INFORMATION ON DATA PROCESSING BY TANKERSKA PLOVIDBA d.d.

Your privacy and the protection of your personal data are our priority. In accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR), we are committed to collecting and processing personal data in a lawful, fair, and transparent manner. With this information, we aim to inform you how and why we process your personal data when you use our website www.tankerska.hr, while applying the highest security standards and best practices.

DATA CONTROLLER

TANKERSKA PLOVIDBA d.d.

PIN: 44952903763

Ulica Božidara Petranovića 4

23000 Zadar

Republic of Croatia

Phone: +385 23 202 202

Email: info@tankerska.hr

DATA PROTECTION OFFICER (DPO)

Ines Krečak, Data Protection Professional, CIPP/E

Member of the European Association of Data Protection Professionals

Member of the International Association of Privacy Professionals

Representative for Croatia at the European Federation of Data Protection Officers

Contact: feralis@feralis.hr | www.feralis.hr

PURPOSE AND LEGAL BASIS FOR THE COLLECTION AND PROCESSING OF PERSONAL DATA 

Personal data is collected through this website for several specifically defined purposes.

Personal data is collected for the purpose of responding to submitted inquiries or requests. In such cases, contact data and the information you provide through the communication channels available on the website are collected.

For the purpose of seafarers' employment applications, basic identification data, contact data, data on professional education, rank (embarkation status), work experience, and seafarer book data are collected.

Through this website, data is also collected for the purpose of determining whether applicants meet the conditions prescribed by the Company's Rulebook on Donations and Sponsorships for the purpose of awarding donations. In such cases, identification data, contact data, and other data from the donation request form are collected.

Data collected for the purpose of employment applications or for the purpose of processing requests for the awarding of donations are considered necessary data. Their processing is necessary in order to take steps at the request of the data subject (such as considering a job application or processing a donation request), which makes such processing lawful in accordance with the provisions of the General Data Protection Regulation. Please note that if the necessary data is not provided, we will not be able to comply with your request or process your application.

LEGITIMATE INTERESTS

In certain situations, personal data may be processed on the basis of a legitimate interest. Where processing is based on that basis, you have the right to object to such processing. Please note that processing cannot be restricted or suspended where there are compelling legitimate grounds for such processing which override the interests, rights, and freedoms of the data subject, or where such processing is necessary for the establishment, exercise, or defence of legal claims. The processing we carry out on the basis of legitimate interest is video surveillance.

Video surveillance
Data processed: video recording.
Purpose of processing: protection of persons and property.
The retention period for recordings is up to 7 days, and in the event of an incident, up to 6 months. A longer retention period is also possible if the recordings are needed as evidence in court, administrative, arbitration, or other proceedings. Other recipients of video recordings may include competent authorities upon request, where necessary for the conduct of official proceedings.
Collected data is not processed for any other purposes.

INTERNET COOKIES

General terms
What are cookies?
A cookie, also known as an HTTP cookie, is a small text file that websites store on a user’s device (such as a computer, mobile phone, or tablet) when visiting a particular website. These cookies enable the website to remember the user’s actions and preferences over time. When a user revisits the same website, the cookies are sent back to the web server, allowing the website to recognize the user and provide a personalized experience.

What information can cookies store?
Internet cookies may store various types of information relating to the user and the way the user uses a particular website. This includes identification data, user preferences, shopping cart content on e-commerce websites, login data for user accounts, information on user activities on the website, user interests for the personalization of content and advertisements, duration of the visit (session), and data relating to user security and authentication. Cookies are a tool that enables websites to improve the user experience and provide personalized services.

What is the purpose of cookies?
The purpose of cookies is to optimize and improve the user experience when visiting websites.

Cookies by function:

How to disable cookies
By disabling cookies, the user decides whether to allow cookies to be stored on their device. In addition, the user may accept or reject some or all cookies by adjusting their browser settings. Cookie settings can also be controlled and configured in the Internet browser. Information on how to change settings for some of the most commonly used Internet browsers can be found at the following links:

Additional information on disabling cookies
Some browsers allow browsing through a website in “anonymous” mode, limiting the amount of data placed on your computer and automatically deleting persistent cookies placed on your computer or mobile device when you end your browsing session. There are also many third-party applications that you can add to your browser to block or manage cookies. You can also delete cookies that were previously placed in your browser by selecting the option to delete browsing history and including the option to delete cookies.

More detailed information on cookies and browser settings can be found at the following links: 

DATA COLLECTED THROUGH SOCIAL NETWORKS

The pages and profiles we manage on social networks (LinkedIn) are always under the exact name of our Company. 

We use personal data about our contacts collected through the use of the same only in the case of responding to an inquiry or comment, and the data is not processed or stored for any other purpose.

RECIPIENTS OF PERSONAL DATA

Collected personal data may be forwarded for use to providers of information and communication technology solutions and services acting as our data processors.

These processors provide reasonable guarantees and have taken appropriate technical and organizational data protection measures in order to ensure adequate protection of the data and compliance with the requirements of the GDPR. With such data processors, a personal data processing agreement has been concluded on the basis of Commission Implementing Decision (EU) 2021/915 on standard contractual clauses.

These processors are not able to process personal data without our instructions or forward it to third parties.

Personal data is not forwarded to third parties for direct marketing purposes.

DATA RETENTION PERIOD

It is important to us to ensure the transparent and responsible handling of the personal data of our users. Personal data submitted for employment applications or for determining whether applicants meet the conditions prescribed by the Company's Rulebook on Donations and Sponsorships for the purpose of awarding donations will be processed only until the purpose for which it was collected has been fulfilled. Once that purpose has been fulfilled, the data will no longer be processed. However, certain data may remain in our storage system for as long as we are required to retain it by a specific law or other regulation. After the expiry of such a period, the data is deleted.

SECURITY OF PERSONAL DATA PROCESSING

We collect and process personal data in accordance with the General Data Protection Regulation (GDPR) in a manner that ensures appropriate security and confidentiality during its processing.

Our objective is to ensure the effective application of data protection principles, including minimizing the amount of data collected, the scope of its processing, and the storage period, while ensuring data availability. To achieve this, we have implemented appropriate technical and organizational security measures to ensure a level of security commensurate with the risks posed by data processing and the nature of the personal data being protected. When introducing these measures, we carefully considered their characteristics and costs to achieve an optimal balance between data protection and practical applicability.

We regularly review all data processing activities that may pose a risk to the rights and freedoms of individuals. Appropriate safeguards have been adopted to ensure that personal data is protected from accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure, or access. We pay particular attention to the protection of data when personal data is transmitted over networks to prevent any potential unlawful forms of processing.

EXERCISING RIGHTS

Right of Access

You may request confirmation at any time as to whether your personal data is being processed and obtain detailed information about the processing, particularly regarding its purpose, the type/categories of personal data processed (including access to your personal data), the recipients or categories of recipients, and the anticipated data retention period.

Right to Rectification

We ensure your right to rectify and promptly correct inaccurate personal data, as well as complete any incomplete information.

Right to Erasure

You have the right to request the deletion of your personal data. If your request is justified and we are not legally obliged to retain the data, it will be erased without undue delay.

Right to Restrict Processing

You may request restrictions on the processing of your personal data in situations provided for under the General Data Protection Regulation (GDPR). In particular, you may object to processing based on legitimate interest as the lawful basis.

Right to Object

You have the right to object to the processing of your personal data in all instances provided for by the GDPR. Notably, you may object to processing based on legitimate interest, which may result in the restriction or complete cessation of processing.

Right to Lodge a Complaint

If you believe that the processing of your personal data has resulted in a breach of your rights under the GDPR, you may lodge a complaint with the supervisory authority: Croatian Personal Data Protection Agency, Ulica Metela Ožegovića 16, Zagreb.

CONTACT INFORMATION

For additional information regarding processing personal data or exercising your related rights, please contact us through our Data Protection Officer or use other contact methods.

Data Protection Officer Email: feralis@feralis.hr

Your request will be processed within 30 days of successful identification. We will provide our response in the standard electronic format unless you explicitly request otherwise.

OTHER INFORMATION

This Information on Data Processing is regularly reviewed, supplemented, and updated to accurately reflect the current state of personal data collection and processing through this website. Please check for such updates regularly to stay fully informed about our privacy and data processing practices.

If there are changes that may affect your rights as a data subject or significantly alter this Information on Data Processing, particularly if the purposes of processing, data disclosures, or transfers to third countries change, you will be notified via a pop-up window when you visit this website. This ensures that all users are informed of any significant updates.

We continuously monitor best practices and regulations to ensure the highest level of privacy for our users.

Last updated: September 2025.