1. Who We Are
We are Oaza Books, operating the Oaza Books webshop, located at Ilica 132, 10000 Zagreb, Croatia. Customers may contact us at the e-mail address info@o-a-z-a.com. Oaza Books is the data controller responsible for processing personal data in accordance with the General Data Protection Regulation (GDPR). This Privacy Policy explains how we collect, use, store and protect personal data when Customers use the Oaza Books webshop and related services available at www.oazabooks.com.
2. What This Privacy Policy Covers
This Privacy Policy applies to the website www.oazabooks.com and all associated online services that we provide. It describes the personal data and general information we collect from Customers while they use the services, as well as the reasons and legal basis for processing such data. We respect the Customer’s right to privacy and process personal data in compliance with all relevant data protection rules in the European Union and outside it. Oaza Books collaborates with trusted partners, such as Google LLC for analytical tools, which may process certain anonymised or aggregated data in connection with the functioning and analysis of the webshop.
3. Data We Collect
When a Customer purchases a product from the Oaza Books webshop, we collect personal information necessary to complete the purchase and fulfill the order, including the Customer’s name, address, telephone number, e-mail address, and, if an R1 invoice is required, the company name and OIB/VAT. If the Customer chooses to register an account, we also collect a username and password, which is stored in encrypted form and cannot be accessed by Oaza Books. The Customer is responsible for keeping login information secure and should not share it with others. All data associated with the Customer’s user account are protected by the Customer’s password. If a Customer makes a purchase as a guest, the information necessary for fulfilling the order will be visible to us only for the duration of the transaction and will not be publicly disclosed.
While Customers use the webshop, we may also collect technical information such as the IP address, the type of device used, the operating system, the browser, and related connection information. These technical data do not identify the Customer personally and are collected solely to ensure proper functioning of the webshop. If the Customer consents, we may also send e-mails with updates on new publications, products, and other relevant information about Oaza Books.
4. Payment Processing
When the Customer chooses to pay by card, Oaza Books redirects the Customer to our secure payment partner Monri, where the card payment is processed. Communication between Oaza Books and Monri is encrypted, and the data entered on the Monri interface are protected according to the Payment Card Industry Data Security Standard (PCI-DSS). All card payments processed through Monri comply with PCI-DSS standards governed by the PCI Security Standards Council. Oaza Books does not store or have access to any credit or debit card numbers.
5. Participation in Marketing Activities
If the Customer participates in prize games or promotional activities organised by Oaza Books, we may collect additional personal information voluntarily provided by the Customer, such as name, surname, address, date of birth, telephone number, or e-mail address. These data are used exclusively for conducting the activity in which the Customer has chosen to participate.
6. How We Collect Data About the Customer
We may collect, process and use data that the Customer enters while using the services or information we receive when the Customer contacts us through the contact form or via e-mail. In addition, cookies placed on the Customer’s device may collect certain information related to the Customer’s browsing activity within the Oaza Books webshop.
7. Cookies
The Oaza Books webshop uses cookies to collect information about Customers and to store their online preferences. Cookies are text files containing small amounts of data that are downloaded to the Customer’s device when visiting a website, and which are returned to the same website upon subsequent visits. This enables the website to recognise the Customer’s device and provide a more consistent experience. More information about cookies can be found at www.allaboutcookies.org.
We use strictly necessary session cookies that enable navigation and use of essential webshop features. Without these cookies, certain services cannot be provided. We also use functional persistent cookies that remember Customer preferences and improve the overall browsing experience. Additionally, we use third-party cookies such as Google Analytics, which collect aggregated, anonymous information about how Customers reach, browse and use the webshop. This helps us improve navigation, usability, and overall content. Customers may delete or disable cookies through their browser settings; however, this may affect access to certain parts of the webshop or its features.
8. How We Use Customer Data
Customer data are processed only to enable the provision of webshop services, to fulfil legal obligations such as tax and accounting requirements, or to ensure the secure and efficient functioning of the webshop. We use the information provided by the Customer to process and deliver orders, to provide access to account features, to send service-related notifications, to prevent fraud, to evaluate the effectiveness of marketing activities when consent has been provided, and to comply with obligations required under GDPR. We may disclose personal data if required by law or if the Customer violates our Terms and Conditions.
9. How We Store and Protect Customer Data
All data submitted through the Oaza Books webshop are stored on servers located within the European Union. Only authorised personnel have access to these servers. The servers operate in secure data centres equipped with controlled access and security systems designed to protect personal information from unauthorised processing, accidental loss, destruction or alteration.
10. Data Retention
Personal data are stored only for as long as necessary to fulfil the obligations described in this Privacy Policy. In certain situations where legal, tax or accounting regulations require it, personal data may be retained longer. Once data are no longer needed for these purposes, they will be securely deleted or destroyed. If a Customer stops using the webshop, some data may remain stored in order to comply with legal obligations.
11. Withdrawal of Consent
If the Customer has provided consent for receiving marketing e-mails or for any other optional use of personal data, such consent may be withdrawn at any time by contacting us at info@o-a-z-a.com. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
12. Data Sharing
Oaza Books does not sell or share Customer data with third parties except in cases where trusted partners need access to limited information in order to provide essential services on our behalf, such as analytics providers or payment processors. These partners act as data processors and are bound by GDPR-compliant agreements. Customer data may be processed or transferred outside the European Union, including to the United States. In such cases, Oaza Books relies on the European Union’s Standard Contractual Clauses to ensure appropriate data protection safeguards.
13. Links to Third-Party Websites
The Oaza Books webshop may contain links that lead Customers to external websites. Oaza Books is not responsible for the privacy practices of other websites and encourages Customers to read their respective privacy statements.
14. Customer Rights Under GDPR
Depending on the Customer’s place of residence, the Customer may have the right to access personal data stored by Oaza Books, to request deletion of personal data, to request updates or corrections, to request restriction of processing, to request the transfer of personal data to a third party, or to file a complaint with a relevant data protection authority. These rights may be exercised by contacting Oaza Books at info@o-a-z-a.com.
15. Changes to This Privacy Policy
Oaza Books reserves the right to amend this Privacy Policy if required for legal or operational reasons. Updated versions will be posted on www.oazabooks.com and become effective immediately upon publication. If the Customer does not agree with the changes, the Customer should discontinue use of the webshop.
16. Contact
For access requests, corrections, deletions, complaints or any questions regarding personal data, Customers may contact us at info@o-a-z-a.com.