Privacy Policy
1. TERMS AND DEFINITIONS

"Automated processing of personal data" shall mean processing of personal data using computer technology.

"Controller" shall mean the person responsible for the processing and protection of the Personal Data of Users located in the EU within the meaning of the General Data Protection Regulation of April 27, 2016 (hereinafter the "GDRP").

"Website" shall mean a set of graphic and information materials, as well as computer programs and databases, ensuring their availability on the Internet at the network address beon.center/ including all subdomains (referred to as the Website).

"Data Processing System" shall mean the Website and all forms therein.

"Personal data" shall mean a set of personal data and/or non-personalized information about the User provided by the Data Controller himself and/or automatically collected by the Data Controller and/or third parties.

"Policy" shall mean this Privacy Policy, with all existing additions and changes.

"User" shall mean a legal entity or an individual who has browsed the Website on a smartphone, tablet, watch or any other mobile device and/or has activated (i.e. completed the process of authorization, registration and other similar actions) on one of the specified devices, or any visitor to the Website.

"User Agreement" shall mean an agreement concluded between the Data Controller and the User regarding the procedure, rules and features of the User’s usage of the Website. The User joins such an agreement and does not have the right to make and/or demand the introduction of any changes or additions to it.

"Processing of Personal data" shall mean any action (operation) or a set of actions (operations) performed using automation tools or without using such tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (update, change), extraction, use, transfer (dissemination, provision, access), depersonalization, blocking, deletion, destruction of personal data.

"Data Controller" shall mean a state body, municipal body, legal entity or individual, independently or jointly with other persons organizing and (or) carrying out the processing of personal data, as well as determining the purposes of processing of personal data, the content of personal data to be processed, actions (operations) performed with personal data. For the purposes of this Policy, the Data Controller or the Company shall mean East Properties d.o.o. Beograd.

"Data Processor" shall mean a person who, in the understanding of the GDRP, on behalf of the Data Controller, stores and/or processes Personal Data received from Users.

"Provision of Personal Data" shall mean actions aimed at disclosing personal data to a certain person or a certain circle of persons.

"Dissemination of Personal Data" shall mean any actions aimed at disclosing personal data to an indefinite circle of persons (transfer of personal data) or at acquaintance with the personal data of an unlimited number of persons, including the disclosure of personal data in the media, posting in informational and telecommunication networks or providing access to personal data in any other way.

"Cross-border transfer of Personal Data" shall mean the transfer of personal data to the territory of a foreign state to the authority of a foreign state, to a foreign individual or foreign legal entity.

"Destruction of Personal Data" shall mean any actions as a result of which personal data are destroyed irrevocably with the impossibility of further restoring the content of personal data in the personal data information system and (or) the material carriers of personal data are destroyed.

"Cookies" shall mean small files sent by any mobile application or site and placed on smartphones, tablets, watches and other mobile devices of the User to improve the operation of such applications or sites, as well as the quality of the content posted therein.


2. GENERAL PROVISIONS

2.1. The Company collects, retains, and uses personal data, for the purpose of verifying the identity of individuals, who use or have used the Website and submitted their Personal Data. The Company recognizes the sensitivity of personal data and takes seriously its obligations to maintain confidentiality and protect the security of data.

2.2. Purpose:
In accordance with the data protection laws, including GDPR et seq., and other laws and regulations, this Policy sets forth the Company’s procedures for disclosure, storage, and destruction of personal data.

2.3. This Policy regarding the processing of personal data (hereinafter — the "Policy") applies to all information that the Data Controller may receive about users of visitors to the Website.

2.4. User rights for the protection of personal data
In connection with the provision of Personal Data, the User automatically receives the following rights:
(1) receive data concerning their processing (the grounds and purposes of such processing, the processing methods used, information about the persons who have access to data or to whom data may be disclosed on the basis of an agreement or the Law).
(2) receive data on the location and identification data of persons who process Personal Data.
(3) receive data on the storage periods of Personal Data.
(4) receive data on the performed or expected cross-border transfer of Personal Data.
(5) receive information about the location and identification of data of persons who store Personal Data.
(6) appeal against the actions or inaction of the Data Controller to the authorized body for the protection of the rights of subjects of personal data or in court.
(7) exercise other rights in the field of personal data protection provided for by the laws or the provisions of this Policy.



3. LIST OF COLLECTED PERSONAL DATA

3.1. Non-personalized information about Users
In connection with the use of the Website, the Data Controller may automatically collect and process the following non-personalized information about the User:
(1) information about traffic, the possible number of clicks, logs and other data.
(2) information about the location of the User (geolocation).
(3) information about the device (identification number, mobile operator’s network) from which log in is performed, operating system, platform, browser type and other information about the browser, IP address, used Wi-Fi networks.

3.2. Personal data about users
The User provides the Data Controller with the following personal data:
(1) surname, name, patronymic;
(2) email address.
(3) mobile phone number.
(4) a photograph of the User (if applicable).
(5) the data contained in the personal account (profile) of the User, all internal correspondence of the User within the Website, as well as other activity of the personal account (profile) of the User.
(6) payment information, including card details, other similar information (if applicable);
(7) data on purchases made by Users and/or received/paid services through the Website (if applicable);
(8) professional and employment-related information, including the name of the employing company, position, department, other information about the User’s profession;
(9) information from the Email/Outlook Calendar, when using the respective integration and booking.
(10) device and usage information, including information about a computer or mobile device (device identifiers such as IP address, WiFi and Bluetooth MAC address), geolocation information (such as based on a GPS or WiFi signal of a mobile device depending on the settings of the latter).
(11) data and information obtained as a result of combining certain Personal data of a specific User, as well as data and information received data about the User received from third parties (partners, marketers, researchers);
(12) User’s ID or other identifying document data (if applicable);