PRIVACY AND PERSONAL DATA PROTECTION POLICY
The public company ŠKARICA I PARTNERI law firm (hereinafter: "Company", "we" or "Data Controller") attaches great importance to the privacy and protection of personal data of visitors to our website, as well as our clients and potential employees.
This Privacy Policy explains how we collect, use and protect your personal data in accordance with the General Data Protection Regulation (GDPR) and applicable national regulations, while strictly respecting the obligation of legal professional privilege.
1. Data Controller Information
The Data Controller of your personal data is:
-
Name: ŠKARICA I PARTNERI Law Firm (general partnership / j.t.d.)
-
Registered Office: Đorđićeva ulica 3B, 10000 Zagreb, Croatia
-
PIN (OIB): 74856132042
-
Court Registry Number (MBS): 080194561
-
Phone: +385 1 4819 656
-
E-mail for data protection inquiries: odvjetnik@skarica-i-partneri.hr
2. What Personal Data Do We Collect and Why?
We collect personal data only when you voluntarily provide it to us through our website, and we process it for the following purposes:
A) Contact via the Web Inquiry Form
-
Data we collect: First name, last name, e-mail address, subject, message content, and phone number (if you choose to provide it).
-
Purpose of processing: Responding to your legal inquiries, arranging meetings, and providing basic information related to potential legal representation.
-
Legal basis: Taking steps at your request prior to entering into a contract for legal services/representation (Art. 6(1)(b) of the GDPR) or our legitimate interest in providing timely responses to communications (Art. 6(1)(f) of the GDPR).
B) Application via the Open Application Form
-
Data we collect: First name, last name, e-mail address, mobile phone, city, desired position, availability to start work, brief experience, and a link to your CV.
-
Purpose of processing: Conducting the selection and recruitment process for our law firm and evaluating your qualifications.
-
Legal basis: Taking steps at your request prior to entering into an employment contract (Art. 6(1)(b) of the GDPR).
C) Special Categories of Personal Data (Sensitive Data and Criminal Records)
Given the nature of the legal profession, we are aware that you may voluntarily disclose sensitive data in your inquiries to explain a legal issue (e.g., data concerning health, criminal proceedings, trade union membership, etc.). The Firm processes such data exclusively when necessary for the establishment, exercise, or defense of your legal claims (Art. 9(2)(f) of the GDPR), and they are subject to the strictest obligation of attorney-client privilege. Nevertheless, we strongly advise visitors not to send highly sensitive data, copies of personal identification documents (e.g., PIN/OIB), or medical records via the initial web form, and to keep the initial inquiry to a minimum. We will request detailed documentation from you at a later stage, through secure communication channels or in person at a meeting. In the event that you still provide us with such data via the web form, we will consider that you have given us your explicit consent for its processing for the purpose of evaluating your legal inquiry.
3. How Long Do We Keep Your Data?
We retain your personal data only for as long as necessary to fulfill the purpose for which it was collected:
-
Inquiries via the contact form: If the inquiry does not result in the establishment of a client relationship, we will delete your data within [e.g., 6 months] from the end of the communication. If you become our client, your data becomes part of the physical and digital file and is kept in accordance with the regulations governing the legal profession and archiving requirements.
-
Open job applications: Candidate data collected via open applications is kept until the vacant position is filled, and for a maximum of [e.g., 6 months or 1 year] from the receipt of the application, so that we can contact you in case a suitable position opens up. After this period, the data is permanently deleted.
4. Who Has Access to Your Data?
As a law firm, we are bound by strict attorney-client privilege (professional secrecy) in accordance with the Legal Profession Act and the Attorneys' Code of Ethics. Your data constitutes a business and professional secret, and we do not share it with third parties, except:
-
Our trusted technical partners who provide us with website maintenance and web hosting services (Data Processors), who are contractually bound to apply the highest security and confidentiality measures.
-
When strictly required by legal regulations (e.g., orders from competent state authorities). Your data is not transferred outside the European Economic Area (EEA).
5. Data Security
We implement appropriate technical and organizational measures to protect your data from unauthorized access, loss, or destruction. Our website uses an SSL (Secure Socket Layer) certificate, which encrypts the data you enter into the forms.
6. Your Rights
In accordance with the GDPR, you have the following rights regarding your personal data:
-
Right of access: You have the right to request confirmation as to whether we are processing your data and to obtain a copy of it.
-
Right to rectification: You have the right to request the correction of inaccurate data or the completion of incomplete data.
-
Right to erasure ("right to be forgotten"): You have the right to request the deletion of data if it is no longer necessary for the purposes of processing (with the exception of data we are legally obliged to keep).
-
Right to restriction of processing: In certain situations, you may request that we restrict the processing of your data.
-
Right to object: You have the right to object to processing based on legitimate interest.
You can exercise your rights by sending a request to the e-mail address: odvjetnik@skarica-i-partneri.hr or by mail to the Firm's registered office address.
7. Right to Lodge a Complaint with a Supervisory Authority
If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with the Croatian Personal Data Protection Agency (AZOP), Selska cesta 136, 10000 Zagreb, e-mail: azop@azop.hr, web: www.azop.hr.
8. Changes to the Privacy Policy
This Privacy Policy may be updated periodically to comply with changes in legislation or our internal processes.
Last updated: June 4, 2026