Privacy Policy

Introduction

DECODE HQ Ltd (hereinafter “DECODE”)  is a strategic full-service software development partner. We develop tailor-made apps for Android and iOS as well as complex web solutions.

DECODE is committed to your privacy. Below we provide you with information about the collection, usage, and storage of personal data when using our website (www.decode.agency). Personal data are all data that can be used to identify you personally, such as name, address, email addresses and user behaviour.

Who is the data controller?

DECODE
Radnička cesta 47
10 000 Zagreb, Croatia

Email: business@decode.agency
Phone: +385 97 658 9455


DECODE is incorporated and registered with the Commercial Court of Zagreb in the Republic of Croatia.


Court reg. no: 080802501

PIN: 20903022276
VAT no: HR20903022276
GIRO account IBAN: HR1623400091110532862
SWIFT: PBZGHR2X

Understanding our approach to personal data collection

We do not collect more personal data than necessary and we process it in a lawful, fair, and transparent manner. You are not legally required to provide us with any of your personal data, and may do so (or avoid doing so) at your own free will.

What personal data we collect

  • Personal Information you voluntarily give us
    DECODE collects personal identification information such as: name, surname, email address and phone number only when you voluntarily submit to us these data.
  • Information we collect about you that is automatically logged
    When you visit our website, we automatically collect information about your computer hardware and software. This information can include your IP address, browser type, domain names, internet service provider (ISP), the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, clickstream data, access times and referring website addresses. Further, information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our Site (including date and time); pages you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs).

How we collect your personal data

  • When you contact us for new business, employment, sponsorship, media inquiries, or anything else via our e-mail address, phone number, social media account or by filling out forms on this website.
  • When you subscribe to our newsletter.
  • When you download content from our website such as eBooks, white papers, etc.
  • By using third-party services.

Legal basis for processing

We may process your personal data based on four legal grounds:

Consent
We process personal data based on the user’s consent when they submit information through our contact form or sign up for our newsletters.

Contractual Relationship
When processing your personal data is necessary to fulfill our contractual obligations.

Legal Obligation
When we are required to process personal data to comply with legal obligations, such as maintaining financial records as mandated by tax and accounting legislation or responding to legitimate requests from competent authorities.

Legitimate Interest
When we have a legitimate interest in processing personal data, such as contacting our clients for potential follow-up projects and offers.

How we use personal data

All personal information we collect about you will not be used for an incompatible purpose.

We collect personal data only for responding to inquiries and maintaining client relationships, marketing/promotional activities, targeted advertising, analytical and hiring purposes.

  • For responding to inquiries and maintaining client relationship
    Your personal data such as name, surname, email address and telephone number as well as other information you share with us in an inquiry, via email or forms on this website will be stored in our CMS system and used only for business development purposes.

    We will retain your data for the duration required to address your inquiry, throughout our (pre) contractual association, and for the duration mandated by legal obligations regarding our business partnerships or other professional contacts. Additionally, we may retain your contact information to reach out for potential follow-up projects or offers, or to request feedback, based on our legitimate interest.
  • Employment purposes
    We collect personal data for recruitment and hiring purposes by using a third-party applicant tracking system designed to take care of your personal info with the highest integrity developed by Bamboo HR. The data we collect is personal information you share with us. We also collect personal information from other sources. We may obtain personal information about you from searching for potential candidates from third party sources, such as LinkedIn and other job sites.
  • Marketing/promotional activities
    When you enter your email address in the form to receive our newsletter, your email address will be used only for that specific purpose. You will receive updates from us until you make a withdrawal by clicking on the unsubscribe link at the bottom of each newsletter or by sending us an email at business@decode.agency.

    We provide books, white papers, and other downloadable content on our website. Before downloading such content, you will be asked to provide your personal information. We will use your email address to send requested resources and for soliciting feedback. We may also use your email to contact you for business development purposes, but only after confirming our products or services are of interest to you.
  • Analytical purposes
    If you use our website for merely informative purposes and not to provide us with information, we will collect only the personal data that your browser transmits to our server. These kinds of data servers only for statistical purposes.

How we use Cookies

In order to make our website as user-friendly as possible, we – like many well-known companies – use so-called cookies. Cookies are small text files that are stored on your computer when you visit our website. This allows us to design our website more individually for the user.

We use:

  • Necessary cookies
  • Functional cookies
  • Analytics cookies
  • Performance cookies
  • Targeting cookies


To learn more about how we use these and your choices in relation to these tracking technologies, please refer to our Cookie Policy

Data retention

We will retain your personal information with us for as long as we need it to fulfill the purposes for which it was collected as detailed in this privacy policy.

You’re in control and you can withdraw your consent at any stage by contacting the data protection officer at business@decode.agency.

Data Sharing and disclosure

We share your personal data internally and externally.

Internally
Your personal data is only disclosed to our employees and associates on a need-to-know basis.

Externally
We partner with meticulously chosen companies, leveraging their tools and services across various domains. Our collaborating entities are located within the EU, USA, UK, and Canada. For a comprehensive list of the entities with whom we share your data, kindly reach out to us at business@decode.agency.

We may have a legal obligation to reveal your personal data as mandated by legal proceedings or court orders issued by government authorities, particularly for law enforcement, national security, counterterrorism, or other matters concerning public safety.

Data security

As certified holders of the ISO/IEC 27001 certificate, you can trust that all our processes, protocols, systems, transfers, databases, and more undergo rigorous testing, ensuring their security and verification.

In order to protect data privacy, we implement physical, technical and administrative measures such as:

  • regular updating and testing our security technology;
  • implementing technology of highest security standards;
  • ensuring that our partners are GDPR compliant;
  • providing access to personal data only to authorized employees
  • training employees about GDPR and taking appropriate disciplinary
  • measures to enforce employees’ privacy responsibilities.

International data transfers

We prioritize localizing most of our data processing within the EU. 

However, some third-party tools are provided by service providers outside the EU or EU-based companies sharing data with non-EU affiliates. 

According to GDPR, data transfers to third countries or international organizations must ensure an adequate level of protection. In cases without adequacy decisions, we implement appropriate additional safeguards for data transfers, including written contracts based on standard contractual clauses prescribed by the European Commission. 

Upon request, you can obtain information about data transfers to non-EU countries, and we ensure that our partners implement supplementary measures, safeguards, and policies. Additionally, for business purposes, we may share your data with non-EU affiliates, ensuring all communication occurs through secure channels and aligns with this Privacy Policy.

Data subject rights list

  1. Right of access (GDPR Article 15).

  2. Right to rectification (GDPR Article 16).

  3. Right to erasure or right to be forgotten with additional stipulations, among others if personal data has been made public (GDPR Article 17).

  4. Right to restriction of processing (GDPR Article 18).

  5. Right to be informed (GDPR Article 19).

  6. Right to data portability (GDPR Article 20).

  7. Right to object (GDPR Article 21).

  8. Right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her (GDPR Article 22).

How to contact us

For any questions, complaints or other requests regarding the processing of your personal data:

Email us at: business@decode.agency
Or write to us at:

Radnička cesta 47,
10 000 Zagreb, Croatia

Effective Date: February 5, 2024