top of page

Privacy Policy

We take data privacy and protection very seriously. Should you have any questions about data privacy or personal data protection, you can contact us at


What personal data is being collected by us?

We may process the following personal data:

  • first name and last name,

  • phone number,

  • e-mail address,

  • business mailing address,

  • employee’s company name,

  • job title,

  • VAT number,

  • participation in special offers and events organized by us (trainings, conferences, etc),

  • IP address of the device used by a natural person in order to access the web site,

  • Web browsing data stored in cookies to provide analytics, to store your preferences.

In extraordinary cases, the scope of data processed may be broader, due to specific processing purposes, in which case we will always require the data subject consent to collect such data.


Why do we process personal data and what is the legal basis for processing it?

We process personal data for contact purposes as part of our regular business activities. In particular, the purposes of processing personal data are:

  • providing technical and business knowledge (newsletter mailing, webinars, events, trainings),

  • create interest profiles in order to promote relevant products and services via marketing activities.

The legal basis for processing personal data according to the purposes above is your consent or legitimate interest.

Where and how do we collect personal data?

We may obtain personal data in the following manner:

  • consent given when registering for an event (training session, webinar, special offer, etc.) organized by us and/or made available via an event registration web form on our website,

  • consents given when contacting us via a contact web form or when registering for our newsletter communications on our website,

  • personal meetings or phone calls during which contact details are exchanged,

  • via cookies when visiting our web site (for which you are asked to consent).

Will the data be shared with any third parties?

We may share personal data with vendors which we represent, provided you explicitly consent when submitting data.

When transferring data to any third party, we ensure that:

  • data protection and restriction of access to such data is given only to authorised persons;

  • there are sufficient guarantees of implementation of appropriate technical and organisational measures so that the processing would meet the requirements of GDPR and protect the rights of data subjects;

  • transmission of data to third parties, particularly outside the EU is made according to the provisions of EU law (GDPR articles 44-47);

  • use of pseudonymisation is implemented, wherever technically and economically justified and legally permitted.

How is personal data secured and how long will the data be stored for?

Personal data processed by us is stored on secure servers or SaaS applications maintained by processors for which we ensure that proper data processing agreements are in place. We make sure all our suppliers match the criteria and are compliant with EU privacy law.

All servers and applications are protected with at least strong password authentication (with mandatory complexity and rotation requirements) and secure transport encryption (TLS).

We have implemented appropriate technical and organisational measures in order to protect personal data against unauthorised or unlawful processing, including loss, destruction or damage.

In case of personal data processed in paper form, data is stored in separate rooms to which only authorised persons have access, and if the data is processed in rooms to which more people have access, the data is stored in locked cabinets the keys to which are only in possession of persons authorised to process data.

Depending on the purpose of processing, personal data is stored only for a period of time necessary to meet the purposes specified in this Privacy Policy. In some cases, the provisions of the law require longer period of personal data retention than the period arising from the contracts or general purposes for which the data has been entrusted for processing, e.g. for tax or settlement purposes or for the purposes of meeting other legal requirements and obligations. In such cases the data shall be stored for a period arising from these regulations.

What rights does the data subject have?

We ensure the execution of the following rights vested in the persons whose personal data are processed:

  • right to receive information about the processing of personal data,

  • right to access the contents of processed personal data,

  • right to rectify data,

  • right to demand from the Controller to erase data,

  • right to demand from the Controller to restrict the processing of data,

  • right to data portability,

  • right to object against the processing of data,

  • right to lodge a complaint to the national supervisory authority or the supervisory authority of another European Union member state,

  • right to withdraw consent to the processing of personal data at any time,

  • right to obtain human intervention on the part of the Controller, to express their point of view, and to contest the decision based on automated processing of data.

Controller information

Bridge IT d.o.o.
Dugi dol 45
10000 Zagreb
VAT ID: 09594538142

bottom of page