Privacy Policy | Plant Based House

Internet Group d.o.o., i.e. the portal Plantbasedhouse.com, respects the privacy of its users and visitors.

In accordance with the General Data Protection Regulation (Regulation (EU) 2016/679, “GDPR”) and the applicable Law on Personal Data Protection, we inform users about the following information regarding the processing of personal data by Internet Group d.o.o. on its internet portal Plantbasedhouse.com (hereinafter: the “Controller”).

1. WHO IS THE DATA CONTROLLER?

The Data Controller is Internet Group d.o.o., Savski nasip 7, 11070 Belgrade, registration number: 20658223, a company organized and operating under applicable laws, and the owner of the internet portal Plantbasedhouse.com.

2. WHAT TYPES OF PERSONAL DATA DO WE USE?

We will not collect your personal data when you visit our portal unless you personally provide such data. The information that is collected is also automatically stored.

If, during a visit to Plantbasedhouse.com, a visitor does nothing other than browse pages and download information, we will automatically collect certain information. This information does not personally identify you.

The data we collect includes:

Domain and IP address

Type of internet browser and operating system used to access our site

Access time and length of visit

Pages you visit

If you linked to our portal from another website, the address of that website

If you voluntarily send us information

If you decide to provide information by sending an email or filling out a form on our website, we will use that information only so that we can more easily assist you.

Your data will be disclosed to competent public authorities only if we are legally obliged to do so.

3. FOR WHAT PURPOSES DO WE USE PERSONAL DATA?

Collecting data to provide, maintain, and improve the services we offer

Collecting data that tracks the use of services, for metric measurement

Collecting data related to system errors to detect, prevent, remove, and resolve technical issues

Collecting data related to marketing and advertising (ad performance and metrics)

Collecting data related to personalized advertising (first-party and third-party advertising)

Purpose 1: Store and/or access information on a device
Special Feature 1: Use precise geolocation data
Purpose 2: Select basic ads
Purpose 3: Create a personalized ads profile
Purpose 4: Select personalized ads
Purpose 5: Create a personalized content profile
Purpose 6: Select personalized content
Purpose 7: Measure ad performance
Purpose 8: Measure content performance
Purpose 9: Apply market research to generate audience insights
Purpose 10: Develop and improve products

Legitimate Purpose 8: Measure content performance
Legitimate Purpose 7: Measure ad performance
Legitimate Purpose 2: Select basic ads
Legitimate Purpose 9: Apply market research to generate audience insights
Legitimate Purpose 10: Develop and improve products
Special Purpose 1: Ensure security, prevent fraud, and fix errors
Special Purpose 2: Technically deliver ads or content

For applications, data collection:
The application collects 5 types of data: Product interaction, Advertising data, Crash data, Performance data, Other diagnostic data.

The legal basis for processing personal data is your consent as the data subject, performance of contractual obligations, and the legitimate interest of the Controller under the applicable Law on Personal Data Protection.

4. WHO HAS ACCESS TO PERSONAL DATA?

Within our company, access to the data you make available to us is granted only to those departments or employees for whom it is necessary to fulfill the purpose for which the personal data was collected.

As part of a group of companies, the Company may transfer data to its affiliated entities when necessary, and always within our legitimate interest and the defined purpose.

Newly established entities or an acquiring entity of ownership in the Company, if the Company is involved in a merger, acquisition, purchase, sale of shares, or other corporate status change.

Our partners who process data for the Company as processors, such as external associates who provide certain services, as well as software companies that develop and maintain the software in which data is stored.
(marketing, analytics, technical support, and maintenance)

Exceptionally, personal data may also be provided to competent public authorities if this is a legal obligation of the Controller, and only to the extent necessary to fulfill the specific legal obligation.

To any other recipient when reasonably necessary, for example in case of danger to life.

All recipients are required to take appropriate technical, organizational, and staffing measures to protect your personal data. In situations where we are the controller and a third-party legal entity processes data on our behalf as a processor, we regulate our relationship with processors by contract, covering all key aspects of personal data processing and protection measures.

5. TO WHOM AND WHEN CAN DATA BE TRANSFERRED?

Your data may be transferred to our trusted partners who process personal data on our behalf, including IT providers, marketing agencies, and other trusted partners. In the event of a data transfer, we will require our trusted partners to maintain confidentiality and data security and to implement appropriate measures to ensure the protection of personal data.

We may transfer personal data to jurisdictions that are not the user’s place of residence, but only for the purposes described in this Privacy Policy. When transferring personal data to other jurisdictions, we do so in accordance with the requirements of applicable law.

Transfers outside the EEA
Our partners are mostly registered in countries within the European Economic Area (EEA) or in Switzerland, that is, in countries that provide an adequate level of personal data protection. Some of our trusted partners, for example Google, are located outside the EEA. For transfers of your data outside the EEA, partners guarantee a high level of personal data protection, which includes the use of Standard Contractual Clauses approved by the European Commission for transfers to countries not recognized as providing an adequate level of protection. The Standard Contractual Clauses are available in many languages at the following link.

6. HOW LONG DO WE RETAIN PERSONAL DATA?

We retain users’ personal data no longer than necessary in relation to the purposes for which the data was collected or further processed.

The criteria for determining the retention period include:

The necessity of retaining stored personal data to provide services established with the user

Protecting the legitimate interests of the Controller

Existence of specific legal obligations requiring processing and related storage for a certain period

Your data will be processed until:

In case of consent, until the consent is withdrawn, restricted, or otherwise limited

If your data is needed to perform a contract, until the contractual obligation ends

If the basis for processing is our legitimate interest, until an objection is submitted or consent is withdrawn

For tax and accounting purposes, to the extent and within the time period required by other applicable regulations

7. WHAT MEASURES DO WE TAKE TO PROTECT PERSONAL DATA?

We have taken appropriate technical and organizational measures to protect users’ personal data from accidental or unlawful processing by ensuring:

Users’ personal data is protected from unauthorized access or changes

Confidentiality of users’ personal data is preserved

Availability of users’ personal data is maintained

Suppliers and clients receive instructions on how to safeguard users’ personal data

Actual or suspected data security breaches are reported in accordance with applicable law

All personal data is stored in a database located on a separate server that requires special authorization for access and handling

8. DELETION OF PERSONAL DATA

Each platform user may request deletion of their personal data at any time in accordance with the GDPR and the applicable Law on Personal Data Protection, which includes deletion of the email address, password, and all other personal data left by the user in the database.

At any time, for justified reasons, the Controller may delete a user’s personal data and send the user an electronic notification that their personal data has been deleted from the Joberty Technologies d.o.o. database. Additionally, if a corporate account user voluntarily provided a contact phone number and the first and last name of a contact person, those data will be deleted from the database upon the corporate account user’s request.

9. DATA SUBJECT RIGHTS REGARDING PERSONAL DATA PROCESSING

In accordance with the GDPR and the applicable Law on Personal Data Protection, you have the following rights in relation to our processing of personal data, including processing by our trusted partners:

Right of access to your data, including obtaining a copy

Right to request correction of data

Right to deletion of data

Right to lodge a complaint with the supervisory authority for personal data protection

Right to restrict processing

In any of these cases, users may send an email to data@plantbasedhouse.com if they wish to exercise any of their rights or if they have additional privacy questions, which may relate to:

Access: Users have the right to request access to their personal data that we store and to learn details about what data we collect, for what purpose we use it, and other information provided by law.

Correction: We take reasonable steps to ensure that the information we store about users is accurate and complete, but users may request that it be supplemented or corrected.

Deletion: In some cases, users have the right to request deletion of personal data, for example when there is no longer an original need to keep the personal data we collected or when you withdraw your consent. However, this must be balanced with other factors. For example, we may not be able to fulfill your request due to certain legal or regulatory obligations.

Restriction of processing: In some cases, users have the right to request restriction of processing of their personal data, for example when they believe the personal data we store is inaccurate or when they believe we no longer need to retain it.

Data portability: In some cases, users have the right to request that we transfer personal data provided to us. The data may be provided to the users themselves or to a third party at the user’s request.

Objection: Users have the right to object to processing carried out on the basis of our legitimate interest. Unless there is an explicit legal basis for processing, we will stop processing personal data based on the objection submitted by the user. However, please note that we may not be able to provide certain services or benefits if we cannot process the necessary personal data for those purposes.

Withdrawal of consent: In certain cases, we may request your consent for the processing of personal data. In that case, users have the right to withdraw their consent at any time.

We will respond to user requests in accordance with applicable law.

10. COOKIES

A cookie is a small file that the internet portal, i.e. the website Plantbasedhouse.com, places on your computer so it can remember specific session settings while you are visiting the site. Cookies are used to identify a logged-in user in order to display relevant information that matches the user’s interests. Cookies also allow you to watch videos and use social network tools and help you fill out forms.

Your computer will share data only with the website that placed the cookie, and no other website can access it. Plantbasedhouse.com may use cookies for technical purposes to provide better site navigation or to allow you to tailor site usage to your needs. If you do not want cookies on your computer, you can disable them in your internet browser settings. However, this may affect how Plantbasedhouse.com functions.

By using Plantbasedhouse.com, the user agrees to the use of cookies. By blocking cookies, the user can still access the portal, but some options may not be available.

11. ADDITIONAL QUESTIONS AND CONCERNS

Users may contact the Data Controller regarding personal data processing by sending a message to: data@plantbasedhouse.com

We may update this Privacy Policy from time to time. We will post the updated Privacy Policy on the appropriate Comtrade internet pages or send it to you upon request.

Another option available to users is to file a complaint with the competent authority (the Commissioner for Information of Public Importance and Personal Data Protection) regarding personal data processing.

12. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. We will post the updated Privacy Policy on the internet portal Plantbasedhouse.com.