Privacy Policy

Effective date: 30 October 2025

1. Overview

This Privacy Policy explains how personal data are collected, used, and protected when you use this website or contact us through available communication channels.

Personal data are processed in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and the Croatian Law on the Implementation of the General Data Protection Regulation.

By using this website or contacting us, you acknowledge this Privacy Policy.

2. Data We Collect

We may collect the following types of information:

  • Identification and contact information: name, surname, and email address provided through the contact form or direct communication.
  • Technical and security-related data: IP address, browser type, device type, and basic diagnostic or security data collected automatically to ensure website security, integrity, and proper functionality.
  • Strictly necessary cookies: technical and security cookies required for core website functionality and protection against abuse.

We do not use cookies or technologies for marketing, analytics, profiling, or automated decision-making.

3. Purpose and Legal Basis of Processing

Personal data are processed only for clearly defined and legitimate purposes, such as:

  • responding to inquiries and communication requests,
  • preparing service offers or agreements upon request,
  • ensuring website stability, integrity, and security,
  • preventing automated abuse and spam,
  • fulfilling applicable legal obligations.

The legal bases for processing include:

  • consent, where applicable (Article 6(1)(a) GDPR),
  • performance or preparation of a contract (Article 6(1)(b) GDPR),
  • compliance with legal obligations (Article 6(1)(c) GDPR),
  • legitimate interests related to website security and abuse prevention (Article 6(1)(f) GDPR).

4. Data Retention

Personal data are retained only for as long as necessary to fulfil the purposes for which they were collected or as required by applicable law.

After the retention period expires, data are securely deleted or anonymized.

5. Data Sharing and Processors

Personal data are not sold or disclosed to unauthorized third parties.

However, data may be processed by carefully selected data processors who assist in providing services, such as:

  • hosting and email infrastructure providers,
  • website maintenance and security service providers.

Some service providers, including Cloudflare, may process technical or security-related data outside the European Economic Area (EEA). In such cases, appropriate safeguards are applied in accordance with the GDPR, including standard contractual clauses and recognized international data transfer frameworks.

All processors are contractually bound to process personal data in accordance with GDPR requirements.

6. Data Security

Appropriate technical and organizational measures are applied to protect personal data against unauthorized access, alteration, loss, or misuse.

Access to personal data is restricted to authorized personnel only and limited to what is necessary for professional duties.

7. Cookies

Our website uses only strictly necessary and functional cookies required for proper operation and security.

To protect contact forms from automated abuse and spam, we use Cloudflare Turnstile. This service may set technical security cookies (such as _cfuvid) to support abuse detection and prevention.

These cookies are used exclusively for security purposes and are not used for marketing, analytics, tracking, or profiling.

The use of such cookies does not require prior consent under applicable data protection laws. Visitors are informed about their use through an informational cookie notice displayed on the website.

More information about Cloudflare’s privacy practices is available at:
https://www.cloudflare.com/turnstile-privacy-policy/

8. Your Rights

In accordance with the GDPR, you have the following rights regarding your personal data:

  • access,
  • rectification,
  • erasure,
  • restriction of processing,
  • data portability,
  • objection to processing based on legitimate interests.

You may exercise these rights by contacting us through the contact form available on this website.

If you believe your rights have been violated, you have the right to lodge a complaint with the Croatian Personal Data Protection Agency (AZOP).

9. Updates to This Policy

We may update this Privacy Policy to reflect legal, technical, or operational changes.

Any updated version will be published on this page with a revised effective date.

Company information

AresISEC d.o.o.
OIB: 49411602130
Registered office: Zagreb, Croatia

For inquiries related to personal data protection or this Privacy Policy, you may contact us via the contact form available on this website.

AresISEC d.o.o. · Zagreb, Croatia · OIB: 49411602130 · info@aresisec.hr

Privacy Policy  | Terms of Service Responsible Disclosure

© 2025 AresISEC

Facebook-f Linkedin Wpforms
Scroll to top