Privacy Policy

  1. Home
  2. Privacy Policy

Introduction

At Globulus Solutions ("we," "our," or "us"), we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we handle information in connection with our software development services, mobile applications, web applications, and cloud infrastructure services (collectively, our "Services"). We want to be transparent about our practices, and we want you to understand that we take data privacy and security very seriously.

This Privacy Policy applies to all users of our Services, including visitors to our website, clients who engage our services, and end users of applications we develop. By using our Services, you agree to the collection and use of information in accordance with this policy. We encourage you to read this Privacy Policy carefully to understand our practices regarding your personal information.

Our Commitment to Data Privacy

We want to make it absolutely clear: We do not hold, store, or process user data ourselves. As a software development company, we build applications and services for our clients, but we do not maintain databases of end-user information, nor do we operate data processing systems that collect or retain personal data from the applications we develop. Our role is strictly limited to providing development services, and any data collection, storage, or processing that occurs within the applications we build is handled entirely by our clients or by third-party services that our clients choose to integrate.

This fundamental principle guides all of our work. When we develop applications for our clients, we design them in such a way that any data generated or collected by those applications flows directly to systems controlled by our clients or to trusted third-party service providers that our clients have selected. We do not act as an intermediary for data, and we do not maintain any infrastructure that would allow us to access, view, or retain user data from the applications we develop.

Information We Do Not Collect

To be explicit about what we do not do: We do not collect, store, or process personal information such as names, email addresses, phone numbers, physical addresses, payment information, browsing history, location data, device identifiers, or any other personally identifiable information from end users of applications we develop. We do not maintain user databases, analytics systems that track individual users, or any other systems that would allow us to identify or track individual users of applications we create.

When we develop applications, we may write code that enables data collection, but that data is sent directly to systems controlled by our clients or to third-party services (such as cloud providers, analytics platforms, or authentication services) that our clients have chosen to use. We have no access to this data, and we do not maintain any copies or backups of it. Our development process is designed to ensure that data flows only to authorized destinations, never to us.

Information We May Collect in Our Business Operations

While we do not collect data from end users of applications we develop, we may collect limited information in the course of operating our business and providing our services. This information is strictly related to our business relationship with our clients and potential clients, not with end users of applications we develop.

Business Contact Information: When you contact us through our website, email, or phone to inquire about our services, we may collect information such as your name, company name, email address, phone number, and any other information you choose to provide in your communications with us. This information is used solely for the purpose of responding to your inquiries, providing our services, and maintaining our business relationship with you.

Website Usage Information: When you visit our website, we may collect certain technical information automatically, such as your IP address, browser type, device type, operating system, pages visited, time spent on pages, and referring website addresses. This information is collected through standard web server logs and analytics tools. We use this information to understand how visitors use our website, to improve our website's functionality and user experience, and to diagnose technical issues. This information is typically aggregated and anonymized, and we do not use it to identify individual visitors.

Cookies and Similar Technologies: Our website may use cookies, web beacons, and similar tracking technologies to enhance your browsing experience, analyze website traffic, and understand user preferences. Cookies are small text files stored on your device that help us remember your preferences and improve site functionality. You can control cookie settings through your browser preferences, though disabling cookies may affect some website features.

How We Use Information

Any information we collect in the course of our business operations is used exclusively for legitimate business purposes:

  • Service Delivery: We use contact information to communicate with clients, respond to inquiries, provide quotes, deliver services, and manage projects.
  • Website Improvement: We analyze website usage data to improve our website's design, functionality, and content, ensuring a better experience for visitors.
  • Legal Compliance: We may use information to comply with legal obligations, respond to legal requests, enforce our agreements, and protect our rights and the rights of our clients.
  • Business Development: We may use contact information to send information about our services, respond to service requests, and maintain business relationships, always in compliance with applicable marketing laws.

We do not sell, rent, or trade any information we collect to third parties for their marketing purposes. We do not use information collected from our website or business communications to build profiles of individuals or to make automated decisions that significantly affect individuals.

Data Security

Security is a cornerstone of everything we do. We implement comprehensive security measures to protect any information we handle in the course of our business operations, and we design all applications we develop with security as a primary consideration.

Technical Security Measures: We employ industry-standard security technologies and practices, including encryption of data in transit and at rest, secure authentication mechanisms, regular security audits, vulnerability assessments, and penetration testing. Our development processes follow secure coding practices, and we regularly update our systems and dependencies to address known security vulnerabilities.

Organizational Security Measures: We limit access to any information we handle to authorized personnel only, and we provide regular security training to our team members. We maintain strict confidentiality agreements with all employees and contractors, and we enforce policies that ensure information is only accessed when necessary for legitimate business purposes.

Infrastructure Security: When we develop applications, we recommend and implement secure infrastructure configurations, including proper network segmentation, firewall rules, intrusion detection systems, and monitoring solutions. We work with reputable cloud service providers that maintain high security standards and compliance certifications.

Incident Response: We have procedures in place to detect, respond to, and mitigate security incidents. In the unlikely event of a security breach that affects information we handle, we will notify affected parties and relevant authorities as required by applicable law.

However, it is important to understand that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect information, we cannot guarantee absolute security. We continuously work to improve our security practices and stay current with evolving threats and best practices.

Third-Party Services

In the course of developing applications for our clients, we may integrate third-party services that handle data collection, storage, or processing. These services are selected and configured by our clients, and any data processed by these services is subject to the privacy policies and terms of service of those third-party providers, not this Privacy Policy.

Common examples of third-party services that may be integrated into applications we develop include cloud hosting providers (such as Amazon Web Services, Google Cloud Platform, or Microsoft Azure), authentication services (such as OAuth providers or identity management platforms), analytics services (such as Google Analytics or similar tools), payment processors, email service providers, and content delivery networks.

We do not control how these third-party services collect, use, or share data. We encourage users of applications we develop to review the privacy policies of any third-party services integrated into those applications. Our clients are responsible for ensuring that their use of third-party services complies with applicable privacy laws and regulations.

For our own business operations, we may use third-party service providers to help us operate our website, manage client communications, process payments, and perform other business functions. These service providers are contractually obligated to protect information and use it only for the purposes we specify. We carefully vet all third-party service providers we use and ensure they maintain appropriate security and privacy standards.

Data Retention

Since we do not hold or process user data from applications we develop, there is no user data for us to retain or delete. Any data retention policies that apply to applications we develop are determined by our clients, who control the systems where that data is stored.

For information we collect in the course of our business operations (such as client contact information), we retain it only for as long as necessary to fulfill the purposes for which it was collected, to comply with legal obligations, to resolve disputes, and to enforce our agreements. When information is no longer needed, we securely delete or anonymize it in accordance with our data retention policies.

If you are a client or potential client and wish to have your contact information removed from our systems, you can contact us using the information provided in the "Contact Us" section below, and we will process your request in accordance with applicable law.

Your Rights

Depending on your jurisdiction, you may have certain rights regarding information we collect in the course of our business operations. These rights may include:

  • Right to Access: You may have the right to request access to personal information we hold about you and to receive a copy of that information.
  • Right to Rectification: You may have the right to request correction of inaccurate or incomplete personal information.
  • Right to Erasure: You may have the right to request deletion of your personal information under certain circumstances.
  • Right to Restrict Processing: You may have the right to request that we limit how we use your personal information.
  • Right to Data Portability: You may have the right to receive your personal information in a structured, commonly used, and machine-readable format.
  • Right to Object: You may have the right to object to certain types of processing of your personal information.
  • Right to Withdraw Consent: Where we rely on consent for processing, you may have the right to withdraw that consent at any time.

To exercise any of these rights, please contact us using the information provided in the "Contact Us" section below. We will respond to your request within a reasonable timeframe and in accordance with applicable law. Please note that we may need to verify your identity before processing certain requests.

If you are an end user of an application we developed, please note that we do not hold your data, and any requests regarding your data should be directed to the entity that operates the application (our client) or to the third-party services that process your data.

Children's Privacy

Our Services are not directed to children under the age of 13 (or the applicable age of majority in your jurisdiction). We do not knowingly collect personal information from children. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately, and we will take steps to delete such information from our systems.

When we develop applications for our clients, we ensure that those applications comply with applicable laws regarding children's privacy, including the Children's Online Privacy Protection Act (COPPA) in the United States and similar laws in other jurisdictions. However, the ultimate responsibility for compliance with children's privacy laws rests with our clients, who operate the applications.

International Data Transfers

Our business is based in Croatia, and information we collect in the course of our business operations may be stored and processed in Croatia or in other countries where we or our service providers operate. By providing information to us, you consent to the transfer of information to countries outside your country of residence, which may have different data protection laws than your country.

We take steps to ensure that any international transfers of information are conducted in accordance with applicable data protection laws. When we transfer information to countries that may not have the same level of data protection as your country, we implement appropriate safeguards, such as standard contractual clauses approved by relevant data protection authorities.

For applications we develop, any international data transfers are controlled by our clients or by the third-party services they use. We do not participate in or facilitate such transfers, as we do not hold the data.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other reasons. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top of this policy.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Your continued use of our Services after any changes to this Privacy Policy constitutes your acceptance of those changes.

If we make material changes that significantly affect your rights or how we handle information, we will provide additional notice, such as by sending an email notification (if we have your email address) or by posting a prominent notice on our website.

Compliance with Laws

We are committed to complying with all applicable data protection and privacy laws, including the General Data Protection Regulation (GDPR) in the European Union, the California Consumer Privacy Act (CCPA) in California, and other relevant laws in jurisdictions where we operate or where our clients operate.

Our development practices are designed to help our clients build applications that comply with applicable privacy laws. We stay informed about evolving privacy regulations and incorporate best practices into our development processes. However, ultimate responsibility for compliance with privacy laws rests with our clients, who control the applications and determine how data is collected, used, and shared.

If you have concerns about how an application we developed handles your data, we encourage you to contact the entity that operates that application directly, as they are responsible for data processing and compliance.

Our Development Practices

To further emphasize our commitment to privacy and security, we want to explain how we approach development:

Privacy by Design: We incorporate privacy considerations into every stage of the development process, from initial design through deployment and maintenance. We design applications to minimize data collection, to collect only data that is necessary for functionality, and to ensure that data flows only to authorized destinations.

Security First: Security is not an afterthought in our development process. We implement security measures from the ground up, including secure authentication, encryption, input validation, output encoding, and protection against common vulnerabilities such as SQL injection, cross-site scripting (XSS), and cross-site request forgery (CSRF).

Transparency: We work with our clients to ensure that applications we develop include clear privacy policies and terms of service that accurately describe data collection and use practices. We help our clients understand their privacy obligations and implement appropriate disclosures.

Regular Updates: We maintain applications we develop by applying security patches, updating dependencies, and addressing vulnerabilities as they are discovered. We stay current with security best practices and emerging threats.

Code Review and Testing: We conduct thorough code reviews and security testing before deploying applications. We use automated security scanning tools and manual testing to identify and remediate security issues.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Globulus d.o.o.
Josipa Huttlera 12
31000 Osijek, Croatia

Email: contact@theglobulus.com
Phone: +385 (91) 598 6473

We will make every effort to respond to your inquiries promptly and to address any concerns you may have. If you are not satisfied with our response, you may have the right to lodge a complaint with a data protection authority in your jurisdiction.

Conclusion

We hope this Privacy Policy has provided you with a clear understanding of how we handle information and our commitment to privacy and security. Our fundamental principle is simple: we do not hold, store, or process user data from applications we develop. We build secure applications for our clients, and any data those applications collect is handled entirely by our clients or by third-party services they choose.

We are committed to maintaining the highest standards of security and privacy in everything we do. We continuously work to improve our practices, stay current with evolving threats and regulations, and help our clients build applications that respect user privacy and comply with applicable laws.

Thank you for taking the time to read this Privacy Policy. If you have any questions or need clarification on any point, please do not hesitate to contact us.

Last Updated: