We, 200POSTO d.o.o., Braće Cvijića 19, Zagreb, OIB: 7640005043,

are a company that does digital advertising and connects patients with dental offices. In our business, we collect and process personal data in compliance with all relevant laws and regulations.

Privacy protection is our priority, so please read this information carefully!

1. Who is the data controller?

200POSTO d.o.o. is the data controller as prescribed by The General Data Protection Regulation. 200posto as the data controller determines the purposes and means of processing personal data and is responsible for storing and using personal data in paper or electronic form.

2. Data Protection Officer

200posto d.o.o. has, in accordance with relevant regulations, appointed a Data Protection Officer who you can contact regarding any issues related to the processing of your personal data or the exercise of your rights to the protection of personal data. Contact: Sven Čujić, [email protected].

3. What kind of personal data do we collect?

The personal data we collect is the data you send us upon filling out the questionnaire (name, surname, address, contact information, dental panoramic radiograph and the description of your inquiry) and is needed to provide you the requested service. We share your information, in a secure way, only with the dental offices that can provide you with the service.

4. How will we collect and use your personal data?

Personal data is collected mainly to ensure the provision of the requested service and the most effective response to your inquiry.

By submitting your personal data, you agree to be contacted and give us permission to include you in our database in order to obtain the requested services. We consider this to be your explicit consent to be contacted.

We do not sell, transfer or disclose the data we collect through our website to anyone except:

• when we need to put you in contact with dental offices that can provide you with the requested service;

• when this is necessary in order to fulfill our legal obligations;

• when this is necessary in order to protect your life or bodily integrity and you are not able to consent to the processing of your personal data;

• when this is necessary for the performance of tasks carried out in the public interest.

By completing the forms on our website, you guarantee that the data you have provided is accurate and that you fully agree to the terms and conditions of our Privacy Policy.

For the purposes of marketing, we might ask for your additional explicit consent, such as to send you notifications you wish to receive about the offers, products and services in which you are interested. You can withdraw the consent given for this purpose at any time in which case we will stop processing your data for this purpose.

The protection of your data is permanent and you can at any time request for your personal data to be deleted by submitting a direct request. The personal data of the data subject being processed shall be deleted promptly at his / her request and at the latest within one month of receipt of the request. The data subject shall be informed via e-mail of the completed deletion within one month of receipt of his / her request.

Upon withdrawal, your data will only be used for internal statistical data processing and will be fully anonymous.

During the defined period of retention of personal data in our personal data records, we take the following measures:
• Periodic overview of personal data records
• Verification of the applicability of the data retention period with respect to business requirements, type of personal data, processing purpose and the category of processing entities.

5. Who will have access to your personal data?

We will ensure that your data is processed only in the manner consistent with the above-stated purpose. If it is necessary to fulfill this purpose, access to your data will be given to: authorized employees of 200 posto d.o.o., the dental offices whose services you request as data processors, or the dental offices who have received your inquiry and are listed on our website as partners. All of them process your data solely according to the instructions given to them by 200 posto d.o.o.

6. Where will your data be processed?

Your personal data will be processed within the European Economic Area (EEA) by the data processors referred to in point 5, and whose responsibility and obligation to protect personal data and to preserve their confidentiality is defined by contracts and in accordance with all technical and organizational measures and regulations regulating data protection. Your personal data will not be made available to anyone without 200 posto d.o.o.’s authorization.

7. Server statistics

Our global network server uses statistical software. These programs are a standard feature of all Internet servers and are not unique to our pages. Such statistical programs allow us to customize our pages to make them more effective and simpler for our visitors (identifying information that interests our users the most and the least, adapting the pages to different web browsers, improving the structure of our pages and the number of visits to them.)

8. Using cookies

To help you browse our web pages, our global network server uses cookies. A cookie is a very small text file that the server places on a user's computer for the purpose of tracking the selection of a language variant of our website as well as when accessing parts of the website that require entering a username and password. Cookies cannot be used to run programs or set up viruses on your computer. It is also possible to visit our pages without the use of cookies if your web browser is set up in that way. All cookie information can be found at the link www.miglioridentisticroazia.it/cookiePolicy.aspx

9. Data security

In order to provide security at this address and to ensure the accessibility of the service to all users, this computer system uses software that monitors online visits and recognizes unauthorized attempts to download or modify data as well as those that could otherwise cause damage. Unauthorized attempts to download or change data at this location are strictly prohibited.

However, keep in mind that there isn’t a mode of transfer over the Internet or electronic storage that is 100% secure or reliable and we cannot guarantee your absolute security.

We appreciate your confidence in providing us with your personal data, so we have technical and organizational measures in place, including the protection from unauthorized or illegal processing, and from accidental loss, destruction or damage, to ensure that we process in an integrated way and with the appropriate security level only the personal data necessary. The protection of data accessed by dental offices is ensured with access control and regulated through contracts with the dental offices.

10. Underage persons

Our services are not intended for children under 16. We do not collect personal data coming from children up to 16 years of age. If we find out that a child under the age of 16 has provided personal data, we will immediately be deleting it from our servers. If you are a parent or guardian and you know that your child has provided us with personal data, please contact us so that we can take necessary action.

11. What rights do you have in relation to your personal data?

When it is legally foreseen, you have the right to receive information on processing your personal data, withdraw your consent at any time, correct or supplement your personal data to always be accurate, delete your personal data when it is no longer needed for the above purposes, transfer your personal data in a structured shape, notification of any deletion, modification or blocking of data by the third party to which the data have been disclosed and filing a complaint to 200 posto d.o.o. or the competent state authority.

12. Right of complaint to supervisory body

You may also submit a complaint about the processing of your personal data to the supervisory body, Agencija za zaštitu osobnih podataka (Personal Data Protection Agency), Martićeva 14, Zagreb, +385 (0)1 4609 999, [email protected], www.azop.hr

13. How long do we keep your personal data?

We will keep your data as long as it is necessary to achieve the purpose for which we process them. The criterion based on which we determine the period of retention of personal data is precisely the purpose of the collection and the time limit in which you want us to provide you with our services.

14. How can you contact us?

If you have any questions about the usage of your personal data, you can contact us by e-mail or in writing at the following addresses:

· E-mail: [email protected]

· mail: Braće Cvijić 19, 10000 Zagreb

· via the web form at www.miglioridentisticroazia.it/dataPrivacyInquiry.aspx

15. How often do we update this Information on the Use of Personal Data?

We update the information on the use of personal data regularly, and the latest version is always available on our website www.bestdentistsabroad.com. If there are any major changes that affect you, we will notify you directly.

I hereby confirm that I am acquainted with all relevant information about 200 posto d.o.o. and the services it provides.

I hereby explicitly agree to the collection and further processing of my personal data by 200posto d.o.o. and 200posto's affiliates, as well as to the collection and further processing of any other information about me they receive when providing their services to me, in compliance with legal regulations, all in accordance with the defined purpose.