Privacy Policy

Croatia Control Ltd., Rudolfa Fizira 2, Velika Gorica (hereinafter: “CCL”) protects the privacy of its users through this Privacy Policy, and takes care of their personal data in line with the provisions of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, and the Act on Implementation of the General Data Protection Regulation (Croatian Official Gazette No. 42/18).
CCL undertakes to process personal data exclusively in accordance with the principles of the Regulation.
CCL established the personal data protection management structure by determining and assigning the roles, responsibilities, processing rules and principles, safeguards, through impact assessment, reporting, supervision, and continuous raising of awareness in the field of personal data protection.
CCL continuously implements appropriate technical and organizational personal data protection measures, taking into account the nature, scope, context, and purposes of processing, as well as personal data protection risk exposure, to ensure and be able to prove that processing is carried out in accordance with the personal data protection provisions and best practices.
This Privacy Policy can be restated or amended at any time without prior notice. By using CCL's website after the restatement or amendment, you agree to those amendments.

Controller and Data Protection Officer
The controller shall be CCL.
CCL’s processors of your personal data are bound by CCL to act as set forth herein.
CCL’s designated data protection officer is available at the following e-mail: dpo@crocontrol.hr.

Lawfulness, Fairness, and Transparency
Your personal data shall be processed by CCL only on the basis of a legal obligation, your consent or other legitimate interests.
Data concerning you shall be transparently collected, used, consulted and/or otherwise processed.
Information on the access to your data, the process of lodging a complaint, making a request to update your data can be obtained from the data protection officer at the following e-mail: dpo@crocontrol.hr.

Purpose Limitation
Your personal data shall be collected for specified and legitimate purposes and processed in a manner that is compatible with those purposes.
Personal data that we collect are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed. The controller (CCL) and the processor shall not collect any personal data which are not relevant for the purposes for which they are processed.

Location
Location data is used in background to ensure that the right user is at right place according to the conditions of approval received from Airspace Management Cell (AMC). Tactical activation of reserved airspace will not be possible if the location received from application is not within approved reserved airspace with the purpose to check that you are physically within the approved airspace reservation to avoid misuse of approval conditions of use an airspace.
Location data is in use only while you use application and its following features:
- “Locate Me” icon on Map,
- An airspace “reservation request” has been sent for approval,
- “Tactical activation request” has been sent,
- During the approved tactical activation (“Activity in progress status”) until the cancelation of approved reservation location data will be used even when application is minimized.
Location data is not used when the app is not in use and when the app is closed. Location permission will not be used for other purposes.

Data Accuracy and Integrity
It is necessary that the collected and stored personal data are accurate and up to date. CCL shall take every reasonable step to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are rectified or erased without delay.

Freedom of Choice
You decide on the personal data that you submit to CCL. Should you decide not to submit your personal data to CCL, you may not have full access to certain sites/functions of the website.

Storage Limitation
Your personal data storage periods are determined by positive legal regulations, CCL’s internal acts or your consent to collect and process your personal data.

Integrity and Confidentiality
To protect your personal data submitted via this website, CCL uses physical, technical and organizational security measures, and it continuously upgrades and tests its security technology. Access to your personal data is enabled only to those persons who need to have it to perform certain tasks or provide services that are of benefit to you. Apart from that, CCL educates its employees about the importance of confidentiality, privacy, and protection of your data.

Questions and Comments
CCL shall accept all reasonable requests to rectify, complete or erase your personal data. Should you have any questions or comments on the Privacy Policy, please send your request at the following e-mail: dpo@crocontrol.hr.

Right to Lodge a Complaint with a Supervisory Authority
At any time, you can lodge a complaint with a supervisory authority in relation to the collecting and processing of your personal data by CCL. In the Republic of Croatia a complaint can be lodged with the Croatian Personal Data Protection Agency.

AMC Portal Mobile and Privacy Policy
Mobile application AMC Portal Mobile is part of the AMC Air Navigation Management web application – AMC Portal. In addition to displaying the status of the airspace, the mobile application allows registered users of the AMC Portal web site to use an automated airspace reservation for unmanned aerial vehicles (Ordinance on Airspace Management (Official Gazette No. 20/2023)).
Accordingly, all the mentioned features of the Privacy Policy also apply to the AMC Portal Mobile application.