Privacy Policy

Effective Date: 22 May 2025

This Privacy Policy describes how Taman Technologies d.o.o. ("Taman Technologies," "we," "us," or "our"), located at Ulica Veruda - Via Veruda 60B, Pula, Croatia, collects, uses, processes, and safeguards your personal information when you use our Taman software-as-a-service platform for urban lighting design ("Service").

We are committed to protecting your privacy and handling your data in an open and transparent manner. This policy is intended to comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Data Controller

Taman Technologies d.o.o. is the data controller for the personal information collected through the Service. You can contact us at:

2. Information We Collect and Why

We collect personal information that you provide directly to us, information we collect automatically when you use our Service, and information from third parties.

2.1. Information You Provide to Us:

• Account Information: When you register for an account, we collect your name, email address, phone number, username, password, and company information.
  Lawful Basis: Performance of a contract (to provide you with the Service), Legitimate interest (to manage your account).
• Payment Information: To process payments for license fees, we (or our third-party payment processors) collect payment card details and billing addresses. We do not store full payment card information on our servers.
  Lawful Basis: Performance of a contract (to process your subscription).
• Communications: If you contact us directly (e.g., for customer support), we may receive additional information about you such as your name, email address, phone number, the contents of the message and/or attachments you may send us, and any other information you may choose to provide.
  Lawful Basis: Legitimate interest (to respond to your inquiries and provide support).
• Project Data: Information and data you upload or create within the Taman software related to urban lighting design projects.
  Lawful Basis: Performance of a contract (to enable you to use the Service's features). You are responsible for ensuring you have the right to upload and process any personal data contained within your project data.

2.2. Information We Collect Automatically:

• Usage Data: We collect information about how you use our Service, such as features accessed, time spent on the platform, IP address, browser type, operating system, device information, and pages visited.
  Lawful Basis: Legitimate interest (to improve our Service, for security purposes, and for analytics).
• Cookies and Similar Technologies: We use cookies and similar tracking technologies to track activity on our Service and hold certain information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
  Lawful Basis: Consent (for non-essential cookies), Legitimate interest (for essential cookies ensuring service functionality). [You will need a separate cookie policy and consent mechanism].

3. How We Use Your Information

We use your personal information for the following purposes, based on the lawful bases outlined above:

• To provide, operate, maintain, and improve our Service.
• To process your transactions and manage your subscription.
• To create and manage your account and authenticate users.
• To communicate with you, including responding to your comments, questions, and requests, providing customer service and support, and sending you technical notices, updates, security alerts, and administrative messages.
• For marketing and promotional purposes, where you have provided consent or where otherwise permitted by law. You can opt-out of marketing communications at any time.
• To monitor and analyze trends, usage, and activities in connection with our Service.
• To detect, prevent, and address technical issues and security incidents.
• To comply with legal obligations, court orders, or other legal process.
• To enforce our Terms of Use and other agreements.

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

• Third-Party Service Providers: We share information with third-party vendors, consultants, and other service providers who perform services on our behalf, such as payment processing (e.g., Stripe, PayPal), cloud hosting (e.g., AWS, Azure), data analytics, email delivery, and customer support. These providers are contractually obligated to protect your data and use it only for the services we have engaged them for.
• Legal Obligations and Rights: We may disclose your information if we believe it's necessary to comply with a legal obligation, protect and defend our rights or property, prevent fraud, protect the safety of our users or the public, or protect against legal liability.
• Business Transfers: In connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company, your personal information may be transferred. We will provide notice before your personal information is transferred and becomes subject to a different privacy policy.
• With Your Consent: We may share your information for other purposes with your explicit consent.

5. International Data Transfers

Your information, including personal data, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.

If you are located in the European Economic Area (EEA), UK, or Switzerland, we will ensure that transfers of personal data to a third country or an international organization are subject to appropriate safeguards, such as Standard Contractual Clauses (SCCs) approved by the European Commission, or other mechanisms recognized by GDPR.

6. Data Retention

We will retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy, to provide the Service, and to comply with our legal obligations (e.g., for tax, accounting, or other legal requirements), resolve disputes, and enforce our legal agreements and policies.

Account information is typically retained for as long as your account is active and for a reasonable period thereafter in case you decide to re-activate the Service. Usage data may be retained for shorter periods for analytical purposes.

7. Your Data Protection Rights (GDPR)

If you are a resident of the EEA, UK, or Switzerland, you have certain data protection rights. Taman Technologies aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.

• The right to access: You have the right to request copies of your personal data.
• The right to rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
• The right to erasure (right to be forgotten): You have the right to request that we erase your personal data, under certain conditions.
• The right to restrict processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.
• The right to object to processing: You have the right to object to our processing of your personal data, under certain conditions, particularly where we process your data based on legitimate interests or for direct marketing.
• The right to data portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
• The right to withdraw consent: If we are processing your personal data based on your consent, you have the right to withdraw that consent at any time.
• The right to lodge a complaint: You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR. For Croatia, the supervisory authority is the Croatian Personal Data Protection Agency (AZOP).

If you wish to exercise any of these rights, please contact us at info@taman.tech. We will respond to your request within one month. We may need to verify your identity before responding to such requests.

8. Data Security

We use appropriate administrative, technical, and physical security measures to protect your personal information from unauthorized access, use, disclosure, alteration, or destruction. These measures include encryption, access controls, and secure software development practices. However, no internet or email transmission is ever fully secure or error-free, so you should take special care in deciding what information you send to us.

9. Children's Privacy

Our Service is not directed to individuals under the age of 16 (or a higher age threshold if applicable in your jurisdiction). We do not knowingly collect personal information from children under 16. If we become aware that a child under 16 has provided us with personal information, we will take steps to delete such information. If you believe that we might have any information from or about a child under 16, please contact us.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Effective Date" at the top. If the changes are significant, we will provide a more prominent notice (such as by email or a notification within the Service). You are advised to review this Privacy Policy periodically for any changes.

11. Contact Us

If you have any questions about this Privacy Policy or our data protection practices, please contact us: