Privacy policy

Date of entry into force October, 1st 2020.


  1. Data Controller

The company MOZAIK GRUPA d.o.o. za usluge i turistička agencija, Slavonska avenija 6/2, 10000 Zagreb, Croatia, Phone: +385 91 3456 627, e-mail: respects your privacy and undertakes to protect it during and after your visit to this website (further in the text “Page”), when you visit our office space and when you use any of our products or services as well as at our events. In this regard, MOZAIK GRUPA d.o.o. acts as a data controller (further in the text “Data Controller”). This Privacy Policy (further in the text “Privacy Policy”) provides insight into our procedures regarding the collection and processing of personal data.

As Data Controller, we process your personal data in accordance with the applicable rules on personal data protection, in particular in accordance with the General Data Protection Regulation (EU) 2016/679 (hereinafter: the GDPR) and the Law on the implementation of the General Data Protection Regulation (NN 42/2018).

  1. Types of personal data that will be processed

MOZAIK GRUPA d.o.o. collect and process personal data about you – information that can directly or indirectly identify you, in particular by identifiers such as name, surname, email address, photography made by the official photographer during events, IP address and other personal data if you share it in communication with us, when performing a contractual relationship, attending events or access to our office space in cases when:

  • use the contact form on the Site,
  • contact us via the info e-mail indicated on the Site,
  • fill in the hall reservation form
  • contact us or connect with us through social networks,
  • we photograph events and activities we organize,
  • we process your job application,
  • subscribe to our newsletter
  • you are a visitor to our office space
  • we cooperate with you as our suppliers, business partners,
  • we cooperate with you as persons who perform business tasks through the Student Center
  • when we issue an invoice for products / services 


MOZAIK GRUPA d.o.o. will not collect Personal Data unless you provide them voluntarily, except for certain Personal Data collected through the Information Systems and Programs used for the Site, whose transfer is inherent to the use of Internet Communication Protocols ( IP address at application form) and will not require more information than is needed to participate in certain activities. If you do not want to provide us your Personal Data (except Personal Data relating to the use of Internet Communication Protocols that are usually collected when visiting a website), you can still access our Site but you will not be able to communicate or collaborate with us such as register in the contact form or contact us and receive our newsletter.


At the entrances to the event area that will be photographed or/and video recorded, the privacy notices are clearly posted and it is clearly stated that you can be photographed or/and video recorded. It is also our legitimate interest since we are organizing the event. If you do not want to be photographed/video recorded, please do not enter the recording / photography area. Separate recordings and photographs of children (under 16 years of age) on which they can be identified will not be published anywhere without having previously obtained the consent of their legal representatives, unless the recordings / photographs were taken in a group shot.

Providing visitors/senders information is voluntary and there is no contractual obligation or requirement that the visitor/sender does. Data Controller will not create profiles of collected information and there is no automated decision making.


  1. Cookies

Our website uses cookies.

Cookies are text files that are stored on a computer system through an Internet browser.

Law on Electronic Communications states that we may store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your consent. This site uses different types of cookies. Some cookies are set by third parties that appear on our site.


Necessary cookies

Necessary cookies help make the site useful, providing basic features such as navigating the Page and accessing secure areas of the site. A website cannot function properly without these cookies. Necessary cookies may be stored independently of the consent of users of the Site in accordance with legal requirements.


The pll _language cookie is used by Polylang to remember the language selected by the user when returning to the website, and also to get the language information when not available in another way. (Expiration: 1 year)


When this Cookie is enabled, these Cookies are used to save your Cookie Setting Preferences. (Expiration: session)


This is an anti-forgery cookie set by web applications built using ASP.NET MVC technologies. It is designed to stop unauthorized posting of content to the website, known as Cross-Site Request Forgery. It holds no information about the user and is destroyed on closing the browser. (Expiration: session)



Analytical cookies

These cookies collect information about how visitors use the site, such as which pages people visit the most. We use them to improve the functioning of our site. However, some of these may be third party cookies, and the information we collect may be classified for purposes unknown to us as the owner of the Site. For more information, see the privacy policies of these third-party processors.


This cookie is installed by Google Analytics. (Expiration: 1 year 1 month 4 days)


The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site’s analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors. (Expiration: 1 year 1 month 4 days)



Job applications 

MOZAIK GRUPA d.o.o. collects job applications from candidates who want to work with us and apply for the job contest. Personal data from a job application have access only authorized persons and data are kept for 2 years from the date of receipt.


Social networks

MOZAIK GRUPA d.o.o. collects personal information about their social networking contacts (Facebook, Instagram, etc.), but does not contact them except when responding to a question or comment.

The provisions on data protection on the application and use of the Facebook, Instagram, LinkedIn

Data Controller can integrate or have integrated components of social networks: Facebook, Instagram, LinkedIn

Facebook and Instagram are social networks operated by Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, United States. If the person lives outside the United States or Canada, the processing manager is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland. The data protection policies, published by Facebook and Instagram, are available at and  and provide information on collection, processing and the use of personal information on these social networks.


LinkedIn is a business social network to which is an operating company for customers using the service within the EU, EEA and Switzerland, LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. The privacy policy published by LinkedIn is available at:  and provides information on collection, processing and the use of personal information on that social network.


Direct marketing – newsletter

MOZAIK GRUPA d.o.o. sends information related to events organized independently or in cooperation with business partners via the Newsletter. 

The newsletter is sent depending on how a certain event or other activity is approached by MOZAIK GRUPA d.o.o.  organizes. Each Newsletter recipient is enabled to easily and quickly unsubscribe with one click to unsubscribe from each Newsletter. Drukčije d.o.o. acts as the Data Processor for sending the Newsletter. MOZAIK GRUPA d.o.o. collects statistics related to the opening of emails and clicks on URLs to monitor and improve the sending of emails and analyze interest in specific content. 

MOZAIK GRUPA d.o.o. sends the Newsletter based on a legitimate interest when we are already cooperating and communicating with you or based on the consent you have given by subscribing to our newsletter. The data is kept until the person withdraws consent or until he objects to our contact based on a legitimate interest.

In case you have given your consent for marketing purposes, you can in any case withdraw your consent and stop receiving our Newsletter (for example in case you do not want to receive our Newsletter anymore, click on the link with the unsubscribe link).


  1. Purposes, legal basis for processing and possible consequences of not giving Personal Data

When you provide your Personal data, we will restrict the use of Personal Data for the purpose for which they have been collected in accordance with the terms of this Privacy Policy. 

We process Personal Data on the basis of your consent, legitimate interest, for the performance of a contractual obligation and on the basis of a legal obligation. The processing of Personal Data is restricted to the purpose for which it was collected in accordance with the terms of this Privacy Policy.

When we process Personal Data based on your consent, we only process Personal Data that you voluntarily provide to us when communicating with us for the purpose of answering your questions or processing your job application, when you fill out the application form for booking or renting a hall, when you sign up for our newsletter. The purpose of the processing is to take steps according to your request, answering questions and comments, receiving offers, communicating about your activities on the site, processing job applications for open competitions, receiving your request to rent a hall etc.

Based on a legitimate interest, we process Personal Data when you access our Site (IP address), when we send you a newsletter as our customer with whom we already work, when we photograph/video record events and activities that  we organize, as well as when we capture photographs/video records through video surveillance cameras when you visit our office space. If we organize events and other activities during which we will photograph and vide record activity and guests, we will do so either on the basis of a legitimate interest, of which you will be informed before entering the recorded / photographed area or you will be asked for your consent. The purpose of this processing also includes the process of investigating suspected fraud, harassment, physical threats, or other violations of the Site’s policies or any suspicious behavior that we consider to be indecent. Participants’ recordings / photographs of our events are processed for the purpose of promoting the event.

In order to fulfill our contractual obligation and in accordance with legal and regulatory provisions, we are obliged to process your personal data when you purchase our products, use our services. In particular, the Personal Data of persons performing job tasks through the Student Center, business partners and suppliers (for example agreements on the provision of services) and we also process contact information of business partners who are natural persons and their employees (for example name and surname, number of official phones / cell phones, email addresses) as well as customers for invoicing.


  1. Video surveillance

In our office space we use video surveillance for the following purposes:

  • protecting the safety of employees and others who find themselves in our office space for any reason and protecting their assets,
  • reducing workers’ exposure to the risk of robbery, burglary, violence, theft and similar events at work or in connection with work and the protection of our property


The processing of personal data obtained by video surveillance is carried out on the basis of a legitimate interest in the protection of persons and property. The recordings are automatically deleted after a maximum of 6 months re-recording newer content. Access to the video surveillance system is permissible only to persons who are necessary for the performance of their tasks. The recordings are reviewed only if we find out that there is a justifiable reason for achieving one of the above purposes (and with the approval of an authorized person), and only recordings relevant to such reasons may be exempted and retained for a longer period, while there is a need and legal basis for it. We do not provide video surveillance recordings to third parties unless there is a request or order from a competent state authority (for example police, public prosecutor, courts, labor inspectorate). The recordings may be used as evidence in court, administrative, arbitration or other equivalent proceedings, in accordance with the applicable procedural rules applicable to such proceedings. The video surveillance system is not connected to other systems, nor do we use video surveillance for profiling or automatic decision making.


  1. Recipients

Your Personal Information may be disclosed in the following cases:

  • To subjects that we use to organize events (for example photographing events)
  • To authorized PR agencies, event organizers, entities directly involved in the implementation of individual events
  • To subjects that maintain our IT systems
  • persons authorized by MOZAIK GROUP d.o.o. for the processing of Personal Data, which have confidentiality obligations to MOZAIK GROUP d.o.o.  (employees of MOZAIK GROUP d.o.o.)
  • Law enforcement authorities when required by applicable law, legitimate or public interers (to protect and defend the rights or property of MOZAIK GROUP d.o.o.  and the Site, or to act in urgent circumstances to protect the personal safety of users of MOZAIK GROUP d.o.o., the Site or the public)
  • To Legal Advisers of MOZAIK GROUP d.o.o.  in the case of the need to forward data for legal proceedings
  • To business partners for their needs only in accordance with the relevant legal bases
  • Media houses and digital marketing agencies for the purpose of publishing photographs in print media, websites and social networks
  • Student Center to process personal data as part of a contractual and legal obligation


  1. Personal Data Transfer to Third Countries

The Personal Data that we collect are stored within the European Union (EU) and European Economic Area (EEA) except Switzerland, but may also be transmitted and processed in a country outside the EU and EEA, in particular the USA. Any such transfer of personal data will be carried out in accordance with applicable legal regulations. For transfers outside the EEA, we use Standard Contractual Clauses, Eligibility Decisions, appropriate safeguards, while any transfer to the US is covered by the EU-US Privacy Shield Agreement, which guarantees adequate protection of personal information.


  1. Retention

We process Personal Data only for the time it takes to achieve the purpose of processing it.

Personal Data based on consent will be processed until subject withdraw his/her consent, while subject can object to the processing of personal data based on legitimate interest. We keep open applications and job applications for 2 years from the day they are received. Personal Data that we process based on your inquiries from from the contact form is stored for a maximum of 6 months from the receipt of the same, and we keep the data of business partners and suppliers until the termination of business cooperation and do not provide it to third parties or share it with third countries. In doing so, we do not collect any data of a private nature, only data related to the fulfillment of work tasks.

All other Personal Data that we process on the basis of the performance of a contractual relationship and on the basis of a legal obligation, are stored in accordance with positive regulations in which the time of storage of the same is determined ( Accounting Law). Exceptionally, we will keep your Personal Data longer than the stated deadlines when necessary to fulfill mutual legal requirements. Expired Personal Data stored on paper will be destroyed safely, such as by cutting or firing, while electronic data will be permanently deleted.


  1. Your rights
  2. a) Right to rectification:

If we process your Personal Data that is incomplete or inaccurate, you may at any time request us to correct or supplement it.


  1. b) Right of access:

You have the right to receive a confirmation are we processing yours Personal Data, and under the terms of Art. 15. GDPR require access to this information.


  1. c) Right of erasure:

You may ask us to delete your Personal Data if we have processed it illegally or if such processing constitutes a disproportionate encroachment on your protected interests. Please note that there are reasons to prevent a deletion, for example, to maintain a legal obligation requiring processing.


  1. d) Right to Restrict Processing:

You can ask us to limit the processing of your data:

  • if you dispute the accuracy of the Personal Data over a period that allows us to verify the accuracy of that data;
  • if the data processing was unlawful but you refuse to delete and instead seek a restriction on the use of the data;
  • if we no longer need the information for the intended purpose but still need it to fulfill the legal requirements or;
  • if you have objected to the distribution of this information.


  1. e) Right to data portability:

You can ask us to provide yours Personal Data you provided to us in a structured format, in the usual machine-readable format:

  • if we process this information on the basis of the consent you have given us and that you can revoke or to perform the contract 
  • if processing is done using automated processes.


  1. f) The right to object:

If we distribute your Personal Data for the performance of public-interest or public-authority tasks, or invoke our legitimate interests when processing them, you may file a complaint against such processing if there is an interest in protecting our data.


  1. g) Right to object:

If you believe that we have violated Croatian or European data protection rules when processing your iPersonal Data, please contact us to clarify any issues. You are certainly entitled to file a complaint with the competent supervisory authority, which is the Agency for Personal Data Protection, Martićeva 14, 10000 Zagreb.


Achieving rights

If you wish to exercise any of these rights, please contact us using our contact information from this privacy policy.When you apply to exercise your rights, first we will need to determine you identity and we will request additional information to verify that purpose. This serves to protect your rights and the private sphere. If you use any of these rights too often and with the obvious intention of abuse, we may charge an administrative fee or refuse to process your request.


  1. Security practices

Security of Your Personal Data is very important to us, so we have set up the appropriate physical, electronic, and organizational procedures to protect the information we collect. However, due to inherent open nature of the Internet, we can not guarantee that communication between you and us or the information stored on the Site or on our servers will be completely safe from unauthorized third party access. To the fullest extent permitted by applicable law, we shall exclude any liability or liability for any damages that you may have suffered as a result of any loss, unauthorized access, misuse or alteration of any information you submit to the Site.


  1. Changes and updates to our Privacy Policy

MOZAIK GRUPA d.o.o. reserves the right to modify or update these Privacy Policy at any time and without prior notice. Please check from time to time for updates of our Privacy Policy, which will be posted here and will show you an updated effective date on the first Privacy Policy if any changes or updates are made 


  1. Contact information

If you have any questions or comments regarding the Site or the Privacy Policy, you can contact us through our online form available at  or through e-maila, Phone: +385 91 3456 627.

Data Controller:

Mozaik grupa d.o.o.

Slavonska avenija 6/II

10 000 Zagreb, Hrvatska


Phone: +385 91 3456 627


Data Protection Officer:


Phone: +385 (0) 1 6064 600


Dogovorite prvi slobodni
termin za najam dvorane ili organizaciju eventa

Kontaktirajte nas:

+385 91 3456 627