Privacy Policy

Introduction

OrbitSprint d.o.o. ("we," "our," or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, process, and safeguard your information when you visit our website orbitsprint.top, use our services, or interact with us in any capacity. We are the data controller for the purposes of applicable data protection laws, including the General Data Protection Regulation (GDPR).

Data We Collect

The data we collect depends on how you interact with our services. We collect information that you provide directly to us, information we obtain automatically when you use our services, and information from third parties. The types of personal data we may collect include:

• Contact information (name, email address, phone number, postal address)
• Company information (business name, role, industry)
• Financial information necessary for our services
• Communication records and correspondence
• Technical information (IP address, browser type, device information)
• Usage data and website analytics
• Cookie data and tracking technologies

How We Use Your Information

We process your personal data for various purposes based on different legal grounds. How we use your information includes providing our financial automation services, responding to your enquiries, improving our services, and communicating with you about updates and relevant information. Specifically, we use your data to:

• Provide, maintain, and improve our financial automation services
• Process transactions and manage your account
• Respond to your enquiries and provide customer support
• Send you service-related communications and updates
• Analyse usage patterns to enhance user experience
• Comply with legal obligations and regulatory requirements
• Protect against fraud and ensure security
• Conduct research and development for service improvement

Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds: performance of a contract (when providing our services), legitimate interests (for business operations, security, and service improvement), legal compliance (to meet regulatory requirements), and consent (for marketing communications and cookies where required). We will always inform you of the specific legal basis for processing your data.

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner. For detailed information about our use of cookies, please refer to our Cookie Policy.

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your data with trusted service providers who assist us in operating our business, professional advisers (such as lawyers and accountants), regulatory authorities when required by law, and in connection with business transfers or mergers. All third parties are required to maintain the confidentiality and security of your information.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption, secure servers, access controls, and regular security assessments. However, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. The retention period varies depending on the type of data and the purpose for processing. Financial records are typically retained for seven years in accordance with legal requirements, whilst marketing data may be retained until you withdraw consent.

Your Rights

Under GDPR and applicable data protection laws, you have several rights regarding your personal data. Your rights include the right to access your personal data, correct inaccurate information, request deletion of your data, restrict processing, object to processing, and data portability. You also have the right to withdraw consent where processing is based on consent. To exercise these rights, please contact us using the information provided below.

• Right of access to your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to object to processing
• Right to data portability
• Right to withdraw consent
• Right to lodge a complaint with a supervisory authority

International Data Transfers

As we operate primarily within the European Union, your personal data is generally processed within the EU/EEA. If we transfer your data outside the EU/EEA, we ensure appropriate safeguards are in place, such as adequacy decisions, standard contractual clauses, or other approved mechanisms under GDPR.

Children's Privacy

Our services are not intended for individuals under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately so we can delete such information.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. We will notify you of any material changes by posting the new Privacy Policy on our website and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding data protection matters, please reach out to us using the following contact information:

You also have the right to lodge a complaint with the Croatian Personal Data Protection Agency (Agencija za zaštitu osobnih podataka) or your local data protection authority if you believe your rights have been violated.