Legal Documents

These General Terms and Conditions (hereinafter: General Terms and Conditions) regulate the relations between the company GELD DATA d.o.o., VAT ID: HR27972234767, Selska cesta 90A, Zagreb (hereinafter: the Company) as a service provider and Service User (hereinafter: the User). All relevant regulations of the Republic of Croatia that will be in force on the day of the beginning of the provision of services, ie after that day, shall apply to all mutual relations between the Company and the User that are not specifically regulated by these General Terms and Conditions.

Following the above, before entering into a business relationship with the Company, it is necessary to carefully read these Terms and Conditions and Privacy Policy.

Article 1 — Services

The Company provides its Users with data processing and documentation services related to the Sweepstakes (hereinafter: Services). Users of these Services may be natural persons who have concluded contracts for the organization of the Prize Game, natural persons who submit data and documents of third parties, third parties who submit data and documentation collected in the course of their business activities.

Article 2 — Use of Services and Fees

By accepting the Company's offer, regardless of the subsequent delivery of the agreed documentation, the User enters into a contractual relationship with the Company, and confirms that he has fully read, understood and accepted the application and obligation of the General Terms. Use of the Services is possible only and exclusively with the consent to act in accordance with these General Terms and Conditions. Simultaneously with the acceptance of the Company's offer for the provision of Services, the User undertakes to pay the agreed fee to the Company's account and submit the necessary documentation, all in the manner and within the period as determined by the offer. The manner and deadline for providing the Services will be determined by the offer itself. In the event that the User, after receiving a calculation of a potential claim, decides not to take further action to try to collect his claim, and accepts the offer which includes the organization of an initial meeting for legal advice, the Company has no obligation to refund part of the fee. The Company undertakes to refund the fee paid to the User in full if it has not provided the User with services for reasons that lie exclusively with the Company.

Article 3 — Exclusion of the Company's liability

The User is solely responsible for the delivery of correct, complete and true documentation on the basis of which the Company organizes the Prize Game. The Company undertakes to provide the Services in accordance with the rules of the profession and with special care. The Company is not liable to any person for any type of damage that may occur directly or indirectly as a result of using the Services.

Article 4 — Protection of personal data

The Company collects and processes the User's personal data. A detailed overview of the processing and protection of personal data is available in the Terms of Use of the survey and the privacy policy.

Article 5 — Marketing

In accordance with the Electronic Communications Act (OG 73/08, 90/11, 133/12, 80/13, 71/14, 72/17), the Company is authorized to use the data on the User's email addresses for the purpose of selling products and services, for direct promotion, including sending newsletters and the like.

Article 6 — Publication of the General Terms and Conditions

These general conditions are, in accordance with the Civil Obligations Act (OG 35/05, 41/08, 125/11, 78/15, 29/18) and the Consumer Protection Act (OG 41/14, 110/15, 14/19), published on the websites www.geld.hr and www.SparkPrize.pro and are available in the business premises of the Company.

Article 7 — Changes to the General Terms and Conditions

The Company is authorized to change the General Terms and Conditions at any time and the Users are obliged to get acquainted with all changes to the General Terms and Conditions. Amendments to the General Terms and Conditions enter into force on the day of their publication on the websites www.geld.hr. By using the said website, it is considered that the User has agreed to the amended General Terms and Conditions.

Article 8 — Consumer rights

For possible complaints and objections, it is necessary to contact in writing to the e-mail address info@geld.hr or to the address of the Company — Selska cesta 90A, Zagreb. The company will respond to the complaint or objection within 15 days.

Article 9 — Applicable law and jurisdiction

The law of the Republic of Croatia applies to these General Terms and Conditions. In the event of any dispute regarding the interpretation, content, application or violation of the General Terms and Conditions, the competent court will be in Zagreb, Croatia.

Personal data protection policy GELD DATA d.o.o. (hereinafter GD).

The personal data protection policy regulates all principles and rules of personal data processing. GD respects your privacy and is committed to protecting your personal information. GD, as controller, processes your data in accordance with the provisions of EU Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data 46/EC (General Data Protection Regulation), the Act Implementing the General Data Protection Regulation (OG 42/2018) and other relevant regulations applicable in the Republic of Croatia.

In order to exercise the right to protection of personal data in accordance with the General Regulation and the Act on the Implementation of the General Regulation on Data Protection (OG 42/2018), we also ask for your consent to the use of your personal data.

Consent refers to all personal data that GD may collect in certain situations when visiting the company's websites, contacting in the context of business cooperation, interaction with GD as a business user, supplier, business partner and the like. This includes, but is not limited to, personal information collected through surveys, online or offline.

One of the activities of GD is market research and public opinion polling, and in this context we collect and process survey data. What you tell us in one of our surveys will not be related to you personally or passed on to third parties.

Purpose of collecting personal data

In contacting you, we may ask you to share your personal information with us for the following purposes:

• Participation in GD's web activities on the Internet, including web-based online surveys and our social media channels / pages
• Participation in telephone or other types of surveys
• Saving your data for future interactions and communication with GD
• Access to the inquiry form for the offer of services
• Access to the application form / link for part-time / permanent work
• Access to client online services
• Personal data of employees in order to exercise employment rights
• Through cookies; if you want more information on how we use cookies, see our Cookie Policy.

When doing business with GD as a business client, we will ask you to share your personal information with us for the following purposes:

• Customer relationship management
• Ensuring access to information
• Communication
• Analysis and understanding of interaction with clients
• Providing access to client online services
• Answering questions or resolving requests / inquiries for the provision of services

In general, we process your personal data only for the purposes for which we have informed you.

Purposes of personal data processing

• Legitimate interest
• Legal right established and prescribed by the Labor Law
• Protection of persons and property by video surveillance measures to a limited extent within the company's premises
• Other purposes of which individuals have been informed in accordance with the provisions of the General Data Protection Regulation.

Principles of personal data protection

GD processes data:

Legal — only if the processing is allowed by law and within the limits prescribed by law.

Fair — respecting the specifics of the relationship with you, applying all measures to protect personal data, making it easier for you to exercise your rights.

Transparent — by providing all information in a clear and easily accessible manner within the limits prescribed by the General Data Protection Regulation.

With purpose limitation — processing personal data for the purposes for which they were collected, and for other purposes taking into account (a) any connection between the purposes of personal data collection and the purposes of the intended continuation of processing; (b) the context in which the personal data was collected, in particular as regards our relationship with you; (c) the nature of the personal data, in particular whether special categories of personal data are processed in accordance with Article 9 of the Regulation or personal data relating to criminal convictions and criminal offenses in accordance with Article 10 of the Regulation; (d) the possible consequences of the intended continuation of processing for the respondents; and (e) the existence of appropriate safeguards.

With storage limitation — keeping the data in a form that allows the identification of the individual only as long as necessary for the purposes for which personal data are processed, and longer only if allowed by the Regulation.

With a reduction in the amount of data — we make sure that the data we process is appropriate, relevant and limited to what is necessary.

Taking care of accuracy — we take care of the accuracy and up-to-dateness of the data and delete incorrect data in accordance with the requirements of the Regulation.

Paying attention to integrity and confidentiality — technical and organizational measures take care of the appropriate security of personal data depending on their risk, including protection against unauthorized or illegal processing and against accidental loss, destruction or damage by applying appropriate technical or organizational measures.

Legality: Legality, ie legal bases of data processing can be: concluding or fulfilling a contractual obligation in which you are a party to our legitimate interest to the extent that it is more important than the interest of the respondents not to process data or your consent, another legal basis in accordance with the Regulation.

Personal data that GD may collect

When interacting with GD via email, the web or social networks (e.g. if you indicate that you like GD on Facebook), we may request or receive certain information such as: Name, Email Address, Phone Number, IP Address, Cookie ID, Internet Browser, Operating System, Model and Type of Device You Access.

When you communicate with GD as a business client, we may collect the following information: Name, Email address, Telephone number, Business address, Name and address of the company you work for [personal details that may be relevant to the business relationship, e.g. your professional experience, etc.], IP address, Internet browser, Operating system, Model and type of device you accessed.

Ways of collecting personal data

You can share personal information with GD through (not limited to): Communication with GD (may be related to the service or through a request for quotation you have sent us); Communication with one of the employees of GD by e-mail, telephone or in writing or orally; Ordering service; Request to receive messages on a mobile phone / device; Voluntary participation in surveys; Participation in social media activities related to the promotion of GD (e.g. by selecting "like" or "share" options); Cookies placed on your computer or mobile device when you visit our website.

When you communicate with GD as a business client / user, supplier or business partner, data collection is also done through: Concluding cooperation agreements; Provision of services by GD; Communication with GD; When accessing the business premises of GD; Voluntary participation in surveys.

If you do not want GD to use your personal data, you can let us know at any time at the e-mail address: info@geld.hr or dpo@geld.hr.

Sharing personal information with others: We will not share your personal information with other suppliers of products or services, business partners and other third parties. If we are required by law to obtain your consent or for any other reason believe that your consent is required in certain circumstances, we will request it before sharing your personal information.

After you provide us with your personal data, it is possible to update, change or request their deletion in writing via the e-mail address: info@geld.hr. You can ask other privacy questions or make your privacy complaints through the same address. You can revoke your consent at any time and via our website: www.geld.hr in the appropriate form. The revocation of consent does not affect the lawfulness of the processing of personal data which, on the basis of consent, has been carried out until the moment of revocation of consent.

Your rights

At your request, we will inform you whether personal data about you is being processed and what that data is. If all legal requirements are met, you have the right to correct, delete or restrict the processing of personal data. You can withdraw all statements of consent you have given (in case the collection and processing is based on consent) and you can object to the processing of data only for the purpose for which they were collected / processed. You also have the right to receive the information you have made available to us in a structured, up-to-date and machine-readable format; and you may request the transfer of this information to you or third parties. We are obliged to respond to your request within one month from the date of receipt of your request, unless a longer period of time is requested for the same, in which case the same period may not exceed 2 months. You also have the right to file a complaint to the competent supervisory authority — in Croatia it is the Agency for Personal Data Protection (more on this at www.azop.hr), if you suspect a violation in the process of processing your personal data.

All rights are subject to proportionate restrictions in accordance with the Regulation.

Options you have

Consent — You may be asked to give your consent for the collection of data and their use, in cases where consent is required by law.

Right to delete — You can request the deletion of all your personal data or only part of the data for which you have previously given your consent to use.

Data portability — You have the ability to transfer your personal data from one electronic processing system to another without interfering with the data controller.

Revocation of consent — It is your right to give up your consent in whole or in part, without consequences and explanations, and to request the termination of the processing of your personal data. You can file a revocation in 3 (three) ways: in writing by mail to the address GELD DATA d.o.o., Savska ulica 90A, 10000 Zagreb; by e-mail to: info@geld.hr; or via our website geld.hr on the corresponding form.

Data storage

For the vast majority of our research, personal data is anonymized / pseudoanonymized immediately after collection, which means that data that can in any way establish a link between the survey data and you personally is deleted from your answers. If we process data on the basis of your consent, we retain the data until you withdraw your consent and in accordance with ESOMAR's instructions. GD keeps certain data permanently with regard to legal obligations arising from employment or on the basis of the Labor Act. Personal data that is no longer needed is either irreversibly anonymized / pseudoanonymized or destroyed in a secure manner. Data from the video surveillance system are regularly deleted and kept for a maximum of 6 months, except in cases when they are necessary for conducting proceedings before the competent authorities.

Additional information

Technical and integrated data protection — GD protects your data, taking into account the latest developments, implementation costs and the nature, scope, context and purposes of processing, as well as risks of different levels of probability and seriousness for data rights and freedoms. At the time of determining the means of processing and at the time of processing, GD implements appropriate technical and organizational measures to enable the effective application of the principles of data protection. GD shall also implement appropriate technical and organizational measures to ensure that only personal data necessary for each specific processing purpose are processed in an integrated manner. We apply this measure to the amount of personal data collected, the scope of their processing, the storage period and their availability.

Records of processing activities — GD as controller shall keep records of processing activities containing: Name and contact details of the controller, if applicable, of the joint controller and the data protection officer; processing purposes; description of categories of respondents and categories of personal data; categories of recipients to whom personal data have been or will be disclosed, including recipients in third countries or international organizations; where applicable, transfers of personal data to a third country or international organization, including the identification of that third country or international organization and, in the case of transfers referred to in the second subparagraph of Article 49 (1), documentation of appropriate safeguards; if possible, deadlines for deleting different categories of data; if possible, a general description of the technical and organizational security measures.

Dealing with personal data breaches — GD ensures that in the event of a personal data breach without undue delay and, if feasible, no later than 72 hours after learning of the breach, it reports to the Personal Data Protection Agency in accordance with the Regulation, unless breach of personal data cause a risk to the rights and freedoms of individuals. Where required by the Regulation, GD shall, without undue delay, also inform respondents of personal data breaches.

Data protection impact assessment — GD does not conduct data processing that is likely to pose a high risk to the rights and freedoms of respondents. However, if a particular processing meets the high-risk requirements, the GD will, before processing, carry out an assessment of the impact of the envisaged processing operations on the protection of personal data in accordance with the requirements of the Regulation.

Scope: Links to other websites

On GD's website, you can find links to other websites with useful information. Such websites may operate independently of the GD and may have their own privacy notices, statements or policies.

We strongly encourage you to review them to find out how your personal information may be processed in relation to those websites, as we are not responsible for the content of websites not owned or operated by GD, nor for their use or privacy practices.

Please note that we accept and take seriously our responsibility to protect the personal information you entrust to us from loss, misuse or unauthorized access. Please read this document carefully to be aware of the terms and conditions of consent to the use of your personal data by GELD DATA d.o.o., as the Head of the personal data collection.

To improve your user experience when browsing the site and to ensure it works properly, this site stores a small amount of information on your computer in the form of cookies. By using the geld.hr website and projects, you agree to their use. If you choose to block cookies, you will still be able to browse the site, but some of its functionality will not be available to you.

What are cookies?

Cookies are small text files composed of a string of characters stored on your computer by websites you have visited. Cookies allow the site to display information tailored to your needs. They usually save your session token and website settings. After visiting the same website again, the browser sends back the cookies associated with it.

Cookies also allow us to track traffic and traffic to our websites (using Google Analytics and similar tools). All information collected by cookies in this way is aggregated, anonymized, and not shared with any other entities. All this information can only be saved if you allow it — websites cannot access information that you did not give them, and cannot access other files on your computer.

How to turn off cookies

Cookie settings are configured in your web browser. Detailed instructions on how to turn them off in different browsers can be found at the link: How to turn off cookies.

More information

You can read more about cookies at: HTTP Cookies, and more about the law governing their use at the European Union level at the link: EU Cookie Law. The links provided are in English.

See our dedicated Cookie Policy page for full details.

Information security is one of the most important factors affecting the quality and transparency in advertising, optimization, and marketing. By implementing information security management systems, we aim to ensure the integrity and confidentiality of all information in our possession and the smooth running of all processes.

In order to meet the needs and expectations of stakeholders, we have defined the following principles of our information security policy:

Service users and suppliers

• ensure protection of information assets from all dangers — internal and external, as well as intentional and accidental
• continuously reduce risks in the area through risk management, information security, and take control measures
• ensuring the availability of information when requested by outsiders, stakeholders, in accordance with the Right of Access Act information
• ensuring the confidentiality of sensitive data in accordance with legal regulations and good business practice

Employees

• continuous training of employees related to the rules of application of information security
• protection of personal information

State administration bodies

• ensuring compliance with legal regulations and other information security requirements
• ensuring business continuity in the event of unwanted events in accordance with the Sustainability Plan

Leadership — Management

• all information security incidents will be reported to the responsible persons, and appropriate corrective actions will be taken
• continuous improvement of the information security management system

Focus on the needs of the users of our services and the satisfaction of our business partners — the speed and quality of realized deliveries of products and services are the most important values according to which GELDA DATA d.o.o. measures and determines its overall performance.

Vision: To become a regional leader in providing digital marketing services using and developing your own applications and tools.

Mission: Education and certification of all employees, and monitoring and implementation of new trends in active and future campaigns in order to provide quality and profitable services.

In order to achieve, maintain and strengthen these values, we are constantly committed to:

• employ professional and ambitious staff who will have opportunities and responsibilities to constantly develop and improve;
• continuously improve technological equipment;
• nurture and develop partnerships with our service users and suppliers;
• continuously monitor world trends in the field of its activity and apply them in our work;
• set ambitious, measurable and achievable goals;
• continuous risk analysis and defining risk reduction measures compliance with legal requirements and regulations.

1. The research.geld.hr platform exists in two forms: a website and a mobile application. The purpose of the platform is to conduct public surveys efficiently and transparently. GELD DATA d.o.o. is an apolitical society and has no ideological stance or approach to any issue covered by the polls.
2. GELD DATA d.o.o. has fully implemented the European Data Protection Regulation 2016/679 (hereinafter: GDPR). Therefore, before participating in the survey, users are informed of the survey's Terms of Use and privacy policy and are given an explicit option to agree to them or not.
3. The Privacy Policy explains what type of personal data is processed and for what purpose, as well as any other relevant information. Users can use the survey platform anonymously; it is up to them to reveal their identity. All statistics and information on our website are for information only, and GELD DATA d.o.o. assumes no responsibility for any consequences due to misinterpretation.
4. The survey is prepared, organized, and conducted by the company GELD DATA d.o.o., Selska cesta 90A, Zagreb (City of Zagreb), OIB: 27972234767, through the research software 1KA. The survey was communicated through the following channels: e-mail, SMS, websites, Google Ads platforms, and the social network Facebook.
5. The purpose of the survey is to investigate the individual and social consequences of using a loan contracted with a variable interest rate in CHF. The survey is conducted for media and academic research purposes. Email addresses and telephone numbers for the purposes of conducting this survey are collected from publicly available sources and automatically generated and are not provided to third parties. Respondents participate in it anonymously and in accordance with these Terms of Use of the survey and the privacy policy, with which they must agree if they wish to access the survey.
6. Individual answers, results, and other information provided by users will not be published or visible to other users anywhere, but will serve exclusively for the purposes of statistical processing; only aggregate statistics are published. Data collected during the survey are retained until the survey's completion and are not disclosed outside the EU. No third party has access to the back-end framework or the data collected.
7. The Website uses cookies to ensure a better and more secure user experience. The user is provided with information about their content and asked for explicit consent for its use upon first accessing the website. This data is used only to analyze website traffic, which is needed to optimize the website's performance. The data is not shared with third parties for advertising or any other purpose unrelated to the website.
8. GELD DATA d.o.o. is an apolitical organization and has no political stance on any of the issues covered in the polls. The results of the survey do not necessarily reflect respondents' actual preferences, nor do they constitute a representative sample of loan beneficiaries, as respondents participate voluntarily, anonymously, and at their own discretion.
9. Because our survey is conducted online, survey participants from non-EU countries submit their data directly to our server in the EU. GELD DATA d.o.o. hereby undertakes to comply with the GDPR regulations on data protection, and to comply with its data processing standards of all participants inside and outside the EU. This includes the previously described processing of anonymous data and the implementation of appropriate technical and organizational measures so that all personal data of natural persons is protected. Furthermore, we comply with EU Directive 2002/58/EC, which requires that the use and processing of electronic data from non-EU countries to EU countries comply with the said legislation within the EU.
10. GELD DATA d.o.o. reserves the right to change, limit, or withdraw from the survey at any time. All statistics and information on our website are of an informative nature, and GELD DATA d.o.o. assumes no responsibility for any consequences of misinterpretation.
11. Personal data that respondents can voluntarily leave during the survey (name, surname, telephone number, email address), as well as possible later submitted documentation and data possibly collected during a telephone conversation, are collected for the purpose of establishing a business relationship or providing services and are stored during the business relationship and for 5 years after the expiration of the business relationship. Personal information may be provided to our business partners and associates who assist or cooperate with us in providing services. The provision of this information is a contractual obligation, i.e., it is necessary for the provision of services. The data collected is not exported outside the EU.
12. Based on a legitimate interest and for the purpose of establishing a business relationship, i.e., for the purpose of providing services, telephone conversations with customers may be recorded and used for the purpose of improving the quality of work of our employees, resolving possible customer complaints, and documenting statements relevant to business relationships, of which users are informed before the conversation starts.
13. Persons submitting personal data and/or documentation relating to third parties, for the purpose of completing the survey or providing services, by agreeing to these Terms of Use of the survey and privacy policy, expressly confirm and guarantee that this data is lawfully disposed of and submitted with the consent of persons to whom this data relates. Furthermore, they confirm that all persons whose personal data is provided are fully aware of the survey's Terms of Use and privacy policy.
14. In the event of legal disputes concerning privacy rules, the relevant law of the Republic of Croatia and the EU shall apply.
15. Respondents have the right to access personal data, the right to correct or delete personal data or restrict processing, as well as the right to object to the processing and the right to data portability. Respondents also have the right to file a complaint with the supervisory body. To exercise your rights or for any additional information, please contact the personal data protection officer at dpo@geld.hr.

✅ I agree to participate in the survey in accordance with the Terms of Use of the survey and the Privacy Policy.