Privacy and Personal Data Protection Policy

GIK SERVICES d.o.o.
Pile I. 1, 10000 Zagreb
OIB: 48480722799
Email: info@gik-services.hr
Web: www.gik-services.hr

1. Introduction

GIK SERVICES d.o.o., with its registered office at Pile I. 1, 10000 Zagreb, processes personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and the relevant laws of the Republic of Croatia. Through this Policy, we aim to clearly and transparently explain how we collect, use, and protect your personal data, as well as your rights in relation to such processing.

2. Principles of Processing

We process personal data:

• lawfully and fairly,
• for clearly defined purposes,
• to the extent necessary and justified,
• by applying appropriate technical and organisational security measures,
• while ensuring your rights as a data subject.

 

3. Data Controller

GIK SERVICES d.o.o. acts as an independent data controller. In cases where the nature of the service requires, we may cooperate with third parties acting as processors, always ensuring the lawfulness of processing and the protection of your privacy.

4. Data Protection Officer

For any questions related to the protection of your personal data, you can contact us via:

• Email: zp@gik-services.hr
• Address: GIK SERVICES d.o.o., Pile I. 1, 10000 Zagreb
  (Attn: Data Protection Officer)

5. Purposes and Legal Bases of Processing

We process personal data for the following purposes:

• Fulfilment of contractual obligations, e.g. in relation to building management and maintenance, notifications to co-owners, record-keeping of reserve funds, etc.;
• Compliance with legal obligations, for example under tax or other applicable regulations;
• Pursuit of legitimate interests, such as service improvement, building security, or responding to your inquiries and complaints;
• Based on consent, when explicitly requested for a specific purpose.

6. Categories of Personal Data Collected

Depending on the type of cooperation and legal basis, we may process:

• Basic identification data (name, surname, OIB – personal identification number, address, contact details),
• Data on ownership and use of properties,
• Payment-related data (account numbers, amounts of reserve fund contributions, utility costs, etc.),
• Employment-related data (where applicable),
• Communication with you (e.g. via email, telephone, or in writing).

If you refuse to provide the necessary data, we may not be able to provide certain services or fulfil contractual obligations.

7. How We Collect Personal Data

We collect personal data exclusively within the scope of our building management and maintenance activities, in ways that are lawful and in the interest of all co-owners. Most commonly, data is collected:

• From building representatives when taking over management, when they provide us with basic information about the building and the owners of individual units;
• From the previous building manager (natural or legal person), to obtain technical, legal, and financial documentation necessary for continued management;
• Directly from co-owners, their legal representatives or proxies – usually via questionnaires, contracts, correspondence, or electronic communication;
• From previous owners, at the time of property sale, when they are still recorded in the system and data must be updated with the new owner;
• From third parties, such as real estate agencies, informing us about changes in ownership;
• From competent authorities, such as notaries, the Ministry of the Interior, courts, and other bodies providing relevant data ex officio or at our request;
• From publicly available registers and databases, when necessary to verify accuracy or update existing data, or to determine the ability to meet financial obligations towards the building.

 

In all cases, we collect only the data necessary for lawful, responsible, and transparent building management – in accordance with the management agreement, applicable regulations, and the legitimate interests of all co-owners.

8. Data Retention

We store your personal data only for as long as necessary to fulfil the purpose for which it was collected, unless a longer retention period is prescribed by law (e.g. tax records, claims for damages, etc.).

If you have given consent for data processing, it may be withdrawn at any time, without affecting the lawfulness of processing prior to withdrawal.

9. Cookies

Our website uses cookies to improve user experience and analyse traffic. By using the website, you consent to the use of cookies. You can manage your cookie settings at any time through your browser.

10. Data Recipients

• Your data may be disclosed to:
• Partners providing services for us (accounting services, IT support, contractors, etc.),
• Public authorities and institutions, where required by law (e.g. courts, tax authorities, land registry offices),
• Utility service providers for the transfer of contractual obligations,
• Banks or insurance companies where required by business cooperation.
• All recipients are obliged to act in accordance with the GDPR and this Policy.

11. Your Rights

In accordance with the GDPR, you have the right to:

• Request access to your personal data,
• Request rectification of inaccurate or incomplete data,
• Request deletion of data when no longer necessary or unlawfully processed,
• Restrict processing in certain situations,
• Transfer your data to another controller,
• Object to processing based on legitimate interests,
• Withdraw consent (where processing is based on consent).

12. Right to Lodge a Complaint

If you believe your rights have been violated, you may file a complaint directly with us, and you also have the right to lodge a complaint with the Croatian Personal Data Protection Agency (AZOP):

• Address: Selska cesta 136, 10000 Zagreb
• Email: azop@azop.hr 
• Web: www.azop.hr
• Tel: +385 (0)1 4609 000

 

13. Changes to the Privacy Policy

We reserve the right to amend this Privacy Policy at any time. The updated version will always be available on our website with a clearly indicated effective date.