Privacy Policy

Introduction

EmberZenith d.o.o. ("we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, process, and safeguard your personal data when you visit our website, use our services, or interact with us.

As a healthcare technology company operating within the European Union, we comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws to ensure your personal information is handled with the utmost care and security.

Data Controller Information

Data We Collect

The data we collect depends on how you interact with our services. We may collect the following types of personal information:

Information You Provide Directly

• Contact information (name, email address, phone number, company details)
• Communication preferences and consent records
• Messages and correspondence when you contact us
• Information provided in forms, surveys, or feedback
• Professional information relevant to healthcare technology services

Information Collected Automatically

• Website usage data (pages visited, time spent, navigation patterns)
• Technical information (IP address, browser type, device information)
• Cookies and similar tracking technologies (see our Cookie Policy)
• Analytics data to improve our services and website performance

How We Use Your Information

We process your personal data for the following purposes, based on legitimate legal grounds under GDPR:

Service Delivery and Communication

• Responding to your enquiries and providing customer support
• Delivering healthcare technology services and solutions
• Processing and fulfilling service requests
• Communicating about our services, updates, and important notices

Business Operations

• Managing our business relationships and partnerships
• Conducting market research and service improvement
• Ensuring compliance with legal and regulatory requirements
• Protecting our business interests and preventing fraud

Website and Technology

• Improving website functionality and user experience
• Analysing website traffic and usage patterns
• Ensuring website security and preventing misuse
• Personalising content and services based on your preferences

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about our use of cookies, please refer to our comprehensive Cookie Policy.

Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

• Consent: Where you have given clear consent for specific processing activities
• Contract: Where processing is necessary for performing our services
• Legitimate Interests: Where we have legitimate business interests that don't override your rights
• Legal Obligation: Where we must process data to comply with legal requirements

Data Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share your data in the following circumstances:

• Service Providers: Trusted third parties who assist us in operating our business (cloud hosting, analytics, communication tools)
• Legal Requirements: When required by law, regulation, or legal process
• Business Transfers: In the event of a merger, acquisition, or sale of assets
• Protection of Rights: To protect our rights, property, or safety, or that of others

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required by law. Our retention periods are determined based on:

• The nature of the data and the purposes for which it was collected
• Legal, regulatory, and compliance requirements
• The need to resolve disputes or enforce agreements
• Legitimate business interests and operational needs

Your Rights

Under GDPR, you have the following rights regarding your personal data:

• Right of Access: Request copies of your personal data
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data in certain circumstances
• Right to Restrict Processing: Request limitation of how we process your data
• Right to Data Portability: Request transfer of your data in a structured format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent for consent-based processing

To exercise these rights, please contact us using the contact information provided below. We will respond to your request within one month of receipt.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption, access controls, regular security assessments, and staff training on data protection principles.

International Data Transfers

If we transfer your personal data outside the European Economic Area (EEA), we ensure adequate protection through appropriate safeguards such as Standard Contractual Clauses or adequacy decisions by the European Commission.

Contact Information

If you have questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding data protection matters, please reach out to us:

Complaints

If you believe we have not handled your personal data in accordance with this Privacy Policy or applicable data protection laws, you have the right to lodge a complaint with the relevant supervisory authority in Croatia or your country of residence within the EU.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on our website and updating the "Last Updated" date. We encourage you to review this Privacy Policy periodically.