Privacy policy

General privacy policy

This Statement contains our privacy policy, so please read it carefully to familiarize yourself with how we process your data. The Privacy Policy describes the types of personal data we collect about our customers and explains how we use, share and transfer the collected data, as well as the options available to our customers related to the processing of their data. We also describe the measures we take to protect data security and how you can contact us regarding our privacy policy.

Please read this privacy policy carefully. We invite you to periodically check them in case of any changes to the conditions of collection and processing of your personal data.

Processing manager

The authorized representative of the EPIMEN PLUS brand in Croatia and the processing manager is the company EPIMEN doo with its headquarters in Kovinska ulica 4a, Zagreb, registered at the Commercial Court in Zagreb, MB:05318009, OIB: 42488816079. We collect data in accordance with Regulation (EU) 2016/679 of the European of the Parliament and the Council of April 27, 2016 on the protection of individuals in connection with the processing of personal data and on the free movement of such data and on the repeal of Directive 95/46/EC (General Data Protection Regulation) and other legal regulations. The company EPIMEN doo, as well as the EPIMEN PLUS brand, have been focused on the satisfaction of their customers since their establishment. We process the data entrusted to us by our customers with care and responsibility. We stand for legal, fair, transparent processing of personal data, while making sure that only authorized and competent persons have access to them, who use them exclusively within the framework of regulations and protect them responsibly.

Data collection

We collect your personal data in different ways, some examples are:

during your order on the web store www.epimenplus.com, through customer registration or online shopping,
when you browse our online content (cookies),
with the exception of the above, we only collect personal data when you make it available to us yourself, for example by sending an email when you contact us for an inquiry or similar, as well as via phone orders.

The types of personal data we may collect are as follows:

registration details (name, postal address, e-mail address, mobile phone number and / or other phone numbers)
personal details (date of birth, gender)
username and password (when purchasing online, so you can log in securely)
payment information (payment card number, expiration date, authorization number, security code, delivery address and billing address)
data on purchases and transactions (type and number of purchased and returned products)
customer support data, customer support questionnaires and comments and data exchanged with our customer support team
your interests and experiences with our products and products of a similar nature and photos, videos and comments, which you provide (e.g. a comment on a product on our web store)
location and geolocation data that you provide (e.g. if you want to automatically find the nearest store on our site)
information about you, obtained through publicly available sources
other data, which you provide to us, as a result of your request for a specific product and / or service

Use of personal data

We use the data described above only for the purposes indicated at the time of collection and/or in these policies. These purposes are as follows:

sending notifications about news, promotions and special offers for members of the Epimen Plus brand via the communication channels you have given us (e-mail, mail, mobile phone)
providing information about products and services
processing transactions, including payments made through the website and creating R1 invoices
creation and management of a special user account (e.g. in the web store)
identity verification (e.g. when signing up for a web purchase)
communicating and answering questions
participation in services (such as automatic replenishment service, express payment)
management, evaluation and improvement of products and services (such as new products and new advertising campaigns, analyzing the customer base, undertaking data analysis and accounting, auditing)
conducting direct marketing and behavioral advertising
tracking habits related to products on the website
conducting statistical or survey analyzes in order to improve services
performance of obligations arising from any agreements or contracts
ensuring that website content is presented in the most effective ways (personalizing the experience)
website administration
undertaking research and analysis, including the effectiveness of marketing and advertising campaigns
analyzing website visits and customized advertising

Please note that the processing of personal data for analysis purposes in order to improve the offer of our products may include the so-called “profile creation”. “Profiling” refers to any form of automated processing of personal data that evaluates personal aspects related to an individual such as personal preferences and interests, but based on our processing decisions are not made that are based solely on automated processing and produce legal effects that relate to you or significantly affect you.

Through the networks of advertising space sellers, such as search engines like Google and social media like Facebook, we can target our ads and messages to users.

As with all web pages, when accessing our web pages, our web server temporarily stores the domain name or IP address of the accessing computer, as well as the date of access, queries about files by website visitors (file name and corresponding complete data about internet address), http or https return code, browser type and size of files transferred during the visit.

When you use our website we may store data for various security reasons. Such data may include the name of your Internet service provider, the Internet page through which you connected to our site, the Internet pages you visited from our site, and your IP address. These data could lead to your identification, but we do not use them for that.

This website uses Google Universal Analytics, a web analysis activity by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States (“Google”) for the purpose of analyzing its use. The information collected by Google in connection with your use of this website (e.g. the starting URL, the web browser you used, your language settings, your computer system you used or the display resolution) is transmitted to a Google server in the United States of America States, they are stored there, analyzed and the result is made available to us in an anonymized form. Google is certified in connection with the EU-US Privacy Shield, so that an appropriate level of data protection is applied to data processing by Google.

For further information about Google Analytics, please see the Terms of Use of Google Analytics, Basics of Security and Data Protection from Google Analytics as well as Google’s Data Protection Statement.

When referring to other websites (“links”), we are not responsible for the content.

Web cookies (Cookies)

In order to make your visit to our website as pleasant as possible, it is necessary to save a small amount of information on the computer, the so-called cookies (eng. cookies). Cookies usually store your preferences, preferences for the website, such as your preferred language or delivery address. Cookies allow the website to “remember” the visitor’s preferences from previous visits. Later, when you open our website again, there will be no need to re-enter settings, such as your preferred language or shipping address.

Transfer of personal data to third parties

We do not transfer your personal data that we have collected to third parties, except for:

to our contractually bound processors, such as a company that helps us maintain websites, companies that provide email marketing or SMS marketing services, and intermediaries and service providers, such as a company that processes credit card payments (Payway), as well as research and analytical services (Google Analytics) to legal entities within EPIMEN doo
government bodies or other persons when there is a legal obligation
if you have otherwise consented or instructed us to share your information with third parties

We can transfer data collected for business purposes to third parties outside of the cases described above only if they are pseudonymized and/or anonymized, including the number of website visitors and the number of clicks on our ads and/or e-mails.

In cases where we entrust tasks related to data processing to third parties, in order for them to provide you with the product or provide the services you have requested or for other permitted purposes, we take care that this third party is registered to perform such activities and that it provides sufficient guarantees in terms of achieving data protection and confidentiality.

Protection and preservation of personal data

With special attention and responsibility, we process the data entrusted to us by our customers in a legal, fair and transparent manner.

We use technical and organizational security measures to protect your data from misuse, loss, threats or access by unauthorized persons.

We store personal data for as long as it is necessary to provide the requested service or the service for which you have given your consent or until you withdraw your consent, unless the law stipulates otherwise.

In order to ensure additional security of your data and complete compliance with applicable regulations, we have also appointed a Personal Data Protection Officer: Andreja Babić, Kovinska ulica 4a, 10000 Zagreb, email: [email protected] .

The personal data protection officer is in charge of informing and advising the processing manager or processor and the employees performing the processing about their obligations; monitoring compliance with the relevant regulations on data protection and the policies of the data controller or processor in relation to the protection of personal data, including the distribution of responsibilities, awareness raising and training of personnel participating in processing procedures; providing advice, when requested, in
regarding the assessment of the impact on data protection and the monitoring of its implementation, as well as cooperation with the Personal Data Protection Agency.

We also reserve the right to delete all data provided to us from our records if we find out or judge that they are incorrect. Namely, when the customer enters his data, it can happen that he gets confused during registration, that he fills out the application form illegibly or does not read the instructions on the application form properly, so he gives the information of a third person (a family member instead of his own), the wrong email contact, or the like. Although the buyer confirms with his handwritten signature that he only provides correct and personal information and that he is older than 16 years, in practice such errors on the part of buyers happen, and we are unable to prevent them. Precisely because of such cases, we reserve the right to delete data without notice, after which if the customer wants to re-register in the Epimen Plus customer base, he can do so in the correct way.

Your rights

At any time, you can exercise the right to access your personal data, i.e. the right to receive confirmation from us as to whether personal data relating to you are being processed, and if such personal data is being processed, access to your personal data, including the right to a copy of the same.

Your personal right is to demand at any time, without explanation or consequences, that the company EPIMEN doo supplement, correct, limit the use or stop using and delete your personal data previously provided on the basis of consent. The withdrawal of consent does not affect the legality of the processing that took place up to that point.

If you want us to stop using your data for certain purposes, you can always do it in the following way:

as a member of the Land of Beauty, you can unsubscribe from receiving notifications about news, promotions and special offers for members by sending an email to [email protected] with the subject Unsubscribe and the text of the email with a description of the request (e.g. I want to unsubscribe from email messages, SMS messages, mail , all of the above,…), where requests will be processed within a maximum of 5 working days.
to disable the cookies that we collect when you browse our websites, adjust your settings in your Internet browser
to change data or delete your data from our records and for other specific situations, just send us an email with the text of the specific request to [email protected]

Your rights include the right to object to the processing of your personal data for direct marketing purposes, which includes profiling to the extent related to such direct marketing. Upon receipt of such an objection, we will stop processing your data for this purpose.

If you have any questions related to the privacy policy or would like to send us a request regarding the termination of processing, modification of data or other options available to you, you can always contact us using the following e-mail
address: [email protected] , we will respond as soon as possible, taking care of the security of your data, and if necessary, we will also consult with our Data Protection Officer.

In case you do not have the possibility of e-mail communication, you can send a written request to the postal address of the company: EPIMEN doo, Kovinska ulica 4a, 10000 Zagreb, Croatia.

If you believe that your personal data is being collected or used in a way contrary to the applicable regulations, you have the right to lodge a complaint with the Agency for the Protection of Personal Data, Martićeva ulica 14, 10 000 Zagreb.

Applicable law

All questions related to these privacy rules are governed by Croatian law.

These rules come into force on 5/22/2018.