PRIVACY POLICY

Majcen Kardum Law Office respects your privacy and is committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR) and relevant laws of the Republic of Croatia. This Privacy Policy explains how we process your personal data, why we process it, what rights you have and how you can exercise them.

All employees of the Majcen Kardum Law Office, pursuant to the provisions of Article 13 of the Law on the Attorneys’ Profession, are obliged to keep as a lawyer’s secret everything that you as a client entrust to us or that we learn in any other way during the representation.

1. Data controller

The controller of your personal data is:

Law Office Majcen Kardum

Address: Ilica 209, Zagreb

email: info@amk-law.hr

Telephone: +385913737151

2. Vrste osobnih podataka koje prikupljamo i obrađujemo

We collect and process the following types of personal data, depending on the nature of the service:

  • Basic information: name, surname, address, OIB, contact information (phone number, e-mail address).
  • Data related to the subject: documentation, contract data, financial data, real estate data, information about legal disputes.
  • Special categories of data (sensitive data): data on health, criminal offences, racial or ethnic origin, if necessary for processing a specific case.

Data collection may take place directly from you or through third parties (courts, public authorities, your representatives).

3. Purpose and legal basis for data processing

We process your personal data exclusively for purposes related to our legal activities, such as:

  1. Providing legal services (legal advice, representation, drafting of legal documents).
  2. Fulfilling legal obligations (e.g. keeping records according to attorney rules).
  3. Protecting your interests in legal proceedings.
  4. Business management and communication with clients.

The legal basis for data processing includes:

  • Performance of a contract (Article 6(1)(b) GDPR),
  • Compliance with legal obligations (Article 6(1)(c) GDPR),
  • Protection of legitimate interests (Article 6(1)(f) GDPR),
  • Your explicit consent where required (Article 6(1)(a) GDPR).

We process your personal data pursuant to the Attorneys’ Act, a power of attorney, a concluded contract or a decision of a competent authority for the purpose of providing legal assistance, and in particular for the purpose of initiating and conducting proceedings before competent authorities, drafting documents, general representation and legal advice. In addition, in certain cases we are obliged to process your data in order to comply with other obligations (for example, maintaining and issuing accounting documents), and your personal data may also be processed for the purpose of maintaining case records.

4. Rok čuvanja podataka

Personal data is kept only for as long as necessary to achieve the purpose of the processing, unless laws require longer retention periods.

For example:

  • Case files are kept for at least 10 years after the end of the legal proceedings, in accordance with the rules of the bar.
  • Financial and accounting data are kept according to legal deadlines (at least 11 years).

After the retention period expires, the data is permanently deleted or anonymized.

5. Rights of the respondent

In accordance with GDPR, you have the right to:

  1. Data Access – Request information about what data we process and why.
  2. Data correction – Request correction of inaccurate or incomplete data.
  3. Data erasure (“right to be forgotten”) – Request the deletion of data if it is no longer necessary for the purpose of processing (with legal exceptions).
  4. Processing restriction – Request a temporary restriction on the processing of your data.
  5. Right to data portability – To receive data in a structured, machine-readable format
  6. Right to object – Object to data processing based on legitimate interests.

To exercise your rights, please contact us using the contact details provided above.

6. Data sharing

Your personal information will not be shared with third parties, except:

  • When necessary to achieve the purpose (e.g. courts, accounting services, public bodies, experts, professional associates).
  • When required by law or court order.
  • When there is your consent for this.

We conclude contracts with all external service providers that ensure compliance with data protection rules.

7. Safety measures

The law firm takes technical and organizational measures to protect your personal data, including:

  • Data encryption,
  • Protection against unauthorized access (passwords, access restrictions),
  • Regular backups,
  • Data protection staff training.
8. Data transfer outside the EU/EEA

Personal data will not be transferred outside the European Economic Area (EEA), unless necessary for a specific legal process and with appropriate safeguards.

9. Data breaches

In the event of a personal data breach that could jeopardize your rights and freedoms, we will notify you and the competent authority (AZOP) within the legal deadline.

10. Kontakt i pravo na pritužbu

For all questions about data protection or exercising your rights, please contact us at:

If you believe your rights have been violated, you have the right to file a complaint:

Personal Data Protection Agency (AZOP)

Address: Selska cesta 136, 10000 Zagreb

E-mail: azop@azop.hr

11. Changes to the privacy policy

This Privacy Policy may be updated from time to time. Any changes will be posted on our website or available at the office.

12. Google reCAPTCHA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.