Privacy Policy

About privacy notice

We guarantee the security of all your data.

This Privacy Notice (“Notice”) explains how Vision Compliance Ltd., Republike Austrije 23, 10 000 Zagreb (in further text: Data Controller) collects, uses and manages your personal data that is located on the web site

Data Controller as a website service provider is committed to protecting the privacy of personal data. Read these policies carefully to understand why and how we collect your personal data and how it will be used

If you wish to contact us regarding these policies or about your personal data, please use the following contact information:

Adress: Republike Austrije 23, 10 000 Zagreb

Telephone number: 098 918 88 20

How and when do we collect your personal data?

We collect your personal data when necessary to meet your consumer needs or for the purposes of our business:

  • the moment you access the website eu,we will collect your IP address, which is also considered to be personal data,
  • user of our website by entering his/her personal data after sending inquiries about our services and/or video lessons and trainings, and in case of purchaseenters into a contractual relationship which is the basis for the purchase of products and order of services on customer’s choice. The processing of your personal data in the latter case is necessary to perform the contract in which you are a party as a customer or user or in order to undertake actions at the request of the data subject before signing the contract,
  • when registering as user or recipient of newsletter or other information about our products and promotions. As Data controller, we will ask you to provide information about yourself (personal data) such as e-mail address. The legal basis for the processing of your personal data is consent. Therefore, the user signing up to receive notifications about our products and promotions by entering their data on the page euis giving consent for processing of their personal data. The user can withdraw their consent at any moment.
  • d)situations in which we collect other types of data such as the date and time of accessing the website, information about hardware, software or the internet browser that is being used, as well as about the operating system of your computer, application versions and language settings. We can collect information about clicks and your access to eupages which are shown to you.
  • e) when you contact the customer service or our sales department and ask us for help or ask a question in order to exercise any of your rights guaranteed by applicable regulations,
  • f)when you contact us via social media, we collect information that you have made available to us when making inquiries or requests,
  • g)when you want to send us an inquiry about our other services or ask us for an offer related to them, we also collect information that you have left available to us (e.g. contact mail, name and surname, place of work, area of your interest related to our video lessons),
  • h)when you fill a costumer satisfaction poll or ask us any inquiry related to our offer, or if you want to send an open job application
  • i)when we send you our informative and educational materials in the form of newsletters on thebasis of previous cooperation, all on the basis of legitimate interest, given that these are public or open databases, B2B and B2C relationship.

We collect the above specific categories of your personal data either on the basis of the consent shown to you when you arrive at via a pop-up window, or on the basis of a legitimate interest. The latter for example in cases of cookies that are necessary for the functioning of the website or when we send you as our customer some interesting information and/or special offers.

Pop-up consent is renewed 12 months after your last acceptance or rejection of certain cookies.

In case we have to fulfill our obligations arising from the applicable regulations of the Republic of Croatia, we will not process data on the basis of the two legal bases mentioned above (for example in case of purchasing one of our video lessons or exercising one of your rights guaranteed by the General Data Protection Regulation).

Please pay attention to the mandatory volume of data we ask you to provide, because in case the customer or user does not provide the required information which are specified as mandatory in order to perform an activity requested or expected by them, unfortunately they will not be allowed entering into it, without the required data, that activity will not be technically possible to carry out.

What data and for what purpose do we collect directly from you?

Typical categories of information we collect from users are the following: name, e-mail address, telephone number, information necessary to make the payment or other information you provide when filling out forms on websites or when communicating with us by phone or email.

We collect your personal data for:

·       performance of a service, fulfilment of a contract or other way of ensuring provision of a requested service

·       the use of all services on the webpage

·       the most efficient response to your inquiry and processing of your requests

·       statistical data processing

·       sending materials, offers and contacting

·       improving the quality of content, functionality, and services.

What privacy rights do you have?

Please note that you have the right to request the following from Data Controller at any time:




· to give you access to your personal data



You can  ask Vision Compliance Ltd. as Data Controller what personal data about you does it use, and you can ask for access to that personal data. You have the right to know the purpose of processing, which categories of your personal data we store, entities or categories of entities with which we share your personal data, the time period we retain your data, as well as the source of the data in case the data is indirectly collected.


· To provide you a copy of personal data it stores


You can contact us if you want a copy of some or all of the personal data about you that we store.

· request the correction of incorrect data


We want your personal data to be accurate and up to date. You can ask us to correct or remove information that you think is incorrect or outdated.

· request deletion of your personal data 


You can ask us to stop processing or even the erasure of personal data we store about you. If we need your personal data to perform a contractual obligation to you, Data Controller could cease to be able to perform such contractual obligations. Also, if your personal data is required in order to Data Controller be able to meet certain legal obligations (e.g., tax obligations), your request may not be able to be fulfilled.



· restricting access to your personal data (us and/or third parties) in certain processes or in full


If you want to challenge the accuracy of the data, or we no longer need your personal data for the purpose of the processing, but you need it to establish, enforce or defend legal claims, or you have objected to data processing on the basis that the Data Controller considers legitimate, you have the right to ask for restriction of the processing of your personal data.


· file a complaint about the way we use your personal data


Remember that you have the right to object to the processing of personal data that is based on a legal basis that the Data Controller considers legitimate. You can do so through the contact form by selecting “objection to the processing of personal data”, or contact us in another way.


· request data transfer to another Data Controller (transferability of rights)


If the processing is based on your consent or if it is carried out by automatic means, you have the right to ask the Data Controller to transfer the data to another data controller.


To exercise any of the above rights, please use the contact information provided at the beginning of the Privacy Notice.

If you are not satisfied with the way how we have collected or used your personal data, you have the right to file a complaint with the Croatian Personal Data Protection Agency.

Where is your personal data stored?

We store the personal data we collect about you in a secure environment. Your personal data is protected from unauthorized access, disclosure, use, alteration, or destruction by any organization or individual with whom we cooperate.

Some data is still stored in paper form, but we tend to digitize all the personal data we process. The processed data is stored in the Data Controller’s premises and IT systems, but sometimes we store the data on the servers of our trusted service providers.

Does Vision Compliance Ltd. as Data Controller share data with third parties?

Privacy protection is important to us, so we will never share your personal data with third parties except for the purposes described in this Notice. We will always inform you when sharing and transferring data.

Vision Compliance Ltd. uses the tools and services of companies and social networks that do not operate in the European Union. We are obliged to warn you that third parties such as Google LLC may transfer your personal data to the U.S. where it may become available to U.S. government services, if the data transfer is not compliant with the lawful and secure transfer mechanisms prescribed by theGeneral Data Protection Regulation.

We care about the protection of your data and that is why we use various legal options for the lawful transfer of personal data in our business, which will ensure an even greater level of your protection.

On 10 July 2023, the European Commission adopted a new adequacy decision under which personal data can be freely transferred from the European Union to companies in the US participating in the Data Privacy Framework.

The adequacy decision is based on Article 45 of the General Data Protection Regulation.  The General Data Protection Regulation (GDPR) is a mechanism that ensures the secure and lawful transfer of data to third countries. Companies in the U.S. that wish to participate in the Data Protection Framework must undergo a self-certification process and enroll in the list of companies that have accessed the Data Privacy Framework. 

Vision Compliance Ltd. will use an adequacy decision for the transfer of personal data with service providers that successfullyself-certify and access the Data Protection Framework.

Vision Compliance Ltd. will use valid standard contractual clauses pursuant to the General Data Protection Regulation for the transfer ofpersonal data with service providers that do not access the Data Protection Framework.     

We will inform you further about any measures taken and will amend our policies after the compliance period has elapsed.

The purposes for which we share data with our trusted partners are, for example, marketing needs, finance, advertising, payment processing. These service providers are obliged, according to the relevant contracts, to use the data entrusted to them only in accordance with our guidelines and exclusively for the purpose we have strictly determined. We also oblige them to adequately protect your data and to consider it a business secret.

Once a year, we audit all our partners to make sure that the protection of your personal data is still at the required level and that it complies with applicable regulations.

Use of social networks and other tools

For statistical analysis and measurement, also uses some Google tools, specifically Google Analytics.

You can find more about Google’s privacy policy at:

This Notice does not apply to services and third parties that have separate privacy policies, however, in accordance with personal data protection regulations, the data controller is required to inform its users about the data collected by Google in providing its services to other legal entities and individuals.

The processing of data by Google and Meta cannot be fully influenced by the data controller as part of your use of the listed social networks and tools. Please read the sections of this Notice carefully to understand how Google processes your personal data.

The information collected by Google includes unique identifiers, browser type and settings, device type and settings, operating system, mobile network information including operator name and phone number, and application version number.

In addition, Google collects information about the interaction of applications, browsers, and devices with Google services, including IP address, crash reports, system activity, and the date, time, and referral URL of subjects request.

Google collects information when a Google service on your device contacts Google’s servers – for example, when you install an app from the Play Store or when the service checks for automatic updates. If you use an Android device with Google applications, your device periodically contacts Google servers to provide device information and connect to our services. This includes information such as device type, mobile operator name, crash reports, and applications you have installed.

For what purposes does Google collect your data?

Google may use your data to ensure the proper functioning of the services, for example by monitoring downtime or resolving issues you report.

Furthermore, Google uses the data for analytical and measurement purposes.

For example, Google analyzes data about your visits to Google sites and uses data about ads you interact with.

When you visit sites that use Google Analytics, Google and the Google Analytics user, Google may associate data about your activity on that site with activity on other sites that use Google advertising services. The collected data, such as your email address, is used by Google to interact directly with you. For example, it may send you a notification if it detects suspicious activity, such as trying to sign in to your Google Account from an unusual location, or it may notify you of upcoming changes or improvements of services.

If you contact Google, Google will record a request record to help resolve your issue.

Google uses automated systems that analyze your content to provide customized search results, customized ads, or other features tailored to your use of our services.

Google also analyzes your content to detect abuse, such as unwanted, malicious, or illegal content. Algorithms are also used to identify patterns in Google data.

For example, Google Translate helps people communicate in different languages by discovering common language patterns in the phrases you are looking for translation.

For the purposes described above, Google may combine data collected from its services and all of your devices. Depending on your account settings, your activity on other sites and applications may be linked to your personal data in order to improve the Google services and ads that Google displays.

If other users already have your email address or other credentials, Google may show them your publicly visible Google Account information, such as your name and photo. For example, they can more easily recognize the email you send them.

Finally, we would like to inform you that Vision Compliance Ltd. uses business profiles within the services of Facebook, YouTube and Instagram and LinkedIn, and you can view their Privacy Policy or Privacy Statements as well as the way they use your personal data at:









In case you have questions regarding the collection and processing of data by Facebook, YouTube, Instagram and/or LinkedIn or you want to exercise any of your rights guaranteed by the General Data Protection Regulation, contact:


META PLATFORMS IRELAND Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland



Contact of the Data Protection Officer:


If you are not satisfied with the way your personal data is collected and processed, you can contact the leading supervisory body of Facebook, the Irish Data Protection Commissioner or the Personal Data Protection Agency of the Republic of Croatia.






Google Ireland, Ltd., Gordon House Barrow St, Dublin 4, Ireland



Contact of the Data Protection Officer:


If you are not satisfied with the way your personal data is collected and processed, you can contact the leading supervisory body for Youtube, the Irish Data Protection Commissioner or the Personal Data Protection Agency of the Republic of Croatia.







META PLATFORMS IRELAND Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland



Contact of the Data Protection Officer:


If you are not satisfied with the way your personal data is collected and processed, you can contact the leading supervisory body of Instagram, the Irish Data Protection Commissioner or the Personal Data Protection Agency of the Republic of Croatia.




Attn: Legal Dept. (Privacy Policy and User Agreement), Wilton Plaza, Wilton Place, Dublin 2, Ireland



Contact of the Data Protection Officer:



If you are not satisfied with the way your personal data is collected and processed, you can contact the leading supervisory body of LinkedIn, the Irish Data Protection Commissioner or the Personal Data Protection Agency of the Republic of Croatia.



Therefore, as Data Controller uses tools and services of social networks that do not operate in the European Union, we are obliged to inform you that these third parties who manage social networks may transfer your data to the US where they share with intelligence services in accordance with the regulations that are in force in US.

We care about the protection of your personal data and that is why we have launched mechanisms that will enable an even higher level of your protection.

We will additionally inform you about all the measures taken, and we will change our internal documents after the completion of the ongoing procedures.

How long will we retain your personal data?

Data Controller will not retain your personal data for longer than the period required to fulfill the purpose of their use. If you are interested in details and data retention periods, you can contact the data protection officer at

For example, we will store your cookie selection information for a maximum of one year, after which you will be shown a pop-up window again when visiting Of course, you have the right to change your mind and regulate your consent at any time via the “Edit Consent” link. We will keep the invoices for 11 years, open job applications for 1 year, the documentation of the tendering procedure 45 days from the end of the tendering procedure, the forms through which you apply for training for 1 year, etc.

What will we use your data for?

As we have stated before, we may use your personal data in several different ways, mainly to meet our contractual obligations toward you, but sometimes to improve your shopping experience, direct marketing or for security reasons.

Order processing and service delivery

When you wish to purchase one of our video lessons we will ask you to provide certain personal data which are necessary to properly process your purchase.

Customer Service – Office

If you contact our office directly or through any other means of communication available to you, we need your contact information to resolve the issue you are contacting us with. The information you provide to us will only be used for this purpose.


To maintain the website and ensure that its functionality is at the expected level Data Controller uses a technology known as “cookies”.

A cookie is a small text file that is stored on your computer or mobile device when you visit a particular website. With cookies, a website remembers your actions and preferences (such as sign-in, language, font size, and other display-related preferences) over time, so you do not have to re-enter them each time you return to the site or browse its various pages. Cookies can be temporary or permanent, for example, JavaScript or Flash technology. Thanks to cookies on our site, you can search without difficulty and you will be shown results that are relevant to you.

We use following cookies:

1) temporary user session-id cookies and/or persistent cookies limited to a few hours in some cases,

2) authentication cookies, which are used for authentication services, during the use of the page visit,

3) user security cookies, which are used to detect misuse of authentication, with limited duration,

4) multimedia cookies, such as flash player cookies, for the duration of the page visit,

5) content loading cookies, during the visit to the page,

6) persistent customization cookies for the user interface during the visit to the page (or a little longer)

7) third-party cookies for social network plug-ins for logged-in social network members, and

8) analytical cookies.

You can access cookies stored on your computer when you visit our website. If you want to delete cookies that are already on your computer, please see your browser under the instructions and click on the “Help” menu.

We process cookies only with your consent. You can accept, accept in part or decline the use of cookies, just check the settings in your browser. However, please note that some of the features of our website may not work without cookies. By seeking consent, we will present the purpose for which we will process this type of information and will inform you of your rights.

You can find more information about cookies in the Cookie Policy. You can also use the pop-up window to regulate your cookie selection at any time. Change Cookie Preferences

Other websites contains links to sites of third parties.

This Notice only apply to this website, so when linking to other websites, we encourage you to read their privacy policy.


Vision Compliance Ltd. as a Data Controller would like to send you information about its products and services that you may be interested in. However, we are only allowed to send marketing material if you agree with it and give us your consent. Please note that even if you have agreed to receive our marketing messages (newsletter), you may opt out of receiving them at any time. If you no longer wish to be contacted for marketing purposes, please select this option at the end of our marketing message (e-mail/newsletter), click “Unsubscribe” in each of our newsletters or send us an email at

Entry into force and privacy notice changes

This Notice shall enter into force upon publication on the website

This Privacy Notice may be amended by Data Controller at any time by posting the amended text on

Changes to this Privacy Notice take effect immediately upon publication on


You can edit the cookie consent using the tool in the lower left corner of the page or by clicking here.