Privacy Policy

  • Apsiha

Contact Form

Apsiha d.o.o. (“we”, “us”) is the data controller for any personal information you submit via our contact form. We collect your name, email address, and message content solely to respond to your inquiry.

We process this information on the legal basis of your consent, which you grant by ticking the checkbox before submission. Your data will be retained for up to 3 years unless you request its deletion sooner. You have the right to access, correct, or erase your data, restrict or object to processing, and request data portability. To exercise your rights or for any privacy concerns, please contact us at ivana@apsiha.hr.

Web stranica

  1. 1. Data Controller
    Apsiha d.o.o.
    Zahradnikova 21, 10000 Zagreb
    OIB: 88717880071
    Email: ivana@apsiha.hr

  2. 2. Scope
    This Privacy Policy explains how we collect, use, disclose, and protect personal data when you visit https://apsiha.hr/en (the “Website”). It covers only Website-related activities and does not apply to any therapy or client-related records.

  3. 3. Personal Data We Collect
    • Data you provide directly

      Contact form submissions: name, email address, message content

    • Third-party analytics (GSC)

      Data processed by our analytics provider under its own privacy terms


  4. 4. Purposes of Processing and Legal Basis
    • Responding to your contact inquiries

      Legal basis: performance of a contract or pre-contractual measures (Art. 6(1)(b) GDPR)

    • Securing, maintaining and improving our Website

      Legal basis: our legitimate interests in analytics, performance and security (Art. 6(1)(f) GDPR)

    • Complying with legal obligations

      Legal basis: applicable laws and regulations (Art. 6(1)(c) GDPR)


  5. 5. Recipients of Your Data
    • Hosting and infrastructure providers under Data Processing Agreements
    • Analytics service provider (GSC)

  6. 6. International Data Transfers
    We do not routinely transfer your personal data outside the European Economic Area (EEA). If we enable third-party analytics to transfer data outside the EEA, we will rely on an adequacy decision or EU Standard Contractual Clauses.

  7. 7. Data Retention
    • Contact form submissions: retained for 3 years from the date of submission, then automatically deleted
    • Analytics data: retention periods set by the analytics provider

  8. 8. Your Rights
    Under the GDPR, you have the right to:
    • Access your personal data and obtain a copy (Art. 15 GDPR)
    • Rectify inaccurate or incomplete data (Art. 16 GDPR)
    • Erase your data when no longer necessary for the purposes collected (Art. 17 GDPR)
    • Restrict processing in specific circumstances (Art. 18 GDPR)
    • Receive a machine-readable copy of your data or have it transferred to another controller (Art. 20 GDPR)
    • Object to processing based on legitimate interests (Art. 21 GDPR)
    • Withdraw consent at any time if processing is based on consent (Art. 7(3) GDPR)
    • Lodge a complaint with the Croatian Personal Data Protection Agency (AZOP)
    To exercise these rights, please email ivana@apsiha.hr. We will respond within one month.

  9. 9. Data Security
    We implement appropriate technical and organizational measures—such as encryption, access controls, secure backups, and staff training—to protect your data against unauthorized access, alteration, disclosure, or destruction.

  10. 10. Changes to This Policy
    We may update this Privacy Policy to reflect changes in our practices or legal requirements. The “Effective Date” will be revised accordingly. Significant changes will be notified on this page.

  11. 11. Contact
    If you have any questions or concerns about this Privacy Policy, please contact ivana@apsiha.hr.
  • ©2025 Apsiha