Clicker Logo
Arrow Down
EnglishSerbian

WELCOME TO CLICKER
PRIVACY POLICY PAGE

1. General Information and Data Controller Details Regarding the Processing of Personal Data

Dear Users,

Please read this Privacy Policy carefully before using the CLICKER mobile application (“Application”). By using the Application, you agree to this Privacy Policy and confirm that you have read, understood, and accepted the terms under which we process your personal data.

CLICKER NIŠ, with its registered office at Knjaževačka 61, Niš, Company Registration Number: 66927598 (hereinafter: “CLICKER,” “we,” “our,” “us”), respects and protects the privacy of every user of the Application (“Users,” “you”) whose personal data we collect and process as a data controller.

The collection, processing, and storage of personal data by CLICKER is carried out in accordance with the Law on Personal Data Protection (“Official Gazette of the Republic of Serbia,” No. 87/2018) (hereinafter: “Law”), as well as with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) to the extent applicable.

By being aware that privacy is important to you, and with the aim of safeguarding the privacy of individuals whose personal data we collect, we have adopted and published this Privacy Policy. It defines which personal data we collect, how and for what purpose we process them, how we protect them, how long we retain them, to whom we disclose them, as well as what rights you have regarding your personal data. If you have any questions or concerns, feel free to contact us at team@clickerofficial.com.

To ensure full compliance with applicable data protection legislation, we regularly review and update our internal policies and procedures in line with the GDPR and the Serbian Law on Personal Data Protection. We closely monitor guidance and rulings provided by the European Data Protection Board (EDPB), the Commissioner for Information of Public Importance and Personal Data Protection in Serbia, and other relevant authorities to ensure that your personal data is processed lawfully, fairly, and transparently.

2. Key Terms and Types of Personal Data Processed by CLICKER

“Personal Data” refers to any information relating to an identified or identifiable natural person, directly or indirectly, particularly by reference to an identifier such as a name, identification number, location data, online identifier, or by one or more factors specific to that person’s physical, physiological, genetic, mental, economic, cultural, or social identity.

“Processing of Personal Data” means any operation or set of operations performed on personal data or sets of personal data, whether by automated or non-automated means. This includes but is not limited to collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, delivery, duplication, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

“Controller” means a natural or legal person or a public authority that, alone or jointly with others, determines the purposes and means of the processing of personal data.

“Processor” means a natural or legal person or a public authority that processes personal data on behalf of the Controller.

“Recipient” means a natural or legal person or a public authority to whom personal data are disclosed, whether or not it is a third party, except for public authorities which receive personal data in accordance with the law within the framework of a particular investigation and process such data under the applicable data protection rules related to the purpose of the processing.

“Consent” of the data subject is any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which they, by a statement or by clear affirmative action, signify agreement to the processing of their personal data.

“Personal Data Breach” is a breach of security leading to the accidental or unlawful destruction, loss, alteration, or unauthorized disclosure of, or access to, personal data that has been transmitted, stored, or otherwise processed.

“Sensitive Data” refers to special categories of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as the processing of genetic data and biometric data for the purpose of uniquely identifying a natural person, health data, or data concerning a natural person’s sex life or sexual orientation.

We do not collect or process your sensitive data unless you voluntarily provide them to us or unless we are obliged to do so under applicable regulations and with your explicit consent.

We do not knowingly collect personal data from children under the age of 18. If we become aware that we have inadvertently collected such data, we will take steps to delete it as soon as possible. If you are a parent or guardian and believe that your child may have provided personal data to us, please contact us.

3. Principles of Personal Data Processing

Please note that at all times, when collecting, processing, and storing your personal data, we act as follows:

Lawfulness, Fairness, and Transparency: Personal data shall be processed lawfully, fairly, and in a transparent manner in relation to the data subject.

Purpose Limitation: Personal data shall be collected for the purposes specifically determined by this Privacy Policy, which are explicit, justified, and lawful, and shall not be further processed in a way incompatible with those purposes.

Data Minimization: Personal data shall be adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.

Accuracy: Personal data shall be accurate and, where necessary, kept up to date. We will take all reasonable measures to ensure that inaccurate personal data are promptly erased or corrected. We kindly ask you to inform us of any changes to your personal data.

Storage Limitation: Personal data shall be kept in a form that permits identification of data subjects only for as long as is necessary for the fulfilment of the purposes of processing unless a longer retention period is required by law.

Integrity and Confidentiality: Personal data shall be processed in a manner that ensures an appropriate level of security, including protection against unauthorized or unlawful processing, as well as against accidental loss, destruction, or damage, by applying appropriate technical, organizational, and personnel measures.

Accountability: We are responsible for compliance with these principles and must be able to demonstrate adherence to them.

Data Protection Impact Assessments (DPIAs): Where processing activities are likely to result in a high risk to your rights and freedoms, we conduct DPIAs in accordance with Article 35 of the GDPR and the Serbian Law’s equivalent provisions. This helps us identify, evaluate, and mitigate privacy risks effectively.

Regular Training and Audits: Our staff receive ongoing training to remain informed about evolving data protection standards, and we periodically audit our operations to confirm compliance with legal requirements.

Engagement with Regulatory Authorities: We monitor guidance issued by the European Data Protection Board (EDPB) and the Serbian Commissioner for Information of Public Importance and Personal Data Protection. We remain prepared to cooperate with these authorities and address any inquiries or directives they may issue.

4. Personal Data Collected and Processed by CLICKER

CLICKER collects the following personal data:

  • Username and password
  • Gender
  • Residential/delivery address
  • Date and place of birth
  • E-mail address
  • Telephone number
  • Transaction data (purchase history, amounts)
  • Information about purchasing habits and interests
  • Location data (if you give your consent)
  • Bank account number (in case of refunds)
  • Voice recordings (in case of conversations with our employees)
  • Technical device data (IP address, device type, operating system)

Note: CLICKER does not process credit card numbers or CVV2/CVC codes under any circumstances. All payment card data is entered directly on the pages of our authorized payment service providers, and we do not have access to this information.

5. Method of Collecting Personal Data

Personal data are collected directly from you during your use of the Application when registering your account, performing transactions, communicating with our team, or through cookies and similar technologies.

6. Purpose of Collecting and Processing Personal Data

The purposes for which we collect and process your personal data include:

  • Concluding and executing contracts for the reservation and payment of services and products
  • Executing payment transactions
  • Complying with legal obligations
  • Registering your account on our platform
  • Responding to your inquiries and requests
  • Improving the functionality of the Application
  • Sending notifications about offers, promotions, and events (if you expressly agree).

Please do not submit or disclose any types of specially sensitive personal information unless explicitly requested by our team. This refers to data such as your racial or ethnic origin, political opinions, religious or philosophical beliefs, health information, criminal history, or trade union membership, whether through our platform or otherwise.

If we do request or invite you to provide such particularly sensitive personal data, this will be done only with your clear and explicit consent in accordance with applicable legislation and personal data protection standards.

7. Legal Basis for the Processing of Personal Data

We process your personal data for the following purposes:

Performance of Contracts and Provision of Services:

  • Processing your orders and providing the requested services
  • Managing your user account
  • Enabling communication between you and sellers/service providers
  • Legal Basis: Performance of a contract (Article 12(1)(2) of the Law; Article 6(1)(b) GDPR)

Customer Support and Communication:

  • Responding to your inquiries, complaints, and requests
  • Providing assistance and support related to the use of the Application
  • Legal Basis: Legitimate interest (Article 12(1)(6) of the Law; Article 6(1)(f) GDPR)

Marketing and Promotions:

  • Sending newsletters, promotions, and offers that may be of interest to you
  • Personalizing marketing content
  • Legal Basis: Your consent (Article 12(1)(1) of the Law; Article 6(1)(a) GDPR)

Service Improvement and Analytics:

  • Analyzing data to enhance Application functionality
  • Monitoring usage and trends to improve the user experience
  • Legal Basis: Legitimate interest (Article 12(1)(6) of the Law; Article 6(1)(f) GDPR)

Security and Fraud Prevention:

  • Protecting your accounts and transactions
  • Detecting and preventing fraud, abuse, and unlawful activities
  • Legal Basis: Legitimate interest; Compliance with legal obligations (Article 12(1)(3) and (6) of the Law; Article 6(1)(c) and (f) GDPR)

Compliance with Legal Obligations:

  • Fulfilling obligations towards competent authorities and regulations
  • Maintaining records in compliance with accounting and tax laws
  • Legal Basis: Compliance with legal obligations (Article 12(1)(3) of the Law; Article 6(1)(c) GDPR)
8. Recipients and Third Parties

CLICKER may disclose your personal data to third parties, such as affiliated companies, payment service providers, courier services, marketing agencies, IT service providers, business partners, and government authorities. These third parties have access to personal data only to the extent necessary to perform their services on our behalf.

9. Retention Period for Personal Data

Personal data are retained only as long as is necessary to achieve the purposes of processing, in accordance with the law, or until you withdraw your consent.

10. User Rights Regarding Personal Data Processing

As a user, you have the right to:

  • Request information about the processing of your personal data
  • Request access, correction, supplementation, or deletion of your personal data
  • Object to the processing of your personal data
  • File a complaint with the Commissioner for Information of Public Importance and Personal Data Protection
  • Request data portability
  • Restrict the processing of your personal data
  • For all requests or questions concerning the processing of personal data, you can contact us at the following email address: support@clickerofficial.com.
11. Procedure in the Event of a Personal Data Breach

If a personal data breach is likely to result in a high risk to the rights and freedoms of individuals, we are obliged, without undue delay, to notify the affected data subject of the breach, in accordance with the Law.

In the event of a personal data breach that may pose a risk to the rights and freedoms of individuals, the Company is obliged to notify the Commissioner for Information of Public Importance and Personal Data Protection without undue delay and, if possible, within 72 hours of becoming aware of the breach.

The notification submitted to the competent authority contains all the information required by the Law.

Risk Assessment and Classification of Breaches:

Not all incidents pose the same level of risk. We classify breaches based on their potential impact on individuals’ rights and freedoms, considering factors such as the sensitivity of the data, the likelihood of identity theft or fraud, and the possibility of reputational damage. This risk assessment ensures that we respond proportionately and prioritize the most critical cases.

12. Transfer of Personal Data Outside the Territory of the Republic of Serbia

A transfer of personal data to another country or international organisation, without prior approval may be carried out if it has been determined that such a country/international organization ensures an adequate level of protection for personal data.

Decision on the list of countries, parts of their territories, or one or more sectors of certain activities in those countries and international organizations in which it is considered that an adequate level of personal data protection is ensured (“Official Gazette of the Republic of Serbia,” No. 55/2019) (hereinafter: the “Decision”) establishes where it is considered that an adequate level of personal data protection is provided.

Your personal data may be processed or stored in countries outside the Republic of Serbia, including those that may not have the same data protection laws as your country. In such circumstances, we will take all necessary measures to ensure that your privacy is adequately protected in accordance with this Privacy Policy and applicable legal regulations, including the Law on Personal Data Protection and the GDPR.

When transferring your personal data to countries that do not provide an adequate level of protection, we will do so only with your explicit consent and by implementing appropriate safeguards, such as standard contractual clauses or binding corporate rules.

By using our Application and providing your personal data, you consent to such transfer, storage, and processing of your data outside the borders of the Republic of Serbia. Where legally required, we will seek your additional consent before making any such transfer.

13. Links to Third-Party Websites and Services

Our platform may contain links to third-party websites. Please note that we are not responsible for the collection, use, maintenance, sharing, or disclosure of data by such third parties. If you provide information to third-party websites and use those websites, the privacy policies and terms of use of those third parties will apply. We recommend that you read the privacy policies of any websites you visit before submitting personal data.

14. Confidentiality of Personal Data and Transparency

Your personal data will be treated as confidential information, and we will take appropriate and necessary measures to protect them in accordance with the Law. Access will only be granted to individuals who, by virtue of their job responsibilities, need to be familiar with your personal data and only to the extent necessary for the performance of their duties.

This Privacy Policy is available on our platform. If we decide to change our Privacy Policy, the changes will be posted and published on our platform. Users will be required to accept or decline the amended Privacy Policy in order to continue using the application without interruption.

If you have any questions or requests regarding the processing of your personal data, feel free to contact us at any time at: team@clickerofficial.com.

Your CLICKER