Privacy Policy

We care about your privacy.

General provisions

Data protection of our customers, our users, our employees but also all other individuals represents a basic principle and priority of -  Selectio d.o.o. for employment mediation, Zagreb, Strojarska cesta 20, court registration No: 080702531, tax No: 18518491403 (further: „Selectio“ or „Company“). We are aware that by doing business with us, you have entrusted us as not only as your business partner or employer, but also that you have provided us with some of your personal data and all responsibilities arising therefrom. Therefore, we have issued this privacy policy as our key document in order to establish a system of data protection and transparency in our business.

This privacy policy has been drafted in accordance with the EU General Data Protection Regulation 2016/679 applicable as of 25 May 2018 (hereinafter: the “GDPR”), as well as all other national data protection legislation and by applying all adequate technical and safety measures in order to protect the personal data from any unauthorised access, misuse, breach, loss or destruction thereof.

This privacy policy has been drafted in accordance with above-mentioned rules, but as such, it has no impact on our duties and responsibilities imposed by the GDPR or national legislation. Kindly note that duties imposed to us by the GDPR and the relevant national legislation are applied by the company in a broader sense than the rules contained herein.

Data controller is: Selectio d.o.o. for employment mediation, Zagreb, Strojarska cesta 20, court registration No: 080702531, tax No: 18518491403.

Data controller contact details are:

E-mail: or

Telephone: +38516065255 or +385915147378

Data protection officer contact details:

Data processor: recruit CRM

In case we use third party services to process your personal data, such processing of the personal data is strictly mandated to us and we are also liable to protect your personal data in such a case. Any questions that you may have regarding the protection of your personal data may be addressed to us at any time and at the above-mentioned emails or phone numbers.


General data

This privacy policy and statements contained herein describe in detail the data we collect, your rights arising thereof, as well as the way and for which purposes, we process your personal data.


Collection of personal data

Personal data is all and any piece of information that refers to an individual that is identified or may be identified, as further defined under section 4 below.

Your personal data is collected only through contact with you and with your explicit consent. Kindly bear in mind that some of your personal data is available online (e.g. from social media such as Facebook, LinkedIn, Instagram, etc). The Company is aware of such data, but is not collecting or processing it without your explicit consent (either given directly to us or the third-party social media source).

We collect and process your personal data only for the purposes that had been disclosed to you and for which you had given us your explicit written consent or in cases where data collection and processing is a mandatory obligation under the relevant law.

Unless you inform us otherwise (withdraw your consent), we shall collect and process your personal data only for the given purpose. We shall immediately stop with data collection and processing immediately once you withdraw your consent or once there is no legal basis to do so.

The Company reserves the right to protect its legal interests as data collector and may: (i) undertake activities to determine user identity, (ii) your requests will be processed only if they had been filed by predefined means of communication, (iii) determine whether your request has valid legal basis and we shall revert accordingly, (iv) may deny your request and file appropriate legal action should we think the request is obviously without any legal basis or if this is a manner of blunt abuse of the law.


Purpose of data collection

Various personal data may be collected from a number of sources and for various purposes:

I           By contacting you we may ask that you share your personal data with us for the following purposes:

  • Provision of our services
  • Enhancing our user experience
  • Sending you information on our services, as well as information on our latest offers
  • Your employment with the Company
  • Participation in web-based activities including our social media pages (Facebook, LinkedIn, Instagram)
  • Storing your personal data for future interactions and communication with the Company
  • Helping us to improve and advance our services
  • Problem-solving with regards to our everyday business and provision of our services
  • Sending promotional messages or specific advertising messages based on information you shared with us
  • Any other purpose for which you had given us your written consent


II         By doing business with the Company as an employee, business partner, client or a supplier we may ask you to provide us with your personal information for the following purposes:

  • employment with the Company
  • information access
  • resolving issues and service requests
  • any other purpose for which you had given us your written consent.

We collect and process your personal data only for the purposes that had been disclosed to you and for which you had given us your explicit written consent or in cases where data collection and processing is a mandatory obligation under the relevant law


Types of personal data that are collected or that may be collected

The Company collects and processes your personal data based on your explicit written and voluntary consent that has been given either by visiting our web page or our social media profile (Facebook, LinkedIn, Instagram), or filing contact request, or filing information on a data collector, or sending your remarks or recommendations regarding our work, or by publishing job advertisements or by filing job request, or filing newsletter requests or by filing a cooperation request or any other similar manner.

Personal data that is collected by interacting with the Company in a whatsoever manner, either by regular post, e-mail, personal delivery of data, telephone, fax messages, SMS and/or apps, web, social media (e.g. if you tag like of our Company on FaceBook, LinkedIn etc.) we may request or we may obtain your personal data such as:

  • name and last name
  • e-mail
  • telephone number
  • data contained in your resume
  • personal tax number
  • copy of your ID
  • social media profile
  • information on personal interests and preferences
  • other information regarding your personal interests in context of business activities conducted by the Company
  • any other data that you may have delivered us on your own accord

When communicating with the Company as a client, supplier or a business partner we may collect and process the following personal data:

  • name and last name
  • e-mail
  • telephone number
  • business address
  • company name and company tax ID
  • your position within your company
  • personal details that may be relevant to our business relationship, such as your education, expertise level, etc.

We collect your personal data through:

  • signing a cooperation agreement or an employment agreement
  • providing services to the Company
  • communicating with the Company
  • developing partnerships
  • by accessing our business premises
  • participating in fairs, events, promotions of the Company
  • voluntarily participating in polls organised by the Company,
  • by viewing your profiles on social media such as FaceBook, Linkedin, Instagram, etc.

While doing business with us we need you to give us your personal data required for such business undertaking to take place and that is required to fulfil our contractual obligations or that is required under the law. Without such data we may refuse to do business with you, or we may even terminate an existing agreement. However, you are not required to provide your consent for data collection and data processing that is not relevant for an agreement with us or that is not prescribed by the law.

Furthermore, we may collect personal data through our cookies on our web page, including among others:

  • IP address
  • Cookie ID
  • Data on the internet browser that you are using

It is imperative to stress that you may, and you have full legal right to do so, stop all your interactions with us, i.e. you may seek that your personal data is deleted (as further defined below) as well as to refuse your consent to use of all or just some cookies.

Conclusively, the Company may not collect any sensitive data, such as data regarding your health, your credit score, etc. For any such collection your additional consent is required. Refusal of consent may arise with terminating of doing business with you or providing you with an inadequate user experience, as some of these types of data are mandatory to fulfil our legal obligations. Regardless of that, none of our decisions are based on automated data processing.

The Company does not collect data of minors under the age of 16.


Legal basis and purpose of data collection

The Company collects your personal data for the following purposes and based on:

  1. To fulfil our legal obligations– your personal data is collected and processed in accordance with applicable laws as well as to make relevant notifications and applications required by us under the applicable laws and data collection is necessary for us to fulfil our mandatory legal obligations;
  2. To fulfil individual contracts– your personal data is collected and processed with the purpose of fulfilling contractual obligations and such data collection is necessary to fulfil the purpose of contractual obligations(e.g. Croatian Civil Code);
  3. With the purpose of contacting you in order to efficiently fulfil our agreements, requests for delivery of information, by your applications to newsletters, based on consent given to us by you or based on the legitimate interest of the data controller;
  4. With the purpose of protecting property and life– based on our legitimate interest our business premises may be under video surveillance;
  5. With the purpose of participating in promotions based on consent that you had given us by applying to such a promotion;
  6. Promotional purposes– based on consent you had previously given us we may publish your photographs, etc.;
  7. Any other purpose, provided that you had been previously notified and that you had given your consent.

All of your personal data is processed based on the law, contract, legitimate interest and your voluntary, explicit and written consent.


Time period of storing your personal data

The company collects and stores your personal data only for as long as is necessary for specific collection purposes. In doing so, the Company’s leading premise is that the maximum time period for collecting your personal data is the minimum period too and that its conduct is primarily regulated by mandatory provisions of the law. For each specific purpose of data processing for which the law does not explicitly provide a time period of its storage/collection, we have specified the minimum/maximum periods of said collection as well as its deletion and anonymization. 

Further below you may find an overview of the personal data, respective purposes and times of storage:

Personal data Provided by purpose Legal basis Time of data collection
Identification data for employment (e.g. name, last name, account number, tax number, copy of personal ID) Directly by user Fulfilment of contract – enabling the company to render services and employment (if any) User consent For the duration of employment, but no longer than 2 years from termination
  Directly by user Request of competent state bodies to deliver data Legal obligation Up to 10 years from termination
  Directly by user Prevention of misuse Legitimate interest / Legal obligation Up to 10 years from termination
Contact data (e-mail, address, phone number) Directly by user Fulfilment of contract – enabling the company to render services under respective agreement User consent For the duration of agreement, but no longer than 2 years from termination
  Directly by user Sending newsletters, notifications, etc. User consent Until recall of consent
  Directly by user Preventing issues with communication, enabling filing of written requests and objections User consent Until recall of consent
  Directly by user Prevention of misuse Legitimate interest / Legal obligation Up to 10 years from termination
Data on previous employment (data on employer, references, contact details, data on pension insurance and duration of previous employment) Directly by user Fulfilment of contract – enabling the company to render services under the respective agreement User consent No later than your employment with a third party/termination of current employment agreement
Your IBAN data and data relevant to the opening of your bank account, utility bill Directly by user Your employment and payment of your salary Contract fulfilment/ legal obligation No later than termination of your employment, but in any case up to 10 years from termination
  Directly by user Request of competent state bodies to deliver data Legitimate interest / Legal obligation Up to 10 years from termination
  Directly by user Prevention of misuse Legitimate interest / Legal obligation Up to 10 years from termination
Publicly available social media profiles Directly by user Identity check, employment with the Company Legitimate interest Until recall of consent on social media
Digital data: geolocation/IP, address, type of device used, the ID of device, data on internet service providers, country of origin, OS version geo- Directly by user Provision of services by the Company, improving user interface, delivery of data to Company’s services users User consent Until recall, no later than 12 months from employment/contract termination.
  Directly by user Prevention of misuse Legitimate interest Up to 12 months
Phone records Telecom companies Fulfilment of contract Legal obligation Up to 10 years, in accordance with accounting regulations
Other data -e.g. answers from marketing polls Directly by user Better understanding of user needs, enhancing user experience User consent Up to 12 months

For avoidance of any doubt, in case a legal procedure has been initiated, your personal data shall be stored until final completion of such a proceeding, all in accordance with applicable laws.


  1. Data consent management

At any given time you are free to amend your consent for your personal data collection and/or processing (amend it, completely or partially withdraw it) either by sending us an e-mail to: or by sending us registered mail to: Selectio d.o.o., 10000 Zagreb, Strojarska cesta 20.

Should you recall your consent, we will no longer use your personal data for the given purposes, but that may result in terminating of services or benefits given thereunder.

Withdrawal of your consent does not impact the legitimacy of data processing that was based on prior given consent once it has been withdrawn.

Should you wish to give us your consent again, you may do so in the manner it was given before.

Kindly note that if you do not give us your personal data that might be needed or relevant for performing under an agreement signed with you, we might not be able to provide you with the agreed service, hence we will not be liable for any such failure of service provision.


Your rights as users

This Company is constantly keeping track of the legitimacy and legality of this privacy policy as well as internal rules of conduct so that no action taken by this company is or can be construed in a manner that may result in violating your personal data. The Company endeavours to secure your rights as follows:

  1. Right to access and information regarding personal data use – you may at any given time seek information if your personal data is being used or processed, the purposes for data use/processing, type of data being collected, third parties to which your data is being shared with, time period of keeping your data, as well as source of personal data that has not been directly given by you;
  2. Right to correction of personal data – in case any of your data is incomplete or incorrect you may at any given time seek rectification
  3. Right to deletion of personal data- you may at any given time seek deletion of your personal data
  4. Right to limit data processing: you may limit processing of your data if
  • You dispute the data being correct in the period that allows us to verify the correctness of any such data,
  • You think the data processing was illegal, but you do not wish the data to be deleted, but seek limited use of such data and
  • If you think we do not need your data for the provided purposes, but you need the data for any of your claims or in case an objection to data processing has been filed.
  1. Right to object to any further data processing
  2. Right to seek access and transfer data– you may ask of us to send you the data you have given us in a structured machine-readable form:
  • If we are processing your data based on your consent which may be revoked and
  • IF processing is made by automatization procedures.
  1. Right to seek protection with competent authorities – should you feel we have at any time violated your rights or any of the data protection regulations, you may seek protection before competent authorities under national legislation.

You may utilize any of said rights or in case of suspicion of data breach, you may contact our data protection officer at the following address: You may also lodge a complaint with the Croatian Data Protection Authority.

Bearing in mind stated above, please note that the Company has developed and adopted a series of physical, technical, organizational and other measures with the sole purpose of protecting your personal data. Maintenance and testing of these measures is conducted on a permanent basis by contractual partners hired by us.

Furthermore, please note that the Company has the right to protect its rights and interests, as well as to protect the rights of its users, hence the Company shall:

  • Prior to answering to an individual request, undertake activities to establish identity of person filing respective request, including seeking additional information;
  • Valid requests shall be accepted only by previously defined communication channels and applicable forms;
  • Undertake assessment of validity of each individual request and file an adequate response;
  • Undertake an assessment of excessiveness of the individual request and if determined that certain rights are used in an excessive or abusive manner, charge applicable administrative fees or deny the relevant request.


For clarification purposes, as noted earlier, some of the above-mentioned rights are not absolute and the Company has the right to limit those rights under conditions specified within the GDPR and other applicable regulations. Reasons and respective basis for refusal of individual requests shall be duly notified to the respective user.   The Company shall, within a month from receipt of the relevant request, provide relevant information. This time period may be prolonged for an additional two months if necessary, taking into consideration the complexity and number of requests. 


Third party data transfer

We shall not transfer or make available or make accessible your personal data to third parties, unless in the following cases:

  • You give us your explicit written consent for data transfer to a specific third party and for specific purpose or specific individual,
  • By order of State bodies (courts, ministries, ect.),
  • If the data is needed for courts and other competent state authorities for procedures they are handling, provided however, that written proof of this fact is provided
  • If your data is to be sent to the tax office, pension insurance, health insurance, all based on legal obligations of the Company,
  • If your data is to be sent to the tax office for the procedures they are handling within their competence and
  • If within contractual obligations with third parties we need to deliver your data to such parties
  • Data that is delivered to digital services companies, such as Microsoft, Google, etc by using standard data protection clauses

Kindly note that while using digital services of big IT companies such as Google, Google Analytics, Microsoft, etc. the Company has accepted the unilateral terms of doing business with these IT companies. However, the Company does not have a means of verifying whether these large IT companies transfer your personal data to third parties outside of warranties given by these IT companies. The Company tries to minimise these risks by using technical measures such as pseudo anonymization.

  1. Use of digital services (internet pages, apps)

Kindly note that we collect only personal data that has been made available to us either by using our web page, by filing a contact request either by asking us to do business with you, either by filing a business request, by filing a job application by using services of return calls and any other electronic means of communication.  This personal data is used in a confidential manner and only for the purposes specified with each consent form. Transfer of personal data to third parties is done only if there is a legal obligation for us to do so or an official warrant and when such data may be transferred to such third parties and only the data necessary. Access to our web page is subject to protocol when technical data is registered such as web page visits, operating system that you use, screen resolution, time of visit, and size of data transferred.

In order to promote our services our web page contains “cookies” that may be stored on your computer. Cookies may be rejected either partially or completely, but this may result in limited use of our web page. Cookies enable storing of technical preferences of the visitors of our web page, optimising technical processes and continuous improvement of our offer. For more information see below.


More information on cookies we use

A cookie is a piece of information (a .txt file) that has been stored on your computer by the web page you are visiting. Cookies usually save your settings/web page settings, such as preferential language or IP address. Once you load your web page again the web browser sends back the cookies pertaining to such a web page. This enables the web page to load information adjusted to your needs.

Cookies also enable you the best possible web browsing experience as they “remember” your preferences, so you do not have to manually input all of relevant details. For example: cookies enable you to load one web page and should you transfer to another one, you do not need to log on to the previous one for it to have the expected content and functionality. Furthermore, all of your web settings will be stored for the next time you load this web page.

By using cookies we cannot access your files stored locally on your computer and we cannot read your personal information from the content of the cookies.

Which cookies do we use and why?

Necessary cookies:


Necessary cookies make the web page usable by enabling its basic functions such as web page navigation and access to restricted areas.  The web page may properly function even without these cookies.

Name Service provider purpose Expiry type
JSESSIONID LinkedIn Keeps user status throught web page demands Session HTTP
li_gc LinkedIn Stores user consent for current domain 2 years HTTP
CookieConsent Cookiebot Stores user consent for current domain 1 year HTTP
PH_HPXY_CHECK Used for prevention and detection of hacking attempts through brute force attacks Session HTTP
wordpress_test_cookie Used for checking whether user browser supports cookies Session HTTP


Cookies for settings:

Settings cookies enable web page to remember the data that amend the manner in which the respective data mimics or looks like ,such as you default language or region.


Name Service provider purpose Expiry type
_icl_current_language Stores user preferred language on web page 1 day HTTP



Statistical cookies:


By anonymous data collection and data flow, the statistical cookies help the web page owners to understand how visitors communicate with said web page


Name Service provider purpose Expiry type
__utma Collects data on how many times a user has visited a web page as well as dates of subsequent visits. Used by Google Analytics. 2 years HTTP
__utmb Registers time markings with exact time when a user had accessed a web page. Used by Google Analytics to calculate duration of web page visit 1 day HTTP
__utmc Registers time markings with exact time when a user had left a web page. Used by Google Analytics to calculate duration of web page visit session HTTP
__utmt Used to limit server access speed 1 day HTTP
__utmz Collects data of user origin, which browser has been used, content searched by user and which search terms were used. Used by Google Analytics. 6 months HTTP


Marketing cookies:

Marketing cookies are used to track visitors of the web page. The purpose of these cookies is web advertising that is relevant to individual users and that encourage the user to participate in interaction with the web page, which is also necessary for web publishers and third-party advertisements.


name Service provider purpose Expiry Type
bcookie LinkedIn
It is used by the social network service, LinkedIn, to track the use of the included services.
2 godine HTTP
bscookie LinkedIn Koristi ga usluga društvenih mreža, LinkedIn, za praćenje upotrebe uključenih usluga. 2 godine HTTP
lang LinkedIn Postavljen od strane LinkedIn kad web stranica sadrži uključen „prati nas“ panel. Sesijski HTTP
lidc LinkedIn Koristi ga usluge društvene mreže, LinkedIn, za praćenje upotrebe uključenih usluga. 1 dan HTTP


Non-specified cookies:

Non-specified are cookies that may be found in the process of distinction of combinations with service providers of each respective individual cookies.

We do not use these cookies.

How to amend cookie settings or disable use of cookies?

Applicable laws specify that we may store cookies on your computer if they are strictly necessary for our web page functionality. For all other types of cookies we need your consent.  In case you do not want the cookies to be stored, you may independently update your cookie storage preferences. 

You may withdraw your given cookie consent at any time without specifying a reason by simply clicking “withdraw consent” on this web page.

In general, cookies may be rejected or deleted by using adequate settings of your web browser. Our web page enables you to independently choose whether you wish to accept or reject the cookies in your web browser by using the cookie banner. In case you wish to delete or disable cookies on your computer, you need to do so by updating your web browser preferences. Different types of web browsers enable different levels of cookie control. At any given moment, your web browser will offer you the option to accept, deny or delete the cookies, and you may choose which cookies you wish to delete – from third party cookies to cookies addressed by the specific web page.

For more information regarding cookie settings please refer to your default web browser.

You may find more insformation on the following web pages:

By disabling the cookies, you decide whether you wish to store cookies on your computer. In case you disable the cookies, you will still be able to browse our web page, but some of its functionality may be impaired.

For all other information please do not hesitate to contact us at:


Technical and organizational measures

Please note that the Company has undertaken all technical and organisational measures in order to protect your personal data from loss and breach of third party access. If you have any questions in this regard, please feel free to contact us at any time. All measures applied are specified in Schedule 1 to this privacy policy

Any and all alterations of our privacy policy shall also be published in the Statement on Data Protection and on our web page and you shall be informed in an adequate manner.


Final provisions

All matters that are not regulated by this privacy policy shall be regulated in accordance with the laws of Croatia.

Anybody who thinks their personal data has been breached or violated may seek protection of their personal data before a competent court against the Company. The burden of proof regarding the damages lies within the respective individual, whereas the burden of proof of legal and proper data collection and processing lies with the Company.

The Company’s third-party liability for breach of data protection is limited to actual damage. All other damages are explicitly excluded.

In case of breach or suspicion of breach, an individual should first contact the Company for mediation purposes, either by filing a respective claim by email to: or by filing a petition by registered mail to Selectio d.o.o., Zagreb, Strojarska cesta 20. The Company is obliged to answer any such petition within a month of receipt. In case the Company receives such a request prior to starting respective litigation, an individual is obliged to initiate court mediation first and then in case court mediation was unsuccessful, an individual may file their claim before a competent court in Zagreb.

This privacy policy has been drafted and enacted on the 24th of May 2018. The Company owns all documents and information arising herefrom and the management board is obliged to review the rules set herein at least once a year. The last revision has been made on the 12th of January 2023.