Skip to main content
Delacco
+385 91 25 50 100 prodaja@delacco.hr
EN EN
Login Register
Back to catalog

Privacy policy

How Delacco collects, processes, and protects personal data in line with the GDPR.

Privacy and personal data protection statement

Version: 1.0 / Effective date: 18 August 2025

1. Introduction

DELACCO d.o.o. (“we”, “us”, “our”) is committed to protecting the privacy and security of the personal data of our customers and business partners. This privacy statement transparently explains what data we collect, how we use it, on what legal basis we process it, and what your rights are with regard to your data. All data processing activities comply with the applicable legislation, including the EU General Data Protection Regulation 2016/679 (GDPR).

2. Data controller

For all personal data collected through this website or as part of our business, the controller is:

DELACCO d.o.o., Čabdin 53, 10450 Jastrebarsko, Republic of Croatia, OIB: 61037617977.
Privacy contact email: privacy@delacco-cranes.com.

3. What personal data we collect

As part of our B2B operations we collect the following categories of personal data:

  • Contact persons within the legal entity: first and last name, email address, phone/mobile number, job title or function.
  • Legal entity data: company name, VAT ID, registered address, delivery address.
  • Order data: information about purchased products, order history, payment and delivery details.
  • Communication data: data you provide when contacting us, requesting a quotation, or seeking customer support.
  • Technical data: when you visit our website we may automatically collect data such as IP address, browser type, access time, and similar. For more details please see our cookie policy.

4. Purpose and legal basis for processing

We process your personal data for legitimate, predefined purposes on the following legal grounds:

  • Performance of a contract (Article 6(1)(b) GDPR): processing and delivery of your order, preparing quotations, managing payments, and providing customer support relating to your order. Processing the personal data of contact persons is necessary for the performance of the contract concluded with the legal entity they represent.
  • Compliance with legal obligations (Article 6(1)(c) GDPR): issuing and storing invoices and other financial documentation in line with applicable accounting and tax regulations.
  • Legitimate interest (Article 6(1)(f) GDPR): maintaining the business relationship with clients, sending order status notifications, replying to enquiries, improving our services, and securing our IT infrastructure.
  • Consent (Article 6(1)(a) GDPR): sending promotional materials and the newsletter. We will only carry out this type of processing if you have given us your explicit, voluntary consent. You may withdraw your consent at any time.

5. With whom we share your data

We treat your data as a business secret and do not share it with third parties except where this is strictly necessary for the performance of our business:

  • Delivery services — for the dispatch of ordered goods.
  • Accounting service providers — for compliance with our legal obligations.
  • IT service providers — for the maintenance and security of our website and business systems (e.g. hosting, software maintenance).
  • Public authorities — based on a legal request (e.g. tax authorities).

All of our partners (data processors) are contractually obliged to apply appropriate data protection measures and to use the data exclusively for the purpose for which it was provided.

6. Data retention period

We keep personal data for as long as necessary for the purpose for which it was collected.

  • Data related to invoices and financial obligations are kept for 11 years, in accordance with Croatian accounting law.
  • Other data related to the business relationship is kept for the duration of active cooperation and a defined period afterwards, to protect against possible legal claims.
  • Data collected based on consent is kept until consent is withdrawn.

7. Your rights (rights of the data subject)

In line with the GDPR you have the following rights:

  • Right of access: you may request confirmation of whether your data is being processed and access to that data.
  • Right to rectification: you may request correction of inaccurate or completion of incomplete data.
  • Right to erasure (“right to be forgotten”): you may request the erasure of your data if it is no longer necessary for the purpose for which it was collected, or if there is no other legal basis for its processing.
  • Right to restriction of processing: you may request restriction of processing in certain situations.
  • Right to data portability: you may receive your data in a structured format and transfer it to another controller.
  • Right to object: you may object to processing based on our legitimate interest.
  • Right to withdraw consent: if processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at the email listed in Section 2. You also have the right to lodge a complaint with the supervisory authority: the Croatian Personal Data Protection Agency (AZOP), Selska cesta 136, Zagreb.

8. Data security

We apply appropriate technical and organisational measures to protect your personal data from unauthorised access, alteration, loss, or destruction. Our website uses an SSL certificate for data encryption in transit.

9. Cookies

Our website uses cookies to improve functionality and user experience. For more information about which cookies we use and how you can manage your settings, please read our cookie policy.

10. Changes to this privacy statement

We reserve the right to amend this privacy statement. Any change will be published on this page, with the date of the last update.