Privacy policy

  • CONTROLLER

    4IT Solutions d.o.o., Ulica ciklama 20, e-mail: [email protected]

  • 1. DATA PROTECTION OFFICER

    e-mail: [email protected]

  • 2. PURPOSE AND LEGAL BASES FOR PROCESSING PERSONAL DATA

    • 2.1 Processing of personal data of job applicants
      We process personal data voluntarily provided by you for job applications (e.g. CV, cover letter, education and work history, contact info) based on:
      • taking steps at your request before entering into an employment contract.
      • our legitimate interest in managing internal records and the hiring process.
    • 2.2 Retention of applications for future openings
      We will retain your data for future job openings only with your explicit consent (Article 6(1)(a) GDPR). You may withdraw consent at any time without consequences.

  • 3. USE OF COOKIES

    • On our official website www.4it.hr, we use so-called cookies – text files stored on the user's device by the web server through which the Internet Service Provider (ISP) displays the website.
    • Cookies are created when the browser on the user’s device loads the visited website, which then sends data to the browser and creates a text file (cookie). The browser retrieves and sends the cookie to the website’s server upon the user's return.
    • Our website uses technical (essential) cookies, which are necessary for the functioning of the site and cannot be disabled.
    • More information is available at: www.4it.hr/CookiePolicy

  • 4. YOUR RIGHTS REGARDING PERSONAL DATA

    To exercise your rights, you may contact us in writing or by email, using the contact details provided at the following link: https://www.4it.hr/Contact

    Your rights include:
    • 4.1. Right of Access to Personal Data
      You have the right to request confirmation of whether we process your personal data, and, if so, to access those data. You also have the right to receive information regarding the purpose of the processing, the categories of data, recipients or categories of recipients, the intended retention period, and other information required under Article 15 of the General Data Protection Regulation (GDPR). Access may be restricted only if prescribed by EU or national law, or if such access would adversely affect the rights and freedoms of others.
    • 4.2. Right to Rectification
      You have the right to request the correction of inaccurate or the completion of incomplete personal data relating to you. Your request should indicate which data need correction and, where possible, be supported by relevant documentation.
    • 4.3. Right to Erasure ("Right to be Forgotten")
      You have the right to request the erasure of your personal data if one of the following conditions is met:
      • The data are no longer necessary for the purpose for which they were collected or otherwise processed;
      • You have withdrawn your consent and there is no other legal basis for processing;
      • You have objected to the processing and there are no overriding legitimate grounds for further processing;
      • The data have been unlawfully processed;
      • The data must be erased to comply with a legal obligation;
      • The data were collected in relation to the offer of information society services to a child (Article 8(1) GDPR).
    • 4.3.1. Exceptions to the Right to Erasure
      This right does not apply if the processing is necessary:
      • For exercising the right of freedom of expression and information;
      • For compliance with a legal obligation to which the controller is subject;
      • For reasons of public interest in the area of public health, scientific or historical research purposes, or statistical purposes, where erasure would seriously impair the objectives of the processing;
      • For the establishment, exercise, or defense of legal claims.
    • 4.4. Right to Restriction of Processing
      You have the right to request restriction of processing in the following cases:
      • You contest the accuracy of the data – for a period allowing verification of the data;
      • The processing is unlawful and you oppose the erasure of the data;
      • We no longer need the data, but you require them for the establishment, exercise, or defense of legal claims;
      • You have objected to the processing – pending verification whether our legitimate grounds override yours.
    • 4.5. Right to Object
      You have the right to object to the processing of your personal data when it is based on legitimate interest (Article 6(1)(f) GDPR). In such cases, we will stop processing your data unless we demonstrate compelling legitimate grounds which override your interests, rights, and freedoms, or the processing is necessary for the establishment, exercise, or defense of legal claims.

  • 5. SHARING AND TRANSFER OF PERSONAL DATA

    We may share your personal data with external partners and service providers who perform certain processing functions on our behalf, including:
    • providers of information and communication technology solutions (e.g., email systems, cloud services, document management tools),
    • online communication platforms such as Zoom and Microsoft Teams, which we use for conducting online meetings, interviews, or training sessions,
    • providers of HR, legal, accounting, and other professional services, when necessary for fulfilling legal or contractual obligations.
    All of these data processors are bound by contractual obligations in accordance with Article 28 of the General Data Protection Regulation (GDPR). They are required to process your personal data exclusively based on our instructions and are prohibited from forwarding or using the data for their own purposes.

    If you participate in online activities (e.g., interviews, meetings, or workshops) via platforms such as Zoom or Microsoft Teams, please note that these platforms may collect technical or user-related data. You can find more information in their respective privacy statements: In certain situations, we may be legally required to share your personal data with competent authorities (e.g., courts, tax authorities, regulatory bodies), based on the legislation of the Republic of Croatia and/or the European Union. In such cases, the transfer will be limited to the necessary scope only.

    Your personal data will not be shared with third parties for direct marketing purposes, nor will they be subject to automated decision-making or profiling.

  • 6. SECURITY OF PERSONAL DATA

    We collect and process personal data in a manner that ensures appropriate security and confidentiality, including protection against unauthorized access, disclosure, alteration, loss, or destruction. We apply the principles of privacy by design and privacy by default to minimize the amount of data collected, limit the purposes of processing, define reasonable retention periods, and ensure access control.

  • 7. RETENTION PERIOD OF PERSONAL DATA

    We process your personal data for as long as necessary to fulfill the purpose for which it was collected. Once the purpose of processing has ceased, the data is no longer used for business purposes, but it is retained in our archives for as long as required by the applicable legal regulations on the retention of documentation and archival material.

  • 8. CONTACT INFORMATION

    If you have any questions or wish to exercise your rights related to the processing of personal data, you can contact us using the information available at the following link:
    https://www.4it.hr/Contact

Company details

4IT Solutions d.o.o.

  • Address: Ulica ciklama 20, 10360 Zagreb, Croatia
  • 4IT Solutions d.o.o. is a limited company for computer and information services
  • The company is registered with the Trade Court in Zagreb under the MBS number: 081412653 and VAT number: HR11563665104
  • Base capital in the amount of 21,000.00 HRK / 2,787.18 EUR paid in full
  • Bank Account IBAN: HR7824020061101068419, SWIFT: ESBCHR22, with Erste&Steiermärkische Bank d.d. Rijeka, Croatia

Contact Info: