Pursuant to Article 71 of the Payment System Act[1], Article 10 of the Electronic Money Act[2], Article 30 of the Act on the Comparability of Fees Related to Payment Accounts, Payment Account Switching and Access to Basic Accounts[3] and Article 6 of the Act on the Implementation of EU Regulations Governing Payment Systems[4], the Croatian National Bank, Trg hrvatskih velikana 3, 10 000 Zagreb, PIN/OIB 95970281739 (hereinafter referred to as: CNB), as the data controller, processes the personal data of data subjects/consumers that they provide to the CNB when they submit a complaint against payment service providers or electronic money issuers.
Data subjects/consumers may submit their complaints to the CNB in the following manner: a) via forms published on the CNB's website; b) electronically to the e-mail address prituzbe-zpp@hnb.hr, zastita.potrosaca@hnb.hr, info@hnb.hr; or c) by post.
The processing of personal data, collected directly from data subjects/consumers upon submission of complaints, is necessary for the execution of official authority vested in the CNB, for the purpose of complaint processing procedure set out in Article 71 of the Payment System Act, Article 10 of the Electronic Money Act, Article 30 of the Act on the Comparability of Fees Related to Payment Accounts, Payment Account Switching and Access to Basic Accounts and Article 6 of the Act on the Implementation of EU Regulations Governing Payment Systems. If such data are not submitted, it will not be possible to proceed with the complaint.
Furthermore, the CNB transfers the personal data of data subjects/consumers related to complaints to payment service providers or electronic money issuers to which such a complaint relates, exclusively for complaint processing purposes.
The CNB stores and keeps the personal data of data subjects/consumers in connection with complaints for thirty years, counting from the last day of the year in which the procedure was completed, in accordance with the Act on Archive Material and Archives[5] and the ordinance governing the processing and protection of archival and registry materials of the CNB.
In accordance with the provisions of the General Data Protection Regulation[6], the CNB ensures that data subjects/consumers have the following rights: a) the right of access to personal data, which entitles them to information about whether their personal data are being processed; b) the right to rectification; c)the right to erasure ("right to be forgotten"); d) the right to restriction of processing; and e) the right to file an objection to the CNB about the processing of personal data.
The supervisory authority for the protection of personal data in the Republic of Croatia is the Croatian Personal Data Protection Agency (AZOP), Zagreb, Selska cesta 136, e-mail address: azop@azop.hr. Please note that you can lodge a complaint about the CNB's actions concerning the processing of your personal data with the Personal Data Protection Agency.
Additional information may be found on the CNB's website. For any questions please contact the CNB's data protection officer (sluzbenik.osobni@hnb.hr).
-
Payment System Act (Official Gazette 66/2018 and 114/2022) ↑
-
Electronic Money Act (Official Gazette 64/2018 and 114/2022) ↑
-
Act on the Comparability of Fees Related to Payment Accounts, Payment Account Switching and Access to Basic Accounts (Official Gazette 70/2017) ↑
-
Act on the Implementation of EU Regulations Governing Payment Systems (Official Gazette 50/2016 and 16/2020) ↑
-
Act on Archive Material and Archives (Official Gazette 105/1997, 64/2000, 65/2009, 125/2011, 46/2017, 61/2018, 98/2019 and 114/2022) ↑
-
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), OJ EU L119, in force since 25 May 2018 ↑