Privacy Policy

1. Introduction

QuantumForgium d.o.o. ("we," "our," or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, process, and protect your information when you use our services or visit our website. We are the data controller for the personal data we collect about you.

This policy complies with the General Data Protection Regulation (GDPR) and other applicable data protection laws in the European Union and Croatia.

2. Data Collection

The data we collect includes information you provide directly to us and information we collect automatically when you use our services. We collect personal data that is necessary for providing our financial consulting services and maintaining our business relationship with you.

Information You Provide

• Contact information (name, email address, phone number, postal address)
• Financial information (income details, expenses, financial goals, investment preferences)
• Business information (company details, industry, business structure)
• Communication records (emails, messages, consultation notes)
• Identity verification documents when required

Information We Collect Automatically

• Website usage data (pages visited, time spent, click patterns)
• Technical information (IP address, browser type, device information)
• Cookies and tracking technologies (see our Cookie Policy for details)

3. How We Use Your Information

We use your personal data for specific purposes based on legitimate interests, contractual necessity, or your consent. How we use your information depends on the services you request and your relationship with us.

Primary Uses

• Providing financial consulting and advisory services
• Developing personalised financial strategies and recommendations
• Communicating with you about our services and your account
• Processing payments and managing billing
• Complying with legal and regulatory requirements

Secondary Uses

• Improving our services and developing new offerings
• Website analytics and performance optimisation
• Marketing communications (with your consent)
• Fraud prevention and security monitoring

4. Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about the cookies we use and how to control them, please see our Cookie Policy.

5. Data Sharing and Disclosure

We do not sell your personal data to third parties. We may share your information only in specific circumstances and with appropriate safeguards in place.

We may share your data with:

• Service providers who assist us in delivering our services (cloud hosting, payment processing, analytics)
• Professional advisors (lawyers, accountants, auditors) when necessary
• Regulatory authorities when required by law
• Third parties with your explicit consent

All third parties are contractually obligated to protect your data and use it only for the specified purposes.

6. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, comply with legal obligations, and resolve disputes. Data retention periods vary depending on the type of information and the purpose for processing.

Typical Retention Periods:

• Client records and financial advice: 7 years after relationship ends
• Marketing communications: Until you unsubscribe or withdraw consent
• Website analytics data: 26 months
• Correspondence and support records: 3 years after last contact
• Legal and compliance records: As required by applicable law

7. Your Rights

Under GDPR and applicable data protection laws, you have specific rights regarding your personal data. We are committed to facilitating the exercise of these rights.

Your rights include:

• Right of access: Request copies of your personal data
• Right to rectification: Request correction of inaccurate data
• Right to erasure: Request deletion of your data in certain circumstances
• Right to restrict processing: Request limitation of data processing
• Right to data portability: Request transfer of your data to another service
• Right to object: Object to processing based on legitimate interests
• Right to withdraw consent: Withdraw consent where processing is based on consent

To exercise your rights, please contact us at privacy@quantumforgium.pro or +385 19696599. We will respond to your request within one month.

8. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security measures include encryption, access controls, regular security assessments, and staff training.

While we strive to protect your personal data, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security but are committed to maintaining industry-standard protection measures.

9. International Data Transfers

We primarily process data within the European Economic Area (EEA). When we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as adequacy decisions, standard contractual clauses, or certification schemes.

Some of our service providers may be located outside the EEA, particularly cloud service providers. All such transfers are conducted in compliance with GDPR requirements.

10. Contact Information

If you have questions about this Privacy Policy or how we handle your personal data, please contact us using the following information:

You also have the right to lodge a complaint with the Croatian Personal Data Protection Agency (Agencija za zaštitu osobnih podataka) or your local data protection authority if you believe we have not handled your personal data appropriately.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date.

We encourage you to review this Privacy Policy periodically to stay informed about how we collect, use, and protect your personal data.

12. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR:

• Contractual necessity: To provide our consulting services and fulfil our contractual obligations
• Legitimate interests: To improve our services, conduct business analytics, and ensure security
• Legal obligation: To comply with regulatory requirements and legal obligations
• Consent: For marketing communications and certain cookies (where required)