Privacy Policy

The data controller for your personal data is:

Nexavorellixan d.o.o.

Ulica grada Vukovara 284

10000 Zagreb, Croatia

OIB: 78432156901

Email: info@nexavorellixan.com

For all questions regarding the protection of personal data, you can contact us at the above email address.

We collect the following categories of personal data:

• Identification data: name, surname, email address that you voluntarily provide through the contact form.

• Technical data: IP address, browser type, operating system, device data, and site usage information.

• Cookie data: information collected through cookies and similar tracking technologies, including analytics data and advertising data.

We do not collect special categories of personal data (e.g., health data, data on racial or ethnic origin).

We process your personal data based on the following legal grounds:

• Consent (Art. 6(1)(a) GDPR): for analytics cookies, advertising cookies, and marketing communication.

• Legitimate interest (Art. 6(1)(f) GDPR): for improving our website, system security, and abuse prevention.

• Contract performance (Art. 6(1)(b) GDPR): for processing your inquiries through the contact form and providing requested information.

Processing purposes include:

- Responding to your inquiries and requests

- Analyzing website usage and improving user experience

- Displaying relevant ads (with your consent)

- Compliance with legal obligations

We may share your personal data with:

• Google Ireland Limited — for traffic analytics (Google Analytics 4) and advertising (Google Ads), exclusively with your consent via Google Consent Mode v2.

• Hosting and infrastructure providers — who act as data processors and with whom we have appropriate data processing agreements.

We do not sell your personal data to third parties. All our partners are obligated to comply with the GDPR and applicable data protection regulations.

Some of our service providers (such as Google) may process data outside the European Economic Area (EEA). In such cases, we ensure appropriate safeguards, including standard contractual clauses approved by the European Commission or adequacy decisions.

Under the General Data Protection Regulation (GDPR), you have the following rights:

• Right of access — you can request a copy of your personal data that we process.

• Right to rectification — you can request correction of inaccurate or incomplete data.

• Right to erasure — you can request deletion of your personal data under certain conditions.

• Right to restriction of processing — you can request restriction of processing your data.

• Right to data portability — you have the right to receive your data in a structured, commonly used, and machine-readable format.

• Right to object — you can object to the processing of your data based on legitimate interest.

• Right to withdraw consent — you can withdraw your consent to data processing at any time without affecting the lawfulness of processing prior to withdrawal.

To exercise these rights, contact us at info@nexavorellixan.com. You also have the right to file a complaint with the Croatian Personal Data Protection Agency (AZOP).

We retain your personal data only as long as necessary for the purposes for which it was collected:

• Contact form data: up to 12 months after the last communication.

• Analytics data: up to 26 months from collection.

• Cookie consent data: up to 12 months, after which renewed consent is requested.

After the expiry of these periods, data is permanently deleted or anonymized.

We apply appropriate technical and organizational measures to protect your personal data from unauthorized access, loss, alteration, or destruction. This includes SSL/TLS encryption, regular security checks, and restricted data access.

We reserve the right to amend this Privacy Policy in accordance with changes in legislation or our business practices. All changes will be published on this page with an updated date. We recommend regularly checking this page.