Privacy Policy – Attorney at Law Ana Marasović

This Privacy Notice (“Notice”) explains how Attorney at Law Ana Marasović (“Attorney”) collects, uses, manages, and shares your personal data and informs you of your rights regarding the processing of personal data. Please read this Notice carefully to understand the purpose and methods of data collection.

This Notice is issued in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (“General Data Protection Regulation” or “GDPR”), and the Croatian Law on the Implementation of the General Data Protection Regulation (Official Gazette No. 42/18). Updated versions, if any, will be published on this website.

Data Controller

Attorney at Law Ana Marasović, based in Zagreb, Omiška ulica 9, OIB: 22212532086, email: ana.marasovic@oam.hr, is the data controller in accordance with data protection regulations. The data controller determines the purposes and means of the processing of personal data and is responsible for the safekeeping and use of personal data in paper and/or electronic form.

Personal Data Collected and Legal Basis for Processing

“Personal data” refers to any information relating to an identified or identifiable natural person (“Data Subject”), i.e., data through which your identity can be directly or indirectly determined (e.g., name, identification number, location data, online identifier, or one or more elements specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of the individual).

In the course of providing legal services, it is necessary to collect and further process your personal data. The Attorney collects and processes the following categories of personal data:

Identification data: such as name and surname, OIB (personal ID number), ID card number, address, date and place of birth;
Contact data: such as email address, phone number, mobile number;
Banking data: such as IBAN, bank name, credit/debit card number;
Data relating to employees/representatives/related persons;
Third-party data: such as opposing parties, government officials, experts, and consultants;
Website access data: such as IP address;
Other data necessary for the provision of legal services (e.g., vehicle registration number, real estate descriptions, marital status, health data, family member information, etc.).

Such processing is lawful when:

(a) It is necessary for the performance of a contract to which you are a party or to take steps at your request prior to entering into a contract (e.g., contracts with individuals);

(b) It is necessary for compliance with the Attorney’s legal obligations (e.g., anti-money laundering regulations);

(c) It is necessary for the purposes of the legitimate interests pursued by the Attorney or a third party (e.g., provision of legal services, enforcement of claims);

(d) You have given explicit consent for the processing for one or more specific purposes (e.g., engaging third-party advisors/partners for work on a specific case).

Withdrawal of Consent

Where processing is based on consent, your data will be stored until such consent is withdrawn. You have the right to withdraw consent at any time. To do so, notify the Attorney via email or postal mail using the contact details provided under “Contact Information.” Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.

Disclosure of Personal Data

Your personal data may be accessed by attorneys, trainee lawyers, and other employees in the Attorney’s office authorized to perform tasks involving personal data processing. Access may also be granted to third parties outside the Attorney’s office, such as notaries, courts, court interpreters, experts, opposing parties and their legal representatives, external consultants, accountants, substitute attorneys, and other business associates.

Furthermore, recipients of your personal data may include competent government bodies (e.g., Croatian Pension Insurance Institute, Croatian Health Insurance Fund, Tax Administration, FINA, Ministry of the Interior, etc.).

In some cases, the Attorney is legally obligated to share your personal data. These legal obligations may arise from national or EU legislation. Data will be shared with other recipients only to the extent required to achieve the defined purpose.

Use of Cookies

This website uses so-called cookies. For more information, please refer to the Cookie Notice available via the following link: [Cookie policy].

Data Retention and Security Measures

Your personal data is stored as follows:

At least 10 years following the final resolution of the legal matter in which you were represented;
In enforcement or extraordinary legal remedy proceedings, including those before the Constitutional Court of the Republic of Croatia, the European Court of Human Rights, and other relevant institutions, your data may be stored longer;
Wills, contracts, and other entrusted documents will be retained until conditions for termination of safekeeping are met or until they are retrieved by you;
Where other mandatory legal provisions apply, data is stored in accordance with the deadlines prescribed by such provisions.

In accordance with the law, the Attorney is obliged to keep confidential all information disclosed by clients or obtained during representation. This duty of confidentiality extends to all individuals employed or formerly employed by the Attorney’s office.

Once personal data is no longer necessary for the purpose for which it was collected, it will be destroyed or anonymized so that it no longer can be used to identify you.

The Attorney takes appropriate technical and organizational measures to protect collected personal data and prevent accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.

Your Rights Regarding Personal Data Processing

You have the following rights regarding your personal data:

Right of access: You may request details on the purpose of processing, the categories of data processed, recipients, and the planned retention period. Access may be restricted by law or where necessary to protect the rights and freedoms of others.

Right to rectification: You may request the correction or completion of inaccurate, incomplete, or outdated data. Specify which data you believe require correction and provide supporting documentation if necessary.

Right to be forgotten: You may request deletion of your data if it is no longer necessary for the purpose collected, consent is withdrawn and no other legal basis exists, you have objected to processing, data were processed unlawfully, or deletion is required by law.

Right to restriction of processing: You may request restriction where the accuracy of data is contested, processing is unlawful and you oppose deletion, data are needed for legal claims, or you have objected to processing.

Right to data portability: You have the right to receive your data in a structured, commonly used, machine-readable format and transmit it to another controller where processing is automated and based on consent or contract.

Right to object: You may object to processing based on legitimate interest.

Right to lodge a complaint with the supervisory authority: If you believe your rights have been violated, you may file a complaint with:

Croatian Personal Data Protection Agency (AZOP)

Selska cesta 136, 10000 Zagreb

Email: azop@azop.hr

Website: www.azop.hr

Requests can be submitted by mail to:

Attorney Ana Marasović

Omiška ulica 9

10000 Zagreb

or via email to: ana.marasovic@oam.hr

You will be informed of actions taken without undue delay, and in any case within one month of receipt of your request. If an extension is needed, you will be notified within that same one-month period with reasons for the delay. Requests submitted electronically will be responded to in the same manner unless otherwise requested. All information is provided free of charge.

Third-Party Websites

This website may occasionally contain links to third-party websites. This Notice applies only to this site. You should review the privacy policies of other sites you visit.

Contact Information

For questions regarding the processing of your personal data or this Notice, please refer to the contact information available at the following link: https://oam.hr/en/home-en/#contact.

Amendments to This Notice This Notice may be amended from time to time to comply with legal requirements or where otherwise deemed necessary. All amendments will be published promptly on this website.