Privacy Policy

How we collect, use, and protect your personal information

Last Updated: 1st January 2026

Effective Date: 1st January 2026

1. Introduction

alphaproluxis d.o.o. ("we", "our", "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website, use our services, or interact with our enterprise data-driven decision making platforms.

As a company registered in Croatia and operating within the European Union, we comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws. This policy applies to all personal data we process in connection with our business activities.

2. Data Controller Information

The data controller responsible for your personal information is:

3. Data Collection

We collect personal data through various means when you interact with our services. The data we collect includes information you provide directly to us and information we automatically collect through your use of our website and platforms.

3.1 Information You Provide Directly

When you contact us, request information, or use our services, we may collect the following personal information:

  • Name and contact details (email address, phone number, postal address)
  • Company information (company name, job title, industry)
  • Communication preferences and enquiry details
  • Account information for our platforms and services
  • Payment and billing information when you purchase our services
  • Any other information you choose to provide in forms, surveys, or communications

3.2 Information We Collect Automatically

When you visit our website or use our platforms, we automatically collect certain technical information:

  • IP address and browser information
  • Device information and operating system details
  • Website usage data and navigation patterns
  • Cookies and similar tracking technologies (see our Cookie Policy)
  • Log files and system performance data

4. How We Use Your Information

We process your personal data for legitimate business purposes and only when we have a lawful basis for doing so. The primary ways we use of your data include providing our services, improving our platforms, and maintaining business relationships with our clients.

4.1 Service Provision and Support

  • Delivering our enterprise data intelligence platforms and services
  • Providing technical support and customer assistance
  • Processing transactions and managing billing
  • Communicating about service updates and platform improvements

4.2 Business Operations and Improvement

  • Analysing website performance and user experience
  • Developing new features and enhancing existing services
  • Conducting market research and business analysis
  • Managing our business relationships and partnerships

4.3 Legal and Compliance Purposes

  • Complying with legal obligations and regulatory requirements
  • Protecting our rights and interests
  • Preventing fraud and ensuring platform security
  • Responding to legal requests and investigations

5. Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about our use of cookies, please refer to our comprehensive Cookie Policy, which explains the types of cookies we use, their purposes, and how you can control them.

6. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties. We may share your data only in specific circumstances and with appropriate safeguards:

6.1 Service Providers and Partners

We may share data with trusted service providers who assist us in delivering our services, such as cloud hosting providers, payment processors, and technical support partners. These providers are contractually bound to protect your information and use it only for specified purposes.

6.2 Legal Requirements

We may disclose your information when required by law, regulation, or legal process, or when necessary to protect our rights, property, or safety, or that of our users or the public.

6.3 Business Transfers

In the event of a merger, acquisition, or sale of business assets, your information may be transferred as part of the transaction, subject to appropriate privacy protections.

7. Data Retention

We retain your personal information only for as long as necessary to fulfil the purposes for which it was collected and to comply with our legal obligations. Our data retention periods vary depending on the type of information and the purpose for which it was collected.

7.1 General Retention Periods

  • Contact enquiries: 3 years from last contact
  • Customer data: Duration of service relationship plus 7 years for legal compliance
  • Website analytics: 26 months (aligned with Google Analytics retention)
  • Marketing data: Until consent is withdrawn or 3 years of inactivity
  • Legal documentation: As required by applicable laws and regulations

When personal data is no longer required, we securely delete or anonymise it in accordance with our data retention and deletion procedures.

8. Your Rights

Under GDPR and applicable data protection laws, you have several rights regarding your personal information. We are committed to facilitating the exercise of these rights and will respond to your requests within the required timeframes.

8.1 Access and Portability

  • Right of access: Request a copy of the personal data we hold about you
  • Right to data portability: Receive your data in a structured, machine-readable format

8.2 Correction and Deletion

  • Right to rectification: Request correction of inaccurate or incomplete personal data
  • Right to erasure: Request deletion of your personal data in certain circumstances

8.3 Processing Control

  • Right to restrict processing: Limit how we process your data in specific situations
  • Right to object: Object to processing based on legitimate interests or for marketing purposes
  • Right to withdraw consent: Withdraw consent for processing where consent is the legal basis

To exercise any of these rights, please contact us at privacy@alphaproluxis.world or +385 218898728. We may require verification of your identity before processing your request.

9. Data Security

We implement comprehensive technical and organisational measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. Our security measures include:

  • Encryption of data in transit and at rest using industry-standard protocols
  • Access controls and authentication systems for our platforms and databases
  • Regular security assessments and vulnerability testing
  • Employee training on data protection and security best practices
  • Incident response procedures for potential security breaches
  • Compliance with international security standards and frameworks

While we strive to protect your personal information, no method of transmission or storage is completely secure. We cannot guarantee absolute security but are committed to maintaining the highest standards of data protection.

10. International Data Transfers

As an EU-based company, we primarily process data within the European Economic Area (EEA). When we transfer personal data outside the EEA, we ensure appropriate safeguards are in place, such as:

  • European Commission adequacy decisions for certain countries
  • Standard Contractual Clauses approved by the European Commission
  • Binding Corporate Rules for multinational organisations
  • Certification schemes and codes of conduct

We regularly review our international transfer arrangements to ensure they provide adequate protection for your personal data.

11. Children's Privacy

Our services are designed for business and enterprise use and are not intended for individuals under the age of 16. We do not knowingly collect personal information from children under 16. If you believe we have inadvertently collected such information, please contact us immediately so we can delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of significant changes by posting the updated policy on our website and updating the "Last Updated" date.

For material changes that affect your rights or how we process your personal data, we may provide additional notice through email or other communication methods. We encourage you to review this policy periodically to stay informed about how we protect your information.

13. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data protection practices, please contact us using the following methods:

We are committed to addressing your privacy concerns promptly and will respond to your enquiries within 30 days or as required by applicable law.

14. Supervisory Authority

You have the right to lodge a complaint with a supervisory authority if you believe we have not handled your personal data in accordance with applicable law. In Croatia, the relevant supervisory authority is:

  • Croatian Personal Data Protection Agency (AZOP)
  • Website: azop.hr

You may also contact the supervisory authority in your country of residence or where the alleged infringement occurred.