1. General provisions
This document defines the terms of relation, in the context of collection, storage and processing of data, and the privacy and secrecy of that data, between you (the user, hereinafter "you", "User", "visitor") and the web site "Skrati" (available at the web address https://sk.in.rs/, hereinafter: "we", "Website", "Skrati"), owned by Milan Kragujević (hereinafter "Owner").
On this Website we collect a very small amount of your data in anonymized form, as well as certain personal data with your explicit consent, which you can withdraw at any time, after which your data will be deleted within 30 days.
2. Data collection
3. Data being collected, basis of processing, automatic profiling
The Owner automatically collects certain information from users which are not considered personal information because they cannot be used to reveal the users' true identity.
Certain data that can be considered personal data is collected by the Owner from users who decide to share the specified data, with express and informed consent. This information is considered confidential and will not be displayed, published, disclosed or sold to third parties.
The Owner collects data from users, performs processing and automatic profiling on the following bases:
- Newsletter functionality - collecting, storing and processing the User's Email address in order to send notifications about new content on the Website
- Survey functionality - collection of statistical data on the interests and opinions of the Website's Users
- Comment functionality - collecting, storing and publishing the text of comments entered by the User
- Like button functionality - collection, storage and processing of IP address, session ID, "User Agent" ID to prevent double voting and abuse
- Attack protection functionality - collection, storage, processing, sharing  IP addresses, session ID, "User Agent" ID, Cookies, permanent device ID obtained based on mathematical operations on the User's device ("fingerprint"), as well as automatic profiling visitors on the basis of collected data and checks in the databases of partners and related entities in order to determine the "Threat Score" rating of visitors and a possible ban on access to certain parts of the Website or the entire system
- Visits analysis functionality - collection, storage, processing, sharing  IP addresses, session ID, "User Agent" ID, Cookies, permanent device ID ("fingerprint"), visited pages of the Website, time spent on the pages, clicks on links, Referer address, device manufacturer and model, Internet provider, for the purpose of analyzing user visits in order to improve the user experience and adapt the content to the interests of users.
4. The right to inspect, modify and delete your data
If you want to request access to personal data, their correction, addition or deletion, in accordance with the Law on Personal Data Protection (Zakon o zaštiti podataka o ličnosti, ZZPL) for citizens of Serbia, or General Data Protection Regulation (GDPR) for EU residents, you can contact us as follows:
- via email: [email protected]
You can download the ZZPL Request Form on the website of the Commissioner for Information of Public Importance and Personal Data Protection.
It is noted that we are only able to influence the data that is stored and processed on our servers, and not the data that is processed by partners and related parties. In order to exercise your rights over data not processed by Skrati (or the Owner), it is necessary to contact the services listed in Article 14.
The deadline for response is 15 days and the deadline for the realization of a properly sent Request is 30 days.
5. Data discovery
If at any time we are obliged to disclose the collected data to a third party, based on a court decision and in accordance with the law, you will be notified in a timely manner, unless the court order contains a secrecy mark or a ban on notifying the user, or if it is technically impossible to inform the user on disclosure of their data to a third party.
The Owner may from time to time publish general information to third parties (number of visitors to our site, interest of visitors - eg. "most users have visited the XYZ article in the past 7 days", main content sources - eg. "social networks, Google search", etc. .), but will never include information by which individuals could be identified.
6. Use of "Cookies"
7. Analytics and partners
The Portal uses the services of partners for the purposes of visit analysis - Google Analytics, MK AFPA - and attack protection - CloudFlare, hCaptcha. You can find the privacy policies of these services at the following links:
- Google Data practices for Analytics
In addition to the above, certain data that cannot be personally used to personally identify users, and that is automatically collected for the purposes of visit analysis and/or technical protection against attacks, may be collected and/or processed by other partners, which are listed in Article 14.
When subscribing to our newsletter, you need to provide us with your Email address, which we will keep in continuity, and which we will not share, disclose or sell to third parties, other than Twillio SendGrid . You can unsubscribe from the newsletter at any time - at which point your Email address will be deleted from our system .
9. Social networks
The Owner uses the services of certain social networks on which the Website has a presence in order to advance business interests and improve communication with users.
If you access the services of the Website via the social network Facebook, read the Facebook Data Policy.
10. Children under 13 years of age
The Website is not intended for children under 13 years of age. If you are under 13, leave the Website immediately and tell your parents or guardian about visiting the Website.
11. Data security
The owner does everything in his power to keep the data he uses and processes safe. The data is stored on servers in Serbia and the EU, protected by the most modern methods of technical and physical protection against unauthorized access. Data is processed on computer systems in Serbia and the EU. Data is also stored in the form of encrypted backups on servers and computer systems in Serbia, the EU, the US and Australia, as well as on the cloud backup service Backblaze B2 .
13. Additional information and questions
14. Appendix: List of partners that collect, store or process User data
- United Internet
- Digital Ocean
- Digital Ocean
Last change: 30/06/2021