PRIVACY POLICY (APPLICATIONS)

INTRODUCTION

Please read this privacy policy before using the website colicdorotic.hr (“Site“). This privacy policy is intended to provide information on the processing and protection of personal data that we collect in the course of our daily business, through the Site and our LinkedIn profile about (i) visitors to the Site, (ii) our clients, (iii) our business partners and (iv) all other data subjects whose personal data we collect (e.g., counterparties, collaborators, competitors, etc.).

This privacy policy is subject to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (“GDPR”), the General Data Protection Implementation Act, (Official Gazette 42/18), as well as the Legal Profession Act, (Official Gazette 9/94., 117/08., 50/09., 75/09., 18/11., 126/21.).

01   DATA CONTROLLER

Data controller is the law firm Čolić Dorotić d.o.o., with its office located in Zagreb, Tadije Smičiklasa Street 19, OIB: 45660852014 (“Čolić Dorotić“).

In relation to the processing of certain personal data in certain ways as part of our LinkedIn profile, Čolić Dorotić and LinkedIn may be considered joint controllers, particularly in the context of promotion, marketing and/or advertising, including targeted advertising and profiling that LinkedIn may carry out in accordance with its own terms and conditions (Privacy Policy, Cookie Policy, User Agreement) and settings for displaying targeted advertisements.

 

02   WHAT DATA CONSTITUTES PERSONAL DATA?

For the purposes of this privacy policy, “personal data” consists of all data based on which an individual’s identity can be directly or indirectly determined.

An individual whose identity can be determined is a person who can be identified directly or indirectly, especially by means of an identifier such as a name, identification number, location data, network identifier, or by means of one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that individual.

 

03   WHY DO WE COLLECT DATA?

We collect and process personal data for the purpose of (i) carrying out professional activities and providing legal advice, (ii) conducting proceedings before competent bodies, including courts, (iii) organizing and managing business, (iv) issuing invoices and paying bills, (v) internal analysis, record-keeping and reporting (vi) fulfilling legal obligations in relation to professional activities, (vii) protecting persons and property, (viii) promotional, marketing and advertising purposes in order to improve our services and manage relationships with clients and business partners.

Personal data collected for certain purposes is not processed for other purposes, except in cases, under conditions and in a manner permitted by the GDPR and other applicable legal regulations, primarily if such further processing is consistent with the purpose for which the personal data were initially collected. In particular, proceeding of processing by means of archiving in the public interest, for scientific or historical research or for statistical purposes is considered to be consistent with lawful processing. We will inform you in a timely manner about such other purposes and about your rights, including the right to object.

 

04   WHICH PERSONAL DATA ARE WE COLLECTING AND HOW?

When applying for a job or student internship, the personal data we collect includes your name and surname, personal identification number, date of birth, place of residence, place of stay, email address, mobile phone number, bank account number and the company that manages it, resume, letter of intent, education data, as well as other data contained in your resume.

Why do we collect this data? We collect the aforementioned data to determine whether you are qualified for the job or student internship we are offering and to be able to contact you back. We also collect and use this data in case we consider your qualifications to be more desirable for some of our business partners and in such cases we will forward it to them, by previously informing you and seeking your consent.

On what basis do we collect them? Based on legitimate interest and on your request, for the purpose of concluding a contract or fulfilling a contract.
How long do we store them? Personal data from job and student internship applications are kept for two years from the date of collection.

 

05   WHICH SOURCES DO WE COLLECT PERSONAL DATA FROM?

Whenever possible, we primarily collect your personal data directly from you.
In specific cases, in particular when we are not in direct contact with you, in case you are an employee of our clients and business partners, we may collect personal data indirectly – from the documentation provided to us or from public sources, such as public registries, public books, or other documentation from government authorities, etc.
Some data may be created in the context of or as a result of providing our services with regard to clients, business partners, or third parties.

 

06   OBLIGATION TO PROVIDE PERSONAL DATA

Processing of most personal data is prescribed by the relevant legal regulations in the field of legal profession, corporate and commercial law, accounting, tax law, etc., and is therefore obligatory, and you are obligated to provide your personal data and we are, in turn, obligated to process such information in accordance with regulations. If you do not provide us with such obligatory personal data, we will not be able to provide you with the necessary legal advice, conclude other types of business/contractual relationships or remain in such business/contractual relationship.

The disclosure and processing of data subjects’ personal information may be a contractual obligation of our client or business partner and a necessary condition for regular business communication.

Furthermore, providing certain types of personal data for specific purposes may be voluntary, on the basis of a voluntary and informed consent which you may withdraw at any time, and failure to provide such personal data would not have any adverse consequences.

 

07   PROCESSING SECURITY

Your personal data is protected in such a way that all personal data we collect is kept in secure databases accessed only by authorized persons, who are given a username and a secure password known only to them.

In addition to using security technology we implement to protect your personal data, we also ensure that for each specific processing of your personal data, we collect only appropriate, relevant, and necessary personal data in relation to the purpose for which they are collected/processed.

After the appropriate retention period of personal data has expired, we will destroy or anonymize them if there are needs for that and if the appropriate conditions have been met. Anonymized data is no longer personal data because it is not possible to determine the identity of an individual using it.

If you have any questions about the security of your personal data, you can contact us at info@colicodorotic.hr.

 

08   YOUR RIGHTS

Given that these are your personal data, the GDPR gives you six rights in relation to them.

 

08.1   RIGHT TO ACCESS

You have the right to access your personal data and you can request detailed information about why we collect it, the types/categories of personal data we collect, the intended period for which the personal data will be stored, with whom we share your personal data and whether we transfer it outside the EEA borders.

 

08.2   RIGHT TO RECTIFICATION

You have the right to request the correction or supplementation of personal data if it is incorrect, incomplete, or outdated.

 

08.3   RIGHT TO ERASURE

You have the right to request the erasure of your personal data if one of the following conditions is met:

  • your personal data is no longer necessary for the purpose it was collected for;
  • you have withdrawn your consent and there is no other legal basis for processing personal data;
  • you have objected to the processing (and we have no legitimate reason for further processing);
  • we have no legal basis for processing your data;
  • this is required by EU or Croatian law; and
  • the personal data was collected for the purpose of offering services electronically.

 

08.4   RIGHT TO RESCTRICTION OF PROCESSING

You have the right to request that we restrict the processing of your data when it is not clear when and if personal data will be deleted when:

  • you have filed a request for data erasure (you consider it to be incorrect);
  • you consider that we do not have a legal basis for processing your data, but you do not want to erase them, but rather to limit the processing;
  • you need your personal data for the exercise of legal interests and we no longer process them; and
  • you have raised an objection to the processing of your personal data.

What does restricted processing mean? This means that (in the aforementioned cases) your personal data, with the exception of storage, can only be processed with your consent.

 

08.5   RIGHT TO DATA PORTABILITY

You have the right to request that we provide your personal data, which we have processed, in a structured form in order to further transmit it to another data controller.
This is only applicable in the case where we have processed your personal data based on your consent or a contract concluded with you or pre-contractual actions.

 

08.6   RIGHT TO OBJECT

You have the right to object at any time to the processing of personal data relating to you that we process based on legitimate interest. At any time, you have the right to object to the processing of your personal data for the purposes of direct marketing, including the prohibition of profiling, or profiling to the extent that it is related to such direct marketing.

 

08.7   HOW CAN YOU EXERCISE YOUR RIGHTS?

You can exercise all of the mentioned rights by sending an email to: info@colicdorotic.hr.

 

09   WITH WHOM MAY WE SHARE YOUR PERSONAL DATA?

Čolić Dorotić will not give or share your personal data with third parties.
We may share your personal data with our (i) accounting service and (ii) CRM application provider that we use for our business, based on a personal data processing contract.

If you wish, you can contact us at info@colicdorotic.hr and we will inform you of all organizational and technical protective measures that our data processors apply.

 

10   WHERE AND WHY ARE WE TRANSFERRING YOUR DATA?

We usually do not disclose personal data outside the EEA area.
Exceptionally, if personal data is transferred outside the EEA area, we will ensure that the data is still protected and that an appropriate level of protection and security measures is provided, which we will notify you of.

We enter into a personal data processing contract with all parties outside the EEA to whom we transfer your personal data – and in this way we ensure that the aforementioned personal data is legally protected.

 

11   WHO TO CONTACT IN CASE OF BREACH OF PERSONAL DATA?

Despite our efforts to ensure the security of your personal data, it is possible that unauthorized access by third parties may occur.
We take appropriate technical and organizational measures to protect personal data from abuse or accidental, unlawful or unauthorized destruction, loss, alteration, disclosure, acquisition or access in accordance with applicable legal regulations and accepted technical standards for the protection of privacy and data security, which include: (i) restricting access to personal data to our employees and other authorized persons to the extent necessary for the performance of their work tasks for the purpose of achieving appropriate data processing purposes, (ii) physical protection and control of access to our business premises and rooms in which personal data is processed; and (iii) protecting our information and communication equipment, systems and networks.

In accordance with the provisions of Section 13 of the Legal Profession Act and Sections 26 – 34 of the Attorneys’ Code of Ethics, Čolić Dorotić is obliged to keep legally privileged all information disclosed by a client or otherwise found out within the scope of representation of a client, whereas the legal profession privilege obligation applies to both our current and former employees. In all other cases we keep personal data legally privileged.

If you believe that we have in any way breached your personal data, you have the right to lodge a complaint regarding at https://azop.hr/zahtjev-za-utvrdivanje-povrede-prava/ and to email: azop@azop.hr.

You can also contact us by email at info@colicdorotic.hr.

 

12   PRIVACY POLICY CHANGES

Čolić Dorotić reserves the right to change this privacy policy. All changes will be published on the Site, and if the changes are significant, we will provide you with special notice via email or a pop-up window on the Site.

contact us

follow us on linkedin

Legal notice      Privacy Policy      Privacy Policy (Applications)      Cookie Policy      HOW TO FIND US?
Law Firm ČOLIĆ DOROTIĆ Ltd., Tadije Smičiklasa 19, 10 000 ZAGREB, Croatia. Registered with the Commercial court in Zagreb under number (MBS): 081484393. Personal Identification number (OIB): 45660852014. IBAN: HR 4023 4000 9111 1215 698. SWIFT BIC: PBZGHR2X. Share capital amounts to HRK 350,000 and has been fully paid. Management board members: Luka Čolić and Luka Dorotić. info@colicdorotic.hr
© Čolić Dorotić / made by visualbraingravity 2025

Privacy Preference Center

Privacy Preferences

Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

Powered by  GDPR Cookie Compliance