Logo

Legal information

CookiesPrivacy policyTerms of use

Privacy policy

Privacy Policy

Introductory Provisions

At LIBERIQ INNOVATIONS d.o.o. (hereinafter: the Controller or LIBERIQ), we are committed to protecting your privacy and personal data.

This Privacy Policy describes how and for what purposes LIBERIQ INNOVATIONS d.o.o., a company registered with the Commercial Court in Zagreb, Court Register No. (MBS): 081624349, OIB: 20843938698, Ulica sv. Nikole 1, Donja Zelina, acting as the data controller, processes, collects, uses, and safeguards users’ personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (Official Journal of the European Union L 119, 4.5.2016, p. 1) (hereinafter: the General Data Protection Regulation or GDPR), and the Croatian Act on the Implementation of the General Data Protection Regulation (Official Gazette No. 42/18) (hereinafter: the Act), i.e., in accordance with the applicable personal data protection framework in the Republic of Croatia and the European Union, in relation to the personal data of users who visit the LIBERIQ website (news portal) https://liberiq.com/ operated by the Controller (hereinafter: the Website).


The Website is an informational portal where articles, educational content, podcasts, and other information related to cosmetics, personal care, and dietary supplements are published.


No user registration is required in order to access and browse the content.


The Controller processes users’ personal data exclusively in the form of the user’s email address where the user voluntarily subscribes to receive the newsletter via the Website. The email address is processed solely for the purpose of delivering information and notifications to the user, based on the user’s explicit consent, and until such consent is withdrawn. In addition, when using the Website, certain data may be processed through cookies, in accordance with applicable laws and the terms set out in the Cookie Policy, which forms an integral part of this Privacy Policy.


We value your trust and strive to be transparent regarding our data processing practices—therefore, we kindly ask you to read this Privacy Policy carefully.


Acceptance and Amendments of the Privacy Policy

By using our Website, you confirm that you have read, understood, and agree to the terms and provisions of this Privacy Policy. If you do not agree with this Privacy Policy, please do not access or use our Website.

This Privacy Policy may be amended from time to time, and the most recent version will be published on our Website. Your continued use of the Website following any amendments or supplements to this Privacy Policy constitutes your acceptance of such changes.

We may amend this Privacy Policy at any time. When we do so, we will publish the updated version on the Website, unless a different type of notice is required under applicable law.


Key Definitions and Principles of Personal Data Protection

Under the GDPR, personal data means any information relating to an identified or identifiable natural person (the “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

When processing personal data, we pay particular attention to the following data processing principles:

  • lawfulness, fairness and transparency: processing must be based on an appropriate legal basis; fairness and transparency require that the individual is informed about the processing and its purposes, and that the Controller provides the data subject with any additional information necessary to ensure fair and transparent processing, taking into account the specific circumstances and context of processing;
  • purpose limitation: data must be collected for specified, explicit and legitimate purposes and not further processed in a manner incompatible with those purposes; further processing is permissible for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes, subject to appropriate safeguards;
  • data minimisation: data must be adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed;
  • accuracy: data must be accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that inaccurate personal data, having regard to the purposes for which they are processed, are erased or rectified without delay;
  • storage limitation: data must be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; longer retention is permitted only where personal data will be processed solely for archiving in the public interest, scientific or historical research, or statistical purposes, subject to appropriate safeguards under the GDPR;
  • integrity and confidentiality: data must be processed in a manner that ensures appropriate security, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage;
  • accountability: the Controller is responsible for, and must be able to demonstrate, compliance with these principles.


Additional Notes

Access to https://liberiq.com/ is free and registration is not required. Providing personal data is voluntary.


Purposes for Which We Collect and Process Personal Data

We do not process more personal data than is strictly necessary for your participation in any activity on our Website.

Users’ personal data are collected and processed solely for clearly defined, explicit and lawful purposes and are not processed in a manner incompatible with those purposes. The Controller uses collected data only to the extent necessary to achieve the specific processing purpose, in accordance with the principles of lawfulness, fairness, transparency and purpose limitation under Article 5 GDPR.

Personal data may be processed for the following purposes:

  • sending newsletters and notifications about content and updates – if the user subscribes to the newsletter, the user’s email address is used solely to deliver information, news, articles, promotional notices, and other content related to the Website’s activities;
  • participation in prize draws/contests and notifying winners – where prize draws are organised via the Website, personal data may be processed to conduct the prize draw, contact participants, and notify winners, all in accordance with the relevant prize draw rules;
  • responding to users’ enquiries, comments, requests or complaints – personal data may be processed to enable two-way communication and provide relevant information regarding the Website’s content or the Controller’s activities;
  • use of cookies – data collected through cookies are processed in accordance with the terms set out in the Cookie Policy.

The Controller will not use personal data for purposes other than those stated above unless an appropriate legal basis exists under the GDPR and other applicable regulations.


Legal Basis for Processing Personal Data

The Controller collects and processes users’ personal data only where an appropriate legal basis exists under Article 6 GDPR. Depending on the purpose, the legal basis may be:

(a) Consent (Article 6(1)(a) GDPR)

Users’ personal data are processed based on explicit and freely given consent in cases where the user chooses to subscribe to the newsletter, accept cookies that are not strictly necessary for the functioning of the Website, or participate in prize draws. The user may withdraw consent at any time; withdrawal does not affect the lawfulness of processing carried out prior to withdrawal.

We ensure that we clearly specify the purposes of processing for which we request your consent, so you can make an informed decision. Your consent allows us to collect and process your personal data solely for those purposes.

We will process personal data based on consent only after you have explicitly provided it. If you do not provide consent, we will not process your personal data for the stated purposes.

You may contact us at any time to withdraw your consent. Upon withdrawal, we will cease processing your data for the purposes for which consent has been withdrawn.

(b) Compliance with a Legal Obligation (Article 6(1)(c) GDPR)

Processing may be necessary for compliance with the Controller’s legal obligations, for example in relation to the organisation of prize draws, record-keeping obligations, or responding to requests from competent authorities.

(c) Legitimate Interests (Article 6(1)(f) GDPR)

In certain cases, personal data may be processed on the basis of the Controller’s legitimate interests, for example to respond to received enquiries, comments or complaints, or to ensure the security and functionality of the Website. In such cases, processing is carried out only where such interests are not overridden by the interests or fundamental rights and freedoms of the user.

You have the right to object to such processing free of charge and easily at the time of data collection and upon receipt of each electronic message, in accordance with the applicable Electronic Communications Act. In all cases where we rely on legitimate interests, we ensure that our legitimate interests do not override your rights and freedoms and we aim to maintain a reasonable balance between our interests and your rights.

The Controller does not process personal data for purposes other than those stated above unless a new legal basis is obtained in accordance with applicable law.


Contact, Surveys, Questionnaires and Research

When you send us an email containing your personal data by which you can be identified—regardless of whether the email is an enquiry or a comment—we use such data solely for the purpose of fulfilling your request.

From time to time, we may conduct surveys, research, questionnaires and similar activities on our Website. Data collected in this way are treated as confidential and used exclusively for the purposes of LIBERIQ INNOVATIONS d.o.o. Only aggregated and anonymised results of such surveys/questionnaires/research may be used for public relations purposes and shared with you on the Website.


What Personal Data Do We Process?

The Controller collects and processes users’ personal data only to the extent necessary to achieve the purposes described in this Privacy Policy. In the course of using the Website, the following categories of personal data may be processed:

  • email address – collected only when the user voluntarily subscribes to the newsletter. The email address is used to deliver information, notifications and promotional content in accordance with the user’s consent;
  • data collected through cookies – such data are collected via cookies and similar technologies and processed in accordance with the Cookie Policy;
  • data provided through enquiries, complaints or comments – if the user contacts the Controller through available contact channels (e.g., a contact form, email, or other means of communication), the Controller may process data voluntarily provided by the user such as first and last name, email address, phone number, the content of the message, and any other data the user chooses to include. Such data are used solely to handle the received enquiry/comment/complaint and to communicate with the user regarding the same.


Data Security

We take the security of your personal data very seriously. For this purpose, we implement technical and organisational measures to protect personal data from risks during transmission and processing, and to prevent unauthorised access by third parties.

We apply appropriate technical, organisational and personnel safeguards and procedures to prevent unauthorised access to personal data and to ensure that personal data are used in accordance with the purpose of processing.


Retention Period

In general, we process users’ personal data until the purpose for which they were collected and further processed has been fulfilled. Personal data are stored in our storage systems.

Depending on the purpose and legal basis under which personal data are collected and processed, in certain cases we are required to retain personal data for periods prescribed by applicable laws.

Personal data processed on the basis of consent will be retained until consent is withdrawn.

Longer retention is possible where the data are required for initiating and conducting court proceedings or other proceedings before competent authorities.

You may request, at any time, information on which of your personal data we store, and request that we amend or delete all or part of such data. You can do so by sending your request to hello@liberiq.com. If you submit such a request, we will make reasonable efforts to verify your identity and prevent unauthorised processing of personal data. If, despite the measures we take, you believe you have grounds for an objection, please contact us at hello@liberiq.com. You also have the right to lodge a complaint with the competent supervisory authority, the Croatian Personal Data Protection Agency (AZOP).


Disclosure of Personal Data to Other Recipients

The Controller does not transfer, sell or otherwise provide users’ personal data to third parties in a manner contrary to this Privacy Policy or applicable laws. Personal data may be disclosed to third-party recipients only where necessary to achieve the purpose of processing, to comply with legal obligations, or where the user has provided consent.

In the ordinary course of business, personal data may be accessible to the following categories of recipients:

  • technical and infrastructure service providers – e.g., hosting providers, website maintenance providers, IT support providers, or newsletter management service providers, acting as processors and processing personal data solely on the Controller’s instructions;
  • analytics and marketing service providers – where third-party tools are used for analytics or cookie management, personal data collected via cookies may be shared with such providers, always in accordance with the user’s consent and applicable laws;
  • competent authorities and institutions – where the Controller is required to disclose personal data under law or a lawful request by a competent authority.

All processors we engage are required to implement appropriate technical and organisational security measures and to process personal data solely in accordance with our instructions and applicable regulations.

In certain cases, personal data may be transferred outside the European Economic Area (EEA), including to the United States, for example when using Google Analytics. Such transfers are carried out only where appropriate safeguards are ensured in accordance with Chapter V GDPR, including an adequacy decision of the European Commission or the use of Standard Contractual Clauses.


Protection of Children’s Personal Data

We do not collect or process the personal data of minors, except with the consent of the minor’s parent or legal guardian.

If you are a minor, please do not send us your personal data.


Confidentiality of Personal Data

To ensure the confidentiality of your personal data, our employees are prohibited from unauthorised collection, processing, or use of personal data. Our employees are familiar with data protection regulations and are bound by confidentiality obligations in relation to users’ data. This obligation continues after termination of employment.


Your Rights Regarding the Processing of Personal Data

As the controller of personal data we collect and process, we are committed to respecting the rights granted to data subjects under the GDPR. These rights may include the right of access, rectification, erasure, restriction of processing, the right to object to processing, as well as the right to data portability and the right to lodge a complaint with a supervisory authority. Data subjects may exercise these rights by contacting us using the contact details provided in this Privacy Policy. We will respond to such requests in accordance with applicable laws and data protection regulations.

Under the GDPR, individuals whose personal data are processed by the controller have the following rights:

  • Right to be informed: the Controller must provide the information required by the GDPR, including details on processed data, contact details, purposes and legal basis for processing, recipients or categories of recipients (if any), and the period for which the data will be processed or the criteria used to determine that period. Such information must be provided at the time of collection or within a reasonable period if data are obtained from other sources, unless the individual has already been informed (Article 12 GDPR).
  • Right of access: data subjects have the right to access and review their personal data, including the right to receive copies. The first copy shall be provided free of charge, and additional copies may be subject to a reasonable administrative fee in accordance with the GDPR (Article 15 GDPR).
  • Right to rectification: data subjects have the right to rectify or update personal data held by the controller in case of changes or inaccuracies (Article 16 GDPR).
  • Right to erasure (“right to be forgotten”): data subjects have the right to request erasure of personal data where the purposes have been fulfilled, consent has been withdrawn and no other legal basis applies, data have been unlawfully processed, erasure is required by law, or where the data relate to a minor in connection with information society services (Article 17 GDPR).
  • Right to restriction of processing: data subjects may request restriction of processing where accuracy is contested, there is no legal basis but erasure is not desired, an objection is pending, or the data are needed for the establishment, exercise or defence of legal claims (Article 18 GDPR).
  • Right to data portability: data subjects have the right to receive personal data in a commonly used, machine-readable format and to transmit those data to another controller where processing is based on consent or contract and is carried out by automated means (Article 20 GDPR).
  • Right to object: data subjects have the right to object to processing in certain circumstances and for certain purposes, in accordance with applicable law (Article 21 GDPR).
  • Right not to be subject to automated decision-making, including profiling: data subjects have the right not to be subject to automated decision-making, including profiling, except where explicit consent has been provided and appropriate information about profiling has been given (Article 22 in conjunction with Article 4(4) GDPR).
  • Right to lodge a complaint with a supervisory authority: data subjects have the right to lodge a complaint with the competent supervisory authority if they believe their personal data are processed unlawfully or in breach of their GDPR rights (Article 77 GDPR).

General Rules When Exercising Your Rights

If you decide to exercise one or more of the rights listed above, we may verify your identity in order to protect your personal data. If you make frequent or excessive requests for access to or portability of personal data (e.g., requesting all personal data in written form, or where less than six months have passed since your last request), we may request reimbursement of the costs incurred prior to fulfilling such a request.


Privacy Policies of Other Websites

Our Website may contain links to other websites or portals, such as the websites of suppliers and sellers referenced on our Website. The privacy policies and the manner and scope of personal data processing on such websites may differ significantly from our Website’s rules; therefore, we encourage you to review the personal data protection rules of those websites. This Privacy Policy applies only to the use and processing of data collected by LIBERIQ INNOVATIONS d.o.o. from users on the Website. Accordingly, LIBERIQ INNOVATIONS d.o.o. is not responsible for the practices and terms of operation of third parties.

In addition, the Website may include various prize draws and promotions of products or services run by our partners or advertisers. Such third parties may request certain personal data directly from you. In such cases, where you provide your personal data directly to such third parties or on other portals, the provisions of this Privacy Policy do not apply.

We may also offer social media features that enable sharing of personal data on social networks. Please review the personal data protection rules applicable to such third-party portals or social networks.

We do our best to ensure that any redirections from our Website lead to websites with quality content that does not promote negativity. However, web pages and addresses change quickly, and we cannot always guarantee the content of every address to which we redirect you.


Links to Other Websites and Social Networks

Our Website may contain links to other websites not owned or controlled by LIBERIQ INNOVATIONS d.o.o., including social media (“Third-Party Websites”). Information you share with Third-Party Websites will be governed by those websites’ own privacy policies and terms of use, not by this Privacy Policy. By providing such links, we do not imply that we endorse or review those websites. Please contact Third-Party Websites directly for information about their privacy practices and policies.

LIBERIQ INNOVATIONS d.o.o. uses business profiles on social networks such as Facebook, Instagram and YouTube. The responsible persons within LIBERIQ INNOVATIONS d.o.o. may have access to messages and/or posts and/or content on those social networks. LIBERIQ INNOVATIONS d.o.o. does not store or otherwise process personal data contained in such messages/posts/content, except for the purposes specified in this Privacy Policy.


The confidentiality and personal data processing practices of these social networks can be reviewed at the following links:
Facebook: https://www.facebook.com/policy.php


Instagram: https://help.instagram.com/519522125107875


Cookies

To maintain the Website and its functionalities, we use so-called cookies—small files that we send to your computer and can access later.

The legal basis for processing personal data via cookies is the user’s consent and/or our legitimate interest.

More information about our cookie usage policy is available here: (Cookies – Cookies).


Changes to Data Protection Provisions

Changes to data protection provisions may be necessary due to changes in laws or the circumstances of data processing. If the purposes of collecting, processing or using your personal data change, or the identity of the controller and the categories of recipients change, we will notify you and, where required, request your consent.


Controller Contact Details

LIBERIQ INNOVATIONS d.o.o.
Donja Zelina (City of Sveti Ivan Zelina)
Ulica sv. Nikole 1
Email: hello@liberiq.com


Useful Links

The following links may be useful if you want to learn more about managing cookies:

More information about cookies can be found at www.allaboutcookies.org, or you can always contact us regarding cookies via email at hello@liberiq.com.


We reserve the right to amend these cookie rules from time to time.


hr
hr