THE PRIVACY POLICY
Last revision: 1 August 2023
I INTRODUCTION
Mondo Inc doo Beograd, the company with its seat in Belgrade, Serbia, Obilićev venac no. 4/3, company ID no. 20729384 (hereinafter referred to as: “Mondo Inc”) is a controller of personal data collected by way of the following platforms and relevant Internet portals and mobile applications (domains and sub-domains):
◦ Kurir (kurir.rs), Espreso (espreso.rs), Mondo (mondo.rs), Elle Serbia (elle.rs), National Geographic Srbija (nationalgeographic.rs) (hereinafter referred to as: media platforms)
◦ Sasomange (sasomange.rs) (hereinafter referred to as: sasomage platform)
◦ Iskustva&Preporuke (iskustvaipreporuke.rs) (hereinafter referred to as: experiences &recommendations platform)
(hereinafter collectively referred to as: Portal/app).
Mondo Inc honours your right of personal data protection („personal data“) and therefore this Privacy Policy is to inform you as to which personal data we collect and process when you use the Portal/app, why we collect it and how we use it, the grounds on which and the manner in which we process it, and about your rights and how you may exercise them. In cases when some additional or different processing of your personal data is made (the processing of some other type of personal data and/or for some other purposes), prior to launching such processing, we shall inform you of the type of personal data, purpose of the processing and the grounds on which we intend to process it in that particular case, as well as your rights related to the protection of personal data. In the above cases, if necessary and if that is the grounds for processing, we shall request consent for such processing of your personal data. This Privacy Policy is an integral part of the rules and terms of use of each Portal/app which you may access. By accessing the Portal/app and using its available services and functionalities or leaving comments on the Portal/app with or without opening the Profile and the application, visitors grant their consent to and acknowledge that Mondo Inc collects, processes and uses information and/or personal information in the manner laid down herein as a processor of personal data.
II INFORMATION THAT WE COLLECT AND PURPOSE OF USE
Information we collect
When visiting and using the Portal/app exclusively for information purposes, that is, if you do not register or you do not make your personal data otherwise available, we collect personal data conveyed by your Internet browser and/or device.
If you wish to leave a comment on a piece of news that has been published without creating a user WMG profile WMG ID), you may do so by leaving your user name-nickname you yourself create. In that case, it is up to you which personal data you make publicly available and whether you are to make it publicly available.
Should you decide to create a user WMG profile WMG ID (hereinafter referred to as: Profile) on the Portal/app, you are making available to us your personal data as follows: email (which also serves as your user name) and password, and in case the Profile is created via Facebook or some other application/social network, your email address, name and profile photo published on Facebook or some other application/social network which the system automatically takes over when so opening the Profile, given that our Portals/applications also use the Facebook App + „Connect“ function to simplify the registration process for users that already have their Facebook accounts.
When creating a user Profile on the sasomange platform, Mondo Inc may also collect the following data and information that you, as users of the said platform, leave when opening a Profile or publishing an ad: full name, phone number, email, address and any other provided addresses such as the address of your residence or the address at which the advertised object has been found; passport no. (optional) for persons that are not citizens of the Republic of Serbia.
When creating a user Profile on the experiences&recommendations platform, Mondo Inc may also collect the following data and information that you, as the users of the said platform, provide when opening a Profile or publishing reviews: nickname, personal name and surname and email.
Mondo Inc also automatically collects, processes and uses particular pseudonymised information and/or data with respect to the manner in which the visitors use the web pages of the Portal/app; devices and key words used when browsing, visiting or using the functionalities of the Portal/app; the location from which the User accesses the Portal/app, time and date of leaving a comment on the Portal/app and the IP address (location) from which a comment was posted, and/or from which registration to the Portal/app was made;
The information about the data referred to in the preceding paragraph may be in the form of:
◦ Data about the devices from which visitors access the Portal/app: operative system and its version, brand and type of the device, data about the Internet network which you are accessing the Portal/app from;
◦ Information related to the use of the Sasomange.rs website;
◦ Data about the location in the form of IP address;
Purpose of use
We collect and process all of the above personal data for different purposes that may arise from legal obligations or contractual obligations with the users of the Portal/app defined under the laws of the Republic of Serbia and the terms of use of the Portal/app, or for marketing and for the purpose of personalised communication with the users as follows:
◦ for the purpose of enabling the browsing and use of the Portal/app, communication with the users (whether in terms of user support, feedback or otherwise), and leaving comments on the Portal/app;
◦ for the purpose of authenticating the user, resetting passwords, verifying the Profile or providing information about security issues;
◦ to identify or remove errors or technical issues that may occur while using the Portal/app, prevent or eliminate any abuse or breach of rights and regulations. This also implies blocking comments/ads that breach our Rules and terms of use and relevant legal regulations;
◦ to record the browsing history of the Portal/app, and collect data about user preferences and behaviour (such as, for instance, the type of news they read or information about how often they visit the Portals);
◦ for marketing purposes (including the analysis of your interests with a view to placing customized/relevant commercials and information, marketing material or promotions (sending newsletters), and for offering a personalized experience to the users (sending personalized news, recommendations or special offers relevant for the users).
◦ to send notifications about all updates of the Portal/app of importance for registered users, new functionalities which we launched for registered users and new benefits we created for them.
◦ to prevent criminal offences and assist the authorities in identifying the perpetrators of criminal offences or lending assistance in settling civil proceedings at the behest of a court or some other competent authority.
Using cookies and similar technologies
The Portal/app uses cookies. Cookies are text databases stored on Internet visitors’ devices and used for improving the efficiency of functioning of web sites and for providing certain information to the owners of such websites.
Both temporary and permanent cookies may be used towards Users of the Portal/app for the purpose of better understanding how Users communicate with the Portal/app in order to follow overall use and routing of Internet traffic on the Portal/app in order to improve the Portal/app and its functionalities and present ads to the Users.
Temporary cookies facilitate certain characteristics of the website and are deleted from the computer when the User disconnects itself or leaves the Portal/app. Permanent cookies remain even after the browser is closed and may be used when revisiting the Portal/app. Permanent cookies may be removed by following the help instructions of the Internet browser. In addition, most of the Internet browsers automatically accept cookies, but it is possible to adjust the options of the browser so that it does not accept them without prior authorization for all websites visited by the User.
When first visiting the Portal/app, displayed is the notification about all cookies that we use, the data they collect and the purpose of such collection, if necessary, in accordance with the applicable regulations. Without the necessary cookies it is impossible to browse and use the Portal/app. For all other cookies, you will have the option whether you wish to accept their use or not. If you do not accept cookies, this will not prevent you from using the Portal/app, but may influence the functionality of its use. The User may disable the storage of cookies by setting their browser accordingly.
III THE GROUNDS FOR DATA PROCESSING
The grounds for personal data processing as a data subject include the fulfilment of a contractual obligation and a legitimate interest of the controller in accordance with the Law on Personal Data Protection of the Republic of Serbia (hereinafter referred to as: LPDP).
By accepting the rules and terms set out herein in the manner laid down hereinafter and within the Portal/app itself, you grant your explicit consent to personal data processing in such a manner and for such purposes as are defined herein.
IV DATA SHARING AND IMPARTING
Your personal data may be made available to the related persons of Mondo Inc, vendors (service providers), business partners and other business entities authorized for data processing, with a view to fulfilling the purpose of the processing wherefor personal data has been collected and in compliance with the applicable regulations.
We may assign, make available and/or publish information and personal data that we collect from our Users in the following situations:
◦ When there is an explicit consent of the User – person which the personal data pertains to, granted by accepting this Privacy Policy.
◦ When there is an official request and a properly formulated Profile of the competent authority.
◦ When assignment or making available personal data are required for the purpose of meeting a contractual obligation towards the Users or exercising contractual rights towards Users.
Usual Cases in which personal and other data are shared/made available are as follows:
◦ Collective information or non-personalized information
We may share collective information which does not include personal data and otherwise disclose non-personalized data and log data to third parties for the purpose of industrial analysis, profiling and for other purposes as well.
◦ Third Parties as Service Providers
We can hire third parties or natural persons to help us provide or to provide our services on our behalf, to render the services related to the sale of services or goods that we can perform via the Portal/app or to help us analyse the use of our services. These third parties have the access to aggregate information that we collect from our Users only for the purpose of performing these tasks on our behalf, they apply respective security measures and process the data in line with this Privacy Policy.
These third parties are the companies seated in Serbia or in the countries listed in Article 64, paragraph 7 of the Law on Personal Data Protection, i.e. that provide appropriate level of personal data protection.
◦ Business transfers
We can sell, transfer or otherwise share some or all fixed assets, including the personal data collected from our Users in case of a merger, consolidation, reorganisation or sale of fixed assets or in case of bankruptcy.
◦ Related legal entities
We make available personal data to related legal entities that own, or administer the Portals / apps, for the purposes set out in this Privacy Policy.
◦ Compliance with the law and cooperation with state authorities
We cooperate with state authorities and officials and other persons who are responsible for law enforcement and for the purpose of law conformity. We will make available any data collected form Users to state authorities and their officials and other persons if it is required or appropriate, according to the applicable regulations, to respond to the requests or legal processes (including, inter alia, court Profiles) of these persons or to protect our assets and third party rights, to protect public security and the security of individuals or to prevent or stop the activity that we deem or that is a risk to be in any way contrary to the law, unethical or sanctionable.
◦ International transfer
Your personal data can be transferred or maintained on the computers outside the Republic of Serbia, for the purpose of establishing cooperation with Service Providers, in particular on the servers located in members states of the Council of Europe or in the USA.
V LINKS TO OTHER WEBSITES
The portal/app contains links to other web pages. If you opt to visit the Portal by clicking the advertisement link or another type of advertisement, or by clicking a third party’s link, you will be redirected to the web page of the third party. The fact that we provide connection to the web page or set advertising links or another type of commercial that is not an approval, authorisation or connection to such third party, nor it represent the approval of their data and privacy policy. We do not assume control of third parties’ web pages. Such other web pages may send their own cookies or other files to your computer/phone/tablet, collect data or require personal information from you. Other web pages follow different rules regarding the use and publication of personal data you provide them with. We do advise you to read the rules on the protection of privacy and declaration of other web pages you visit.
VI SECURITY
We take special care of your information and we take administrative, physical and electronic measures designed to protect your information from unauthorised access. Personal data are stored in databases and servers protected by cutting-edge technologies, and the access to Users’ personal data is granted only to the employees who have undergone adequate training.
As regards the data security, Mondo Inc applies the recognized information security standards:
◦ it conducts technical and organisational measures of protection based on risk assessment;
◦ verifies the collection of information, storage and processing method;
◦ tests the organisational and technical measures of protection;
◦ takes measures that may identify and/or prevent unauthorised collection and abuse of personal data;
◦ use modern methods of protection of all identification data and other sensitive information by using the encryption modes of User Data Cloud solutions.
We will fulfil the legal obligation and notify you or any violation of security, confidentiality or integrity of your non-encrypted electronic personal data (as established by the applicable legal regulations), e-mail or a prominent notice on the Portal / app in the shortest period of time and without unreasonable delay, if it conforms to 1) legitimate needs of law enforcement or 2) any measures necessary to establish the scope of privacy breach and to restore the integrity of data system.
VII THE RIGHTS OF PERSONAL DATA OWNERS
The User, or the person who the data processed by Mondo Inc apply to has the right to inspect all personal data collected or processed, as well as the right to ask for all personal data stored by Mondo Inc to be delivered in line with the applicable regulations of the Republic of Serbia.
In accordance with the applicable Law on Personal Data Protection, the data owner has the following special rights:
◦ The right to be informed: the User who is the owner of personal data has the right to be informed whether Mondo Inc who is the controller of data performs processing of its personal data and in what way.
◦ The right to access: the User who is the owner of personal data has the right to access its personal data with regard to which it is verified whether its personal data are being processed or if processing is performed in accordance with the law.
◦ The right to revision: the User who is the owner of personal data has the right to seek revision of all incorrect or incomplete data, in order to protect the accuracy of such information and adaptation for a regular and lawful data protection.
◦ The right to deletion and revoking of consent: the User who is the owner of personal data has the right to seek that Mondo Inc who is the controller of data to delete the information about it and to stop processing such data, which is initiated and conducted by the User by implementing the procedure of deletion of Profile in accordance with the instructions on the web site/app, subject to the consequences upon the User set out during the procedure of deleting the Profile. The restraints from this right exist in the circumstances where modification or deletion of the User’s personal data may result in the obstruction of investigation, detection or pursuit of criminal acts, as well as the obstruction of claims in civil proceedings.
◦ The right to restrict processing: the User who is the owner of personal data has the right to ask from Mondo Inc, who is the controller of data, a restriction in processing of its data (the use of this right may imply inability to further use the services provided by Mondo Inc).
◦ The right to data portability: the User who is the owner of personal data being processed may request a transfer of such data to another controller.
◦ The right not to be subject to automated individual decision-making: the User who is the owner of personal data has the right not to be the subject of the decision based only on automated processing, including profiling, if such profiling provides legal effect regarding the owner of data or affects him or her in a similar fashion. In case of personal data breach, the User who is the owner of personal data has the right to be informed thereof without delay. In case the User who is the owner of personal data considers that some of its rights is jeopardized, he/she may file an official complaint to the Personal Data Protection Officer of the Republic of Serbia.
VII DURATION OF PROCESSING
The User’s personal data shall be processed by Mondo Inc (on a case-to-case basis and subject to the specific purpose and grounds of processing) for as long as there is a consent for processing, during the contract term, i.e. for as long as there is a legitimate interest, in any case no longer than 5 (five) years from the processing commencement date (collection) of personal data, unless there is a statutory obligation to keep data in a longer period of time.
VIII COMPANY POLICY TOWARDS MINORS
The services provided by Mondo Inc via the Portal/app are not intended to minors under the age of 15 (hereinafter: minor).
Mondo Inc shall not collect or process, deliberately or intentionally, the minors’ personal data.
A parent or a legal custodian who observes that a minor they are responsible for has provided their data or third party’s data without consent, for the purpose of leaving comments, or opening Profiles and sign-in on the Portal/app, can send the application to the following address: zastitapodataka@adriamedia.rs
IX CONTACT
If you have any questions regarding this Policy, our practice regarding your personal data related to the Portal/app, or if you would like us to remove your personal data from our database, you can contact us on the following email: zastitapodataka@adriamedia.rs
X AMENDMENTS AND ENTRY INTO FORCE
This Privacy Policy may be updated or amended form time to time. We will advise you of any significant amendments by publishing a new Policy on the web page of the Portal/app and/or via e-mail. We suggest to check on this Privacy Policy regularly for any changes that may occur. This Privacy Policy shall enter into force as of the date of its publication when the provisions of previous privacy policy shall no longer apply,
By accessing or using any Portal/app, and by leaving comments, or registration of Profile and application, you are deemed informed about this Privacy Policy and the Terms of Use of any Portal/app that you access and that you consent to the specified rules and terms.
This Privacy Policy shall enter into force as of the date of its publication on the Portals/app stated in the Introduction to this document and it shall replace all previous privacy policies on such Portals/apps