TOMKIĆ SUVENIRI

SHOP NOW

Privacy Policy

Effective Date: June 1, 2026

1. Introduction

Welcome to Tomkić Suveniri d.o.o. We operate the e-commerce website www.tomkicsuveniri.com. We respect your privacy and commit to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and purchase our products.

Please read this policy carefully. By accessing or using our website, you agree to the terms of this Privacy Policy. If you do not agree, please do not use our site.

2. Who We Are

Tomkić Suveniri d.o.o. is a limited liability company registered in Croatia. We act as the data controller for the personal data collected through our e-commerce platform.

  • Company Name: Tomkić Suveniri d.o.o.
  • Website: www.tomkicsuveniri.com
  • Registered Address: Grižanska ulica 69, 10000 Zagreb, Hrvatska
  • Contact Email: skyemist@tomkicsuveniri.com
  • Contact Phone: +(385)1 4859900

3. Legal Basis for Processing Data

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

  • Performance of a Contract: To process and deliver your orders.
  • Legal Obligation: To comply with tax, accounting, and consumer protection laws.
  • Consent: When you opt-in to receive marketing communications or accept non-essential cookies.
  • Legitimate Interests: To improve our services, maintain security, and prevent fraud.

4. Information We Collect

We collect several types of information from and about users of our website, including:

Personal Data You Provide Voluntarily

  • Identity Data: First name, last name, title, date of birth, and gender.
  • Contact Data: Billing address, delivery address, email address, and telephone numbers.
  • Financial Data: Bank account and payment card details (processed securely via third-party gateways).
  • Transaction Data: Details about payments to and from you and details of products you purchased from us.
  • Profile Data: Username, password, purchases, orders, interests, preferences, and feedback.
  • Marketing Data: Your preferences in receiving marketing from us and your communication preferences.

Automated Data Collection

  • Technical Data: Internet protocol (IP) address, login data, browser type and version, time zone setting, location, browser plug-in types, operating system, and platform.
  • Usage Data: Information about how you use our website, products, and services.

5. How We Use Your Information

We use the collected information for various business purposes, including:

  • Order Fulfillment: Processing orders, managing payments, and arranging shipping.
  • Account Management: Creating and managing your customer account profile.
  • Customer Support: Responding to inquiries, resolving issues, and managing returns.
  • Marketing Communication: Sending promotional emails about new products, special offers, or events (only with your explicit consent).
  • Website Improvement: Analyzing user behavior to optimize website layout, performance, and product offerings.
  • Security & Fraud Prevention: Monitoring for fraudulent activities and protecting the security of our website.

6. Sharing and Disclosing Your Data

We do not sell or rent your personal data to third parties. We only share your data with trusted partners necessary to run our e-commerce business:

  • Delivery and Logistics Companies: To ship and deliver your purchased souvenirs to your address.
  • Payment Processors: To securely handle transaction payments. We do not store full credit card details on our servers.
  • IT and Cloud Service Providers: To maintain our website infrastructure, hosting, and database management.
  • Professional Advisors: Including lawyers, bankers, auditors, and insurers providing consultancy services.
  • Legal and Regulatory Authorities: When required by Croatian or European Union law to report processing activities or comply with lawful requests.

7. International Data Transfers

Our servers are located within the European Economic Area (EEA). If any third-party service provider transfers your data outside the EEA, we ensure a similar degree of protection is afforded to it by ensuring that standard contractual clauses (SCCs) approved by the European Commission are implemented.

8. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way.

  • We use Secure Socket Layer (SSL) encryption for data transmission.
  • Access to your personal data is limited to employees and partners who have a business need to know.
  • We maintain strict internal procedures to deal with any suspected personal data breach.

9. Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

  • Order and Transaction Data: Retained for up to 10 years to comply with Croatian financial and tax legal obligations.
  • Account Data: Retained for as long as your account remains active.
  • Marketing Preferences: Retained until you withdraw your consent or unsubscribe.

10. Your Rights Under GDPR

If you are a resident of the European Union, you have the following rights regarding your personal data:

  • Right of Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can request that we correct incomplete or inaccurate data.
  • Right to Erasure (“Right to be Forgotten”): You can ask us to delete your personal data under certain conditions.
  • Right to Restrict Processing: You can object or restrict the processing of your data.
  • Right to Data Portability: You can request the transfer of your data to another party in a structured format.
  • Right to Withdraw Consent: You can withdraw your consent for marketing activities at any time.

To exercise any of these rights, please contact us at skyemist@tomkicsuveniri.com.

11. Cookies Policy

Our website uses cookies to distinguish you from other users. This helps us provide you with a good browsing experience and allows us to improve our site.

  • Essential Cookies: Required for the operation of the cart and checkout system.
  • Analytical Cookies: Help us recognize and count visitors to analyze site performance.
  • Marketing Cookies: Used to track visitors across websites to deliver relevant advertisements.

You can set your browser to refuse all or some cookies, but please note that some parts of this website may become inaccessible or not function properly.

12. Children’s Privacy

Our website is not intended for children under the age of 16. We do not knowingly collect personal data from children. If we discover that a child under 16 has provided us with personal data, we will delete it immediately.

13. Third-Party Links

This website may include links to third-party websites, plug-ins, and applications. Clicking on those links may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements.

14. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. Any changes will be posted on this page with an updated effective date. We encourage you to review this policy periodically to stay informed about how we protect your information.

15. Contact Us and Supervisory Authority

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

  • Email: skyemist@tomkicsuveniri.com
  • Phone: +(385)1 4859900
  • Mail: Tomkić Suveniri d.o.o., Grižanska ulica 69, 10000 Zagreb, Hrvatska

You also have the right to make a complaint at any time to the Croatian Personal Data Protection Agency (Agencija za zaštitu osobnih podataka – AZOP), the supervisory authority for data protection issues in Croatia (www.azop.hr).