Privacy Policy

Effective Date: 01.07.2024

The term “personal data” means any information by which a natural person can be identified, directly or indirectly.

The term “data controller” means the natural or legal person which, alone or jointly with others, determines the purposes and means of the data processing and is responsible for processing such data in a manner consistent with the applicable legislation.

The term “data processor” means the natural or legal person which processes personal data on behalf of a data controller.

The word “services” together refer to the website and the application, and other services that Komba provides to users.

The word “user” or “you” refers collectively to our users and clients of our services, representatives and other authorized users of our services, and to potential users and clients.

Komba Technologies d.o.o.  (“Komba”, “we”, “our”, or “us”) appreciates you for using our platform called “Komba” which is available through a mobile application and/or the Internet (the “Platform”). On the Platform, Komba’s clients are able to advertise the need to perform certain tasks, as well as certain essential conditions for performing these tasks (time of performing the task, place of performing the task, compensation, etc.), and users of the Platform using the Platform in such a way that they apply for the performance of services for what they are entitled to the agreed compensation. Your privacy is of utmost importance to us, and we are committed to protecting and securing your personal data as the data controller of your personal data.

Clients of the Platform determine how to engage with users through the Platform and thus act as the business that determines the purposes and means of handling user’s personal data in relation to the respective engagement. In those circumstances, users should carefully review the privacy policies of the Platform’s clients with which they interact. Komba is not responsible for the privacy practices of Platform’s clients.

This Privacy Policy describes how we collect, use, disclose, and safeguard your personal information when providing our services, since when using our online services (our website and app), you’ll share some information with us. We want to be transparent with the data we collect, how we use it, whom we share it with, and the controls we give you to access, update, and delete your information.

Komba emphasizes the importance of your privacy and the security of personal data. By using this website or app and by accepting the Privacy Policy and Web Cookies, you consent to your personal data being collected and further used and processed in accordance with this Privacy Policy.

This Privacy Policy is written with the aim of transparency and legality of our activities and services as well as to comply with The General Data Protection Regulation (EU) 2016/679 (GDPR).

We will only use and retain your data with your consent or other lawful basis. We ask for your consent on those occasions and in those places where we specify what we will use your personal data for.

We may process your personal data if there is an appropriate and justified interest (i.e. legitimate interest) to run, maintain and develop our business or to create and maintain relationships with users. When we decide to use your personal data based on our legitimate interests, we weigh our own interests against your right to privacy and, for example, provide you with a simple option to opt out of our marketing communications and, where possible, use pseudonymized or identifiable data that cannot be identified by any person. You have the right to object to the processing of your personal data based on legitimate interest. However, Komba has the right to reject such an objection in accordance with the applicable regulations if, for example, the processing is necessary for the preparation, execution or defense of legal claims.

For each data collected from the user, all necessary and reasonable technical and organizational security measures are taken to protect against unauthorized or unlawful processing, loss, destruction, or damage to the data. If a data breach results in high risk, we will notify relevant data protection authority and data subject.

This Privacy Policy does not apply to, and Komba is not responsible for, any third-party websites which may be accessible through links from this website or app (please see Section 3 below for more information).

This Privacy Notice additionally applies to our website and online services, including www.kombapp.com, our mobile app and any other online service hosted by us on which this Privacy Policy appears. Please note that our online services make use of cookies and similar technologies, as described in more detail in Section 2 below.

The Privacy Policy is an integral part of the contractual relationship that Komba may have with its users, clients and partners.

1. COLLECTION AND USE OF PERSONAL INFORMATION

Through logging in or registering your user account to our Platform, i.e. for creating a profile which is used for the purpose of using our services and saving your profile information (personal preferences and requests, qualifications, usage history, etc.), we may collect three basic categories of information:

• Information you provide.
• Information we get when you use our services.
• Information we get from third parties.

CATEGORIES EXPLAINED

When you interact with our services, we collect information that you provide to us. For example, most of our services require you to set up a user account, so we need to collect a few important details about you, such as:

• First and Last Name, address, e-mail address, phone number,
• Croatian Citizenship (checkbox),
• Personal Identification Number (PIN),
• Date of birth,
• Country, city and address of residence,
• Payment information (bank account information),
• Personal qualifications and special skills,
• Feedback information and user satisfaction feedback,
• Other information voluntarily provided by you while using our platform (e.g. username, password, profile photo, short biography, certificates, licenses etc.),
• Photograph of ID Card for the purpose of verifying the provided information,
• IP address of your device, purchases and billing/delivery address.

Unless specified otherwise, all data specifically requested by Komba is mandatory and failure to provide this data may make it impossible for Komba to provide its services. In cases where Komba specifically states that some data is not mandatory, clients and users are free not to communicate this data without consequences to the availability or the functioning of the Platform. Any person who is uncertain about which personal data is mandatory are welcome to contact Komba.

In some cases, additional information could be requested for the purpose of verifying the qualifications and compliance with applicable laws of a user to perform certain tasks for the clients of the Platform.

When you contact customer support or communicate with us in any other way, we’ll collect whatever information you provide or that we need to resolve your question/issue.

If you do not wish to provide mandatory information for a service that requires them, you will not be allowed to engage in that service.

We undertake not to process sensitive personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, nor to process genetic data, biometric data for the purpose of uniquely identifying a natural person, or data concerning the health, sex life or sexual orientation of a natural person. In the event that such information is communicated by one of the parties during exchanges with the prospect or user of the Platform, it will not be recorded by us.

INFORMATION WE GET WHEN YOU USE OUR SERVICES

When you use our services, we collect information about which of those services you have used and how you have used them. We collect information about your activity through our services. For example, we may collect information about how you interact with our services, such as which digital items you view or apply for, or which search queries you submit.

If you give us information on behalf of someone else, you confirm that the other person has appointed you to act on his/her behalf and has agreed that you can: (a) give consent on his/her behalf to the processing of his/her personal data and (b) receive on his/her behalf any data protection notices.

We may also collect user-generated content, such as reviews, photos, and recordings, submitted by you through our website or app. We or others may store, display, reproduce, publish, or otherwise use such content, and may or may not attribute it to you. Others may also have access to such content and may have the ability to share it with third parties.

While using our services, we use following information:

• information about your hardware and software, such as the hardware model, operating system version, device memory, browser type, language, battery level, and time zone;
• information about your wireless and mobile network connections, such as mobile phone number, service provider, IP address, and signal strength.

This information is not collected and stored on our servers. We use data anonymising techniques and services.

LOG INFORMATION

We also collect log information when you use our website, such as:

• details about how you have used our services;
• device information, such as your web browser type and language;
• access times;
• pages viewed;
• IP address;
• identifiers associated with cookies or other technologies that may uniquely identify your device or browser; and pages you visited before or after navigating to our website.

HOW WE USE INFORMATION

What do we do with the information we collect:

• Manage, verify, and authenticate your information, user account, and interactions with us.

• We use this information for the purpose of providing Platform services to connect clients seeking users willing to perform a certain task and users interested in performing such tasks for the clients and thus receiving a remuneration, as well as enhancing user experience, and communicating with you about relevant offers and promotions. Also, this Privacy Policy applies to your provision of services to us where this involves any personal data and to any personal information collected from third-parties where we are the controller of such information.

• Develop, operate, improve, deliver, maintain, and protect our products and services.

• Send you communications, including by email. For example, we may use email to respond to support inquiries or to share information about our products, services, and promotional offers that we think may interest you.

• We process data regarding opening e-mails, bounce rate, clicks, subscription, newsletter segments. We may segment users according to previously performed activities via the Platform.

• If you contact us through webforms on our website or app, through an e-mail, phone, or social network profile we will process data from contact form and a message based on our legitimate interest to connect and communicate with potential users.

• We process data about our contacts on social networks and about likes, comments, profile information, picture, video, voice, and about similar communication with our users and potential users.

• Monitor and analyse trends and usage.

• Personalize our services.

• Enhance the safety and security of our products and services.

• Verify your identity and prevent fraud or other unauthorized or illegal activity.

• Use information we have collected from cookies and other technology to enhance our services and your experience with them.

• Enforce our End User License Agreement and Terms & Conditions and other usage policies and comply with legal requirements.

• Perform daily business activities, such as, planning, controlling, auditing, organising business processes in all our affiliated companies and maintain compliance with applicable laws.

When processing your personal data for the purpose of providing the services to you, as well as for the other purposes mentioned above, we may use automatic processing methods, which may include automatic decision-making.

2. COOKIES POLICY AND ANALYTICS

Cookies are small text files that we place on your device (e.g. computer or mobile device) when you visit our website. The use of data files websites or web cookies is standard procedure for most websites that generally do not collect your personal information but provide a more customized service. By accessing your data obtained by web cookies, we monitor the use of our site or the app by you to, if possible, adapt our website or our app to a better and simpler future user experience.

We will always ask your consent to set cookies e.g., to remember your preferences or personalize content that is more relevant to you. However, we will not ask your consent for cookies that are strictly necessary for specific functionalities of our services, i.e. without which you would not be able to undertake certain activities.

Necessary Cookies. These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information. Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

Preferences Cookies. Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.

Analytics/Statistics Cookies. These cookies allow us to count visits, usage and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information collected by these cookies is aggregated and anonymized. If you do not allow these cookies we will not know when you have visited our site, what features of the web site you interacted with and will not be able to monitor its performance.

By using web cookies to improve your user experience, you automatically consent to the collection of data such as certain preferences and your IP address.

If you are interested in more information regarding web cookies and how to control them within the browser, visit the site: https://allaboutcookies.org/how-to-manage-cookies.

Marketing/Advertising Cookies. These cookies are set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information but are based on uniquely identifying your browser and Internet device. If you do not allow these cookies, you will get a less tailored experience. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third-party advertisers.

Managing Cookies. When you first visit our website, you will see our Cookie Declaration/Banner where you can accept all the cookies or manage your cookie settings. You can withdraw your consent at any time.

Information about procedure on how to enable, disable or remove cookies can be found on your Internet browser provider’s website via your help screen. If you wish to learn more on this matter, we invite you to visit the following address:  https://www.youronlinechoices.com.

Links to popular browsers are listed below for your convenience. Some of the listed browsers block third party cookies by default. For other browsers, please consult your browser settings for managing cookies.

– Google Chrome

– Microsoft Edge

– Mozilla Firefox

– Microsoft Internet Explorer

– Opera

– Apple Safari

We use third party cookies to optimize marketing performance and to measure the effectiveness of our advertising on other websites and social networks.

If you elect not to activate the cookies, or later to disable cookies, you may still visit our website, but your ability to use some features or areas of the website may be limited.

3. THIRD-PARTY WEBSITES AND THEIR SERVICES

In addition to our online services, which we control directly, we may also use and provide links to websites which are controlled by third-parties, which may include: social media sites, payment processing sites, other service sites, agencies, blogs, etc.

Linking to a third-party site does not necessarily mean that we endorse the site, any products or services described on the site, or any other material contained in a third-party site. To the extent any linked websites you visit are not owned or controlled by us, we are not responsible for the sites’ content, any use of the sites, or the privacy practices of the sites. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their Privacy Policy, so please review the Privacy Policy on those other websites to see how they handle your information.

If you use or follow a link to any of these third-party websites, please be aware that these have their own Privacy Policies and that we cannot accept any responsibility for their use of information about you.

4. SHARING OF INFORMATION/DATA

We may share information about you, your personal data, in the following ways.

The primary reason we share your data is to supply the client of the Platform with the relevant information of the user of the Platform in respect of a specific request for the performance of a task, and vice versa, i.e. for the purpose of a user providing services to the client via the Platform. In order to complete our provision of the service, we transfer relevant details to the client of the Platform that you have applied for. This is one of the most essential things we do for you. Depending on the selected task request and the client, the details we share can include your name, contact and payment details, the names of the people accompanying you and any other information or preferences you specified when you made your application for a specific task request. In certain cases, we also provide some additional historical information about you. This includes information on whether you have already performed any tasks for the client in the past, the number of completed tasks you have made via the Platform, number of no-shows, user rating, a confirmation that no misconduct has been reported about you, the percentage of agreed and confirmed tasks you have cancelled in the past or whether you have given reviews.

With third parties:

• Business partners that provide services and functionality on our services, and services requested through our Platform.

• With professional advisors (including auditors, law firms, or accounting firms) in our legitimate interests or as required by law.

• We share information about you for legal, safety, and security reasons. We may share information about you if we reasonably believe that disclosing the information is needed to:

• investigate, remedy, or enforce potential terms of service violations,
• protect the rights, property, or safety of us, our clients, our users, or others,
• detect and resolve any fraud or security concerns.

• We may share information about you as part of a merger or acquisition. If Komba, and/or its affiliated companies get involved in a merger, asset sale, financing, liquidation or bankruptcy, or acquisition of all or some portion of our business to another company, we may share your information with that company before and after the transaction closes.

• We may also share with third parties that provide services to us or perform business purposes for us aggregated, non-personally identifiable, or de-identified information.

• For transactions we use third party services, i.e. financial institutions and payment processing companies (payment gateways) that process payments and are considered data controllers for the stated purpose.

• We process personal data for marketing purposes when you subscribe to our newsletter. For this purpose, we process data, such as, name, surname, country, email address.

5. DATA RETENTION

We store your basic user account information — like your name surname, phone number, date of birth, qualifications, profile picture if provided, and email address — until you request to delete them.

If you ever decide to stop using our services, you can just ask us to delete your user account. We will also delete most of the information we have collected about you after you have been inactive for a while (min. 12 months) but in such case, we will try to contact you first.

While our systems are designed to carry out our deletion practices automatically, we cannot promise that deletion will occur within a specific timeframe. We will keep your profile information for several months after the deletion, as deactivated user account. There may be legal requirements to store your data for a longer period and we may need to suspend those deletion practices if we recognise a valid legal basis requiring us to preserve content, if we receive reports of abuse or other terms of service violations, or if your user account or content created by you is flagged by our automated systems for abuse or other terms of service violations. After these timeframes, your personal data will be deleted or anonymised.

In any case you can object to direct marketing activities, and you may unsubscribe from our newsletter by clicking the link in our email or responding to us with your claim. In such case we will stop with marketing activities and store your data in unsubscribed list for three years from the day of unsubscribing/notice, based on our legitimate interest to prove facts on compliance steps we need to take.

Finally, we may also retain certain information in backup for a limited period or as required by law and security reasons.

When we no longer need your personal data, or when we are legally obliged to erase it, we will take all reasonable steps to erase it from our systems and files or take steps to anonymise it properly so that it can no longer be used to identify you.

6. YOUR RIGHTS OF CONTROL OVER YOUR INFORMATION/DATA

The data subject has the following rights:

• Right to information – implies that you have the right to know whether your personal data is being processed; what data is collected, where it is obtained from and why and by whom it is processed.

• Right of access – implies that you have the right to access data collected about you and from you. This includes the right to request and obtain a copy of the collected personal data of your personal data.

• Right to rectification – implies that you have the right to edit, request the rectification or deletion of your personal data that is inaccurate or incomplete.

• Right to erasure – implies that in certain circumstances you can request the deletion of your personal data from our records.

• Right to restriction of processing – implies that if certain conditions are met, you have the right to restrict the processing of your personal data.

• Right to object to processing – implies that in certain cases you have the right to object to the processing of your personal data, for example in the case of direct marketing. You also have the right to lodge a complaint to supervisory data protection authority (In Croatia-Croatian Data Protection Agency).

• Right to object to automated processing – implies that you have the right to object to automated processing, including profiling; and not be subject to a decision based solely on automated processing. You may exercise this right whenever there is a result of profiling, which cause legal effects that concern you or partially relate to you.

• Right to data portability – you have the right to obtain your personal data in a format that the device can read or, if feasible, direct transfer of one processor to another.

• Right to file a complaint – if we reject your request, guaranteed by the right of access, we will provide you with a reason why this happened. If you are not satisfied with how your request is treated, please contact us.

• Right to assistance from a supervisory authority – implies that you have the right to assistance from a supervisory authority and the right to other remedies, such as a claim for damages.

• Right to withdraw consent – you have the right to withdraw any consent to the processing of personal data.

We store and process personal data only for as long as necessary for the execution of a specific legitimate purpose unless the applicable regulations provide for a specific purpose for a longer retention period.

7. ACCESS, CORRECTION, AND DELETION OF PERSONAL INFORMATION

You have the right to request access, correction, or deletion of your personal data that we hold in our database. You also have the right to limit the way we use your data or object to further processing. Requests for access, correction, deletion, or restriction of processing of your data can be directed at the following email address: [-] using the contact details provided at the end of this Privacy Policy.

8. INTERNATIONAL TRANSFERS

We may collect your personal data from, transfer it to, and store and process it in the other countries outside of where you live.

We are based in the Republic of Croatia, a member state of the European Union. Therefore, we process and store information on servers in the EU. We may also store information on servers and equipment in other countries depending on a variety of factors, including the locations of our users and service providers. These data transfers allow us to provide our services to you. By accessing or using our services or otherwise providing information to us, you understand that your information will be processed, transferred, and stored in countries, where different data protection standards may apply.

If, and when transferring data outside the EEA, we warrant to use standard contract clauses and additional technical and organisational measures. We rely on the European Commission’s adequacy decisions about certain countries, as applicable, or other legally compliant mechanisms or conditions for such data transfer.

9. CHILDREN

Our services are not intended for—and we do not direct them to—anyone under 18 years old. And that’s why we do not knowingly collect personal data from anyone under 18. If we need to rely on consent as a legal basis for processing your personal data and your country requires consent from a parent, we may require your parent’s consent before we collect and use such data.

For this purpose, we use efforts to verify the age of the users of our services.

10. REVISIONS TO THE PRIVACY POLICY

We may change this Privacy Policy from time to time. But when we do, we will let you know one way or another. Sometimes, we will let you know by revising the date at the top of the Privacy Policy that is available on our website and mobile application. Other times, we may provide you with additional notice (such as adding a statement to our websites’ homepages or providing you with an in-app notification).

We inform registered user account holders about the new version of Privacy Policy, if the changes are substantial and are not only connected with the grammar, style, corrections etc. Your continued use of any portion of our sites or app following the updated Privacy Policy will constitute your acknowledgment of the changes.

11. CONTACT

The data controller of your data is Komba Technologies d.o.o. If in any case you believe that your privacy rights have been violated in some way, or if you have any questions, comments, or requests regarding the use and processing of your data, please contact us and we will be happy to assist you with any problem related to your personal information.

Please feel free to contact us using the following contact details:

Komba Technologies d.o.o.

Andrije Žaje 60, 10 000 Zagreb, Croatia

E-mail: kombapp@kombapp.com

Tel: +385 992017665