Legal
Privacy Policy
Last updated: June 2025
This Privacy Policy explains how VB Consulting, obrt za digitalni marketing, vl. Vedran Božičević ("we", "us", or "our") collects, uses, and protects your personal data when you visit this website. We are committed to protecting your privacy in accordance with the General Data Protection Regulation (GDPR) and applicable Croatian data protection law.
1. Who we are
The data controller responsible for your personal data is:
2. What data we collect
We collect data in the following ways:
- Analytics data — when you visit this website, Google Analytics (via Google Tag Manager) automatically collects information such as your IP address (anonymised), browser type, pages visited, time spent on pages, and referring website. This data is aggregated and used solely to understand how visitors use the site.
- Form submission data — if you fill in the contact form, Tally collects your first name, last name, phone number, email address, and your message. This data is processed by Tally in accordance with their own Privacy Policy.
We do not collect any sensitive personal data (such as health, financial, or identity information), and we do not use your data for automated decision-making or profiling.
3. Why we collect your data
We use the data collected for the following purposes:
- Analytics (legitimate interest) — to understand how the website is being used and to improve its content and performance. Google Analytics data is anonymised and aggregated.
- Form submissions (contract performance) — to respond to enquiries you have submitted. Without this data, we cannot get back to you.
4. Cookies
This website uses cookies — small text files stored on your device — to enable analytics tracking. Specifically:
- Google Analytics cookies (_ga, _gid, _gat) — used to distinguish users and track site usage. These cookies expire within 2 years.
- Google Tag Manager — used to manage and deploy analytics tags. Does not itself collect personal data.
You will be asked for your consent before analytics cookies are set. You can withdraw consent at any time by clearing your cookies or adjusting your browser settings. Note that disabling cookies will not affect your ability to use the website.
5. Third-party services
We use the following third-party services that may process your data on our behalf:
- Google Analytics / Google Tag Manager — analytics platform operated by Google LLC. Data may be transferred to the United States under Standard Contractual Clauses. See Google's Privacy Policy.
- Tally — contact form platform operated by Tally Solutions BV. Data may be transferred outside the EEA. See Tally's Privacy Policy.
- Netlify — website hosting provider. Netlify may process technical data (such as IP addresses) as part of hosting this website. See Netlify's Privacy Policy.
6. How long we keep your data
- Analytics data — retained for 14 months by Google Analytics, after which it is automatically deleted.
- Form submission data — retained by Tally in accordance with their data retention policy. We may retain email correspondence for up to 2 years for business record-keeping purposes.
7. Your rights under GDPR
As a resident of the European Economic Area, you have the following rights regarding your personal data:
- Right of access — you can request a copy of the personal data we hold about you.
- Right to rectification — you can ask us to correct inaccurate or incomplete data.
- Right to erasure — you can ask us to delete your personal data in certain circumstances.
- Right to restrict processing — you can ask us to limit how we use your data.
- Right to data portability — you can request your data in a structured, machine-readable format.
- Right to object — you can object to processing based on legitimate interests.
- Right to withdraw consent — where processing is based on consent, you may withdraw it at any time.
To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days. You also have the right to lodge a complaint with the Croatian Personal Data Protection Agency (AZOP) at azop.hr.
8. Data security
We take reasonable technical and organisational measures to protect your personal data against unauthorised access, loss, or misuse. All data transmitted through this website is encrypted via HTTPS.
9. Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The "last updated" date at the top of this page will always reflect the most recent version. We encourage you to review this page periodically.
10. Contact
If you have any questions about this Privacy Policy or how we handle your data, please contact us: