Privacy Policy

Effective Date: 05.01.2025

Last Updated: 30.05.2025

This Privacy Policy describes how TRAGURIUM MEDIA, obrt za savjetovanje i usluge, located at Draškovićeva ulica 46, 10000 Zagreb, Croatia ("Coma Partners", "we", "us", or "our") collects, uses, stores, and protects your personal data in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation, "GDPR") and the Croatian Law on the Implementation of the GDPR.

1. Important Information and Who We Are

This Privacy Policy outlines how we process your personal data when you visit our website, interact with us, use our services, or communicate through any channels. Our services are not directed to individuals under the age of 18, and we do not knowingly collect data relating to children.

Data Controller:

TRAGURIUM MEDIA, obrt za savjetovanje i usluge

OIB: 26913086782

Draškovićeva ulica 46, 10000 Zagreb, Croatia

Email: [email protected]

2. Types of Personal Data We Collect

We may collect and process the following categories of personal data:

Identity Data: Full name, title, date of birth, gender

Contact Data: Email address, telephone number, mailing address

Financial Data: Payment details, bank account or card information

Transaction Data: Records of services provided, payments, and invoices

Technical Data: IP address, login data, browser type/version, time zone settings, operating system, device identifiers

Usage Data: Website usage patterns, clicks, navigation, session duration

Profile Data: User preferences, service history, feedback, and survey responses

Marketing Data: Communication preferences, engagement with campaigns

We may also collect anonymised and aggregated statistical data for analytics that does not directly or indirectly identify you.

3. How We Collect Your Data

We collect data through the following means:

Direct Interactions: When you fill out forms, request services, subscribe to communications, or contact us by phone, email, or chat

Automated Technologies: As you interact with our site, technical data may be collected automatically through cookies, server logs, and similar technologies

Third Parties: CRM & automation: GoHighLevel Scheduling: Calendly Automation: Zapier, Make.com and Whatsapp Business Advertising and analytics: Meta (Facebook), Google Business operations: Stripe, Notion, ClickUp

We may also consult publicly accessible sources, such as commercial registries and company databases.

4. Legal Bases and How We Use Your Personal Data

We process your personal data under the following legal bases:

Contractual necessity: To perform a contract with you or take pre-contractual steps

Legitimate interest: For business operations, service improvement, fraud prevention, marketing (except where consent is required)

Legal obligation: To comply with tax, accounting, or regulatory requirements

Consent: When legally required, e.g., for marketing communications or cookies

Typical purposes include:

a) Delivering and managing services

b) Processing payments and accounting

c) Responding to inquiries and support requests

d) Sending updates, offers, or marketing materials

e) Analyzing website performance and improving user experience

f) Protecting our systems, detecting fraud, and enforcing terms

5. Direct Marketing

We may send you relevant content and promotional offers if:

You have used our services or requested information

You have opted in to receive communications

You have not opted out

You can withdraw your consent or opt out at any time by clicking "unsubscribe" in our emails or contacting [email protected].

We do not sell or share your personal data with third parties for their independent marketing purposes without explicit consent.

6. Sharing Your Personal Data

We may share your personal data with:

Service Providers: GoHighLevel, Calendly, Zapier, Stripe, Google, Meta, Notion

IT, hosting, and infrastructure partners: for system and data management

Professional advisors: legal, tax, and accounting consultants

Regulators and legal authorities: if required by law

Business transfers: in connection with mergers, acquisitions, or asset sales

All partners are contractually bound to respect data privacy and act in accordance with GDPR.

7. International Data Transfers

Some service providers may process data outside the EEA. In these cases, we ensure adequate safeguards are in place:

The country has an EU adequacy decision

Standard Contractual Clauses (SCCs) approved by the European Commission

Other mechanisms permitted under GDPR

We continuously monitor international transfer compliance.

8. Data Security

We employ a combination of technical and organizational measures to secure personal data, including:

HTTPS encryption and SSL certificates

Access controls and authentication

Secure data storage and encrypted backups

Regular software updates and security patches

Only authorized personnel with a business need can access your data.

9. Data Retention

We keep your data only as long as necessary for the intended purpose, including:

Service delivery and account management

Fulfilling legal and financial obligations (typically 6 years)

Handling disputes, audits, or investigations

When retention is no longer justified, we securely delete or anonymize the data.

10. Your Rights Under GDPR

You have the following rights:

Access: Obtain a copy of your personal data

Rectification: Correct inaccurate or incomplete data

Erasure: Request deletion where appropriate

Restriction: Limit processing in specific scenarios

Objection: Object to processing based on legitimate interests or for marketing

Portability: Receive your data in a machine-readable format

Withdraw consent: At any time, if processing is based on consent

To exercise your rights, email: [email protected]. Identity verification may be required.

We aim to respond within 30 days.

11. Complaints and Supervisory Authority

If you believe your data rights have been violated, you can lodge a complaint with:

Croatian Personal Data Protection Agency (AZOP)

Website: https://azop.hrEmail: [email protected]

Phone: +385 1 4609 000

We strongly encourage you to contact us first at [email protected] to resolve any concerns informally.

12. Policy Updates

We regularly review this Privacy Policy. Updates will be published on our website and take effect immediately unless stated otherwise. We encourage you to check this page periodically.

13. Third-Party Link

Our website may link to third-party platforms. We are not responsible for their data handling practices. Please review their respective privacy policies before submitting any personal data.

Last reviewed on 26.06.2025.