Privacy Policy
General information
This Privacy Notice tells you what to expect us to do with your personal information when you make contact with us or use one of our services.
We’ll tell you:
- Why we process your information
- What purpose we are processing it for
- Whether you have to provide it to us
- How long we store it for
- Whether there are other recipients of your personal information
- Whether we intend to transfer it to another country
- Whether we do automated decision-making or profiling
1. Who are we?
This website is owned by C.M.G.C. d.o.o. Pula (hereinafter, “CMGC”), registered in the Commercial Court in Pazin, MBS number 130026814, with Tax ID: HR 80346735478 and with its registered office at Labinska 2C, 52100 Pula, Croatia.
2. How do we get information?
Most of the personal information we process is provided to us directly by you for one of the following reasons:
- You contacted us through our website contact form
- You subscribed to our e-newsletter
- You are a valued business partner
- You downloaded our documents.
3. Your data protection rights
Under data protection law, you have rights we need to make you aware of. The rights available to you depend on our reason for processing your information.
Your right of access – You have the right to ask us for copies of your personal information. This right always applies. There are some exemptions, which means you may not always receive all the information we process.
Your right to rectification – You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. This right always applies.
Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing – You have the right to ask us to restrict the processing of your information in certain circumstances.
Your right to object to processing – You have the right to object to processing if we are able to process your information because the process is in our legitimate interests.
Your right to data portability – This only applies to the information you have given us. You have the right to ask that we transfer the information you gave us from one organization to another or give it to you. The right only applies if we are processing information based on your consent under, or in talks about entering into a contract and the processing is automated.
You are not required to pay any charge for exercising your rights. We have one month to respond to you. If you are receiving our newsletter, you can exercise your rights to erasure and rectification by changing your data or opt-out directly with our data processor via the link you receive in your newsletter.
You can also exercise your rights by contacting us at legal_cro@convergent-usa.com.
4. Sharing your information
CMGC will not share your information with any third parties for the purposes of direct marketing. We use data processors who are third parties who provide elements of services for us such as Mailchimp and Google. We have contracts in place with our data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us. They will hold it securely and retain it for the period we instruct. International data transfers are regularized with standard contractual clauses.
5. Links to other websites
Where we provide links to websites of other organizations (e.g. Magnet, Talentlyft), this privacy notice does not cover how those organizations process personal information. We encourage you to read the privacy notices on the other websites you visit.
6. Contact form on our Website
Purpose and the lawful basis for processing – Our purpose for collecting the information is to reply to the questions you shared with us through the contact form on our website. The lawful basis we rely on for processing your personal data is your consent under Article 6(1)(a) of the GDPR.
What do we need? – Your name and email address.
Why do we need it? – We use your email address to send you our reply.
What do we do with it? – We only use your details to provide the service.
How long do we keep it? – We keep it for the time you receive a complete answer.
What are your rights? – We rely on your consent to process the personal data you provide to us through the contact form. This means you have the right to withdraw your consent at any time. If at any point you want to withdraw your consent, please contact us at legal_cro@convergent-usa.com.
Visitors to our website
Analytics – when you visit our website, we use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behavior patterns. We do this to find out the number of visitors to the various parts of the site. This information is only processed in a way that does not directly identify anyone.
We do not make and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do collect personal data through our website, we’ll be upfront about this. We’ll make it clear when we collect personal information and we’ll explain what we intend to do with it.
Cookies – We use a cookies tool on our website to gain consent for the optional cookies we use. Cookies that are necessary for functionality, security, and accessibility are set and are not deleted by the tool. You can read more about how we use cookies, and how to change your cookies preferences, on our Cookie Policy page.
Hosting – We host our website with DigitalOcean LLC. DigitalOcean receives Personal Information pursuant to Standard Contractual Clauses and other data transfer mechanisms. DigitalOcean also has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. DigitalOcean recognizes that the Court of Justice of the European Union ruled in July 2020 that a certification under the EU-U.S. Privacy Shield Framework no longer can serve as the basis by which entities subject to the GDPR export Personal Information to countries whose laws have not been recognized by the European Commission, DigitalOcean continues to honor its obligation to comply with the Privacy Shield. DigitalOcean currently utilizes Standard Contractual Clauses in connection with transfers of data from the EEA to the US. For more information, please visit https://www.digitalocean.com/legal/privacy-policy or contact DigitalOcean via privacy@digitalocean.com.
Purpose and the lawful basis for processing – The purpose for implementing the above is to maintain and monitor the performance of our website and to constantly look to improve the site and the services it offers to our users. The lawful basis we rely on to process your personal data is either Article 6(1)(a) of the GDPR, for example when we require your consent for the optional cookies we use or Article 6(1)(f) which allows us to process personal data when it’s necessary for our legitimate interests. For example, in order to maintain the integrity of our IT systems and the continuity of our business.
What are your rights? – As we are processing your personal data for our legitimate interests as stated above, you have the right to object to our processing of your personal data. There are legitimate reasons why we may refuse your objection, which depends on why we are processing it.
Our newsletter and other e-mail content
Purpose and the lawful basis for processing – Our purpose for collecting the information is so we can provide you with a service and let you know about upcoming events. If you subscribed to our newsletter the lawful basis we rely on for processing your personal data is your consent under Article 6(1)(a) of the GDPR and if you receive our newsletter as a valued business partner the lawful basis we rely on for processing your personal data is a legitimate interest under Article 6(1)(f) of the GDPR.
What do we need?
Your name and email address.
Why do we need it?
We use your email address to send you our e-newsletter.
What do we do with it?
We only use your details to provide the service. We gather statistics around email opening and clicks using industry standard technologies including clear gifs to help us monitor and improve our e-newsletter. You will receive a confirmation email once you have submitted your details and then the newsletters usually once a month.
How long do we keep it?
We keep it as long as you are subscribed to our newsletter.
What are your rights?
We rely on your consent or legitimate interest to process the personal data you provide to us for marketing purposes. This means you have the right to withdraw your consent or to object to the processing of your personal data for this purpose at any time. If at any point you want to withdraw your consent please contact us at legal_cro@convergent-usa.com or opt-out directly via Mailchimp using the link in your newsletter.
Do we use any data processors?
Yes – we use Mailchimp to deliver the e-newsletter. For more information, please see Mailchimp’s Privacy Policy.
Is your data being transferred?
Yes, your data may be transferred to The Rocket Science Group LLC (Mailchimp). Mailchimp has self-certified its compliance to both the EU-Swiss Privacy Shield Framework and the Swiss-US Privacy Shield Framework. On July 16, 2020, Europe’s highest court (the CJEU) invalidated the EU-US Privacy Shield. However, Mailchimp will continue to protect EEA, UK, and Swiss data in compliance with the Privacy Shield Principles to which it has self-certified compliance. See their Privacy Policy for more details. In addition, Mailchimp contractually commits to transfer and process all of its users’ EU and UK data in compliance with the Standard Contractual Clauses, which remain a valid data export mechanism and which automatically apply in accordance with Mailchimp’s Data Processing Addendum.
Documents download
Purpose and the lawful basis for processing – Our purpose for collecting the email address is so we can provide you with a service or let you know our latest offers or service. If you downloaded our documents the lawful basis we rely on for processing your personal data is your consent under Article 6(1)(a) of the GDPR.
Since we rely on your consent to process the email address you provide to us you have the right to withdraw your consent. If at any point you want to withdraw your consent please contact us via legal_cro@convergent-usa.com.
We will keep your e-mail address for one year.
We will keep your email address safe on our servers located in Pula, Croatia, or Microsoft’s servers located in the EU.
We do not use any data processors apart from Microsoft.
We will not transfer your personal data outside of the EU.
Changes to Privacy Notice
We keep our Privacy Notice under regular review to make sure it is up to date and accurate and we reserve the right to revise it at any time. For this reason, we kindly ask you to regularly check this privacy statement for the latest version of CMGC’s Privacy Notice. The previous revision was dated November 2020 and his revision is dated April 2022.