medical records – legal obligation and public interest in the field of public health.

  • Responding to enquiries – our legitimate interest in providing the information you request.

  • Sending promotional content (newsletters) – only with your consent, which you may withdraw at any time.

  • Analysing traffic and optimising content – legitimate interest in improving website functionality.

 

 

 

 

 

4. Cookies

 

 

We use cookies to:

 

  1. ensure the technical functionality and personalisation of the site,

  2. monitor visitor statistics (Google Analytics),

  3. conduct digital advertising (Google Ads, Facebook Pixel).

 

 

Mandatory cookies cannot be disabled; however, you may disable analytical and marketing cookies in your browser settings or via our consent-management banner.

 

 

 

 

5. Recipients of Data

 

 

  • IT and hosting service providers (under data-processing agreements).

  • Providers of analytics and marketing tools (Google LLC, Meta Platforms Inc.).

  • Competent public authorities when required by law.

 

 

Data are generally processed within the European Economic Area. If, exceptionally, they are transferred outside the EEA, we apply appropriate safeguards such as Standard Contractual Clauses.

 

 

 

 

6. Retention Periods

 

 

  • Medical records: at least 10 years after the end of treatment (in accordance with the Croatian Health Care Act).

  • Accounting documents: 11 years (General Tax Act).

  • Newsletter data: until consent is withdrawn.

  • Analytical cookies: according to tool settings (maximum 26 months).

 

 

 

 

 

7. Data Security

 

 

We implement technical and organisational measures—such as SSL encryption, access control, pseudonymisation and regular security audits—to prevent unauthorised access, loss or misuse of data.

 

 

 

 

8. Your Rights

 

 

You have the right to:

 

  1. Access the personal data we process about you.

  2. Rectify inaccurate or incomplete data.

  3. Erase data (“right to be forgotten”) when they are no longer needed or you have withdrawn consent.

  4. Restrict processing in certain situations.

  5. Data portability to another controller.

  6. Object to processing based on legitimate interest or carried out for direct marketing purposes.

  7. Withdraw consent at any time, without affecting the lawfulness of processing before withdrawal.

  8. Lodge a complaint with the Croatian Personal Data Protection Agency (AZOP), Selska cesta 136, 10000 Zagreb, azop@azop.hr.

 

 

To exercise your rights, contact us in writing or by e-mail; we will respond within 30 days.

 

 

 

 

9. Processing Data of Minors

 

 

Our services are intended for individuals aged 16 and over, unless parental or guardian consent is provided. We do not knowingly collect data from minors without appropriate authorisation.

 

 

 

 

10. Automated Decision-Making

 

 

We do not engage in profiling or automated decision-making that would produce legal or similarly significant effects on you.

 

 

 

 

11. Changes to This Privacy Policy

 

 

We may update this policy from time to time to remain compliant with regulations or technological changes. The published version always shows the date of the latest modification. We encourage you to review it periodically.

 

 

 

Thank you for your trust! For any questions regarding privacy protection, contact us at poliklinika.kranjcec@gmail.com or call +385 23 324 881.

bottom of page