Privacy policy

INTRODUCTION

Privacy Policy (hereinafter: the Policy) regulates the rights of persons and the protection of the rights of persons regarding the processing of personal data of users of services provided by Ninet Company Ltd.as well as our websites, their applications and mobile applications owned by Ninet Company Ltd. This Policy represents binding business rules aimed at raising the standards of privacy and personal data protection.

Please read the Policy carefully.

About Us

Ninet Company Ltd., one of the electronic communications operators in Serbia, started operating on May 12, 2003.

Ninet Company Ltd.regularly reviews the Privacy Policy. The current version was last updated on December 3, 2020. In case of significant changes, you will be notified accordingly via our website www.ninet.rs.

Headquarters address:
Ninet Company Ltd., Bulevar Nemanjića 25, Zona 3, premises k-6
18000 Niš, Serbia
TIN: 1028763666
Company Registration number: 17499114

Privacy policy

As a provider of electronic communications, Ninet Company Ltd.processes personal data aimed at providing services, technological development and promotional activities.

Before obtaining personal data, Ninet Company Ltd. informs Users about the conditions of collection and further processing of personal data. Ninet Company Ltd. provides full confidentiality, integrity and availability of personal data. Personal data are processed in accordance with the law. Data are collected for specific, clear and legally defined purposes and processed in a manner consistent with those aims.

When processing data, Ninet Company Ltd. respects the following principles:

  • Principle of transparency;
  • Principle of legality and fairness;
  • Principle of purpose limitation;
  • Proportionality principle;
  • Principle of data accuracy;
  • Principle of data security;
  • Prohibition of discrimination.

Ninet Company Ltd. processes personal data if such processing of data is envisaged by law or if the person has given consent for processing of personal data.

Ninet Company Ltd. may process personal data of the persons with whom it is in a contractual relationship or with whom it negotiates the conclusion of a contract, provided that the data processing is necessary and appropriate for conducting negotiations or for the implementation of the contract. Additionally, Ninet Company Ltd. may also process personal data in cases when you are not a User:

  • If you use any of our products or services - paid by another person;
  • In order to carry out surveys;
  • When you call our Call Center;
  • When you visit the sites of www.ninet.rs.

There are cases when data is processed without consent. Ninet Company Ltd. has the right, in accordance with the law, to process data for "legitimate interests" such as defense against cyber-attacks, prevention of high-tech crime, etc.

Personal data are processed in a way that ensures adequate security of personal data, including protection against unauthorized or unlawful processing and against any accidental loss, destruction or damage, with the application of appropriate technical andorganizational measures.

If there are anyterms unknown to you, there are definitions of terms and phrases the end of the Policy.

What doesn’t the Policy apply to?

This Policy does not apply to other companies or organizations (who advertise our services,and use cookies, tags and other technologies) which collect and use your personal data to offer you the relevant online ads.

You can access other sites, applications, products, services and social networks through our website.This privacy policy does not apply to how organizations use your personal data. Before giving them your personal data, review their privacy policy.

RULES ON THE USE OF COOKIES

In order to improve our website, we use "cookies" for tracking your visits. "Cookie" is a piece of information that a web server can temporarily store into your browser. This is useful because it allows your browser to remember certain data that the web server can later access.

Ninet Company Ltd. uses cookies for:

  • Web user identification - "Cookie" will be generated once you log into our website and will be remembered until you delete it with the "cookie" management tool;
  • Estimates of the number of visits -Each users browser will be assigned a unique cookie which will then be used to analyze differences in behavior between registered users and regular visitors of the web site;
  • Site search Tracking - Ninet Company Ltd. tracks and analyzes ways of searching the website.
  • Website traffic measuring - Ninet Company Ltd. uses cookies to understand and better look at the number of visitors and traffic realized on the website.

The Internet “browsers” enable control and management of "cookies". Depending on the browser used, you can always find useful instructions on the official websites of the browsers such as Mozilla Firefox , Internet Explorer, Google Chrome, Safari. Additional information about "cookies" can be found at AboutCookies.org.

Ninet Company Ltd. uses a third-party service, Google Analytics, to collect standard information about portal visits and details about visitor behavior. The purpose of data processing is to track traffic, in terms of number of visitorsof various parts of the website.Data processing does not identify. Google does not have consent to process data in a way that would reveal the identity of persons visiting the website of Ninet Company Ltd.

USER RIGHTS AND PROTECTION OF USER RIGHTS

Users whose personal data are processed have the following rights:

  • The right to be notified on data processing;
  • The right to an insight and a copy;
  • The right to correction;
  • The right to delete;
  • The right to limit data processing (withdrawal of consent)
  • The right to data portability;
  • The right to object,
  • The rights related to automated decision-making and profiling.

Manner of exercising the rights

Users of services of Ninet Company Ltd.can always check and update their contact information on the portal Create a ticket.

Each of the above rights can be exercised by the User by submitting a Request toNinet Company Ltd.in one of the following ways:

  • Electronically by Support form
  • Sending by mail to the registered office:
    NNinet Company Ltd, Bulevar Nemanjića 25, Zona 3, premises k-6
    18000 Nis, Serbia

All the costs of exercising the right, in case of resubmitting the same request, shall be borne by the applicant.

Ninet Company Ltd. may reject the request in order to comply with legal and contractual obligations, as well as in case of doubt in the identity of the person submitting the request.

In case it refuses to act upon the Users request, Ninet Company Ltd.will notify the User no later than 15 days from the receipt of the request, whereby the notification will include:

  • Reasons why it was not acted upon by the request;
  • The Users right to submit a complaint to the competent authority;
  • Instructions on legal remedy.

Personal data protection officer

Contact details of the Personal data protection officer:
Ninet Company Ltd.
Personal data protection officer
Bulevar Nemanjića 25, Zona 3, premises k-6
18000 Niš
zastitapodataka@ninet.rs

The Personal data protection officer determined by Ninet Company Ltd. acts in accordance with the obligations prescribed by the law and does not provide legal advice to individuals who are not employed by Ninet Company Ltd. and other operators.

WHICH DATA ARE COLLECTED AND WHAT ARE THEY USED FOR

The kind of personal data to be collected depends on the service you use as well as how you use it. Ninet Company Ltd. collects and uses personal data for the following reasons:

  • Provision of services;
  • Legitimate business interest.
Provision of services

Personal data is used for the purpose of providing services from the moment you register or purchase a service from Ninet Company Ltd, or when you register or log in to any of the applications on the websites of Ninet Company Ltd.

Ninet Company Ltd. collects the following:

  • Contact details and other information to verify your identity and communication with Ninet Company Ltd. This includes your name and surname, address, phone number, personal ID no, email address, passwords and credentials (such as the security questions and answers we have in your account);
  • Data on financial transactions by the bills of Ninet Company Ltd.;
  • Communication with Ninet Company Ltd, including mail, e-mail and telephone calls;
  • Keeping a record of all settings or communication preferences you select;
  • Information from cookies set on your connected devices;
  • Details on the services you use or have ordered;
  • Communication data such as log files and metadata.

Ninet Company Ltd. collects the above data for the following reasons:

  • Provision of services;
  • Arranging mutual rights and obligations of Ninet Company Ltd. and users;
  • Customer satisfaction check;
  • Service quality check.

Legitimate business interest

Ninet Company Ltd. collects and uses personal data of the User in order to improve the quality of business.

  • Contact details and other information to verify your identity and communication with Ninet Company Ltd. This includes your name and surname, address, phone number, personal ID no, email address, passwords and credentials (such as the security questions and answers we have in your account);
  • Data on financial transactions by the bills of Ninet Company Ltd.;
  • Communication with Ninet Company Ltd, including mail, e-mail and telephone calls;
  • Keeping a record of all settings or communication preferences you select;
  • Information from cookies set on your connected devices;
  • Details on the services you use or have ordered;
  • Communication data such as log files and metadata.

Ninet Company Ltd. considers the use of personal data to be the legitimate business interest for the following purposes:

  • Business development;
  • Providing network security and protection;
  • Receivables collection;
  • Fulfillment of regulatory and legal obligations;
  • Prevention and detection of high-tech crime.

Business development

Ninet Company Ltd. uses personal data to generate business reporting due to continuous improvement of the quality of services, optimization of business processes, achieving market competitiveness and monitoring global trends.

The data is also used for the purpose of network maintenance, development and testing.

For this purpose, the system generates the necessary reports by aggregating and anonymizing personal data in such a way that it is not possible to identify the persons to whom the data relate.

Ensuring network security and protection

Personal data is used in order to prevent unauthorized access to the system and services provided by Ninet Company Ltd, as well as to prevent fraud, spam and other actions described in detail in General Terms and Conditionsforprovision of services as unauthorized behavior of the User.

Collection of receivables

In case of non-payment of invoices, Ninet Company Ltd. may submit your data, such as contact details, personal ID no. and the amount of debt, to the collection agency or public bailiffs.

Fulfillment of regulatory and legal obligations

Personal data are used to generate reports submitted to regulatory agencies as well as for statistical processing. Ninet Company Ltd.submits reports that are systematically generated by aggregation and anonymization of personal data in such a way that it is not possible to identify the persons to whom the data relate.

The data of the user of the landline telephone service may be included in the publicly available telephone directory of Ninet Company Ltd., with the prior consent of the User. The user will be able to withdraw the consent at any time,by sending the request to Ninet Company Ltd. in one of the following ways:

  • Electronically to the address zastitapodataka@ninet.rs
  • Sending by mail to the registered office:
    Ninet Company Ltd., Bulevar Nemanjića 25, Zona 3,premises k -6
    18000 Niš, Serbia
  • Personally at the counters of Ninet Company Ltd.

Prevention and detection of high-tech crime

In order to prevent and detect high-tech crime, the network of Ninet Company Ltd.is under constant monitoring. In case of detection of an attempted cyber-attack, Ninet Company Ltd. is obliged to inform the National CERT of the Republic of Serbia, as well as to submit all necessary data in accordance with the law.

More over, Ninet Company Ltd. will, in accordance with the law, submit personal data to the authorities, upon request, for the purpose of cooperation with the authorities in order to detect and stop crime, prosecute perpetrators and protect national safety.

Direct marketing

Ninet Company Ltd. may process personal data of the User, as well as persons who are not Users, to whom the data relate, for the purpose of direct advertising by telephone, e-mail or other means of distance communication, only in accordancewith the law, consentof the personor in the case of publicly available data of the person to whom the data refer, and the person has not prohibited the processing of such data for the purpose of direct advertising. In case you do not want to receive promotional information, you are able to suspend it easily and free of charge.

Ninet Company Ltd. will use, for direct advertising, your contact details such as your name and surname, address, telephone number, e-mail address.

Ninet Company Ltd.is obliged to regularly inform the users of its services about changes that may occur aimed at achieving technological development due to the improvement of service quality.

DATA SHARING

Ninet Company Ltd. will not assign, sell or share your personal data with third persons except in the case of purchasing products or providing services at your request.

Business partners

Ninet Company Ltd.may,in order to operate efficiently and provide services, hire data processors with whom it shares a minimum set of data, such as courier service, technology partners, and who meet the requirements for implementing data protection measures in accordance with the law and with whom it has a signed NDA

Online payment

Data security at the time of purchase is guaranteedby the payment platform of Ninet Company Ltd. and the payment processor of Banca Intesa. Payment transactions are performed in accordance with legal regulations.

Ninet Company Ltd. does not have access to the card data at any point, except for the minimum set of data for the purpose of recording payment for the service in its information system, enabling monitoring of payments to Users and notification of the performed payment transaction. Please keep your credentials for access to the portal and for the use of the card carefully, as Ninet Company Ltd. shall not be responsible in case they are communicated to other persons by the credential owner.

The minimum data set consists of the following data:

  • Payment card brand;
  • Last 4 digits of the payment card number
  • Name and surname (name) of the payment card holder
  • Month and year of payment card expiration.

Personal data transfer to other countries

Ninet Company Ltd.shall not transfer personal data of the User from the country, except when:

  • Transfer is necessary for the implementation of the contract between the data subject and Ninet Company Ltd. or for the application of pre-contractual measures taken at the request of the person to whom the data relate
  • Transfer is necessary for the conclusion or implementation of a contract concluded in the interest of the person to whom the data relates between Ninet Company Ltd. and another natural or legal person.

The transfer of data to other countries is carried out in accordance with the law.

SOCIAL NETWORKS AND LINKS TO THIRD PARTIES

Ninet Company Ltd. uses social networks to promoteits business. Ninet Company Ltd. does not store the data of its followers or process data outside of Facebook, Twitter, Instagram, Linkedin.

Ninet Company Ltd. may provide links to third parties over which it has no control, does not own the information contained there in, does not guarantee and is not responsible for any content, advertising, product or other material available on such site.

Social networks and websites operate according to their terms of use and privacy policies, so please learn more about it as needed.

PERSONAL DATA PROTECTION AND RETENTION PERIOD

Ninet Company Ltd. implements organizational and technical measures in order to ensure personal data protection. Retention periods arise from legal regulations.

Retention periods

Ninet Company Ltd. stores and keeps data in accordance with the prescribed deadlines:

  • Contractual data: five years after the termination of the use of the service;
  • User contracts: two years after contract termination;
  • Invoice data: five years after the invoice is issued.

In other cases, personal data are kept in accordance with the purpose for which it was collected and processed in accordance with the legal obligation.

CHILD PROTECTION

A person under 18 years of age cannot be a user of Ninet Company Ltd. The availability of elements on our web portal and applications depends on the user’s age, so they cannot be used by children.


GLOSSARY
Personal data
Any data relating to a natural person whose identity is established or can be established, directly or indirectly, especially on the basis of an identity mark, such as name and personal data, personal ID number, location data, identifiers in electronic communications networks or one or more features of his physical, physiological, genetic, mental, economic, cultural and social identity.
The person to whom date relates
A natural person whose personal data is processed.
User
A user is a natural person who uses or requests a publicly available electronic communication service from Ninet Company Ltd.
Employees and other employed persons
Employees and other employed persons are natural persons who are employed or otherwise engaged at Ninet Company Ltd.
Data processing
Any action or set of actions,either automated or non-automated,with personal data or their sets, such as collection, recording, sorting, grouping, or structuring, storing, comparing or modification, detection, insight, use, disclosure by transferring or delivering, reproduction, sharingor otherwise making available, comparing, restricting, deleting or destroying (hereinafter: processing).
Database
Any structured set of personal data available according to specific criteria, regardless of whether the database is centralized, decentralized or classified on a functional or geographical basis.
Authorities
A state body, an authority of territorial autonomy and local government units, public enterprise, institution and other public service, organization and other legal or natural person exercising public authorities.
Competent Authority
a)The authorities responsible for the prevention, investigation and detection of criminal offenses, as well as the prosecution of perpetrators of criminal offenses or the execution of criminal sanctions, including the protection and prevention of threats to public and national security; b)Alegal entity authorized by law to perform the tasks referred to in sub-item a) of this item.
Operator
A natural or legal person, i.e.a public authority that independently or together with others determines the purpose and manner of processing. The law which stipulates the purpose and manner of processing may also determine the processoror prescribe the requirements for its determination (Ninet Company Ltd.);
Processor
A natural or legal person, i.e.an authority that processes personal data on behalf of the operator.
Recipient
A natural or legal person, i.e.a public authority to whom personal data have been disclosed, regardless of whether it is a third party or not, unless these are public authorities which, in accordance with the law, receive personal data within the investigation of a particular case and process these data in line with the rules on the protection of personal data relating to the purpose of processing.
Third party
A natural or legal person, i.e.a public authority, which is not the person to whom the data relate, an operatoror processor, nor the person authorized to process personal data under the direct supervision of the operator or processor;
Consent of the person
Any voluntary, specific, informed and unambiguous expression of the will of the person, by which they,through a statement or clear affirmative action, give consent for the processing of personal data relating to them.
Personal data breach
Personal data breach leading to an accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access to personal data that are transmitted, stored or otherwise processed.
Personal data deletion
Any action or procedure by which thesedata are destroyed completely and permanently.
Personal data anonymization
Any action or procedure by which these data are irreversibly changed, after which there is no possibility to identify the person to whom the data previously referred, without significant costs, disproportionate efforts or significant use of time.
Pseudonymization
Processing done in a way that prevents the attribution of personal data to a certain person without the use of additional data, provided that these additional data are stored separately and that all technical, organizational and personnel measures are taken to ensure that personal data cannot be attributed to a specific or identifiable person.
Profiling
Any form of automated processing used to assess a particular personality trait, particularly for the purpose of analyzing or predicting the performance of an individual, their economic status, health status, personal preferences, interests, reliability, behavior, location or movement.
Processing limitations
Labelling of stored personal data aimed at limiting their processing in future.
Your experience on this site will be improved by allowing cookies.