Communication and disclosure of personal data to third parties
Your personal data shall not be disclosed to third parties without your express consent, except under legal obligation. More specifically, your personal data shall not be transmitted or provided to third parties outside the European Union without your express consent, except under legal obligation.
The personal data you provided may be transmitted to our related companies and/or partners when this is deemed necessary for the purpose of maintaining and managing the 27001Academy website and for the purpose of provisioning our products and services. In such cases, we shall ensure that our partners and/or related companies take over the responsibility to protect personal data to an extent equal to that guaranteed in these General Terms and Conditions.
Your personal data (including your email) will never be shared with any third parties for marketing purposes.
Which personal data do we collect?
Types of data that we collect for specified purposes are: your name, last name, address, country of residence, and email address.
Purpose and manner of personal data collection and use
EPPS collects and processes personal data in accordance with the provisions of the Personal Data Protection Act and other regulations in force in the Republic of Croatia and the European Union.
Your personal data are processed only on the basis of your approval – a free and express consent to process your personal data for the purposes related to the use of the Content available through the 27001Academy. Your consent for the collection and processing of your personal data for a given purpose shall be requested when completing the appropriate form published on the web pages of the 27001Academy.
Your personal data shall be used in order to provide Content, reply to queries concerning the Content available on the 27001Academy, and inform you about the existing and new content, materials, functionalities, services and other offers that may interest you, and in order to improve the quality of the Content and the 27001Academy.
Data collected through quizzes and questionnaires are confidential and may be used only for our own purposes.
All collected data are electronically stored, and appropriate measures and procedures are applied in order to prevent unauthorized access, maintain the level of personal data protection and use the data collected online in a correct manner.
Even though we take all appropriate measures to ensure against unauthorized disclosure of your personal data, we cannot guarantee that some of the collected personal data shall never be disclosed in a manner that is not in accordance with these General Terms and Conditions. Accidental disclosure may be, for example, a consequence of false misrepresentation when accessing websites that contain such data, with the purpose of correcting possible errors in the data. We shall not be liable, to the fullest extent permitted by law, for any damage caused to users or third parties relating to accidental disclosure of personal data.
Collection and processing of personal data by other users or third parties
The 27001Academy contains Interactive Content and may contain Links to third party websites, through which other users or third parties may gain authorized or unauthorized access to your personal data. These General Terms and Conditions do not apply to the collection, processing or use of personal data that you communicate to other users and/or third parties. It is in your best interest to acquaint yourself with the rules of personal data protection, and the protection of privacy applied by other users and/or third parties. Since we cannot control the data you provide when accessing or using the Interactive Content, Links or third party websites, or in other circumstances in which you communicate your personal data to other users and/or third parties, we shall not be liable for any damage caused to you, other users and/or third parties, arising from the fact that you communicated your personal data, in relation to the use of the 27001Academy.
Modification and deletion of personal data
You are legally entitled to request modification or deletion of your personal data, or deletion from the registered users database at any time. Modification or deletion of data shall be effectuated on the basis of an appropriate notice addressed to the contact identified on the 27001Academy.
A cookie is a group of data serving as your anonymous individual identifier that is sent to your browser by websites. Cookies are sent when you access a website, they are stored in your computer and they serve to record information about your subsequent online visits. Therefore, after a cookie has been stored on your computer during your first access to a website, every time you return to the website it will look for its cookie in order to read the stored data.
Since a cookie is an anonymous individual identifier, it does not contain or send any personal information to the website that stored it on your computer, but only enables faster and more efficient activation of information, data and settings previously communicated during access and use of the website.
Your browser is set in such a way that each website can only access its own previously sent cookies, but not the cookies of other websites.
The Options or Settings menu of your browser allows you to select an appropriate option for receiving cookies, even to disable them completely. However, disabling cookies completely will reduce the efficiency of some contents available on some websites.