Privacy Policy

Introduction – Collection and Use of Personal Data

Personal data identify you, such as your name, email, or postal address. KADIRAH does not collect your data unless you expressly provide it (e.g., when signing up for an electronic newsletter, participating in surveys, contests, ordering services, or seeking information) and consent to its use.

We store, use, or transmit your data only with your consent and to the extent necessary for a specific case, e.g., to respond to your inquiries, fulfill your requests, or inform you about services. For this reason, KADIRAH may sometimes need to transfer personal data to other companies within the EU or external service providers for further processing. KADIRAH requires these parties to comply with our data protection statement. Any other personal data transfer, such as data collected during registration on our website to a third-party social media website or internet service like Facebook or Twitter, requires your explicit consent.

KADIRAH guarantees it will not sell or lend your data to third parties. However, we may have to share your data if the law or applicable state conditions require it.

1. General

Protecting your privacy when using our website, is paramount. KADIRAH, based in Zagreb, Ilica 60, VAT # 66680572444, protects your data on this website as the data controller.

We process your data following the General Data Protection Regulation (EU Regulation 2016/679) and the Act on Implementing the General Data Protection Regulation NN 42/2018. Furthermore, KADIRAH is obliged to keep and handle your data following the Act on Private Detectives NN 24/09, Articles 18-28, and if the data is collected as a result of a contractual agreement, such data is considered a business secret even after the contractual agreement is completed.

By accepting this data protection policy when visiting our website, you confirm that you have read, understood, and agree to process personal data as defined by this policy.

2. Security

We have taken appropriate technical and organizational measures to protect your data, which we continually upgrade, to safeguard your data from loss, misuse, or unauthorized access.

We cannot guarantee complete protection during the transmission of personal data to or from our website, so it is essential that you take care of your computer’s security and the secure storage and confidentiality of your data.

3. Categories of Personal Data and Processing Purposes

a) Category – Client: We process the following personal data:

  • We identify data such as name, ID number, address, ID card number, photograph, and other data contained in an ID card.
  • Contact data include email address and phone number (mobile and landline).
  • Banking data include IBAN, bank name, card type, and more.
  • Data about other persons – counterparty representatives, proxies, witnesses, experts, officials conducting proceedings, court employees, and other state bodies, notaries, etc., necessary for the execution of a contract.
  • Content of your inquiries and our responses, the documentation you provided, notes from files (judicial and extrajudicial), documentation of our services, evidence of services performed, and cost calculations.
  • Any other data you provide to our office before or during the provision of detective services necessary for contract execution.
  • Special categories of personal data may include data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, and health data concerning sex life or sexual orientation.

Processing Purpose: Detective services: Our office can process your data based on the Private Detectives Act, issued authorizations, concluded contracts, or decisions of competent authorities to provide legal assistance, especially in initiating and conducting proceedings before competent authorities, drafting documents, general representation, and legal advice. Therefore, we process your data for providing legal advice, drafting documents (contracts, wills, statements, etc.), representing before courts and other competent institutions, and extrajudicial representation to protect your rights and legal interests.

Processing personal data is based on a contractual legal basis (contract, order, or authorization), Article 6(1)(a) and (b) of the General Data Protection Regulation. However, considering the specificities of detective services, data processing is also based on Article 6(1)(d), (e), and (f) of the General Data Protection Regulation.

b) Category – Data Subject – Request for the Exercise of Rights:

  • Email address, name, surname, phone number (mobile and landline).
  • If necessary, a copy of an identification document (solely for identity verification).

Processing Purpose: Legitimate interest – responding to your request.

c) Category – Business Partner:

  • Business partners (individuals) – identifying data: name, surname, ID number, etc.; contact data: address, telephone, mobile phone, etc.; banking data such as IBAN, bank name, card type, etc.
  • Contact person of a business partner – identifying data: name, surname, etc., contact data: address, telephone, mobile phone, etc., data related to the workplace at the business partner (position, department, etc.).

Processing Purpose: Personal data are processed to fulfill the rights and obligations from contracts concluded with business partners, especially for issuing service invoices. Some personal data may also be processed to comply with the data controller’s legal obligations. Personal data may also be processed for the data controller’s legitimate interests, e.g., business communication, maintaining records of business partners, and evaluating cooperation.

4. Providing Personal Data

You are not obliged to provide us with your data. However, personal data is generally necessary for our detective services or contracts. Therefore, we can only offer a complete service if we provide personal data (depending on each case).

5. Sources

We collect your data, in addition to those you have provided to us in person, only if needed, to protect your rights and legal interests as our client and from competent state institutions and third parties.

When collecting data about persons who are not our clients, we collect them based on your statements or legal authorities contained in special laws or based on insight into publicly available registers.

6. Recipients

Expert associates may have access to your data only if necessary for the provision of our service or if it results from a mandatory legal requirement.

External recipients may include:

  • Competent state authorities (such as the Croatian Pension Insurance Institute, the Croatian Health Insurance Fund, the Tax Administration, courts, FINA, the Ministry of the Interior, etc.).
  • Providers of accounting and similar services to the data controller.
  • Associated persons of the data controller.
  • Banks, credit and financial institutions, etc.
  • Notaries, counterparty representatives, representatives of counterparty representatives, and counterparty employers.
  • Experts, court interpreters, and translators.
  • Third parties to whom the data subject’s data must be provided due to a legal obligation of the data controller.

Data recipients in third countries or international organizations may include:

  • Authorities and institutions of third countries, international organizations, and other recipients to whom the data subject’s data must be transmitted to fulfill legal obligations arising from international agreements.
  • Third-country authorities and international organizations based on the law or international agreement or the regulation of a competent body to which the data controller must provide personal data.

7. Retention Period

KADIRAH will retain your data only for as long as is necessary for the purposes for which it was collected or to comply with legal obligations. The retention period may vary depending on the specific category of personal data and its processing purpose. After the expiration of the retention period, your data will be securely deleted or anonymized.

8. Rights of Data Subjects

You have the following rights:

  • Right of access (Article 15 of the GDPR).
  • Right to rectification (Article 16 of the GDPR).
  • Right to erasure (Article 17 of the GDPR).
  • Right to restriction of processing (Article 18 of the GDPR).
  • Right to data portability (Article 20 of the GDPR).
  • Right to object (Article 21 of the GDPR).
  • Right to withdraw consent (Article 7 of the GDPR).
  • Right to complain with a supervisory authority (Article 77 of the GDPR).

You can exercise these rights by contacting us at or sending a written request to our address.

9. Personal Data Protection Officer

You can contact our Personal Data Protection Officer at the email address .

10. Cookies

We use cookies that are solely necessary for the correct display and functioning of this website, and we do not collect your personal data through cookies.

11. Data Protection Policy Updates

This Data Protection Policy may be updated to reflect changes in our data protection practices or legal requirements. We will post a notice of any material changes on our website and update the “Last Updated” date at the beginning of this policy. Please periodically review this page for the latest information on our privacy practices.

12. Contact Information

If you have any questions about this Data Protection Policy or our data processing practices, don’t hesitate to get in touch with us at:

Ilica 60, 10000 Zagreb, Croatia
Phone: +385 1 4400377

Last Updated: September 26, 2023