Privacy Policy
IS GDPR COMPLIANT!
1. What is GDPR, General Data Protection Regulation
The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a Regulation by which the European Parliament, the Council and the European Commission intend to strengthen and unify data protection for individuals within the European Union (EU).
The intention of the regulation is that the level of protection of the rights and freedoms of individuals in relation to the processing of personal data by competent bodies for the purposes of prevention, investigation, detection or prosecution of criminal offenses or the execution of criminal sanctions, including protection against threats to public security and their prevention, should be equal in all member states. Also, data protection in the EU extends the scope of data protection laws to all foreign companies that deal with data processing of EU residents and provides a framework for harmonizing data protection regulations throughout the European Union.
The concept of responsibility is the basis of the GDPR – organizations should be able to implement the rules of the GDPR from the point of view of the processing of personal data through a system that allows compliance with the requirements to be achieved.
The regulation was adopted on April 27, 2016 and has been in force since May 25, 2018, after a transitional period of two years.
In addition to the GDPR, the basis of the management of the NEWLOOK system are the requirements of the standards ISO 9001:2015 (Quality management systems), ISO/IEC 27001:2013 (Information technologies – Security techniques – Information security management systems) and ISO/IEC 27701:2019 – Security techniques – Extension ISO/IEC 27001 and ISO/IEC 27002 for privacy information management – Requirements and guidelines. NEWLOOK operates according to the stated standards, so documented rules have been established for employees, externally hired executors, clients and service providers:
1. From the point of view of ISO 9001:2015
a. Quality manual – integrated with the requirements of ISO/IEC 27001:2013
b. Operational procedures from the point of view of describing the processes that take place in NEWLOOK
c. Mechanisms of internal checks, review of user requests and review by management
2. From the point of view of ISO/IEC 27001:2013 and ISO/IEC 27701:2019
a. Risk assessment method
b. List of resources (with special requirements from the point of view of GDPR)
c. Statement of applicability
d. Information security policies for employees
e. Information security policies for system administrators
f. Mechanisms of internal checks, review of user requests and review by management
2. Why Privacy Policy
The Privacy Policy describes how we may collect and use personal information, as well as the rights and choices available to our visitors and users regarding such information.
NEWLOOK cares about the privacy of its visitors and users and we are fully committed to the protection of your personal data and proper use in accordance with data protection laws. The top management of NEWLOOK, as well as all employees and externally hired collaborators, are obliged to protect all intellectual property of NEWLOOK and all property used in the provision of services that is the property of the client. In particular, through the risk assessment in ISO/IEC 27001:2013 and ISO/IEC 27701:2019, as well as the requirements of the GDPR, the responsibility for the data of collaborators who entrusted the data to NEWLOOKwith clearly defined rules was determined.
Information security and protection of personal data in NEWLOOK is based on:
– Information security policies for employees and externally hired collaborators
– Organizing information security through internal organization and ensuring security when using employees’ own devices, working remotely and using mobile devices
– Security of human resources from the point of view of information security through screening of candidates before employment, familiarization with information security through education and training during employment and defined responsibilities after termination of employment
– Responsibility for property, classification of information and dealing with the media
– Access control to networks and network services, user access management, user responsibility, system and application access control, as well as cryptographic controls
– Physical safety and safety in the work environment, protection of equipment,
– Security of functioning and communication
– Relations with suppliers from the point of view of information security
– Incident management from the point of view of information security
– Management from the point of view of business continuity
– Compliance with legal and contractual obligations
We respect all laws of the Republic of Serbia, especially those related to information security, i.e. GDPR requirements to the letter.
We have enabled everyone who wants to remove their data to do the same by contacting us at danijela.stankovic@m1.rs ,
Information security is the responsibility of all employees and externally hired users.
Please read this policy and make sure you fully understand it before accessing or using any of our services.
3. Purpose of the Privacy Policy
The NEWLOOK Privacy Policy describes how we have collected and used information relating to each of our non-registered and registered users.
The purpose of this Privacy Policy is to provide you with a clear explanation of when, why and how we collect and use your personal data, as well as an explanation of your legal rights. This Privacy Policy is not intended to terminate the terms of any contract you have with us, or any rights you may have under applicable data protection laws.
This policy describes our privacy practices – what information we collect about our visitors and users, how we collect data, what we do with it, how we protect it, and what your rights are in relation to that information.
By accessing or using any of our services, you acknowledge that you have read this Privacy Policy.
4. What information do we collect?
We collect two types of information: personal information (which can be used to uniquely identify an individual) and non-personal information (which does not identify an individual).
We collect information about our users and visitors, users of our users, job applicants and others listed in this Policy, namely:
1. Non-identifying information relating to visitors or non-identifying users, which may be available to us or is automatically collected. Such non-personal information does not allow us to identify the visitor or user from whom the data was collected. This information we collect generally consists of technical and aggregate usage data, such as visitor and user overview, click-through activity, etc.
2. Individual information, that is, information that identifies an individual or can, with reasonable efforts, lead to the identification of an individual, or can be of a private or sensitive nature (“Personal Information”). The personal information we collect mainly consists of contract signing and contact information (eg e-mail addresses). For the avoidance of doubt, any non-personal information that is linked to personal information in order to improve the services we offer is considered and treated by us as personal information.
We collect similar information relating to visitors and users of our and our clients’ websites (“Users-of-Users”). This information is collected only for our customers as described below.
We also collect information provided by potential candidates when they apply for any open position posted on the NEWLOOK website or otherwise, as described further in the Policy.
5. How do we collect information?
We collect information as follows:
1. All the information we need to sign the contract and perform our core business, as regulated by law. All contracts are signed according to applicable laws and contain the minimum necessary information.
2. We collect information when you visit our site or use our services. In that case, data will be collected, that is, such use will be recorded (independently or with the help of independent services), including the use of “cookies” and other tracking technologies, as described in more detail below.
3. We also collect information from third party sources, as described below. When you visit or use our services – you can also give us an order.
6. Why do we collect information?
We collect all non-personal and personal information for the following purposes:
1. To provide and manage the services we provide;
2. To further develop, adapt and improve our services based on shared or personal visitor and user affinities, experiences and difficulties;
3. To provide our users with continuous information
4. To be able to contact our visitors and users with general or personalized notices and promotional messages related to the Services, as detailed below;
5. To collect and process statistical data through non-personal information that we or our business partners can use to provide and improve our respective services;
6. To improve our data protection capabilities and prevent fraud;
and all in accordance with applicable laws and regulations.
We will only use your personal data for the purposes set out in this Policy where we are satisfied that:
1. The use of your personal data is necessary to comply with a relevant legal or regulatory obligation that we have, or that is
2. The use of your personal data is necessary to support the legitimate interests we have through business – to maintain and improve our services by identifying user trends and the effectiveness of campaigns, all provided that it is carried out at all times in a manner that is appropriate and respects your rights to privacy.
Children under the age of 18 are not allowed to use our services. No one under the age of 18 should provide us with any personal information through any of our services. We do not collect personal information from children under the age of 18, and parents or guardians should supervise their children’s activities at all times.
We also collect and use information to contact our visitors, users and job seekers, and to comply with laws that apply to us.
7. Where do we store your data?
We store the data we have on the NEWLOOK infrastructure located in a secure physical environment. All data is organizationally and technically secured through the requirements of ISO/IEC 27001:2013, ISO/IEC 27701:2013 and GDPR requirements. Service providers who store or process your personal information on behalf of NEWLOOK are contractually obligated to store and secure it in accordance with the requirements set forth in the NDA.
NEWLOOK is responsible for processing the personal information it receives, i.e. from the point of view of subsequent transfers to a third party acting as an agent on behalf of NEWLOOK.
In certain situations, NEWLOOK may be asked to release personal information in response to legal requests from government authorities, including to meet national security and law enforcement requirements, and will only do so if permitted by local data protection laws.
Upon your request, NEWLOOK will provide information about whether we hold any of your personal information. You can access, correct or request deletion of your personal data by writing to us at danijela.stankovic@m1.rs. We will respond to your request within the time limit set by local law or a reasonable time frame.
Please note that permanent deletion removes all your data from NEWLOOK databases AND that the same is possible if regulatory permitted. After you complete this process, you can no longer use any of our services, your user account and all of its data will be permanently removed, and NEWLOOK will not be able to renew your account or download data in the future. If you contact our support in the future, the system will not recognize your account.
If you have any doubts regarding the storage of your data, please contact us at danijela.stankovic@m1.rs. We will send an answer as soon as possible.
8. Job applications
NEWLOOK publicly publishes all calls for vacancies by asking candidates to send their contact details and CV in the manner specified – usually an e-mail address.
We understand that privacy and discretion are key for our applicants, and we are committed to ensuring that all applicants maintain their privacy, i.e., that submitted data is used solely for NEWLOOK’s employment purposes (including identifying candidates, evaluating their applications, making hiring and hiring decisions, and contacting the applicant by phone or in writing). We will use such information solely for our internal recruiting, hiring and business purposes.
NEWLOOK may retain applicant information submitted to it for a maximum of six months after the specified position has been filled or closed. This is introduced so that we can reconsider applicants for other positions and opportunities at NEWLOOK.
If you previously sent your data to NEWLOOK, and now you want to access it, update it or delete it from the NEWLOOK system, please contact us at danijela.stankovic@m1.rs.
9. Sharing of personal data with third parties
NEWLOOK works with a number of selected service providers whose services and solutions complement, facilitate and enhance ours. These contents include services that are necessary to carry out our core business, namely hosting services and servers, as well as communication and content delivery networks, cyber security, web analytics, email distribution and monitoring services, session and remote access services, performance measurement , data optimization and marketing services. We sign a Personal Data Processing Agreement in accordance with the EU General Data Protection Regulation (OP Agreement) with suppliers who, according to the risk assessment, are particularly important (risky) from the point of view of the exchange of personal data..
Such third-party services may receive or otherwise have access to personal information of personal data and / or user users, in whole or in part – depending on each of their particular roles and intentions in facilitating and improving our services and may use it only in such purposes.
NEWLOOK has signed NDAs (non-disclosure agreements) with all the listed service providers from the point of view of keeping business secrets. The said contract can be initiated by NEWLOOK or the service provider itself.
Please note that our services may contain links to other websites or services of our clients, and that we are not responsible for the privacy protection of such websites. Please read the privacy statements of each of our clients’ websites before providing your personal information.
This Privacy Policy does not apply to such linked third-party websites and services.
10. Law enforcement, legal requirements and duties
We may share information about our visitors, clients and client users with various third parties, including certain service providers, law enforcement officials and application developers.
When permitted by local data protection laws, NEWLOOK may disclose or otherwise provide others with access to your personal information pursuant to a legal request, such as a court order, legal process, search warrant or court order, or pursuant to other applicable laws.
Information may be shared only in accordance with this policy.
11. Social networks
Our Services include certain social media features and widgets, a single token for features, such as “Facebook Connect” or “Google Sign In”, the “Facebook Like” button, the “Share this” button or other interactive widgets (“Social Media Features” ). These social media features may collect information such as your IP address or the page you visit on our Website, and may set a cookie to enable them to function properly. Social media features are either hosted by a third party or hosted directly on our Services. Your interactions with third-party social media features are governed by their policies, not ours.
12. Use of Cookies and Other Tracking Technologies
NEWLOOK together with its marketing, analytics and technology partners, uses certain tracking technologies such as cookies, beacons, pixels, tags and scripts. These technologies are used to maintain, provide and improve our services on an ongoing basis, and to provide a better service to our customers and their users. For example, thanks to these technologies we are able to track visitor and user preferences and confirmation sessions to better secure our services, identify technical issues, user trends and campaign effectiveness, and monitor and improve the overall performance of our services.
We must note that third-party services, in this case our clients, that set cookies or use other tracking technologies through our services may have their own policies regarding their collection and storage of information. Such practices are not covered by our Privacy Policy and we have no control over them.
Cookies: In order for some of these technologies to function properly, a small data file (“cookie”) must be downloaded and stored on your device. By default, we use several “persistent” cookies for session and user identification purposes, security, retaining user preferences (e.g. regarding default language and settings), connection stability (e.g. for uploading media, using e-commerce features, etc.), performance monitoring our services and marketing campaigns, and generally providing and improving our services.
If you want to delete or block all cookies, see the help and support area of your Internet browser for instructions on how to find the file or directory that stores cookies. Information about deleting or controlling cookies is also available at www.aboutcookie.org (NEWLOOK does not provide this website and therefore cannot ensure its accuracy). Please note that deleting our cookies or disabling future cookies or tracking technologies may prevent access to certain areas or features of our Services or otherwise negatively impact your user experience.
Clear GIFs: NEWLOOK and certain Customer Services may use a software technology called “clear gifs” (a.k.a. Web Beacons / Web Bugs), which allows them and us to improve our Services by measuring their effectiveness and performance. Clear gifs are small graphics with a unique identifier, similar in function to cookies, however they are not stored on your device, but instead embedded in our services.
Flash and HTML5: NEWLOOK and certain Customer Services may also use certain tracking technologies known as “Flash cookies” and “HTML5”, mainly for advertising purposes. Different browsers may offer their own management tools to remove or block such technologies.
Targeting / Retargeting: NEWLOOK and certain customer services may display advertising on our website or manage our advertising on other websites. For this purpose, certain tracking technologies may be used to collect certain information about your activities and various third-party services to provide you with targeted advertising based on your interests and preferences. You can choose to receive targeted ads from certain advertisers and ad networks by clicking on a clearly defined place. Please note that this does not opt you out of receiving all advertisements and that your choice will only be in relation to specific advertising. You will continue to receive advertising that you have not opted out of.
Addition of User Data: We may obtain information about you from other sources, including publicly available databases or third parties from whom we have purchased data, and combine this data with information we already have about you. This helps us update, expand and analyze our records, identify new customers and provide products and services that may be of interest to you. When we receive your personal information from customers, we ensure that those parties undertake to notify you that personal information will be disclosed and to take steps to ensure the accuracy of your personal information before you use it. If you provide us with personal information about others, or if others provide us with your information, we will only use it for the specific reason for which we provided it.
Do Not Track Signals: Please note that we do not change our practices in response to a Do Not Track HTTP header signal from browsers. We and some third-party services may use cookies and similar tracking technologies during our services. These technologies are mainly used for stability, security, functionality, performance and advertising purposes.
You may block, disable, or otherwise manage such tracking technologies yourself through your browser settings or other sources, but please note that this may adversely affect the way you receive our services.
13. Promotional messages
We may use your personal information to send you promotional content and messages via e-mail, text messages, direct text messages, marketing calls and similar forms of communication.
If you do not wish to receive such promotional messages or solicitations, you may notify NEWLOOK at any time or follow the unsubscribe or STOP instructions contained in the promotional communications you receive.
We take steps to limit the promotional content we send to a reasonable and proportionate level and to send you information that we believe is of interest or importance to you, based on your information we have received.
14. Rights regarding your personal data
Through the requirements of ISO 9001:2015, ISO/IEC 27001:2013, ISO/IEC 27701:2019 and GDPR, NEWLOOK has taken all technical and organizational measures to enable you to access, receive a copy, update, modify, delete or limit the use of your personal data.
Before disclosing requested personal information, we may ask you for additional information to verify your identity and for security purposes.
You have the right to lodge a complaint with your local data protection supervisory authority, in which case we recommend that you contact us first.
If you would like to access and/or ask us to make corrections to the personal data you have stored with us or would like to request a list of personal data (if any) that we have disclosed to third parties for direct marketing purposes, please contact us at danijela.stankovic@m1.rs.
We will use reasonable efforts to investigate your request promptly (unless we request additional information from you in order to fulfill your request), in accordance with legal and other permissible considerations.
15. Data Retention
We may retain your personal information (as well as our customer user information) for as long as your user account is active, as set forth in this Privacy Policy or as otherwise necessary to provide our services.
We may continue to retain such personal data even after deactivating your user account and/or ceasing to use any of the specified services, as reasonably necessary to comply with legal obligations, to resolve disputes relating to our customers or their users primarily due to possible fraud and abuse.
16. Security
NEWLOOK has implemented security measures through ISO 9001:2015, ISO/IEC 27001:2013, ISO/IEC 27701:2019 and GDPR requirements to protect the information you share with us, including physical, technical and organizational measures. We regularly monitor our systems for possible vulnerabilities and attacks and regularly seek new ways and third-party services to further improve the security of our services and protect the privacy of our visitors and users.
Regardless of the measures and efforts taken by NEWLOOK, we cannot and do not guarantee the absolute protection and security of your personal information, customer user information or any other content we receive.
Therefore, we encourage you to set strong passwords for your User Account and User Website, and avoid contacting us or anyone with any sensitive information that you believe could cause significant or irreparable harm to disclose. We also encourage you not to share any personal information in any of these areas.
If you have any questions regarding the security of our services, please feel free to contact us at danijela.stankovic@m1.rs.
We are committed to securing your personal information and use numerous organizational and technical measures.
Public forums and user content
Please be aware that any information you provide through blogs or similar areas may be read, collected and used by others who access them. To request the removal of personal data from our blogs, communities or forums, feel free to contact us at: danijela.stankovic@m1.rs.
We have put in place adequate security measures to protect your personal data. However, we cannot control the actions of other users or members of the public who may access your User Content. Copies of User Content may remain visible on cached and archived pages or if any third party copies or stores such User Content. We advise you not to post any information that you do not wish to be made public.
17. Update And Interpretation
NEWLOOK will update this Privacy Policy in accordance with applicable law and will post any changes in data collection, use and storage practices. If we make any changes that we consider important, we will notify you before the change becomes effective. Please review this page periodically for the latest information on our privacy practices.
Unless otherwise noted, our most recent privacy policy applies to all information we have about you and user users, in connection with our Website and other services.
18. Contact us
If you have any questions about this Privacy Policy or wish to exercise any of your rights, please contact us at danijela.stankovic@m1.rs. We will attempt to resolve any complaints regarding the use of your personal information in accordance with this Privacy Policy.
Belgrade, 30.01.2024.
Director Ivan Košutić