Superklub cares about your privacy and the protection of your personal data. We have published this privacy statement in order to inform you about the methods of collecting and processing personal data that we have about you, about the legal basis on which we collect and process them, about your personal rights that you have in relation to your personal data, and the ways in which you can exercise your rights or protect. Therefore, we kindly ask you to read this Statement in detail and to periodically check this page for possible updates to the Statement in the future.
The company Superklub j.d.o.o. with headquarters in Ružina ulica 133a, 31000 Osijek, OIB: 60147473697 is the manager of the processing of your data (hereinafter: “we”, “us”, etc.) in the sense of the General Data Protection Regulation.
This Statement covers the data we collect about you via the Internet, i.e. via e-mail, the website superklub.hr and other related means of communication.
Any links on our website that lead to other websites are not covered by this Statement and we cannot be held responsible for their content or data processing practices.
What personal data we collect
During your use of the website, we may collect several types of data about you that, alone or in combination with other data, may be considered personal. These are:
• Name and surname
• Telephone number
• E-mail address
• Credit card information
• Your IP address
When we collect your personal data
There are several situations during which we may collect your personal data:
• when you voluntarily provide us with personal data, for example when you fill out an order or user registration form, when you call us at the phone number listed on the website, send us an e-mail or contact us via the contact form;
• when you visit our website, for example IP address data that may be automatically collected when it is absolutely necessary for the security and proper operation of the site;
• when you call us, in which case the conversation can be recorded;
• when we receive data from third parties in accordance with the law, about which we will inform you within 30 days of receiving such data or during the first contact.
We do not collect data from minors, nor do we offer our services to them. We do not process special categories of personal data in the sense of Art. 9. General regulations.
Purposes of using your personal data
We collect and process your personal data:
• to process your order through the web shop, for the purpose of issuing an invoice and sending the ordered goods to your address;
• to register a new user account and membership in the Superclub;
• for communication and response to your inquiries and requests for cooperation;
• for the purpose of organizing award competitions and announcing the names of the winners;
• to analyze website visits and personalize the user experience;
• for sending promotional messages and newsletters.
We reserve the right to forward your personal data to third parties (our professional associates and/or companies with whom we provide services) for the purpose of providing a better service or if you ask us to do so. Likewise, we reserve the right to publicly announce the names of prize winners based on our legitimate interest, i.e. maintaining the transparency and regularity of the competition itself.
We do not forward your personal data to third parties, unless we are obliged to do so by law.
We do not forward your personal data to third countries that are not covered by the adequacy decisions of the European Commission or the Privacy Shield (a decision on the transfer of data between the USA and the EU that prescribes a level of protection equivalent to that of the EU). Visit data and identifiers may be transferred to the USA to the controller Google Inc.
We may forward your personal data to third parties such as accounting services, credit card billing service providers or courier services for order delivery. We have valid data protection agreements with all data processors, which oblige our partners to keep your personal data in accordance with current legal regulations.
When you visit our website, we may collect the following information from your browser:
• IP address
• Access time
• Identifiers (browser, operating system, language, etc.)
• The previous web page from which it was accessed (referrer)
• Cart contents
This information is collected to ensure server stability, improve security, provide a better user experience, and facilitate the shopping experience. These data collection activities are based on our legitimate interest.
You can find out more information about cookies in our Cookie Statement.
To protect your data that you send through this website, we use physical, technical and organizational security measures. All your personal data in our possession is stored in a manner appropriate to the law. As a rule, we use the HTTPS encryption system, which protects data from unauthorized access. Email messages are stored on secure servers and protected by passwords. If it is not absolutely necessary, we will not duplicate and print your data, except for the purpose of making regular backup copies.
Employees who use this information to provide you with some benefits or services have access to your personal data. Possible collaborators and other processors guarantee an equal or higher level of data protection than that stated in this Statement.
Period and place of storage
As a rule, we store data that we receive from you based on your consent until you withdraw it. Otherwise, we store the data as long as it is necessary to fulfill contractual and/or legal obligations, and at least two years. We keep communication data (eg when you contact us) for at least 5 years. We store the data of telephone conversations for a period of 2 years.
Personal data is stored on the company’s premises in adequately protected premises and on the server of the company and third parties in the Republic of Croatia.
Your legal rights
According to the General Data Protection Regulation, all respondents (persons who leave their personal data) have certain rights that they can exercise at any time by reporting to the data controller.
If you have any questions or wish to exercise any of the rights listed below, please contact us at email@example.com or by mail at Superklub j.d.o.o., Ružina ulica 133a, 31000 Osijek.
As a rule, we will respond to your requests within 30 days.
Right of access and information
Upon your request, we will provide you with a report on all your personal data that we have and enable you to view it. If we do not have your personal data, we will also inform you about this.
If you provided us with personal data during customer or member registration, you can always review your data from your user profile.
Right of correction
If you find inaccuracies in the personal data we have, we will correct them at your request, along with providing correct information. During the processing of requests, as a rule, whenever possible, we will temporarily suspend the processing of disputed data.
If you provided us with personal data during customer or member registration, you can always change and view your data from your user profile.
Right to erasure (right to be forgotten)
You have the right to request the deletion of your personal data that we have if at least one of the following conditions is met:
• we process data in an illegal manner;
• we use your data for the purpose of direct marketing based on legitimate interest;
• there is no legal basis for data storage;
• the data are no longer needed to fulfill the purpose for which they were collected;
• there is a legal obligation to delete them;
• you have withdrawn your consent for their processing.
These rights derive from Art. 17, paragraph 1 of the General Regulations. Please note that the right is limited and that we will not be able to delete personal data at your request in all cases, for example if we have a legal obligation to keep them.
The right to restriction of processing
you can ask us to temporarily suspend processing if:
• you believe that the data is incorrect (you have sent a request for correction),
• the data has been unlawfully processed, but you do not want to delete the data
• you need the data to defend, establish or exercise legal claims, even if we no longer need them
• you expect confirmation as to whether our legitimate reasons for processing your data exceed yours, after submitting an objection to the processing.
The right to data portability
Upon your request, we will provide you with a copy of your data in a commonly used and machine-readable format. You can also request that we transfer this data directly to another data controller that you specify.
The right to object
At any time, you have the right to object to our processing of your personal data based on a legitimate interest. After receiving a complaint, we will determine whether our legitimate interests outweigh any potential risks to your rights and freedoms.
The right to complain to the competent authority
We try to process your personal data in a transparent and fair manner, in accordance with the law.
However, if you believe that we are processing your data illegally or that we cannot resolve the dispute amicably, you have the right to file a complaint with the competent authority in the EU member state where you reside or directly with the Personal Data Protection Agency, Martićeva 14, 10000 Zagreb; firstname.lastname@example.org.
Notification of personal data breach
In the event that there is a breach of personal data (which includes, but is not limited to theft, loss, unauthorized display, duplication and disclosure) with a possible significant negative impact on your rights and freedoms, we are obliged to inform you and the supervisory authority about it as soon as possible possible, but no later than 72 hours after we become aware of the violation.
We are not obliged to send you a notice of infringement only in the following cases:
• if there are technical and organizational protection measures (such as encryption) that have been applied to the personal data affected by the personal data breach, which make the data unintelligible to any person who is not authorized to access it;
• if we have taken follow-up measures to ensure that a high risk to the rights and freedoms of individuals is no longer likely to occur;
• if this would require a disproportionate effort (in which case we will notify you via public notice or a similar equally effective measure).
You can contact us at:
+385 98 9172 922
Ružina street 133a
Changes to this Statement
We reserve the right to update this Statement. The latest version will be published on this page.
Date of last change: August 01, 2022.