Data Protection and Privacy Policy
STAŠA DESIGN, a fashion design business, owned by Staša Randall, Pula, Kolhiđanska ulica 5, OIB: 07094459232 (hereinafter STAŠA DESIGN / Owner), respects the privacy and protects the personal data of its users, business partners or other persons with whom it has business cooperation, and whose personal data it collects and processes in its daily business.
The Data Protection and Privacy Policy is a fundamental document that describes the purpose and objectives of collecting, processing and managing personal data, as well as ensuring an adequate level of data protection (hereinafter: ‘Policies’). In order to ensure fair and transparent processing, STAŠA DESIGN provides you with clear information about the processing and protection of personal data it collects and processes and enables easy control and management of personal data and consents.
The rules have been formed in accordance with the applicable regulations, Regulation (EU) 2016/679 of the European Parliament and of the Council – General Data Protection Regulation – GDPR and the Act on the Implementation of the General Data Protection Regulation (NN 42/18).
STAŠA DESIGN has appointed a data protection officer who can be contacted at the e-mail address hello@stasadesign.com or by post at the address STAŠA DESIGN, vl. Staša Randall, Pula, Kolhiđanska ulica 5.
Data we collect
1.1. During your visit to our website and online store
You can visit our website and online store without providing any information about yourself. In this case, we will collect technical access data that your browser will automatically transmit to our server when you browse our website. Access data includes the following information:
– time and date of access
– address of the website you accessed and are accessing
– content of the request (addresses and names of requested files)
– information about the browser and operating system used (versions, language settings)
– online identification data (e.g. IP address, device identification, session IDs)
– error messages, where applicable (if the requested content cannot be displayed)
– the last visited page from which you were redirected to our site via a link
When you visit our website, your access data will be automatically stored in the log files of our server (server) and subsequently anonymized by shortening or deleting your IP address. After this procedure, it will no longer be possible to draw conclusions about your person based on the server log files.
Also, when you visit our web store, we will collect the data that you directly provide by using the available functions. For example, we will learn which products you are interested in when you use the search function.
1.2. Cookie Policy
The STAŠA DESIGN website and store use cookies to improve your user experience. A cookie is a standardized text file that your web browser stores on your computer for a period of time specified by the cookie provider. Cookies allow local storage of information such as language settings, shopping cart contents, and temporary identification features that can be called up during subsequent visits to the website in order to restore the appropriate settings that the user selected during the previous visit. This information can only be stored if you, as the user, allow it. The website and store cannot access information without your permission and cannot access other files on your computer.
When you first visit our website and web store, you will independently select the level of cookies you want to store on your computer and thus fully control the process of using cookies.
You can view and delete cookies used in the security settings of your browser. You can configure your browser settings according to your wishes and, for example, refuse to accept third-party cookies or any cookies.
1.3. When placing an order in the web store
We will collect data about the products you order, as well as data that is directly collected in connection with the execution of your orders. The data for order fulfillment are as follows:
– information about the ordered products, such as item numbers and sizes
– name and surname
– delivery address
– e-mail address
– mobile phone number for contact for delivery
– payment information
– data on returns and complaints (e.g. reasons for return, notifications of defects)
– order numbers
– shipment tracking numbers
– company name and contact person, company address and OIB (if you have requested an R1 account)
Even if you place several orders as a guest and use identical master data, our systems will keep your data in a single user data record to facilitate maintenanceoutside the database of our clients.
1.4. When you contact us
We will collect the communication data you fill in when you contact us via the contact form on our website, by e-mail, telephone or otherwise. Depending on the channel you use, this may include e.g. contact information (eg e-mail address or telephone number) and the content of your message. Telephone conversations with the STAŠA DESIGN service for users are not recorded, nor are any other conversations sent to STAŠA DESIGN phone numbers.
We will also use the offers provided by social networks such as Facebook and Instagram to interact with our customers. Please note that STAŠA DESIGN has no influence on the terms of service of social networks or their data processing policies. Therefore, be sure to check the personal data you submit to us via social networks.
1.5. When you sign up for the newsletter
If you have signed up for the STAŠA DESIGN newsletter, we will store your data (e-mail address) that you provided for this purpose for sending the newsletter.
You can unsubscribe from our newsletter at any time. To unsubscribe, use the unsubscribe link at the bottom of each newsletter.
1.6. When you enter your email address on the checkout page, or Payment
The email address will be saved automatically and will be used to send an automatic reminder about an abandoned cart. You can opt out of receiving this email at any time by clicking “do not use my email”. If you have any questions or want your data to be deleted, please contact hello@stasadesign.com.
Ways of using collected data
2.1. Visiting the website and the store
When visiting and browsing the website and the store, we will process access data, server log files and cookies collected in this context in order to make our website, its contents and the functionalities you use available to you, and to ensure the stability and security of our IT system and databases.
The legal framework for the lawfulness of data processing when visiting the website and the store is Regulation (EU) 2016/679 of the European Parliament and of the Council – General Data Protection Regulation – GDPR, Article 6, paragraph 1, indent f – processing necessary for the purposes of legitimate interests – technical availability of the website.
Web analysis
3.1. Google Analytics
Our website uses the web analysis function “Google Analytics” provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (‘Google’). Google Analytics uses cookies valid for 14 months to collect your access data when you visit our website. Google combines the access data for this purpose into pseudonymous user profiles and transmits them to a Google server located in the USA after the first anonymization of your IP address. Therefore, we cannot determine which user profiles are associated with a particular user. This means that we can neither determine nor determine how you use our website based on the data collected by Google. In addition, Google uses the privacy protection for the EU-US Privacy Shield (LINK: https://www.privacyshield.gov/) in case personal data is sent to the USA in exceptional cases. Google therefore guarantees European data privacy principles when processing data in the USA.
Google will use the data collected by cookies on our behalf so that we can analyze the use of our website and webshop and form reports on the activities and use of our website. For more information, see the Google Analytics Privacy Policy. (LINK: https://support.google.com/analytics/answer/6004245?hl=en)
You can opt out of Google web analytics at any time using one of the following options:
– you can set your browser to block Google Analytics cookies
– you can adjust your Google Ads settings in Google
– you can install the opt-out add-on at the following link: Google Analytics opt-out
(LINK: https://tools.google.com/dlpage/gaoptout/)
The legal framework for the lawfulness of the processing of this type of data is Regulation (EU) 2016/679 of the European Parliament and of the Council – General Data Protection Regulation – GDPR, Article 6, paragraph 1, indent f – processing necessary for the purposes of legitimate interests – analysis of how users use the website.
3.2. Facebook
For marketing purposes, our website uses so-called conversion and retargeting tags (Facebook pixels) from the social network Facebook, a service of Facebook Inc, 1601 Willow Road, Menlo Park, California 94025, USA (‘Facebook’). We use Facebook pixels to analyze the general use of our website and the effectiveness of Facebook ads (‘conversions’). We also use Facebook pixels to show you customized ads based on your interests.with our products (‘retargeting’). For this purpose, Facebook processes the data collected on our websites using cookies and similar technologies.
Facebook may send the data collected in this context for analysis to a server located in the USA where the data is stored. Facebook uses the EU-US privacy protection in the event that personal data is sent to the USA, the so-called Privacy Shield (LINK: https://www.privacyshield.gov/)
If you are registered with Facebook and have set the privacy settings of your Facebook account, Facebook can further link the data collected about your visit to our website to your Facebook account and use it to place targeted Facebook ads. You can review and change the privacy settings of your Facebook profile at any time.
If you opt out of data processing by Facebook, Facebook will only display general Facebook ads that are not selected based on the data collected about you.
For more detailed information about the processing carried out by Facebook, please refer to Facebook’s privacy policy. (LINK: https://www.facebook.com/about/privacy/)
3.3. Google Ads and Ads remarketing
Our website may use the Google services ‘Ads conversion tracking’ and ‘Ads remarketing’. User actions defined by STAŠA DESIGN (such as clicks on ads, page views, file downloads) are recorded and analyzed using ‘Ads conversion tracking’. We use ‘Ads remarketing’ to present you with customized ads for our products on Google partner websites. Both of these services use cookies and similar technologies for this purpose. Google may send the data collected in this context for analysis to a server located in the USA where the data is then stored. Google uses the privacy protection for the EU-US Privacy Shield (LINK: https://www.privacyshield.gov/) in case personal data is sent to the USA and guarantees European data privacy principles in the USA.
If you have a Google Account, Google may, depending on your Google Account settings, associate your web and app browsing history with your Google Account and use information from your Google Account to personalize ads. If you do not want this association with your Google Account, you must log out of your Google Account before accessing our website.
You can opt out of the processing of personal data for personalized online ads on the Google advertising network at any time using one of the following options:
– Google Ads Personalization Settings (LINK: https://www.support.google.com/ads/answer/7029158)
You can install Google’s free opt-out add-on (LINK: http://www.google.com/settings/ads/plugin) for Firefox, Internet Explorer or Chrome (does not work for browsers on mobile devices)
– You can opt out of personalized Google ads and ads provided by a number of other service providers participating in the ‘Your Online Choices’ initiative on the website http://www.youronlinechoices.eu
Please note that if you opt out of personalized advertising, Google will only display general ads that are not selected based on your collected access data.
Cases in which we will share personal data
Basically, we will only share your data if:
– you have expressly consented to this in accordance with Article 6(1)(a) of Regulation (EU) 2016/679 of the European Parliament and of the Council – General Data Protection Regulation – GDPR
– sharing is necessary pursuant to Article 6(1)(f) for the establishment, exercise or defence of legal claims and there is no reason to assume that you have an overriding legitimate interest in not sharing your data
– sharing is necessary for compliance with a legal obligation pursuant to Article 6(1)(c) or (e) of the GDPR, in particular if we are required to provide information to a public authority
– sharing is permitted by law and is necessary pursuant to Article 6(1)(b) of the GDPR for the performance of a contract with you or for the taking of action at your request before entering into a contract.
Some of the data processing described here may be carried out by external service providers acting on our behalf. The service providers listed in this document may include, computer centers that store and maintain our websites and databases, IT service providers that maintain our business systems, as well as consulting companies.
If and to the extent that we share data with our service providers, this data may only be used for the purpose of performing their services. The processing of your data by the contractual service providers will take place within the framework of the processing and execution of your order in accordance with Article 28 of Regulation (EU) 2016/679 of the European Parliament and of the Council – General Data Protection Regulation – GDPR. The contractual service providers are carefully selected business partners. They are contractually bound by our instructions, implement appropriate technical and organizational measures to protect the rights of the data subjectand are subject to regular monitoring by us.
How long will your data be stored
Unless otherwise stated here, your data will only be stored for as long as is necessary to fulfill our contractual or legal obligations or the purposes for which the data was originally collected or for as long as we have a legitimate interest in storing such data.
In all other cases, your personal data will be deleted, except for data that we are required to retain in accordance with statutory retention periods. However, in such cases, we will restrict the processing of the data, i.e. your data will only be used in accordance with statutory obligations.
Usually, your order and payment data and other data, if applicable, are subject to statutory retention obligations, so we are obliged to retain such data for up to ten years.
Even if the data is not subject to statutory retention obligations, we may refrain from deleting your data in cases permitted by law and instead restrict its processing. This may apply in particular in those cases where this data may be required for the further processing of a contract or for the exercise of rights or for legal defence purposes. The duration of the restriction of processing will depend on the statutory limitation periods.
Your right to data protection
You can contact our data protection officer at any time to exercise your statutory data protection rights described below (contact details in the introductory text above).
You always have the right to obtain information about our processing of your personal data. When providing such information, we will explain the data processing process and provide you with an overview of your personal data that we store.
If any of the data we have stored is incorrect or no longer up-to-date, you have the right to request the correction of the data.
You can also request the deletion of the data. If deletion is not possible in exceptional cases due to other legal provisions, the data will be blocked so that it is only available for the stated legal purpose.
You can also restrict the processing of the data, e.g. if you believe that the data we store is inaccurate.
You have the right to data portability, i.e. upon your request we will provide you with a digital copy of the personal data you have provided to us.
You also have the right to lodge a complaint with the data protection supervisory authority. The competent supervisory authority is the Personal Data Protection Agency, Martićeva 14, 10000 Zagreb, e-mail: azop@azop.hr.
Right of withdrawal and right of objection
If you wish to exercise your right of withdrawal or objection below, please send a notification to the Data Protection Officer at the contact details provided in the introductory part of the text.
7.1. Withdrawal of consent (consent)
Article 7(3) of the General Data Protection Regulation GDPR (EU) 2016/679 gives you the right to withdraw any consent (consent) you have previously given. This means that in the future we will no longer process data based on your consent. The withdrawal of your consent will not affect the lawfulness of processing based on consent before its withdrawal.
7.2. Objection to the processing of your data
If we process your data on the basis of legitimate interests in accordance with Article 6(1)(f) of the General Data Protection Regulation GDPR (EU) 2016/679, you have the right under Article 21 to object to the processing of your data if there are reasons arising from your specific situation or if the objection is directed against direct advertising.
Data security
We use all appropriate technical measures to ensure data security, and in particular to protect your data against risks during data transmission, as well as against unauthorized access by third parties. These measures will be adapted from time to time in line with the latest developments. To secure the personal information you enter on our website, we use a secure transport protocol (SSL) that encrypts your data during transmission.
Changes to the Data Protection and Privacy Policy (GDPR)
We will update the Data Protection and Privacy Policy from time to time, when adapting to new versions of the website and web store or when changes in legal regulations occur. Material changes will be documented in this document, and if necessary, we will secure the consent of our users.
Last modified date: 16.05.2025.