This Privacy Policy explains how ValiamTech j.d.o.o. ("Valiam Tech", "we", "us") collects, uses, and protects personal data when you visit valiamtech.com or contact us by email. We process personal data in accordance with the EU General Data Protection Regulation (Regulation (EU) 2016/679, "GDPR") and the Croatian Act on the Implementation of the GDPR (Zakon o provedbi Opće uredbe o zaštiti podataka).
1. Data controller
2. What data we collect
We only collect personal data you actively provide, plus a minimal amount of technical data needed to run the website.
Data you submit to us
- Contact form & email: name, email address, the company you represent, and the content of your message.
- Business correspondence: any information you share with us in the course of a pilot, partnership, or sales discussion.
Data collected automatically
- Server logs: IP address, user agent, referrer, request timestamps and URLs — retained briefly for security and debugging.
- Essential cookies: see our Cookie Policy for the full list.
We do not run advertising trackers, behavioural analytics, or third-party social pixels.
3. Why we use it and on what legal basis
- To respond to your enquiry — legal basis: pre-contractual measures and our legitimate interest in replying to people who contact us (Art. 6(1)(b) and (f) GDPR).
- To provide and improve the website — legal basis: legitimate interest in operating a stable, secure website (Art. 6(1)(f)).
- To comply with legal obligations — for example, accounting and tax record-keeping (Art. 6(1)(c)).
- For marketing, only where you have given prior consent (Art. 6(1)(a)). You can withdraw consent at any time.
4. How long we keep it
- Enquiry emails and contact-form submissions: up to 24 months after the last contact, then deleted unless a business relationship is ongoing.
- Customer and supplier records: retained for the period required by Croatian tax and accounting law (generally 11 years).
- Server logs: rotated within 30 days.
5. Who we share it with
We do not sell personal data. We share it only with service providers acting as processors on our behalf, under written data processing agreements:
- Email and productivity providers used to handle correspondence.
- Hosting and infrastructure providers used to operate the website.
- Accounting and legal advisors, where strictly necessary.
Where a provider is located outside the European Economic Area, we rely on the European Commission's Standard Contractual Clauses or an adequacy decision to ensure an equivalent level of protection.
6. Your rights under the GDPR
As a data subject, you have the right to:
- Access the personal data we hold about you.
- Request correction of inaccurate or incomplete data.
- Request deletion ("right to be forgotten"), subject to legal retention obligations.
- Restrict or object to certain processing.
- Receive your data in a portable, machine-readable format.
- Withdraw consent at any time, where processing is based on consent.
- Lodge a complaint with the Croatian supervisory authority — Agencija za zaštitu osobnih podataka (AZOP), Selska cesta 136, 10000 Zagreb, azop.hr.
To exercise any of these rights, email AutoValuerapp@gmail.com. We respond within 30 days.
7. Security
We apply technical and organisational measures appropriate to the risk, including encrypted connections (TLS), access controls, and the principle of least privilege. No system is perfectly secure, but we work to ensure personal data is handled responsibly.
8. Children
Our services are intended for businesses. We do not knowingly collect personal data from anyone under 16.
9. Changes to this policy
We may update this policy as our products and the law evolve. Material changes will be reflected in the "Last updated" date above. Continued use of the site after an update constitutes acceptance of the revised policy.
10. Contact
Questions about this policy or about how we handle your data: AutoValuerapp@gmail.com, or by post at the registered office above.