Privacy Policy
Atrij d.o.o. Last updated: April 2026
1. Introduction
Atrij d.o.o. (hereinafter: “we”, “Atrij”, or “Data Controller”) is committed to protecting your privacy and personal data. This Privacy Policy describes what personal data we collect, why we collect it, how we use it, and what rights you have as a data subject.
We process personal data in accordance with Regulation (EU) 2016/679 (GDPR) and the Act on the Implementation of the General Data Protection Regulation (Official Gazette 42/2018).
2. Data Controller
Atrij d.o.o.
Dragutina Parčića 3, 23000 Zadar, Croatia
Company ID (OIB): 05079981890
Email: info.atrij@gmail.com
Phone: +385 23 314 076
3. Data We Collect
We collect personal data through two channels on our website.
3.1. Contact Form
- Full name
- Email address
- Phone number
- Message / inquiry
3.2. Multi-Step Project Brief Form
In order to prepare a project proposal and documentation, we collect the following information:
- Project location – cadastral plot number (k.č.) and cadastral municipality (k.o.)
- Project description (programme, intended uses, rooms and approximate areas)
- Number of floors and building height
- Basement (yes/no and description)
- Roof type (flat, pitched, rooftop terrace)
- Building materials
- Visual preferences (views from the house, specific requirements)
- Desired and undesired elements of the project
- Exterior and interior style (modern / classic)
- Heating system
- Solar energy (yes/no)
- Swimming pool (yes/no)
- Reference projects or elements
- Contact details (name, email, phone)
- Note: Cadastral data (plot number and municipality) are not personal data in themselves, but may be combined with personal data of the data subject.
4. Purpose and Legal Basis for Processing
| Purpose | Legal basis (GDPR) |
|---|---|
| Responding to inquiries via contact form | Legitimate interest (Art. 6(1)(f)) |
| Preparing a project proposal | Pre-contractual measures (Art. 6(1)(b)) |
| Performing the architectural services contract | Performance of a contract (Art. 6(1)(b)) |
| Legal obligations (accounting, archiving) | Legal obligation (Art. 6(1)(c)) |
| Marketing communication | Consent of the data subject (Art. 6(1)(a)) |
5. Retention Periods
We retain your personal data only for as long as necessary to fulfil the purpose for which it was collected:
- Inquiries that did not result in a contract – 1 year from the date of receipt.
- Project documentation and contractual relationships – 10 years from project completion, in accordance with the Act on Archival Records and Archives.
- Accounting documentation – 11 years in accordance with the Accounting Act.
6. Recipients of Data
We do not sell your data to third parties. We may share it only with:
- Collaborators and subcontractors engaged on the project (structural engineers, electrical designers, etc.), to the extent necessary for the project.
- IT service providers (hosting, email, CRM) acting as data processors, bound by a data processing agreement.
- Competent authorities, when required by law.
All data processors are carefully selected and have appropriate technical and organisational security measures in place.
7. Transfers Outside the EEA
Your personal data is primarily processed within the European Economic Area (EEA). Where cloud services with servers outside the EEA are used, we ensure appropriate safeguards are in place (standard contractual clauses of the European Commission).
8. Your Rights
As a data subject, you have the following rights:
- Right of access – request a copy of the data we process about you.
- Right to rectification – correct inaccurate or incomplete data.
- Right to erasure – request deletion of your data (subject to legal exceptions).
- Right to object – object to processing based on legitimate interest.
- Right to data portability – receive your data in a machine-readable format.
- Right to restriction of processing – request a temporary suspension of processing.
- Right to withdraw consent – at any time, without affecting the lawfulness of prior processing.
Please send requests to: info.atrij@gmail.com. We will respond within 30 days.
You also have the right to lodge a complaint with the supervisory authority: Croatian Personal Data Protection Agency (AZOP) Selska cesta 136, 10 000 Zagreb, Croatia www.azop.hr
9. Data Security
We apply appropriate technical and organisational measures to protect your data, including SSL encryption for data transmission, access controls on internal systems, and regular security reviews. In the event of a personal data breach that may pose a risk to your rights and freedoms, we will notify the competent supervisory authority and, where required, you personally.
10. Cookies
Our website may use cookies for proper functionality and analytics. Detailed information about the cookies we use is available in our Cookie Policy.
11. Changes to This Privacy Policy
We reserve the right to update this Privacy Policy. Any changes will be published on this page with an updated date. We recommend checking this page periodically.
12. Contact
For any questions regarding the processing of your personal data, please contact us:
Email: info.atrij@gmail.com
Phone: +385 23 314 076
Address: Dragutina Parčića 3, 23000 Zadar, Croatia
