At Ibis, we are aware of the importance of protecting your personal data, so we deal with your data in a responsible manner and in accordance with the General Data Protection Regulation (GDPR), the Personal Data Protection Act and the accepted principles for the protection of personal data.

We take care of proper and lawful processing of personal data and their security, for which we have adopted internal acts and regulations (Rules on the processing and protection of personal data and IT Security Policy).

For an easier overview of what information we collect, for what purpose, how we treat them, and what rights you that trust us with your personal information have, we have prepared General Information on the Protection of Personal Information. In the document term “processing” means the collection, use, access, retrieval, as well as the transmission of personal data.

Last updated: 05.6.2020.

I About the Controller

The personal data controller is Ibis software company 14000 Valjevo,Serbia.

II What types of personal data we process?

In the context of managing our contractual relationship with you the following personal data can be processed: first name and last name, business e-mail address or other email address you provided us, the company in which you are employed, the business address, your phone number, your computer’s information (IP address, browser type, device) and information about how you use our site (which pages you’ve visited, the time you spend on the site and the activities on the website).

For the purpose of potential employment, we process your contacts data and your CV.

In addition to the above, we also process personal data transmitted from our affiliated companies, if there is a legal basis for this, personal data for which you give specific consent to be processed for other purposes, and personal data obtained from public sources, if permitted by law.


III When and how we obain personal information?

At Ibis, we collect personal information from various sources – in most cases, you provide your personal data through the activities on the website (contact via the online form, subscribing to e-news, downloading a brochure, product presentation, viewing webinar, participating in the survey, registering for an event , application to the open job position). You can also contact us using your email, phone, social media, or contact us at fairs, events and trainings. We also collect data when signing a contract or enter into contractual cooperation with the entity you work for (client, business partner, subcontractor), and certain information is obtained through public sources when permitted by law.

IV Legal basis for the processing of personal data

The legal basis for the processing of personal data is managing our contractual relationship with you and performance of contractual obligations (purchase of licenses, maintenance contract, system implementation, partnership agreement, consulting services, and contract with subcontractors). We need this information for the reasons stated above and without it, our contractual relationships or operations cannot be performed or it can be significantly difficult or less quality and / or professional.

We also process personal data due to our legitimate interests for ensuring the proper functioning of our business operations, such as acquiring new business opportunities, building and / or maintaining a good business relationship, and performing sales and marketing activities. Personal data can also be processed due to other third parties’ interests and / or third party interests, such as for legal reasons, business reasons, security or marketing reasons and the provision of information security.

We process data also on the basis of your consent related to our marketing activities, and in the case of submitting your CV and contact information using the online form.

V For which purposes we use your personal data

  • For managing our contractual and pre-contractual relationship with you, which may include:
  • Performance of a contract to which you are a party,
  • Providing efficient customer support and building a good business relationship with existing and potential customers,
  • Improving and developing our solutions and services.

In order to better understand the requirements and needs of the market and our customers, we also process your information for our legitimate interests, which include:

  • Operating and managing our business operations,
  • Improving quality, updating and customizing our solutions and services,
  • Satisfaction assessment with our solutions and services,
  • Protecting our business and our business interests,
  • Informing about new solutions and products, educations, legal changes and events,
  • Marketing our products and services to you,
  • Providing a friendly, personalized and effective user experience in the event of data collection through a website,
  • Diagnosing technical problems, analyzing trends and for the purposes of technical web site management,
  • Complying with legal requirements.

In certain cases, marketing activities are also carried out on the basis of consent.

We process your contact information and the CV on the basis of your consent for the purposes of potential employment.


VI Cookies and online technologies

We use cookies to enable website functionality, understand the performance of our site, provide social media features, and serve more relevant content to you.

VII Who uses your personal information?

Your personal data is used by our employees or persons who perform work for us, within the scope of their duties and responsibilities, bound by the obligation to protect personal data as confidential.


External service providers

In order to fulfil our contractual and legal obligations, we also cooperate with selected external service providers (accounting service, external professional service for occupational safety, occupational medicine, IT maintenance services, storing, etc.).

Transmission of data to other third parties

In connection with a (potential) corporate or commercial transaction we may provide your personal information on request to other recipients who have a legal basis for such a request. These are primarily legal institutions (such as the FURS, courts, police, …) and other holders of public authority.

We can also provide your information to our lawyers, internal and external auditors, tax and other consultants for the performance of their services in accordance with their agreement with us.

Transfer to other countries

The company can also transfer your personal information to outsourcers in other countries, in which case the appropriate level of protection of personal data is ensured either on the basis of binding business rules, standard contractual clauses, privacy protection, or that an appropriate level of protection of personal data has been established for the individual country and / or the transfer with the decision of the relevant authority.

VIII How long we keep your personal data?

We will retain your personal data only for as long as it is necessary. The period of retention of personal data varies according to the criteria of each category of personal data. Personal data shall be kept until the expiration of the time limits specified in the legislation. This can be 5 years and more.

The personal data we collect on the basis of your consent, we keep the shortest possible period as long as there is a purpose for their collection or until the consent is cancelled. The cancellation of the consent does not affect the lawfulness of the processing that was carried out on the basis of the consent until its cancellation.

Certain information is also kept for the purpose of demonstrating compliance with your requirements (see section on Your rights regarding the processing of personal data).


                                              IX Your rights regarding personal information

Request access to the personal data we process about you

This right entitles you to know whether we hold personal data about you and, if we do, to obtain information on and a copy of that personal data.

Request a rectification of your personal data

This right entitles you to have your personal data be corrected if it is inaccurate or incomplete.

Object to the processing of your personal data

This right entitles you to request that Ibis no longer processes your personal data.

Request the erasure of your personal data

This right entitles you to request the erasure of your personal data, including where such personal data would no longer be necessary to achieve the purposes.

Request the restriction of the processing of your personal data

This right entitles you to request that Ibis only processes your personal data in limited circumstances, including with your consent.

Request portability of your personal data

This right entitles you to receive a copy (in a structured, commonly used and machine-readable format) of personal data that you have provided to us, or request Ibis to transmit such personal data to another data controller. You can always object to the processing of your personal information for marketing activities or direct marketing.

Right to appeal to the Information Commissioner

Ibis ensures that your personal information is processed in all respects legally and in accordance with regulations. If, however, you consider that your personal data is stored or otherwise processed in violation of the applicable regulations governing the protection of personal data, you have the right to file a complaint with the Information Commissioner.

Cancellation of consent

When Ibis is processing your personal information on the basis of your consent, you can cancel your consent at any time by sending an email to or by utilizing opt-out mechanisms in e-mails we send to you.

Your rights may be restricted in accordance with Article 23 of the General Regulation..


X How to procect your personal information?

Ibis adopted information security policies at organizational, physical and technical level aimed at protecting Ibis’s information assets and resources in accordance with the recommendations of ISO / IEC 27001 standards. In the context of Information Security, we pay special attention to the training of employees in the field of personal data processing.


XI Contact details

Official Company name: Ibis

Head office: Koste Abrasevica 9, 14000 Valjevo,Serbia

Responsible person in the company:Predrag Vragovic

Personal Data Protecion Officer:Predrag Vragovic

If you have any questions about these General Information on Personal Data Protection and Enforcement Rights, please contact an authorized person for personal data protection at e-mail  or at the telephone number  +381 63 603 856