Introduction

TechCraft, vl. Miran Relić (“TechCraft”, “we”, “our”, “us”) is committed to protecting your personal data and respecting your privacy.
This Privacy Policy explains what information we collect, how we use it, how it is stored, and what rights you have under applicable data protection laws, including:

the General Data Protection Regulation (EU) 2016/679 (“GDPR”),
the ePrivacy Directive (2002/58/EC, as amended),
and Croatian national law, including guidance from Agencija za zaštitu osobnih podataka (AZOP).

This Policy applies to our website techcraft.hr (the “Service”).

Data Controller

TechCraft, vl. Miran Relić
Ilijin potok 35, 21231 Klis, Croatia
Email: privacy@techcraft.hr
Phone: +385 95 722 0860

We are not required to appoint a Data Protection Officer under GDPR.
For all privacy-related matters, please contact us at privacy@techcraft.hr.

Information We Collect

Information You Provide Directly

Through our contact form, you may provide:

Name
Email address
Phone number (optional)
Message or inquiry

Providing this data is voluntary but necessary for us to respond.
Consent is not required to use the contact form.

Automatically Collected Information

Server log data
(e.g., IP address, browser type, operating system, date/time of access).
Logs are used solely for security and maintenance and are not combined with analytics.
Website analytics (Umami)
- We use self-hosted Umami Analytics to understand website usage.
- Data collected: page URL, referrer, page title, OS, browser, device type, country, session metrics.
- Umami is a cookieless solution that uses no cookies, no localStorage, no fingerprinting, and no client-side identifiers.
- IP addresses are anonymized immediately and are not stored in an identifiable form.
- No personal data is collected. All data is anonymous and aggregated.
- Analytics run automatically because Umami is GDPR-compliant by design and does not require consent under the ePrivacy Directive.

Purpose and Legal Basis for Processing

Responding to inquiries (contact form)
- Legal basis: Legitimate interest (Art. 6(1)(f) GDPR) in responding.
- If related to an existing or potential service agreement: Contract necessity (Art. 6(1)(b) GDPR).
Website analytics (Umami)
- Legal basis: Legitimate interest (Art. 6(1)(f) GDPR).
- Umami collects no personal data, uses no cookies or fingerprinting, and is GDPR-compliant by design. Consent is therefore not required.
Website security and functionality (server logs, maintenance)
- Legal basis: Legitimate interest (Art. 6(1)(f) GDPR).
Business correspondence and legal obligations (invoices, statutory records)
- Legal basis: Legal obligation (Art. 6(1)(c) GDPR) under Croatian law.

We do not sell, rent, or trade your personal data.
We do not use your data for automated decision-making or profiling.

We share data only when necessary:

Service providers
- Hetzner Online GmbH (Germany, EEA) – hosting provider
- MXroute (United States) – email service provider
Legal compliance
- When required by law, or to protect our legal rights or safety.

International Data Transfers

Hetzner: Hosting is within the EEA (Germany).
MXroute (United States)
- Email services are provided via MXroute, based in the U.S.
- As of September 2025, MXroute does not self-certify under the EU–US Data Privacy Framework (DPF), nor does it publicly offer Standard Contractual Clauses (SCCs).
- We are currently evaluating alternatives to ensure stronger data transfer safeguards.
- If required, we can share more details upon request at privacy@techcraft.hr.

Data Retention

We retain your data only as long as necessary:

Contact form submissions: up to 12 months after last contact, unless earlier deletion is requested.
Analytics: Personal data (e.g., IP before anonymization) is discarded immediately.
Aggregated, non-identifiable statistics may be retained without time limit.
Server logs: 30 days, then automatically deleted.
Business communications & invoicing: 7 years (Croatian law).
Language preferences: stored locally in your browser until changed or cleared.

Cookies

Our website uses only essential cookies to remember your preferences. We do not use tracking cookies or third-party cookies.

Cookies

PARAGLIDE_LOCALE (first-party cookie) Purpose: Stores your language preference Scope: techcraft.hr Duration: 12 months

Data Security

We implement industry-standard security measures, including:

SSL/TLS encryption
Secure hosting with restricted access
Regular security reviews and monitoring

Your Rights

As a data subject under the GDPR, you have the right to:

Access: Obtain a copy of your data.
Rectification: Correct inaccurate or incomplete data.
Erasure: Request deletion (“right to be forgotten”).
Restriction: Limit how your data is processed.
Portability: Receive your data in machine-readable format.
Objection: Object to processing based on legitimate interests.
Withdraw consent: For consent-based processing (where applicable).

You may exercise these rights at any time by contacting privacy@techcraft.hr.
We may request proof of identity before fulfilling your request.

Supervisory Authority

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Croatian supervisory authority:

Agencija za zaštitu osobnih podataka (AZOP)
Website: https://azop.hr
Email: azop@azop.hr
Phone: +385 1 4609 000

You may also lodge a complaint with your local supervisory authority within the EU/EEA.

Changes to This Policy

We may update this Privacy Policy from time to time.
The “Last updated” date above indicates the latest version.
If material changes occur, we will notify you via this page and, if appropriate, by email or website notice.

Contact Us

For questions or requests regarding this Privacy Policy:

TechCraft, vl. Miran Relić
Ilijin potok 35, 21231 Klis, Croatia
Email: privacy@techcraft.hr
Phone: +385 95 722 0860
Business hours: Monday – Friday, 9:00 – 17:00 (CET)

Privacy Policy

Table of Contents