Date: 19/03/2021

Privacy Policy

Data controller for this website is BRIGHTDOCK Llc, Croatia, Rijeka (City of Rijeka) Nikole Tesle 9, VAT No: 85019089633.

Data processing

We process personal data for the six following purposes:

  1. The (technical) maintenance, analytics, and improvement of our website,
  2. When we maintain contact with you over the telephone, post, or e-mail regarding our services (e.g. to create our offer) and products,
  3. Management of our customer base,
  4. The regular business operations,
  5. Sending newsletter via e-mail to our clients, business associates, and persons who gave their consent over system for this purpose and we use them as our newsletter system provider
  6. Recruitment and employment purposes.

Use of the website

In order to optimize our services for you, we collect your data through the use of cookies. Cookies are small text files that store Internet settings (information on how our website is used) and are stored in your browser or device. Cookies are used in various ways, for example, to analyze your behaviour on our website or to customize services based on your preferences.

You can deactivate or limit the use of cookies, as well as delete them easily from your browser settings.

Maintenance and improvement of our website

We use Google Analytics, a web analysis service provided by Google Inc. Google Analytics uses cookies, which contain information about your use of the website (including your IP address) and which are transmitted to a Google server in the United States and will be stored there. Google uses the information to evaluate your use of our website, compiles reports on website activity and provides other services relating to website activity and internet usage. This processing is based on our legitimate interest to improve your website experience and optimize our services. Google will not associate your IP-address with other data held by them. You can refuse the use of cookies in your browser settings. However, in this case, you may not be able to use all the functions of our website to its full extent.

You can find more information about Google Analytics by visiting the following website


  • If you give us your contact details via contact form on our website or when you contact us by e-mail or telephone) (i.e. Personal Name, Company E-mail, your budget, and your Query (project details)), we will only use them to contact you, create an offer for cooperation or similar.
  • If you purchase one of our products or services, we will also use your email address to inform you about important updates by email and to advise you on how to get the most out of our products.
  • If you apply for job via contact form on our website we will use your personal data acquired (i.e. Personal Name, E-mail, Phone, which position you are applying for, and an upload space for them to upload your CV) for solely for our recruitment and employment purposes.
  • You can use contact form on our website to contact us for cooperation or apply for job opening. If you do not wish to use the contact form, you can contact us by e-mail: .

Business cooperation

Due to some of our legal obligations, we process contact, payment, and communication data of (former) customers for our regular business operations. We send invoices, keep accounts, and store correspondence with (former) customers on our e-mail server and in online work folders. We store data in accordance with the relevant laws (e.g. Accounting Act – 11 years).

Based on legitimate interest, we process contact data (company name, contact person’s name, e-mail address, company address) of our (potential) customers in order to track and analyse the sale of our products and services for no longer than 11 years.

Recruitment and potential employment

In order to process your job application, we will process your personal data delivered either via contact form on our website or via email to us (i.e. Personal Name, E-mail, Phone, which position you are applying for, and an upload space for them to upload your CV) for recruitment and potential employment purposes and we will not process them for any other purposes. Such data will be stored by us not longer than 1 year.

Lawfulness of processing

Personal data may be processed only if there is a legal ground for doing so. Pursuant to the General Data Protection Regulation (GDPR) we process personal data on the following legal grounds:

  1. Consent: If you are not our customer, you can give consent for receiving our newsletter.
  2. Recruitment/employment: when applying for job with us we will collect, process your data only for that purpose.
  3. Contracts/precontractual agreements: when you, as a customer, purchase products and/or services from us or want to do so, and it is necessary for us to process your personal data to be able to do so.
  4. Legal obligation: if we receive a legitimate claim to provide data to a competent authority. We are also legally obliged to keep personal data in our financial records for a certain period of time, in accordance with tax and accounting legislation.
  5. Legitimate interest: if you have been a customer in the past or we have sent you an offer, we will retain your contact details 11 years after the last instance of our contact to be able to contact you in the future for possible follow-up projects/offers. Also, on the grounds of legitimate interest, we send news re offer our services and products to our customers.

Lawfulness of processing

We do not provide or share any personal data to third parties unless we are legally obligated to do so. We store such data only stored internally in our G Suite (Google Drive) and we keep them protected by state-of-the-art technology.

Transfer of data

The Internet is a global environment. Using the Internet to collect and process personal data necessarily involves the transmission of data on an international basis. Any such transfer is made in accordance with regulatory requirements that ensure such transfer and/or country maintains the same level of personal data protection. Brightdock opted for industry-approved storage providers with the highest privacy and data security standards.

Data retention

We do not store personal data longer than it is necessary for the purpose for which we obtained it. This assessment is based on the type of personal data, the product or service for which we have obtained the data, and what you, as the data subject, can reasonably expect as a retention period (e.g. business operations – data is stored for no longer than 11 years since the termination of business cooperation, newsletter data until consent withdrawal, recruitment/potential employment purposes up to 1 year etc.).

Data security

We have enabled encryption of the traffic on our website. This makes the data traffic between you and our web server unreadable, so that third persons have no access to it. We also made sure to secure your data in an appropriate way in all our systems. We do this with all kinds of technical measures (e.g. antivirus, complex passwords etc.), including physical security of access to our office, but also with organisational measures.

Your rights

Pursuant to the General Data Protection Regulation (GDPR), you have the right to access your personal data on request and, if necessary, to amend and delete the data. In addition to the right of access, correction, and deletion, you may ask us to restrict the processing of personal data and it is possible to object if you disagree with the processing. Also, in some cases it is possible to invoke the right to data portability.

In any event, you have the right to object the processing of personal data for marketing purposes that is based on legitimate interest.

If you have any objection, you can contact the relevant supervisory authority which is Croatian Personal Data Protection Agency (“Agencija za zaštitu osobnih podataka” – AZOP) for the Republic of Croatia.

For any questions and requests, please contact us on

Privacy Policy amendments

In the event we decide to change this Privacy Policy, we will make an announcement of that fact on our website. If we want to substantially change the purposes of the processing, and the processing is based on your consent, we will first ask you again for consent for those new purposes.