Privacy policy

International Criminalistic Association, Vlaška 72a, Zagreb,
email: info@criminalisticassociation.org

Privacy policy is a basic legal document  whose purpose is to set a framework for personal data protection in accordance with the General Data Protection Regulation (GDPR).

This Privacy Policy applies to personal data processing which is carried out in accordance with the goals, activities and Constitution of the Association , as well as provisions of the General Data Protection Regulation and this Privacy Policy.

Through this Privacy Policy  we provide you with the following information:

    1. Who is the Data Controller?
    2. Who is the Personal Data Protection Officer?
    3. What is the purpose and legal basis for personal data processing?
    4. What are cookies and which cookies do we use?
    5. What are the principles of data processing?
    6. What are the rights of the Data Subject?
    7. Personal data storage limitation (retention period)

1. DATA CONTROLLER

The Data Controller is the International Criminalistic Association (hereinafter:  the Association, Vlaška 72a, Zagreb, OIB (Personal identification number: 69880723255)

 

2. PERSONAL DATA PROTECTION OFFICER

The Association has appointed a Personal Data Protection Officer. Should you have any questions relating to your personal data processing and exercising the rights envisaged by the GDPR, you may contact the Personal Data Protection Officer by email or in writing, by sending your enquiry to the headquarters of the Association, Vlaška 72a, Zagreb, FAO Personal Data Protection Officer

Name and surname: Ana Ćenan
Contact details:
Email: pdprotectinofficer@criminalisticassociation.org

 

3.1. Your personal data necessary for the purposes of the Association membership application, publications of member biographies on the official website of the Association, as well as publications of professional papers in the Criminalistic Theory and Practice Journal are processed in accordance with Article 6 (1) of the Regulation 2016/679/EU of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter: the General Regulation). The duties and powers listed are prescribed by the provisions of the General Regulation and the General Regulation Implementation Act, and these include :

  • Replying to received enquiries
  • Taking action to control compliance with the General Regulation

3.2. According to the purpose of processing the Association shall process your personal data solely for the purposes of:

  • applying for the Association membership
  • publishing biographies on the Association’s official website
  • publishing professional papers in the Criminalistic Theory and Practice Journal

 

4. USING COOKIES

The official website of the Association www.criminalisticassociation.org uses cookies – files that are stored on a computer or mobile device while visiting a particular website. They are often used in order to ensure the proper functioning of the website or to make it function more efficiently.

The cookies we use on our website are technical cookies, essential for the proper functioning of the website and cannot be turned off. We do not need your constent to use this type of cookies.

 

5. PRINCIPLES OF PERSONAL DATA PROCESSING

Article 5 of the General Data Protection Regulation prescribes the basic principles relating to processing of personal data:

  • Lawfulness of processing principle
  • Purpose limitation principle
  • Data minimization principle
  • Accuracy principle
  • Storage limitation principle
  • Integrity and confidentiality principle

 

6. DATA SUBJECT RIGHTS

Everyone has a fundamental right to the protection of personal data concerning him or her. The aim of personal data protection is to protect the private life and other human rights as well as fundamental freedoms when collectingprocessing and using personal data. The right to personal data protection is  a right to protect the legitimate interests of citizens (individuals) with regard to preventing and sanctioning the misuse of personal data, and is guaranteed by international and national legislation.

  • The right of access to personal data
  • The right to rectification of personal data
  • The right to erasure
  • The right to restrict personal data processing
  • The right to object

You may exercise these rights by sending a written request to info@criminalisticassociation.org. The Association shall give the requester a written response, including information on any action taken, within 30 days of the receipt of the request; if necessary, the time limit for responding may be extended for up to 30 days.

 

7. PERSONAL DATA RETENTION PERIOD

Your personal data is stored for no longer than necessary for the purposes for which it was collected. The Association will store and keep all personal data in accordance with the General Regulation and the legislation of the Republic of Croatia.

Any request for data erasure or any request for restriction of processing or other complaints shall be dealt with immediately upon receipt. You can exercise these rights by sending a written request to info@criminalisticassociation.org

You may lodge a complaint regarding the processing of your personal data with the Supervisory Authority. The Supervisory Authority is the Personal Data Protection Agency (Agencija za zaštitu osobnih podataka) headquartered at Martićeva 14, Zagreb.

 

8. PERSONAL DATA PROTECTION OFFICER

Pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC the International Criminalistic Association has appointed a Personal Data Protection Officer.

The responsibilities of the Personal Data Protection Officer are laid down in Article 39 of the General Regulation according to which the Data Protection Officer shall have at least the following tasks:

  1. to inform and advise the controller or the processor and the employees who carry out processing of their obligations pursuant to this Regulation and to other Union or Member State data protection provisions;
  2. to monitor compliance with this Regulation, with other Union or Member State data protection provisions and with the policies of the controller or processor in relation to the protection of personal data, including the assignment of responsibilities, awareness-raising and training of staff involved in processing operations, and the related audits;
  3. to provide advice where requested as regards the data protection impact assessment and monitor its performance pursuant to Article 35;
  4. to cooperate with the Supervisory Authority;
  5. to act as the contact point for the Supervisory Authority on issues relating to processing, including the prior consultation referred to in Article 36, and to consult, where appropriate, with regard to any other matter.

The Data Protection Officer shall be bound by an obligation of confidentiality concerning the performance of his or her tasks.  The obligation of confidentiality shall also apply after leaving office or after the termination of activities of the Data Protection Officer.

The International Crminalistic Association Personal Data Protection Officer’s contact information:

Name and surname: Ana Ćenan
Phone:
Email: pdprotectinofficer@criminalisticassociation.org

9. RULES ON THE USE OF COOKIES

What are cookies?

A cookie is a small piece of data stored on the user‘s computer by the web browser while browsing a website. With the help of a cookie, the website remebers your actions and preferences (such as sign-in, language, font size, and other preferences related to display) over a longer period, so it is not necessary to re-enter them every time you return to the website.

Information such as your name or email address will not be stored – the website cannot access your personal information and files on your computer or mobile device.

Which cookies do we use and why?

We use cookies to ensure that we give you the best experience on our website.

The cookies we use on this website are technical cookies, essential for the proper functioning of the website and cannot be turned off.  We do not need your constent to use this type of cookies. You can set your browser to block these cookies or send a warning about them, but if you do that, some features of this site may not work as intended. Please note, if you do not accept cookies our website will not function optimally.

How to control cookies?

You can control and/or delete cookies as you wish.

You can delete all cookies that are on your computer or mobile device and you can set most browsers to prevent them from being placed. However, if you block cookies, you may have to manually adjust some preferences every time you visit the site and some functionalities may not work properly.

Adjusting your cookie settings/Managing cookies

Every time you visit our website you can choose to manage and adjust your cookie settings and delete and/or change them at any time.

How to delete cookies?

Most cookies can be easily deleted, but it should be noted that deleting or blocking all cookies may have a negative impact upon the usability of the website. However, if you choose to delete or disable cookies on your computer or mobile device you need to update your web browser settings (select Help in your web browser menu for more information on how to delete and disable cookies).

10. PRINCIPLES OF PERSONAL DATA PROCESSING

The principles of personal data processing are laid down in Article 5 of the General Regulation.

  • Lawfulness of processing principle

Personal data shall be processed lawfully, fairly and in a transparent manner in relation to the data subject,  so that the data subject is acquainted with the purpose and legal basis of data processing, with the data recipients and storage period.

  • Purpose limitation principle

Personal data collected for specific, explicit and lawful purposes may not be further processed if inconsistent with those purposes.

  • Data minimization principle

Personal data to be collected should be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.

  • Accuracy prinicple

Personal data must be accurate and complete. The Data Controller should take steps to correct inaccurate personal data, taking into account the purpose of the processing.

  • Storage limitation principle

The storage form of personal data should enable identification of data subjects only for as long as necessary for the processing.

  • Integrity and confidentiality principle

Personal data processing should ensure the security of personal data, including protection against unauthorized or unlawful processing and accidental loss and destruction, by applying appropriate technical or organizational measures.

 

11. DATA SUBJECT RIGHTS

Chapter 3 of The General Data Protection Regulation sets out in detail the rights of data subjects aimed at achieving an efficient protection of personal data.

The right to access your personal data

You have the right to access your personal data that we are processing about you and you may request detailed information, in particular, on the purpose of processing, on the type/categories of personal data that are being processed, including access to your personal data, information on recipients or categories of recipients, and on the envisaged period for which the personal data will be stored.

Access to personal data may be limited only in cases prescribed by Union law or by our national legislation, or where such limitation respects the fundamental rights and freedoms of others.

The right to rectification of personal data

You have the right to have personal data rectified or completed if your personal data is not correct, complete or up to date.  In order to do that, send us (the Controller) a request  in writing, including, where appropriate, by electronic means.

Please note that in your request you need to specify what is not correct, complete or up to date, word for word,  and how it should be rectified as well as provide necessary documents to support your claims.

The right to erasure

You have the right to request the erasure of your personal data if one of the following conditions is fulfilled:

  • Your personal data are no longer necessary to fulfill the purpose for which we collected or processed them;
  • You have withdrawn the consent on which the processing is based in accordance with point (a) of Article 6(1) or point (a) of Article 9(2) and there is no other legal basis for processing;
  • You have objected to the processing of your personal data in accordance with Article 21(1) of the General Data Protection Regulation and if there are no legitimate reasons for processing;
  • Your personal data have been illegally processed;
  • Your personal data must be erased in order to comply with a legal obligation under Union or State law to which the Controller is subjected

The right to restrict personal data processing

You have the right to obtain a restriction on processing if:

  • You dispute its accuracy
  • If the processing is unlawful and you oppose to its erasure
  • If the Data Controller no longer needs personal data but you requested to process your data for the purpose of setting, fulfilling or defending legal claims
  • If you have objected to the processing of your personal data

The right to object

If we process your personal data for the purposes of performing tasks carried out in the public interest or in the exercise of official authority vested in us or processing is necessary for the purposes of our legitimate interests, you can object to such processing