Privacy Policy

This Privacy Policy explains how VEDRANA BLASKOVIC, trading as Blaskovic Digital ("we", "us", "our"), collects, uses and protects personal data when you visit blaskovicdigital.com or engage our services. We comply with the EU General Data Protection Regulation (Regulation (EU) 2016/679, "GDPR"), the UK GDPR and the UK Data Protection Act 2018, and the German Federal Data Protection Act (BDSG).

1. Data Controller

The data controller responsible for your personal data is:

2. Personal data we collect

• Identification and contact data: name, company, email, phone number.
• Project information you submit through our contact form.
• Billing data necessary to issue invoices (address, VAT ID where applicable).
• Technical data: IP address, browser type, device, pages visited, referring URL.
• Communication data: messages you send us by email or through forms.

3. Purposes and legal bases (Art. 6 GDPR)

• Performance of a contract (Art. 6(1)(b)) — to respond to enquiries, deliver our services, issue invoices and provide support.
• Legal obligation (Art. 6(1)(c)) — to comply with tax, accounting and other statutory record-keeping obligations.
• Legitimate interests (Art. 6(1)(f)) — to operate, secure and improve our website and to prevent fraud.
• Consent (Art. 6(1)(a)) — for non-essential cookies, analytics and marketing communications, where applicable.

4. Cookies and analytics

We use only strictly necessary cookies by default. Any analytics or marketing cookies will be set only after your explicit consent through our cookie banner, which you can withdraw at any time.

5. Data retention

We keep personal data only as long as necessary for the purposes set out above. Contractual and accounting records are retained for up to 10 years where required by German tax law (§ 147 AO). Enquiry data is deleted within 12 months if no contract is concluded.

6. Recipients and processors

We may share data with carefully selected processors acting on our behalf, including hosting providers, email providers, payment processors and accounting software, all bound by GDPR-compliant Data Processing Agreements (Art. 28 GDPR).

7. International transfers

Where personal data is transferred outside the EU/EEA or the UK, we rely on adequacy decisions or Standard Contractual Clauses (SCCs) approved by the European Commission and the UK ICO, together with appropriate supplementary measures.

8. Your rights

Under GDPR and UK GDPR you have the right to:

• Access your personal data (Art. 15).
• Rectify inaccurate data (Art. 16).
• Erasure / "right to be forgotten" (Art. 17).
• Restrict processing (Art. 18).
• Data portability (Art. 20).
• Object to processing based on legitimate interests (Art. 21).
• Withdraw consent at any time without affecting prior lawful processing.
• Lodge a complaint with a supervisory authority — in Germany the relevant authority is the data protection authority of Schleswig-Holstein (ULD); in the UK it is the Information Commissioner's Office (ICO, ico.org.uk).

9. Security

We implement appropriate technical and organisational measures, including TLS encryption, access controls and secure backups, to protect your data against unauthorised access, loss or alteration.

10. Children

Our services are not directed to children under 16 and we do not knowingly process their data.

11. Changes

We may update this Privacy Policy from time to time. The updated version will be posted on this page with a revised "Last updated" date.

12. Contact

For any privacy request, please contact us at blaskovic.v@inbox.eu.