How we protect your business data
This page explains what data we process when you send an inquiry, arrange a quote or use slisuric.hr. The text is written for the actual B2B process: quote, confirmation, production, delivery and documentation.
No data sharing
We do not sell or share data with third parties for advertising.
Consent optional
Analytics and marketing are not enabled without your consent.
Contact number required
Required to confirm inquiries and protect against impersonation.
B2B documentation
Some data is retained because accounting and tax regulations require it.
1. Who is the data controller
The data controller is PROIZVODNJA DRVNE AMBALAŽE I DRVOTOKARIJA (PRODUCTION OF WOODEN PACKAGING AND WOOD TURNING), SLIŠURIĆ, VL. (OWNER) BRANKO SLIŠURIĆ, registered at Kralja Tomislava 29, 35403 Rešetari, Croatia, Tax ID 72658873605, Company ID 90417569. For privacy queries you can contact us at info@slisuric.hr.
A data protection officer has not been appointed because there is no obligation to appoint one for this type and scope of processing. If this changes, this page will be updated.
2. What data we process and why
Quote inquiry
- Data
- Company or business name, first and last name of the contact person, email, phone, product type, approximate quantity, delivery location, desired date and any notes you enter.
- Purpose
- Responding to the inquiry, preparing a quote, verifying the seriousness of the inquiry, arranging delivery and preventing fraudulent or malicious inquiries.
- Legal basis
- Pre-contractual actions and legitimate interest in protecting the business.
- Retention period
- Up to 24 months if no order follows, longer if communication continues or becomes part of business documentation.
Orders and business documentation
- Data
- Data for quotes, purchase orders, delivery notes, invoices, deliveries, complaints and payment.
- Purpose
- Contract performance, product delivery, invoicing, accounting, tax obligations and evidencing the business relationship.
- Legal basis
- Contract performance and legal obligation.
- Retention period
- According to tax and accounting regulations, generally at least 11 years for accounting records.
Email, phone and direct communication
- Data
- Contact details, message content, history of arrangements, attached specifications, drawings or photographs you send us.
- Purpose
- Communication with customers and suppliers, quote preparation, technical product development and recording arrangements.
- Legal basis
- Pre-contractual actions, contract performance and legitimate interest in orderly business communication.
- Retention period
- For the duration of the business relationship and a reasonable period thereafter, unless longer retention is required by legal obligation or legal claim.
Website technical records
- Data
- IP address, request time, browser type, URL, security logs and basic data required for server operation.
- Purpose
- Security, website availability, detection of technical problems and protection of the form against abuse.
- Legal basis
- Legitimate interest in secure and reliable website operation.
- Retention period
- Depending on the hosting provider and security settings, generally short-term, unless longer retention is required due to a security incident.
Cookies and local storage
- Data
- Consent settings, language, display theme and, if we introduce them in the future with consent, analytical or marketing identifiers.
- Purpose
- Remembering your choices and, only with consent, measuring visitor numbers or advertising effectiveness.
- Legal basis
- Necessary and functional storage is based on legitimate interest and user request; optional analytical and marketing storage is based on consent.
- Retention period
- Until settings are changed, local storage is cleared in the browser, or the relevant tool expires if introduced.
3. Cookies and local storage
Cookies and similar technologies are used only to the extent necessary for the operation of the website and to remember choices you make yourself. Optional analytical or marketing tools must not be enabled before consent. You can reopen settings in the footer via the "Cookie settings" link.
| Name | Type | Purpose |
|---|---|---|
| slisuric_cookie_consent_v1 | Local storage | Stores cookie and consent settings. |
| slisuric.locale | Local storage | Stores the language chosen by the user. |
| theme | Local storage | Stores the choice of light or dark theme. |
4. Recipients and processors
Data may be processed by trusted service providers necessary for the operation of the website and business: hosting and technical support, email and SMTP/Resend systems if configured, accounting, IT maintenance, logistics partners where required for delivery, banks and relevant authorities where required by law. With analytics consent: Google Ireland Ltd. (Google Analytics 4, Google Tag Manager) — visit measurement, Ireland / EEA.
If a service provider processes data outside the European Economic Area, the transfer takes place only with appropriate legal basis and safeguards, such as an adequacy decision or standard contractual clauses.
5. Your rights
Under the General Data Protection Regulation (GDPR) you have the following rights, depending on the legal basis and circumstances of processing:
- –right to information about the processing of personal data
- –right of access to data
- –right to rectification of inaccurate or incomplete data
- –right to erasure where conditions are met
- –right to restriction of processing
- –right to data portability where applicable
- –right to object to processing based on legitimate interest
- –right to withdraw consent at any time, without affecting the lawfulness of processing before withdrawal
To exercise your rights contact us at info@slisuric.hr. If you consider that processing is unlawful, you have the right to lodge a complaint with the Croatian Personal Data Protection Agency, azop.hr.
6. Security, accuracy and changes
We apply reasonable technical and organisational security measures, including restricted access to business data, protection of the form against automated abuse and use of secure communication channels where available. We ask that you do not send us sensitive personal data that is not required for a quote or delivery.
The privacy policy may be updated periodically due to changes to the website, business processes, service providers or regulations. The current version is always available on this page.
Business terms are a separate document.
For the rules on quotes, orders, delivery, payment and complaints, see the Terms of Business.