Centar za inovacije d.o.o., trading as Innovation Institute & Center, takes the protection of personal data seriously. This policy explains what information we collect when you visit innovation-institute.eu or correspond with us, why we collect it, how we use it, and the rights you have under EU data protection law.
The policy is written in plain language. If anything is unclear, please contact us using the details below and we will be glad to explain.
The data controller responsible for the processing of personal data described in this policy is:
Centar za inovacije d.o.o.
Desinićka ulica 5, 10000 Zagreb, Croatia
OIB (VAT/Tax ID): 98345295215
Email: office
Website: innovation-institute.eu
For any question about how we handle personal data, or to exercise any of the rights described below, please write to us at the email address above.
We only collect personal data that we need for a clearly defined purpose. The categories below describe everything we process when you interact with us through this website or by email.
When you visit innovation-institute.eu, we use Google Analytics 4 to understand how visitors find and use the site (pages viewed, approximate location, device type, referral source, time on page). This data helps us improve content and structure. Analytics tracking only runs after you give consent through our cookie banner. Until then, no analytics data is collected.
Legal basis: your consent.
When you write to us at office@innovation-institute.eu, we receive your name, email address, and the content of your message. We use this information to respond to you and, where relevant, to discuss potential collaboration or services.
Legal basis: our legitimate interest in responding to inquiries and managing client communication, or pre-contractual measures at your request where you contact us about engaging our services.
If you become a client, we process the personal data necessary to deliver the agreed services. This typically includes contact details of designated representatives, information shared during workshops, research, or consulting projects, and any data required for invoicing and accounting.
Legal basis: performance of a contract and compliance with our legal obligations under Croatian tax and accounting law.
We use a small number of cookies to make the site work, remember your consent choices, and (with your permission) measure traffic. Full details are in section 5 below.
We do not sell or rent personal data. We share limited data only with carefully selected service providers ("data processors") that help us operate the website and our business. Each of them is bound by a data processing agreement and is permitted to use your data only for the purposes we instruct.
| Service provider | Purpose | Location |
|---|---|---|
| Netlify, Inc. | Website hosting and content delivery | USA (EU-US Data Privacy Framework) |
| Google LLC | Website analytics (Google Analytics 4) | USA (EU-US Data Privacy Framework) |
| Cybot A/S (Cookiebot) | Cookie consent management | Denmark (EU) |
If we engage additional processors in the future (for example, a CRM system or email marketing tool), we will update this policy and, where required, ask for your consent before any new processing begins.
We may also disclose personal data to public authorities when required by law, court order, or a legitimate request from a competent authority.
Some of our service providers are based outside the European Economic Area, primarily in the United States. Where this is the case, the transfer is protected by the European Commission's adequacy decision under the EU-US Data Privacy Framework, or by Standard Contractual Clauses approved by the European Commission, together with additional safeguards required by EU data protection law.
If you would like more information about the specific transfer mechanism used for any provider, please contact us at the email address above.
A cookie is a small text file stored on your device when you visit a website. We use cookies for two purposes: to make the site function properly, and (only with your consent) to understand how visitors use it.
You can change or withdraw your consent at any time by clicking the cookie icon at the bottom of any page on this website. Withdrawing consent will not affect the lawfulness of any processing carried out before withdrawal.
The list below is generated automatically by our consent management platform and reflects the actual cookies currently in use. It is updated as the site changes.
We retain personal data only for as long as we need it for the purpose it was collected for, or for as long as we are required to keep it by law.
| Type of data | Retention period |
|---|---|
| Email correspondence | Up to 2 years from the last communication, unless we need to keep it longer to deal with a legal claim or to fulfil a contract |
| Analytics data (Google Analytics 4) | 14 months (default GA4 retention setting) |
| Cookie consent records | 12 months from the date consent was given or refused |
| Client contracts and invoices | 11 years, in accordance with Croatian accounting and tax law |
EU data protection law gives you a set of rights with respect to your personal data. You can exercise any of them by writing to office@innovation-institute.eu. We will respond within one month.
We will not charge a fee for handling your request, unless it is manifestly unfounded or excessive (for example, repetitive). We may ask for proof of identity to make sure we are responding to the right person.
We apply technical and organisational measures appropriate to the sensitivity of the data we process. These include encrypted connections (HTTPS), restricted access to systems holding personal data, contractual confidentiality with all partners and processors, and regular review of our security practices. No system is completely immune to risk, but we treat the protection of personal data as an ongoing responsibility, not a one-time compliance task.
We may update this policy from time to time, for example when we add new services, change a service provider, or when the law changes. The date at the top of this page indicates when the most recent update was made. For material changes that affect how your data is processed, we will provide a clear notice on the website.
For any question about this policy or about how we handle personal data, please write to office.