Privacy Policy

Introduction

Signet CS doo, registered at Milutina Milankovića 25b, 11070 Novi Beograd, Serbia (Company ID 20087641, VAT ID 104087854), respects your privacy and is committed to protecting the personal data you share with us.

This Privacy Policy describes how we collect, use, and protect personal data of visitors to our website and our clients, in accordance with the Personal Data Protection Act of the Republic of Serbia.

Last updated: 6 May 2026.

Data Controller

The data controller within the meaning of the law is Signet CS doo.

For any questions regarding the processing of your personal data, you can contact us at:

  • E-mail: office@signet.rs
  • Phone: +381 11 400 8886
  • Address: Milutina Milankovića 25b, 11070 Novi Beograd, Serbia
What Data We Collect

We collect only the data necessary to deliver our services and communicate with you:

  • Contact data — first name, last name, company name, e-mail address, phone number, address — when you reach us through the contact form, e-mail, or phone.
  • Website usage data — IP address, device and browser type, pages visited, time spent — collected automatically through analytics tools to improve the site.
  • Client data — information necessary to fulfill contractual obligations to our clients (business information, IT environment data, contact details of authorized representatives).
Purpose of Processing

We process your personal data exclusively for the following purposes:

  • responding to your inquiries and proposals;
  • entering into and performing contracts for IT services;
  • invoicing and meeting statutory obligations (accounting and tax records);
  • technical support and maintenance of client IT environments;
  • improving the quality of the website and our services;
  • sending business communications, only with your prior consent.

We process data on one or more legal bases, depending on the situation:

  • Consent — when you voluntarily provide your data, for example by completing the contact form.
  • Performance of a contract — when processing is necessary to enter into or perform a contract with you.
  • Legal obligation — when the law requires us to retain or share data (tax, accounting, or other regulatory obligations).
  • Legitimate interest — when processing is necessary for the security of our website, prevention of misuse, or improvement of the user experience.
Sharing Data with Third Parties

We do not sell or share your personal data with third parties for marketing purposes. We may share it only:

  • with our trusted partners and subcontractors engaged in service delivery (for example, hosting and cloud providers, accounting firms), under confidentiality obligations;
  • with government authorities when required by law;
  • with your explicit consent in all other cases.

We have appropriate agreements in place with all external processors to ensure a level of protection equivalent to this Privacy Policy.

Cookies and Analytics

Our website uses cookies for proper functioning and visit analysis. In detail:

  • Technical cookies — necessary for the website to work (for example, remembering your cookie consent).
  • Analytics cookies — we use Google Analytics 4 to collect anonymous statistical data about visits, solely to improve the site.

You can refuse or delete cookies at any time through your browser settings. This may affect site functionality.

Data Security

We apply appropriate technical and organizational safeguards to prevent unauthorized access, loss, misuse, or alteration of data:

  • encrypted communication (HTTPS/TLS);
  • access controls for accounts and systems;
  • regular security patching and monitoring;
  • data backup and recovery procedures;
  • employee training in handling personal data.
Data Retention Period

We retain personal data only as long as necessary for the purposes for which it was collected, or as required by statutory retention periods:

  • Contact form inquiries — up to 24 months, unless they result in a contract;
  • Contractual and financial data — for the periods required by accounting and tax regulations (at least 10 years);
  • Technical website logs — at most 12 months.
Your Rights

In accordance with the Personal Data Protection Act, you have the following rights:

  • the right to be informed about how we process your data;
  • the right to access and obtain a copy of the data we process;
  • the right to rectify inaccurate or incomplete data;
  • the right to erasure of data when there is no longer a basis for processing;
  • the right to restrict processing in certain cases;
  • the right to data portability;
  • the right to object to processing;
  • the right to withdraw consent at any time, without affecting the lawfulness of processing carried out before withdrawal;
  • the right to lodge a complaint with the Commissioner for Information of Public Importance and Personal Data Protection (www.poverenik.rs).

To exercise these rights, please write to office@signet.rs or to our registered address.

Changes to This Policy

We may update this Policy from time to time to reflect legal changes or changes in our business. The current version is always available on this page, with the date of the last update indicated.

For any questions regarding privacy and data protection, please contact us at office@signet.rs.