Data Protection
Data Protection
Last Updated: 16.06.2025
Introduction
Spika Group d.o.o., doing business as Spika Solutions, is committed to providing a superior business experience for everyone we work with. To ensure we maintain high-quality standards and comply with data protection laws, we gather and process personal information responsibly.
This policy explains how we collect, handle, and store personal data in accordance with the EU General Data Protection Regulation (GDPR) and the Data Protection Act 2018.
Why This Policy Exists
This policy ensures that Spika Solutions:
Complies with data protection law and follows best practices
Protects the rights of customers, affiliates, employees, and partners
Is transparent about how data is collected and used
Protects itself from the risk of a data breach
1. Policy Statement
Spika Solutions receives, uses, and stores personal data daily. We handle such data lawfully and in line with applicable regulations. We take these responsibilities seriously to uphold the trust placed in us.
2. About This Policy
This policy outlines how we collect and process personal data. It is not part of any employment contract and may be amended.
Responsibility for compliance lies with the company as a whole. Questions should be directed to our Data Protection Officer at sales@spikasolutions.com.
3. What Is Personal Data?
Personal data refers to any information relating to an identifiable person, including name, address, contact information, and more.
Processing includes obtaining, storing, amending, using, sharing, or deleting data.
Sensitive personal data includes IP addresses, session activity, location data, etc., and must be handled under strict conditions.
4. Data Protection Principles
We follow these key GDPR principles:
Process data lawfully, fairly, and transparently
Collect only for specific, lawful purposes
Ensure relevance and minimize collection
Keep data accurate and updated
Retain only as long as needed
Process securely and respect data subject rights
Avoid international transfers without safeguards
5. Fair and Lawful Processing
We process personal data under lawful bases such as:
Consent
Contractual necessity
Legal obligation
Legitimate interest
Collection of Information
We collect:
Information you provide: name, address, contact details, payment info, etc.
Automatically collected data: device IDs, IP address, browser type, session activity, cookies, etc.
Use of Information
We use data to:
Provide and personalize our services
Communicate with users
Analyze usage for improvements
Manage billing and account activity
6. Processing for Limited Purposes
Data is collected for specific purposes and may include inputs from business partners and systems integrations.
7. Notifying Individuals
When we collect data, we inform individuals of:
Purpose and legal basis
Third-party disclosures
International transfers
Retention period
Rights of access, correction, and erasure
How to withdraw consent
Right to file a complaint
8. Adequate, Relevant, and Non-Excessive Processing
We collect only the data necessary for intended purposes.
9. Accurate Data
We ensure data is accurate and kept up to date.
10. Timely Processing
We delete or anonymize data when it is no longer needed.
11. Rights of Data Subjects
Individuals have the right to:
Confirm whether data is processed
Access personal data
Rectify or erase data
Restrict or object to processing
Data portability
Avoid automated decision-making
12. Data Security
Security measures include:
Access control and monitoring
Encryption and pseudonymisation
Secure disposal of digital and physical media
Confidentiality agreements
13. International Transfers
We may transfer data outside the EEA under one of the following:
Adequacy decisions
Informed consent
Contractual necessity
Legal obligation
Approved safeguards (e.g., Standard Contractual Clauses)
14. Disclosure and Sharing
We may share data within our group or with approved processors and partners.
15. Subject Access Requests
Individuals may request access to data by contacting us. Identity verification may be required.
16. Changes to This Policy
We may update this policy and will notify users of significant changes through email or the Services.
Contact Information
Spika Group d.o.o.
Ulica Gračansko borje 5C
10000 Zagreb, Croatia
Email: info@spikasolutions.com
Last Updated: 16.06.2025
Introduction
Spika Group d.o.o., doing business as Spika Solutions, is committed to providing a superior business experience for everyone we work with. To ensure we maintain high-quality standards and comply with data protection laws, we gather and process personal information responsibly.
This policy explains how we collect, handle, and store personal data in accordance with the EU General Data Protection Regulation (GDPR) and the Data Protection Act 2018.
Why This Policy Exists
This policy ensures that Spika Solutions:
Complies with data protection law and follows best practices
Protects the rights of customers, affiliates, employees, and partners
Is transparent about how data is collected and used
Protects itself from the risk of a data breach
1. Policy Statement
Spika Solutions receives, uses, and stores personal data daily. We handle such data lawfully and in line with applicable regulations. We take these responsibilities seriously to uphold the trust placed in us.
2. About This Policy
This policy outlines how we collect and process personal data. It is not part of any employment contract and may be amended.
Responsibility for compliance lies with the company as a whole. Questions should be directed to our Data Protection Officer at sales@spikasolutions.com.
3. What Is Personal Data?
Personal data refers to any information relating to an identifiable person, including name, address, contact information, and more.
Processing includes obtaining, storing, amending, using, sharing, or deleting data.
Sensitive personal data includes IP addresses, session activity, location data, etc., and must be handled under strict conditions.
4. Data Protection Principles
We follow these key GDPR principles:
Process data lawfully, fairly, and transparently
Collect only for specific, lawful purposes
Ensure relevance and minimize collection
Keep data accurate and updated
Retain only as long as needed
Process securely and respect data subject rights
Avoid international transfers without safeguards
5. Fair and Lawful Processing
We process personal data under lawful bases such as:
Consent
Contractual necessity
Legal obligation
Legitimate interest
Collection of Information
We collect:
Information you provide: name, address, contact details, payment info, etc.
Automatically collected data: device IDs, IP address, browser type, session activity, cookies, etc.
Use of Information
We use data to:
Provide and personalize our services
Communicate with users
Analyze usage for improvements
Manage billing and account activity
6. Processing for Limited Purposes
Data is collected for specific purposes and may include inputs from business partners and systems integrations.
7. Notifying Individuals
When we collect data, we inform individuals of:
Purpose and legal basis
Third-party disclosures
International transfers
Retention period
Rights of access, correction, and erasure
How to withdraw consent
Right to file a complaint
8. Adequate, Relevant, and Non-Excessive Processing
We collect only the data necessary for intended purposes.
9. Accurate Data
We ensure data is accurate and kept up to date.
10. Timely Processing
We delete or anonymize data when it is no longer needed.
11. Rights of Data Subjects
Individuals have the right to:
Confirm whether data is processed
Access personal data
Rectify or erase data
Restrict or object to processing
Data portability
Avoid automated decision-making
12. Data Security
Security measures include:
Access control and monitoring
Encryption and pseudonymisation
Secure disposal of digital and physical media
Confidentiality agreements
13. International Transfers
We may transfer data outside the EEA under one of the following:
Adequacy decisions
Informed consent
Contractual necessity
Legal obligation
Approved safeguards (e.g., Standard Contractual Clauses)
14. Disclosure and Sharing
We may share data within our group or with approved processors and partners.
15. Subject Access Requests
Individuals may request access to data by contacting us. Identity verification may be required.
16. Changes to This Policy
We may update this policy and will notify users of significant changes through email or the Services.
Contact Information
Spika Group d.o.o.
Ulica Gračansko borje 5C
10000 Zagreb, Croatia
Email: info@spikasolutions.com