Privacy Policy – [BUSINESS NAME]

Last updated: [DATE]

1. Introduction

[BUSINESS NAME] (“we”, “our”, “us”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and store your information in accordance with the EU General Data Protection Regulation (GDPR) and Croatian law.

2. Data We Collect

We may collect and process the following personal data:

  • Name and email address

  • Billing information (as required for invoicing, including OIB if applicable)

  • Notes from consulting calls and project work

  • Project files and related documentation

  • Optional session recordings (with your prior consent)

  • Your preferences for receiving offers or future communications

3. How We Use Your Data

We use your data for:

  • Providing and managing our services

  • Communicating with you about your sessions or projects

  • Creating and issuing invoices in line with legal obligations

  • Maintaining project and client history for up to 1 year after service to provide better continuity if you return

  • Sending you offers or updates (only if you have consented)

4. Legal Basis for Processing

We process your personal data on the following legal grounds:

  • Performance of a contract (to deliver the agreed service)

  • Legal obligation (for invoicing and tax purposes)

  • Consent (for optional session recordings or marketing communications)

In certain cases, we will ask for your explicit consent to process specific types of personal data (e.g., session recordings, storage of sensitive notes, marketing use of project materials).

This consent will be documented via our “Consent to Processing of Personal Data” form and kept as part of your client record.

5. Data Storage and Security

Your data is stored securely using Notion and may later be stored locally on secure, open-source platforms.

Our website is hosted on Framer, which may also collect technical and analytics data through cookies. See Section 8 for more details.

We take appropriate security measures to prevent unauthorized access, alteration, or disclosure of your data.

6. Data Retention

We keep your data for up to 1 year after the completion of services, unless a longer retention period is required by law. After that, your data will be securely deleted.

7. Data Sharing

We do not sell or trade your personal data.

We may share it only when:

  • Required by law

  • Necessary for payment processing

  • Necessary for accounting or legal compliance

8. Cookies and Tracking

Our website is hosted on Framer, which may use cookies and similar technologies for:

  • Website performance and security

  • Analytics (to understand site usage)

  • Functionality (to improve your browsing experience)

You can manage or disable cookies in your browser settings. Please note that disabling cookies may affect site functionality.

9. International Data Transfers

Some of our service providers (including Notion and Framer) are based outside the European Economic Area (EEA), primarily in the United States.

Where data is transferred outside the EEA, we ensure it is protected through GDPR-approved safeguards, such as the EU–US Data Privacy Framework or Standard Contractual Clauses.

10. Your Rights

Under GDPR, you have the right to:

  • Access the personal data we hold about you

  • Request correction or deletion of your data

  • Withdraw consent where processing is based on consent

  • File a complaint with the Croatian Personal Data Protection Agency (Agencija za zaštitu osobnih podataka – AZOP)

11. Contact

If you have any questions about this Privacy Policy or your data, contact:

[BUSINESS NAME]

Email: [EMAIL]

Address: [ADDRESS]