Privacy Policy - Target City

This privacy policy describes how we, the data controller Target City, (“Target City”, “we” or “us”) collect, store and process information about individual visitors to this website.

This privacy policy only applies to website of Target City on which this privacy policy is stored or from which reference is made to this privacy policy by means of a link (hereinafter: “website”). This privacy policy does not apply to linked website that are not owned and controlled by Target City.

Commitment to data protection

Personal data is any information relating to personal or material circumstances that relates to an identified or identifiable individual. This includes, for example, your name, date of birth, e-mail address, postal address or telephone number as well as online identifiers such as your IP address. In contrast, information of a general nature that cannot be used to determine your identity is not personal data. This includes, for example, the number of users of a website.

In principle, we will only use your personal data in accordance with the applicable data protection laws, in particular Data Protection Law on 9 November 2018 (published in the Official Gazette of the Republic of Serbia, no. 87/2018) (“DP Law”), the European General Data Protection Regulation (“GDPR”), and only as described in this privacy policy.

However, we reserve the right to put this data to additional uses to the extent permitted or required by law or necessary to support legal or criminal investigations. In this case, we will inform you again about this further data processing to the extent required by law and obtain your consent.

In the next sections we explain when and how we process personal data about you when you visit our website.

Purposes of use of personal data and legal basis

a) Log Files

We only collect and process access data that your internet browser automatically transmits to us for technical reasons in order to provide the website. Depending on the access protocol used, the protocol data record contains general information with the following contents: Your session data (usage behavior, length of stay, which links were clicked on, etc.), your abbreviated and unabbreviated IP address, your browser version, your operating system, your website-specific settings, your cookie IDs, your pixel IDs. This data does not allow any direct inference to your person and is processed to improve our website offer and to defend against attempted attacks on our web server. The legal basis for the processing of your personal data is Art. 6 para. 1 lit. f) GDPR. We have a legitimate interest in presenting you with a website optimized for your browser and in enabling communication between our server and your terminal device.

b) Contact requests

If you contact us by email or social media your communications may include your name, e-mail address, the subject of your contact and your message. We process and store the personal data provided in the contact enquiry solely for the purpose of processing and responding to your enquiry and contacting you. The legal basis for the processing of your personal data is Art. 6 para. 1 lit. b) GDPR.

c) Cookies and similar technologies

For the processing of personal data using cookies and similar technologies on our website, please refer to our Cookie Policy, which is part of this privacy policy.

d) Hosting

The hosting services used by us for the purpose of operating this website is HostDime Global Corp. In doing so HostDime process inventory data, contact data, content data, contract data, usage data, meta data and communication data of customers, interested parties and visitors of our website and services, on the basis of our legitimate interests in an efficient and secure provision of the website and services in conjunction with the provision of contractual services and the conclusion of the contract for our services, including but not limited to our services Art. 6 para. 1 lit. b) GDPR.

e) Comments and contributions in our blog and posts

When you leave comments in our blog or posts, your IP addresses is stored for 7 days on the basis of our legitimate interests. This is done for our security in case someone leaves unlawful content in comments and posts. In this case, we ourselves can be prosecuted for the comment or post and are therefore interested in the identity of the author.

Within the blog you may be able to display certain profile information, share certain details, engage with others, exchange knowledge and insights, post and view relevant content. It’s your choice whether to include sensitive information on your comment and to make that sensitive information public. Please do not post or add personal data to your comment that you would not want to be available. The legal basis for the storage is our legitimate interest Art. 6 (1) f) GDPR.

Transfer of personal data

Target City will not disclose or otherwise distribute your personal data to third parties unless this is necessary for the performance of our services (legal basis for processing: Art. 6 para. 1 lit. b) GDPR), you have consented to the disclosure (legal basis for processing: Art. 6 para. 1 lit. a) GDPR) or the disclosure of data is permitted by relevant legal provisions.

Target City is entitled to outsource the processing of your personal data in whole or in part to external service providers acting as processors for Target City pursuant to Art. 4 No. 8 GDPR within the framework of the data protection provisions. External service providers support us, for example, in the technical operation and support of the website, data management, the provision and performance of services, marketing, as well as the implementation and fulfillment of reporting obligations.

The service providers commissioned by Target City process your data exclusively in accordance with our instructions. Target City remains responsible for the protection of your data, which is ensured by strict contractual regulations, technical and organizational measures and additional controls by us.

Personal data may also be disclosed to third parties if we are legally obliged to do so e.g., by court order (legal basis for processing: Art. 6 para. 1 lit. c) GDPR) or if this is necessary to support criminal or legal investigations or other legal investigations or proceedings at home or abroad or to fulfill Target City’ legitimate interests (legal basis for processing: Art. 6 para. 1 lit. f) GDPR).

Storage and retention

Your personal data will be stored by us only for as long as is necessary to achieve the purposes for which the data was collected or – if statutory retention periods exist that go beyond this point and for the duration of the legally prescribed retention period. We then delete your personal data. Only in a few exceptional cases is your data be stored beyond this period, e.g., if storage is necessary in connection with the enforcement of and defense against legal claims against us.

Target City is entitled to process your personal data insofar as this is necessary to fulfill legal obligations. For this purpose, Target City may transfer this data in particular to authorities, law enforcement agencies and courts. In this case, the transfer of your data is required by Art. 6 para. 1 lit. c) GDPR for compliance with a legal obligation to which we are subject. Target City is further entitled to process personal data if and to the extent necessary to detect or prevent misuse of this website or to enforce claims of Target City, its employees or users, whereby the data processing in these cases is necessary to protect these aforementioned legitimate interests of Target City pursuant to Art. 6 para. 1 lit. f) GDPR.

International transfers

Our main operations are based in Serbia and your personal data is generally processed, stored and used within in Serbia and other countries in the European Economic Area (EEA). In some instances, your personal data may be processed outside the European Economic Area. If and when this is the case, we take steps to ensure there is an appropriate level of security, so your personal data is protected in the same way as if it was being used within Serbia and the EEA.

Where we need to transfer your data outside Serbia or the EEA, we will use one of the following safeguards:

The use of approved standard contractual clauses in contracts for the transfer of personal data to third countries.
Transfers to a non-EEA country with privacy laws that give the same protection as Serbia and the EEA.

Automated decision-making

Automated decision-making including profiling pursuant to Art. 22 (1) and (4) GDPR does not take place on the part of Target City.

Your Rights

You have a number of ‘Data Subject Rights’ below is some information on what they are and how you can exercise them.

information about the processing of your personal data.
obtain access to the personal data held about you.
ask for incorrect, inaccurate or incomplete personal data to be corrected.
request that personal data be erased when it’s no longer needed or if processing it is unlawful.
object to the processing of your personal data for marketing purposes or on grounds relating to your particular situation.
request the restriction of the processing of your personal data in specific cases.
receive your personal data in a machine-readable format and send it to another controller (‘data portability’).
request that decisions based on automated processing concerning you or significantly affecting you and based on your personal data are made by natural persons, not only by computers.
You also have the right in this case to express your point of view and to contest the decision
Where the processing of your personal data is based on consent, you have the right to withdraw that consent without detriment at any time through our contact form.

The above rights may be limited in some circumstances, for example, if fulfilling your request would reveal personal data about another person, if you ask us to delete information which we are required to have by law, or if we have compelling legitimate interests to keep it.

We will let you know if that is the case and will then only use your information for these purposes. You may also be unable to continue using our services if you want us to stop processing your personal data.

We encourage you to get in touch if you have any concerns with how we collect or use your personal data. You do however also have the right to lodge a complaint directly with the supervisory authority responsible for you or the supervisory authority responsible for us which is the Commissioner

for Information of Public Importance and Personal Data Protection (CIPIPDP), their contact details can be found on their website (www.poverenik.rs).

Security and confidentiality

To ensure the security and confidentiality of the personal data we collect on the Website, we use data networks that are protected by, among other things, industry-standard firewalls and password systems. When handling your personal data, we take appropriate technical and organizational measures to protect your information from loss, misuse, unauthorized access, disclosure, alteration or destruction and to ensure its availability.

Online presences in social media

We maintain online presences on the basis of our legitimate interests. We maintain online presences within social networks and platforms in order to communicate with customers, interested parties and users who are active there. Unless otherwise stated in this policy, we process the data of users if they communicate with us within the social networks and platforms, e.g., write articles on our online presences or send us messages.

Personal information and children

Most of the services available on this website are aimed at people aged 18 and over. We will not knowingly collect, use or disclose personal data from minors under the age of 18 without first obtaining consent from a legal guardian through direct offline contact. The parent or guardian will be provided with (i) information about the specific type of personal data being collected from the minor, (ii) the purpose for which it will be used, and (iii) the opportunity to object to any further collection, use or storage of such information.

Links to other website

The website may contain links to another website. We have no control over the privacy practices or the content of those other website. Therefore, we recommend that you carefully read the respective privacy policies of these other website that you visit.

Changes

This Policy and our commitment to protecting the privacy of your personal data can result in changes to this Policy. Please regularly review this Policy to keep up to date with any changes.

Queries and Complaints

Any comments or queries on this policy should be directed to us using the following contact details:

Target City

Web: www.thetargetcity.com

E-mail: support@thetargetcity.com

If you believe that we have not complied with this policy or acted otherwise than in accordance with data protection law, then you should notify us. You can also make a referral to, or lodge a complaint with, the CIPIPDP.

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	12 months	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category.
cookielawinfo-checkbox-analytics	12 months	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Analytics" category.
cookielawinfo-checkbox-functional	12 months	The cookie is set by the GDPR Cookie Consent plugin to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	12 months	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Necessary" category.
cookielawinfo-checkbox-others	12 months	Set by the GDPR Cookie Consent plugin, this cookie is used to store the user consent for cookies in the category "Others".
cookielawinfo-checkbox-performance	12 months	Set by the GDPR Cookie Consent plugin, this cookie is used to store the user consent for cookies in the category "Performance".
PHPSESSID	12 months	This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed.
viewed_cookie_policy	12 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.