Contact us

Privacy Policy

Monri as Data Controller

Monri Payments d.o.o., Ulica grada Vukovara 269 F, Zagreb, Personal Identification Number: 82551932122 (hereinafter: Monri), as a data controller, looks after the protection of your privacy. With this Personal Data Protection Policy, we want to inform you on the manner in which we collect and process your personal data, and at the same time familiarize you with your rights in accordance with the General Data Protection Regulation EU 2016/679.

You can contact us on the phone numbers or via the contact form available on our website www.monri.hr in the Contact section.

 

Data Protection Officer

Monri implements modern technical and organizational measures to protect users’ personal data, and for all questions related to the protection of personal data we have appointed a Data Protection Officer whom you can contact at dpo-monri@monri.com or in writing at the address Ulica grada Vukovara 269 F, Zagreb, with the indication “for the Data Protection Officer”.

 

What personal data we collect

  1. When signing up for our newsletter

If you wish to receive notifications about our products and services, you can subscribe to our newsletter via the website. In that case, we only process your e-mail address only while you receive the newsletter. By subscribing, you give us your consent, which you can withdraw at any time by unsubscribing from the newsletter. Providing your e-mail address and subscribing to the newsletter, which represents your consent, are conditions for receiving the newsletter.

 

  1. If you want to become a member of the Monri team

On our website, you can find job postings for open positions or you can send us an open application in which you can write what you want to do and how you see the continuation of your career in our team and send us your resume. We process basic information about the candidate, contact information, information about education and work experience, as well as other information that the candidates themselves submit in their resume, and which are necessary for us to consider for the purpose of establishing an employment relationship, or for us to take actions before concluding an employment contract. If you have applied for an open position, we process your personal data only during the selection process and then store it for a period of 24 months, while if you sent us an open application, we will store it based on your consent until we have a need for a new employee of your profile, and for a maximum period of two years. If you have sent an open application, and after that you no longer want your resume to be stored with us, please inform our officer of the withdrawal of your consent and your data will be deleted.

 

  1. When you contact us via the contact form, e-mail or phone

On our website, you are provided with a contact form through which you can send us your inquiries as well as the telephone numbers of our services. The legal basis for processing this personal data is consent. In this case, we process your name and surname, e-mail address, telephone number, as well as other data that you provide, all for the purpose and for the time it takes to respond to your inquiry.

 

  1. When you use our products and services

When providing card transaction services for the purpose of processing when you buy products/services online, Monri can act as either a data controller or a processor, depending on the individual contractual relationship with the business partner.

During the execution of online transactions, we process the following personal data: name and surname, address, postal code and city, phone number, e-mail address, card number, card expiration date, and CVC code entered by users at the electronic points of sale of merchants with whom we have arranged contractual relations for the purpose of paying for their products and services. The purpose of processing is to process the transaction for the payment of purchased products/services of the merchant, and Monri collects only those data that are a necessary precondition for the execution of the transaction.

Please note that Monri does not store the card verification code, but it is forwarded to the Bank as the card issuer.

Your personal data is stored and processed for a period determined by applicable legal regulations, i.e. five years from the execution of the transaction.

 

  1. When you visit our website – Cookies

A cookie is information that can be stored on your computer or other device such as a tablet or mobile phone when you visit a website. The cookie saves your settings, i.e. preferences for the website, such as preferred language, sorting, etc. In that way, the content of the website adapts to your needs. Cookies can store a variety of information, including some personal information, but only if you enable them.

We use cookies in order to determine and analyse website traffic as well as to provide you with a better experience in using all services through our website.

 

You can disable cookies by blocking them on your computer through the Internet browser settings, but this may have a negative effect on the use of website. Learn more about cookies in our Cookie Policy.

 

With whom we share your personal data

We may share your data with third parties:

  • processors who provide us with a specific service that involve data processing, and who have a contractual obligation to maintain confidentiality and security of your personal data;
  • providers of other service with whom we cooperate in order to provide our services, so-called third parties;
  • government authorities at their request.

 

Data transfers to third countries

The data controller has entrusted the performance of bookkeeping and accounting tasks to an affiliated company based in the Republic of North Macedonia, acting as a data processor. Consequently, the personal data of the data subjects (mainly consisting the name and surname of authorized representatives and other relevant individuals) associated with the clients and suppliers of the data controller may be transferred to the specified third country solely and exclusively for the described purpose, for which transfer appropriate protective safeguards in the form of the European Commission’s Standard Contractual Clauses have been concluded between the data controller and the processor and which are made available to data subjects by the Data Protection Officer of the data controller.

 

Your rights 

Right of access

 

  

You can request confirmation of whether your personal data is being processed at any time, as well as detailed information about the processing, in particular about the purpose of the processing, about the type/categories of personal data that are being processed, including access to your personal data, about the recipients or categories of recipients, and about the intended period in which personal data will be stored.

 
Right to rectification

 

  

You have the right to obtain without undue delay rectification of inaccurate personal data and completion of incomplete personal data.

 
Right to erasure

 

  

You have the right to request deletion of your personal data. If the request is warranted and if the legal regulations do not obligate us to store the data, the data will be deleted without undue delay.

 
The right to restriction of processing

 

  

You have the right to request the restriction of the processing of your personal data in cases provided for in the General Data Protection Regulation EU 2016/679. We particularly emphasize that you can restrict the processing of personal data based on legitimate interest as a legal basis for processing.

 
The right to object

 

  

You have the right to object to the processing of your personal data in all cases provided for in the General Data Protection Regulation. We particularly emphasize that you can object to processing based on legitimate interest as a legal basis for processing and restrict or completely prohibit processing.

 

 

In order to ensure and simplify the exercise of your rights, we have prepared a request form for exercising the rights of data subjects, which you can send to our data protection officer at dpo-monri@monri. com. It is possible that we ask you to prove your identity in certain cases.

If your personal data is processed based on your consent, you may withdraw your consent at any time, but this will not affect the lawfulness of processing based on consent prior to its withdrawal. 

In the event that you believe that there has been a breach of your personal data and a violation of the provisions of the General Data Protection Regulation, you may submit a complaint to the supervisory authority – the Personal Data Protection Agency.

 

Security of personal data processing 

We collect and process personal data in a manner that ensures appropriate security and confidentiality in their processing and enables effective application of data protection principles, reducing the amount of data, scope of processing, storage period, and data availability. For this purpose, we have implemented adequate technical and organizational security measures to ensure a level of security matching the risks posed by data processing and the nature of the personal data being protected, taking into account the characteristics and costs of their implementation.

Since the services that Monri provides include processing of card data, they are collected and processed at high levels of protection in accordance with the PCIDSS standard, with the application of cryptographic methods.

We regularly review processes that may pose a risk to the rights and freedoms of individuals and have taken appropriate protective measures to safeguard personal data from accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, especially in cases where processing involves the transmission of personal data over a network and against all other illegal forms of processing.

 

Amendments and entry into force

Monri regularly reviews, supplements, and changes this Personal Data Protection Policy to always reflect the current state of personal data collection and processing. All modifications and amendments come into effect on the date of publication on this website.

The latest modifications and amendments were published on March 25, 2024.