Privacy Policy
This policy explains how we handle personal data when you visit this website or get in touch with us. It is written to satisfy Articles 13 and 14 of the EU General Data Protection Regulation (GDPR) and the Croatian Act on the Implementation of the GDPR.
1. Controller
The data controller is Athlete Thermography Screening j.d.o.o., Radnička cesta 50, 10000 Zagreb, Croatia (OIB 36520028470). For any data-protection matter contact vlaho@athletethermographyscreening.hr. We have not appointed a Data Protection Officer because we are not required to under Article 37 GDPR.
2. What we collect and why
Contact form and email enquiries. When you write to us we receive your name, email address, club or organisation if you share it, and the contents of your message. We use this information only to reply to you and to keep a record of the conversation. Legal basis: Article 6(1)(b) GDPR (steps prior to entering into a contract) and Article 6(1)(f) GDPR (our legitimate interest in responding to enquiries).
Server logs. Our hosting provider records standard request data (IP address, timestamp, requested URL, user-agent) for security and availability. Legal basis: Article 6(1)(f) GDPR (legitimate interest in operating a secure service). Logs are kept for up to 30 days.
Cookies. Strictly necessary cookies are set without consent. Analytics and any other non-essential cookies are only set after you give consent through our cookie banner. See our Cookie Policy.
Thermal images of athletes. This website does not collect or process thermal images of athletes. Thermal images captured in the ATS application are governed by a separate data-processing agreement with the contracting club or organisation, where we typically act as a processor under Article 28 GDPR.
3. Recipients and sub-processors
We share personal data only with providers that help us operate the website and respond to enquiries, typically web hosting, email, and form-handling services. A current list of sub-processors is available on request from vlaho@athletethermographyscreening.hr.
4. International transfers
Some of our service providers are based outside the EEA. Where that is the case, transfers rely on the European Commission's adequacy decisions or on Standard Contractual Clauses (SCCs) adopted under Article 46(2)(c) GDPR, together with the supplementary safeguards required by current case law.
5. Retention
We keep enquiry correspondence for as long as the relationship remains active, and afterwards for a reasonable period for accounting, legal-defence, and follow-up purposes. Server logs are kept for up to 30 days. Cookies are retained according to the lifetimes listed in the Cookie Policy.
6. Your rights
Under the GDPR you have the right to: access your data (Article 15); rectify inaccurate data (Article 16); request erasure (Article 17); restrict processing (Article 18); receive a portable copy (Article 20); object to processing based on legitimate interest (Article 21); and withdraw consent at any time where processing is based on consent (Article 7(3)). To exercise any of these rights write to vlaho@athletethermographyscreening.hr.
You also have the right to lodge a complaint with the Croatian supervisory authority, Agencija za zaštitu osobnih podataka (AZOP), azop.hr.
7. Automated decision-making
We do not make decisions about you on the basis of automated processing that produce legal or similarly significant effects.
8. Changes to this policy
We may update this policy when our processing changes or when the law requires it. Material changes will be announced on this page.