GDPR Data Protection Notice
This GDPR notice and our Privacy Policy describe the same processing. The Privacy Policy is the full notice; this page highlights EU/EEA legal bases, rights, retention, processors, and cookies. If anything differs, the more specific or more protective text applies.
Data Controller
IFIX ELEKTRONIKA, obrt za usluge
Ul. Matice hrvatske 28A
21 000 Split
Hrvatska (Croatia)
Contact: esp32contact@gmail.com
If a Data Protection Officer (DPO) is appointed in the future, DPO contact details will be published on the Privacy Policy.
Legal Bases (GDPR Art. 6)
- Contract performance (license delivery/support)
- Legitimate interest (anti-piracy and abuse prevention)
- Legal obligation (accounting/compliance retention)
- Consent (analytics cookies and optional communications)
Data Categories
- Email/contact and purchase/license metadata
- Hardware-bound license identifiers and validation timestamps
- Optional bug report diagnostics you explicitly submit
- Analytics data only after cookie consent
Processors (sub-processors)
We do not sell personal data. We use trusted providers aligned with the Privacy Policy:
- myPOS — payment checkout and payment-related data
- Promailer (or configured SMTP) — transactional email for licenses and order-related messages sent from our API environment
- Render — API hosting and related processing for verification and commerce endpoints
- GitHub — storage/versioning of the encrypted license database and related operational data as configured
- Cloudflare Pages (or equivalent) — hosting of this static website
- Google Analytics — website analytics only after cookie consent (IP anonymization enabled in implementation)
Each provider processes data under its own terms and privacy policy; we choose providers that support GDPR-aligned processing.
Data Retention
We keep data only as long as necessary (same thresholds as the Privacy Policy):
- Customer and order data: up to 7 years where required for legal/accounting obligations
- License data: for the duration of the license relationship plus any legally required retention
- Support-related email: up to 3 years unless a shorter period applies
- Voluntary bug reports: up to 90 days
International Transfers
Some providers may process data outside the EU/EEA. We use appropriate safeguards (e.g. standard contractual clauses or equivalent mechanisms) where required.
Your Rights
- Access, rectification, erasure, restriction, objection
- Data portability
- Withdraw consent at any time (where consent is used)
- Lodge a complaint with AZOP: azop.hr
To exercise rights, contact: esp32contact@gmail.com. Target response time: 30 days.
Cookies & Consent
This website uses:
- Essential cookies (required for basic site operation)
- Analytics cookies (only after explicit consent)
- Performance-related cookies where applicable
You can accept, reject, or customize non-essential cookie usage through the consent banner. You can also change preferences later by clearing cookies and revisiting the site.
Related Documents
Last updated: 15 May 2026