RULES REGARDING PERSONAL DATA PROTECTION
Nexe grupa d.d. (further: the Company) collects and processes personal data of individuals in order to implement legal obligations and to fulfill tasks within its regular operations within scope necessary to perform registered activities.
Prior to collection of data the Company will inform individual about purpose of data collection, about legal basis, to whom data will be revealed and about right of individual to access his/her personal data and to demand its correction or deletion.
If data processing is not necessary to fulfill legal provisions or to perfom a contract, examinees will be requested to give their written consent to processing their personal data.
Collected data will be held as long as necessary depending on deadlines of valid regulations and purpose of their collection.
The Company will undertake all technical, HR and organization measures in order to protect personal data from accidental loss or obliteration and unallowed access, unallowed change, unallowed publication and any other misuse.
The Company will answer to each examinee at his request to practice rights regarding personal data processing (insight in processing and change of data, deleting and restricition of data, withholding consent). If the Company determines that data are incomplete, incorrect or not updated or if examinee requests so, or if data's processing is not in line with GDPR, the Company will supplement, change or delete personal data.
Application for rights achievement is available at this web site and it can be filled and sent to the Company in line with instructions in application itself regarding achievement of rights for personal data protection (Application for rights achievement).
In order to protect data more efficiently, the Company has set up a Rulebook on personal data protection, which details actions regarding protection of examinee's privacy.
Rules regarding personal data protection apply to all member companies of Nexe Grupa to which GDPR applies.