Privacy & Cookie Policy

1. Data controller

The raptoric.com website is operated by Vision Compliance d.o.o., which acts as the controller of the personal data processed through it.

For any question about this policy or about how your personal data is processed, contact us at contact@raptoric.com.

2. Scope

This policy applies to personal data processed through the raptoric.com website, including the contact form and any email correspondence that follows. It does not apply to third-party websites we may link to, which have their own policies.

3. Legal framework

We process personal data under the following legislation:

• Regulation (EU) 2016/679 (General Data Protection Regulation, GDPR);
• the Croatian Act on the Implementation of the General Data Protection Regulation (Zakon o provedbi Opće uredbe o zaštiti podataka);
• the Croatian Electronic Communications Act, for the use of cookies and similar technologies.

4. Personal data we collect

We collect only the data needed to respond to your inquiry and to operate the website securely.

• Contact form data: your full name, work email address, company (optional), the service you are interested in (optional), and the content of your message.
• Correspondence data: the content of any email or other communication you send us.
• Technical data: data automatically recorded by our hosting infrastructure in server logs, such as IP address, browser type, and the time of the request, used to operate and secure the site.
• Cookie data: only strictly necessary cookies, as described in section 10.

5. Purposes and legal bases

• Responding to inquiries and communicating with you, on the basis of taking steps at your request prior to entering a contract and our legitimate interest in answering inquiries (Article 6(1)(b) and (f) GDPR).
• Providing and performing our services, on the basis of a contract (Article 6(1)(b) GDPR).
• Operating and securing the website, on the basis of our legitimate interest in a functioning, secure site (Article 6(1)(f) GDPR).
• Meeting legal obligations, such as accounting and record-keeping duties, on the basis of a legal obligation (Article 6(1)(c) GDPR).

6. Recipients and processors

We do not sell personal data. We share it only with service providers that process it on our behalf, under data processing agreements, and only as needed to operate the site:

• Hosting and content delivery, provided by Vercel Inc., which hosts the website and processes server log data;
• Email delivery, provided by Twilio (SendGrid), which delivers messages submitted through the contact form;
• Competent public authorities, where we are required by law to disclose data.

7. International data transfers

Some of our processors are based outside the European Economic Area, including in the United States. Where data is transferred outside the EEA, the transfer is protected by appropriate safeguards under the GDPR, primarily the European Commission's Standard Contractual Clauses, together with additional technical and organizational measures where required.

8. Retention periods

• Inquiry and correspondence data: kept for as long as needed to handle your inquiry and any follow-up, and then for a reasonable period to document the communication.
• Contract and accounting data: kept for the period required by applicable accounting and tax legislation.
• Server log data: kept for a short period for security and diagnostics, then deleted or anonymized.

9. Your rights

Under the GDPR you have the following rights regarding your personal data:

• the right of access (Article 15);
• the right to rectification (Article 16);
• the right to erasure (Article 17);
• the right to restriction of processing (Article 18);
• the right to data portability (Article 20);
• the right to object to processing based on legitimate interests (Article 21);
• the right to withdraw consent at any time, where processing is based on consent (Article 7(3));
• the right to lodge a complaint with a supervisory authority (Article 77).

To exercise any of these rights, contact us at contact@raptoric.com. You also have the right to lodge a complaint with the Croatian Personal Data Protection Agency (Agencija za zaštitu osobnih podataka, AZOP), azop.hr.

10. Cookies and similar technologies

This website uses only strictly necessary cookies required for the site to function and to keep it secure. We do not use analytics, advertising, or other tracking cookies, so no cookie consent banner is required. If we introduce non-essential cookies in the future, we will request your consent first and update this policy.

11. Security

We apply appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, and loss, including encryption in transit, access controls, and limiting data collection to what is necessary.

12. Automated decision-making

We do not carry out automated decision-making or profiling that produces legal or similarly significant effects for you.

13. Children's data

The website is intended for businesses and professional users. We do not knowingly collect personal data from children.

14. Third-party links

The site may link to third-party websites. We are not responsible for their content or privacy practices, and this policy does not apply to them.

15. Changes to this policy

We may update this policy to reflect changes in our processing or in the law. The current version is always available on this page, with the date of the last update shown above.

16. Contact

For any question about this policy or your personal data, contact Vision Compliance d.o.o. at contact@raptoric.com, or by post at Ulica Republike Austrije 23, 10000 Zagreb, Croatia.