Privacy Policy

This Privacy Policy explains how AppSkill d.o.o. processes personal data in accordance with the General Data Protection Regulation (GDPR) and applicable laws of the Republic of Croatia.

1. Data Controller

  • Company: AppSkill d.o.o.
  • Address: Ivekovićeva 19, 10000 Zagreb, Croatia
  • VAT / OIB: 92155446669
  • E-mail:

2. What Personal Data Do We Collect?

Depending on how you use the website and services, we may collect the following categories of data:

Data You Provide

  • full name,
  • email address,
  • phone number,
  • data submitted through contact forms,
  • user account information.

Technical Data

  • IP address,
  • browser and device information,
  • operating system,
  • date and time of access,
  • website usage data,
  • security logs.

Marketing Data

  • newsletter subscriptions,
  • marketing preferences,
  • cookie consent preferences.

3. Purpose and Legal Basis of Processing

Purpose of Processing Legal Basis
Responding to inquiries Legitimate interest / pre-contractual actions
Creating and managing user accounts Contract performance
Providing services and customer support Contract performance
System security and abuse prevention Legitimate interest
Sending newsletters Consent
Analytics and statistics Legitimate interest or consent
Compliance with legal obligations Legal obligation

4. User Accounts

If you use a user account:

  • you are responsible for protecting your login credentials,
  • passwords are stored in hashed form,
  • accounts may be deactivated or deleted upon request unless legal retention obligations apply.

5. Data Recipients

Your personal data may be accessed by:

  • our employees and authorized associates,
  • hosting and IT service providers,
  • analytics and newsletter service providers,
  • public authorities when legally required.

All data processors are bound by confidentiality and data protection agreements.

6. Data Transfers Outside the EU/EEA

As a rule, we do not transfer personal data outside the European Union or European Economic Area.

If we use service providers located outside the EU/EEA, data transfers will be protected using appropriate safeguards in accordance with the GDPR.

7. Data Retention

Personal data is retained:

  • for as long as necessary to provide services,
  • until consent is withdrawn,
  • in accordance with legal retention obligations,
  • until legitimate interest periods expire.

After retention periods expire, data is deleted or anonymized.

8. Your Rights

Under the GDPR, you have the right to:

  • access your personal data,
  • correct inaccurate data,
  • request deletion of data,
  • restrict processing,
  • data portability,
  • object to processing,
  • withdraw consent.

To exercise your rights, please contact us via email.

Croatian Personal Data Protection Agency (AZOP)
Martićeva 14, 10000 Zagreb, Croatia
www.azop.hr

9. Data Security

We implement appropriate technical and organizational measures, including:

  • SSL/TLS encryption,
  • access control mechanisms,
  • security logging,
  • system backups,
  • user account protection.

10. Privacy Policy Updates

This Privacy Policy may be updated periodically to reflect legal or operational changes.

Last updated: 11.05.2026.