Statement on personal data protectionand the use of WSPay
The naronija.hr website uses WSPay for online payments.
WSPay is a secure system for online payment, real-time payment, credit and debit cards and other payment methods. WSPay provides the customer and merchant with secure registration and transfer of entered card data, which is confirmed by the PCI DSS certificate that WSPay has. WSPay uses SSL certificate 256 bit encryption and TLS 1.2 cryptographic protocol as the highest levels of protection when writing and transferring data.
Protection of personal data in accordance with the General Data Protection Regulation of the European Parliament and of the Council No. 2016/679-Regulation and the implementation of the General Data Protection Regulation
WSPay, as the executor of credit card authorization and payment, handles personal data as a processor and handles personal data in accordance with the General Data Protection Regulation of the European Parliament and the Council No. 2016/679 and strict PCI DSS L1 regulations on registration protection and data transmission.
WSPay uses SSL certificate 256 bit encryption and TLS 1.2 cryptographic protocol as the highest levels of protection when writing and transferring data.
Personal data used for the purpose of authorization and collection - (in the performance of obligations under the Agreement or under the Agreement) are considered confidential data.
The following personal data of the buyer are required for the execution of the Contract (authorizations and collection):
- Name and surname
- Phone
- Address
- Place
- Zip code
- State
- Card type
- Card number
- Card life
- CVV card code
WSPay does not process or use this personal data except for the purpose of enforcing the authorization and charges agreement.
WSPay guarantees the fulfillment of all conditions set by the applicable regulations on personal data protection for personal data processors, and in particular the taking of all necessary technical, organizational and security measures, and this is especially confirmed by the PCI DSS L1 certificate.
Naronija.hr obliges to provide protection of personal data of customers, by collecting only the necessary, basic data on customers / users that are necessary to meet our obligations; informs customers about how to use the collected data, regularly gives customers a choice about the use of their data, including the ability to decide whether or not to remove their name from the lists used for marketing campaigns. All user data is strictly kept and is available only to employees who need this data to do their job. All Naronija employees and business partners are responsible for respecting the principles of privacy.