Personal data protection

The General Data Protection Regulation (EU, 2016/679) and the Act on the Implementation of the General Data Protection Regulation (Official Gazette 42/2018) regulate the protection of personal data of each individual.

General rules on the protection of personal data

Lentismed d.o.o., as the controller of personal data processing, regulates, among others, the management of structured sets of personal data, the principles of personal data processing, the conditions of consent, the processing of special categories of personal data, the provision of information and access to personal data, corrections and deletions, the right to an appeal and automated individual decision-making, the obligations of the dana controller with regard to the security of processing, and technical and integrated data protection, the appointment of a personal data protection officer, etc.

Collection, processing and storage of personal data

Personal data are processed on the basis of a legal obligation, the consent of the data subject or other legitimate grounds laid down in the General Regulation. For each data collected from the data subject, all reasonable technical and organisational security measures shall be taken in order to protect against unauthorised or unlawful processing, loss, destruction or damage of the data. Access, use and maintenance of personal data is supervised, and security measures are continuously improved in accordance with technological development.

Data subjects’ rights

At any time, every data subject shall have the right to request from his or her controller access to his or her personal data. In addition to requesting access, the data subject shall have the right to corrections, deleting, restriction of processing and portability of personal data and the right to object to the processing itself. These rights are exercised by submitting a completed application form to the e-mail address of the Personal Data Protection Officer of Lentismed d.o.o.

Personal Data Protection Officer

According to the Personal Data Protection Act (Official Gazette 103/03, 118/06, 41/08, 130/11, 106/12) the Personal Data Protection Officer is in charge of the lawfulness of processing of personal data and exercising the right to the protection of personal data. In addition to the above mentioned duties, the Officer informs all employees in the processing of personal data about the necessity of applying the regulations on the protection of personal data in cases of planning and actions that may have an impact on privacy issues and the protection of personal data.

Personal Data Protection Officer:

Ivana Vidalin

Lentismed d.o.o., Slavonska avenue 26/9, 10000 Zagreb

ividalin@lentismed.com