![Webshop Trustmark and customer reviews](https://dashboard.trustprofile.com/banners/4000126/4151368/1732712532000.svg"){kind=small}
Sign in to MyNesesser and save on every purchase!
Privacy Policy
Privacy Policy
- Introductory Notes
Your visit to this page clearly demonstrates how important privacy and the protection of personal data are to you. However, there is no reason to worry. We are fully committed to protecting your privacy and responsibly assure you that the protection of your personal data is a priority in all our business processes.
We respect the confidentiality of your personal data and always act in accordance with the relevant provisions of the law and other regulations governing the protection of personal data, as well as the provisions set out in this Privacy Policy. In this regard, your opinion is extremely important to us, so please feel free to contact us at the addresses provided below in this Privacy Policy should you have any questions.
We hereby inform you that, in view of the comprehensive protection of personal data, we have aligned our business operations with all the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and on the repeal of Directive 95/46/EC (General Data Protection Regulation, hereinafter “GDPR”), as well as the corresponding Act on the Implementation of the General Data Protection Regulation (Official Gazette No. 42/2018; hereinafter referred to as the “Act”).
For the above-mentioned reasons, we have compiled this detailed Privacy Policy in order to inform you, in a transparent and easily understandable manner, about the processing of your personal data. In particular, we wish to inform you about (i) the personal data we collect, (ii) who exactly processes your personal data, (iii) the purpose for which we collect them, (iv) the transfer of your personal data to other persons or possibly to other countries and/or international organizations, (v) the period during which we process your personal data, and (vi) your direct rights regarding the processing.
2. Definitions
|
Personal Data Breach |
any breach of security or confidentiality that leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access of Personal Data. For the avoidance of doubt, this includes any breach caused by an employee, any person acting under the authority of the Company, or any third party |
|
Personal data |
‘means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person |
|
Processing |
means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction |
3. Scope of Application of this Privacy Policy
During its daily operations, Magdis enters into numerous interactions with customers (consumers) as well as with business partners. For this reason, it is necessary to clearly delineate which types of relationships or interactions are covered by these Notices.
Accordingly, these Notices apply exclusively in the following cases:
- If you visit our website;
- When you use our website;
- If you contact our customer service;
- If you share advertisements for our website on applicable websites;
- If you provide personal data when completing a product order on our website;
- If you contact us via email for business purposes;
- If you otherwise contact us for business purposes.
4 Who Processes Your Personal Data?
With respect to the processing of personal data described in this Privacy Policy, Magdis d.o.o., with its registered office in Sveta Nedelja at Augusta Šenoe 37, VAT ID 67546850528, registered with the Commercial Court in Zagreb under number 080076564 (the “Company”), is the data controller pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (“GDPR”).
5. Collection and Use of Personal Data
We collect your personal data directly from you in the context of the relationship you have established with us as a potential purchaser of our products. We collect such data (i) to enable us to perform the obligations arising from the contract for the sale of goods from our offer that has been concluded with you, (ii) to be able to comply with certain obligations imposed on us as a seller in relation to you as a consumer by law, and (iii) on the basis of certain legitimate interests of the Company
Accordingly, below we list the personal data we process, as well as the purposes for which we process it:
- Name, surname and contact details (including address, email, telephone/mobile number)
|
How do we use your data? |
Why do we use them at all? |
Legal basis |
|
|
|
|
|
Registration and User Account |
|
|
|
We use your personal data to process your registration and to create your user account. |
The purpose of this process is to execute actions that are necessary and precede the purchase process (i.e., the conclusion of the contract) |
Execution of actions that precede the conclusion of the contract (Article 6(1)(b) GDPR) |
|
|
|
|
|
Order Fulfillment |
|
|
|
We use your personal data to enable you, as one of our potential purchasers, to complete your purchase |
The purpose of this process is to carry out actions that are necessary and precede the purchase process (conclusion of the contract). |
Execution of actions that precede the conclusion of the contract (Article 6(1)(b) GDPR) |
|
|
|
|
|
Delivery of Purchased Products |
|
|
|
We use your personal data to deliver the ordered (purchased) products to the specified address. |
The purpose of this process is to fulfill our obligation under the sales contract concluded with you. |
Execution of contractual obligation (Article 6(1)(b) GDPR) |
|
|
|
|
|
Refunds / Resolution of User Complaints |
|
|
|
We also use your personal data if you submit a complaint or claim regarding a particular ordered product. In such cases, we process your personal data to resolve the complaint and either replace the product or refund your money |
The purpose of this process is the resolution of complaints/claims |
Execution of contractual obligation (Article 6(1)(b) GDPR) |
|
|
|
|
|
Newsletter |
|
|
|
If you give us your consent, we will send you a newsletter with information about our service and updates to your email |
The purpose of this process is the marketing of our services |
Your consent (Article 6(1)(a) GDPR) |
|
|
|
|
|
Contacting Customer Service |
|
|
|
If you contact us via customer service, we will use your personal data to process your request and provide you with the requested service or answer your question |
The purpose of this process is to execute the necessary actions in the purchase process (conclusion of the contract) |
Execution of contractual obligations (Article 6(1)(b) GDPR) |
|
|
|
|
|
Loyalty program |
|
|
|
We also use your personal data if you wish to enroll in our loyalty program. In such cases, we will use your personal data to enroll you in the loyalty program, to provide you with certain loyalty program benefits, and to address your inquiries and requests regarding membership. Additionally, we use your personal data during the utilization of these benefits |
The purpose of this process is to execute the actions necessary in the purchase process (conclusion of the contract) |
Execution of contractual obligations (Article 6(1)(b) GDPR) |
- Date of birth
|
How do we use your data? |
Why do we use it at all? |
Legal basis |
|
Registration and user account |
|
|
|
We use your personal data to process your registration and create your user account |
The purpose of this process is to carry out actions necessary prior to the purchase process (contract formation). |
Performance of pre-contractual measures (Article 6(1)(b) GDPR). |
|
|
|
|
|
Loyalty program |
|
|
|
We use your personal data if you wish to join our loyalty program. In this case, we will use your personal data to enroll you in the loyalty program, provide you with certain benefits of the loyalty program, and handle your inquiries and requests related to membership in the loyalty program. We also use your personal data while you are using the benefits of the loyalty program |
The purpose of this process is to carry out actions necessary for the purchase process (contract formation). |
Performance of contractual obligations (Article 6(1)(b) GDPR) |
- Payment data (IBAN, SWIFT, data on the type of credit card, and anonymized data on the card number)
|
How do we use your data? |
Why do we use it at all? |
Legal basis |
|
Order fulfillment |
|
|
|
We use your personal data to complete the purchase process with you as one of the potential buyers. |
The purpose of this process is to carry out actions necessary prior to the purchase process (contract formation). |
Performance of pre-contractual measures (Article 6(1)(b) GDPR). |
|
|
|
|
|
Complaint handling/ Resolution of user complaints |
|
|
|
We will also use your personal data in the event that you file a complaint or claim regarding a specific ordered product. In this case, we process your personal data to resolve the complaint and either replace the product or issue a refund. |
The purpose of this process is to handle complaints/claims. |
Performance of contractual obligations (Article 6(1)(b) GDPR) |
- IP address
|
How do we use your data? |
Why do we use it at all? |
Legal basis |
|
Website visitors |
|
|
|
When you visit the MAGDIS website, we collect your IP address. |
We collect your IP address to enable your visit to the MAGDIS website |
Legitimate interest of MAGDIS (Article 6(1)(f) GDPR). |
- Username
|
How do we use your data? |
Why do we use it at all? |
Legal basis |
|
Social media followers |
|
|
|
When you like or follow the MAGDIS profiles on social media, we collect your profile username. |
We collect your username to enable you to follow our social media profiles. |
Legitimate interest of MAGDIS (Article 6(1)(f) GDPR). |
6. Transfer of Your Personal Data
Depending on the nature of your interaction with the Company, certain personal data may be exchanged with third parties. We assure you that the purpose of this exchange is not to exploit your personal data, but to facilitate the provision of high-quality and timely service as well as to ensure compliance with legal and subordinate obligations.
Accordingly, the Company may, depending on the situation, share personal data with the following categories of persons:
- Third-Party Service providers who process personal data either on behalf of MAGDIS or on an independent legal basis, in order for us to effectively fulfill the requested service or deliver products and packages based on joint business cooperation and/or the utilization of a joint service and/or legitimate interests (e.g., processing your payment, delivering products). Such service providers may use personal data only to the extent and for the purposes of the instructions received from MAGDIS or in accordance with the rules they have established as data controllers. For additional information regarding the protection and processing of your personal data by entities other than MAGDIS, please refer to the privacy notice published by the respective data controller on their websites (e.g., Facebook, Instagram).
- Personal data may be shared with third parties and public authorities in order to (i) comply with legal or subordinate regulations, (ii) act upon a mandatory instruction or order from a public authority, (iii) prevent and/or report abusive or unlawful activities, (iv) protect the rights and personal safety of our employees, or (v) address lawsuits and other legal claims.
- Personal data may be shared with any other persons for whom we have obtained your explicit consent for such exchange.
- Exceptionally, in the event of a change in the corporate status of MAGDIS (e.g., merger, acquisition, demerger, etc.), your personal data may be transferred to another legal entity.
7. Your Data and Third Countries
Your personal data will generally be processed and transferred exclusively within the territory of the European Union or the European Economic Area.
Personal data will only exceptionally be transferred to third parties in countries outside the European Union (e.g., social networks such as Instagram and Facebook are headquartered outside the EU/EEA). In such cases, we handle your personal data with particular care and always take all possible measures to prevent any breaches.
8. Retention Period of Your Personal Data
The retention period of your personal data will primarily depend on the purpose for which they were collected. In this regard, we assure you that we will not retain your data longer than is necessary to fulfill the purpose for which they were collected.
For example, personal data processed for the purpose of your order will be stored and processed only until such consent is withdrawn.
In exceptional cases, we may have a legal obligation to retain certain data for a longer period than is necessary to achieve the purpose of processing. In such cases, personal data will be stored only for the minimum period prescribed by law. For instance, records and documents pertaining to daily cash transactions, business books, accounting records, and other documentation must be kept for a minimum of 10 years.
Finally, please note that, subject to the fulfillment of the conditions stipulated by the GDPR, you have the right to request the deletion of your personal data held by the Company. Detailed instructions on how to exercise your rights are provided in the "Your Rights" section
9. Your Rights
In order to maintain effective control over the processing of your personal data, you have a wide range of rights that you may exercise directly with the Company in accordance with applicable law.
These rights include:
- The right to request notification as to whether the Company is processing your data and, if so, to request detailed information about the processing;
- The right to request access to your personal data, whereby the Company shall provide you with a copy, either in physical or digital form;
- The right to request the correction of any inaccurate or incomplete personal data that we hold;
- The right to request the deletion of your personal data that we hold;
- The right to request that we restrict the processing of your personal data;
- The right to request the transfer of your personal data that we hold to another data controller in a structured, machine-readable format;
- The right to object to the processing of your personal data by the Company, particularly with respect to any direct marketing based on the Company's legitimate interests and automated processing;
- The right to withdraw your consent for the processing of your personal data at any time, if the processing is based on consent, without affecting the lawfulness of processing based on consent prior to its withdrawal;
- The right to lodge a complaint with the supervisory authority – the Croatian Personal Data Protection Agency, Selska cesta 136, Zagreb, email: azop@azop.hr, telephone: 01 4609-000.
If you wish to exercise any of the rights listed above (except the last one), please contact us using the contact details provided in the "How to Contact Us" section. Please note that, in order to successfully process your request, we must first verify your identity (for example, by asking you to provide a copy of your ID). The personal data submitted for identification purposes will be used solely for that purpose and will be deleted immediately after your identity has been verified.
Exercising these rights is completely free of charge. However, if your requests are manifestly unfounded or excessive (for example, if they are repeated frequently within a short period), we reserve the right, at our discretion, to (i) charge a reasonable fee for processing the request, or (ii) refuse to act on the request.
10. Cookies
To ensure that your visit to our website is as pleasant and engaging as possible, this website stores a small amount of information on your computer, known as cookies. Among other functions, cookies help the website operate optimally and enable us to implement further enhancements aimed at improving your browsing experience.
By using this website, you consent to the use of cookies. You may block cookies; however, while you will still be able to browse the website, some features may not be available to you.
What is a cookie?
A cookie is a small text file that is automatically stored on your computer, tablet, or mobile device ("Device") when you visit a specific website. This mechanism allows the website that sent the cookie—or a website that recognizes the stored cookie—to "remember" your Device.
This "remembering" enables various functions. It allows for efficient navigation within the website, remembers your settings (e.g., language) for future visits, and generally enhances the website’s quality and appeal. In short, it enables the website to display information tailored to your needs. Consequently, cookies help ensure that the advertisements you see online are aligned with your needs and interests.
There are different types of cookies, which can be classified into the following two main categories:
(i) According to the sender of the cookie:
- First-party cookies – cookies that are delivered to your Device by our website.
- Third-party cookies – cookies that are delivered to your Device by a website different from the one you visited.
(ii) According to the duration of storage:
- Session cookies – cookies that are automatically deleted after you close your browser.
- Persistent cookies – cookies that remain stored on your Device, associated with your Device’s IP address, for up to 30 days. They enable your Device to be recognized on your next visit to the website. Users may manually remove persistent cookies.
Use of Cookies
Our website uses the following types of cookies:
(i) Technical Cookies – These cookies are strictly necessary to provide you with the service you have requested and to ensure the proper functioning of our website.
(ii) Analytical Cookies – These cookies track the statistical traffic on the website to obtain essential information regarding its performance. They also utilize the services of third parties such as Google Analytics and Semrush.
(iii) Functional Cookies – These cookies allow our website to recognize you and remember your settings when you visit again (e.g., your preferred language).
(iv) Marketing Cookies – These cookies collect certain data (such as information about your visits to our website, the content you have viewed, and the links you have followed) to present you with marketing content tailored to your interests. They may be used both on our website and across display networks, as well as through remarketing via the Meta platform, Google Ads, and the Webpower direct marketing platform.
Additionally, for the purpose of planning content that matches your interests and for future marketing campaigns, we use the Meta platform and designated Google tools such as Google Ads.
When you use our website, you may also receive “third-party cookies.” In other words, third parties may collect information via cookies and similar technologies (e.g., web beacons).
By using third-party cookies in cooperation with the Company, advertisements for the Company may be displayed on websites across the internet.
In the event that the use of cookies involves processing any of your personal data, our processing is based on your consent (for the cookies you have accepted) or on Article 6(1)(b) and/or (f) of the GDPR – that is, on the necessity to fulfill a contract to which the data subject is a party, or on the protection of our legitimate interests for the optimal and efficient operation of the website (for essential cookies).
How to Disable Cookies
By using our website, you consent to the storage of certain types of cookies on your device. However, if you wish to delete certain cookies and/or prevent their storage, below are brief instructions on how to do so.
If you choose, you can disable the storage of cookies on your computer. However, blocking all cookies may negatively affect your experience on many websites, including this one. Cookie settings can be managed and configured in your web browser. If you want to delete or disable cookies on your computer, you need to update your browser settings.
Since browsers differ from one another, the method of changing settings is not the same. Accordingly, below is a list of links where you can find more detailed information on how to adjust settings for specific browsers:
|
Internet explorer |
|
|
Firefox |
https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer |
|
Chrome |
|
|
Safari |
https://support.apple.com/hr-hr/guide/safari/manage-cookies-and-website-data-sfri11471/mac |
|
Opera |
Please note that if you do not accept cookies, certain functions of our website may be restricted.
Additional Information on Cookies
If you wish to learn more about cookies, additional information is available at the following links:
- http://ec.europa.eu/ipg/basics/legal/cookies/index_en.htm
- http://www.allaboutcookies.org/
- https://arc-rec-project.eu/wp-content/uploads/2021/01/Vodic-za-kolacice.pdf
Social Networks
Social networks may also set cookies on your computer. This occurs on websites that allow you to log in and register using social network accounts and when you share website content on social networks (e.g., via a "Like" button). The specific impact on your privacy will vary from one social network to another and depends on the privacy settings you have chosen on those networks. You can learn how to manage these cookies on their respective websites. For information on their privacy policies, please refer to:
- FACEBOOK: https://www.facebook.com/policy.php
- TWITTER: https://twitter.com/en/privacy
- YOUTUBE: https://policies.google.com/privacy?hl=hr
- INSTAGRAM: https://help.instagram.com/519522125107875
- TIKTOK: https://www.tiktok.com/legal/privacy-policy?lang=en#privacy-ee
11. How to Contact Us
We are always available for you to contact us regarding the processing of your personal data by the Company. In this regard, the Company has appointed a Data Protection Officer who can be contacted at any time regarding any questions about the processing of your personal data and the exercise of your rights under the Regulation.
Therefore, if you:
- Wish to exercise any of the rights listed above; or
- Generally have any questions, comments, or suggestions regarding the processing of personal data,
please feel free to contact us at any time using the following contact details for the Data Protection Officer:
Email: support@nesesser.com
Name: Josipa S.
12. Changes to the Privacy Notice
In order to comply with the requirements of the GDPR and other applicable regulations, this Privacy Notice was updated and amended on 15.04.2024.
Given that existing data processing procedures may change over time and new processing procedures may be implemented, it will be necessary to modify or supplement this Privacy Notice. The amended or supplemented version of the Notice will be published on the Company's website immediately upon its adoption.
In the event that we make significant changes, we will clearly and promptly inform you so that you can review the modifications and independently decide whether you wish to continue using the Company's services. Depending on the type of personal data processing, the notice will be published on the Company's website.