Effective Date: 27/06/2025
At KNEE REHAB, safeguarding your privacy is a top priority. We are committed to implementing data protection practices that exceed standard requirements, ensuring a transparent and secure experience for all users of our website. This Privacy Policy outlines how we collect, use, disclose, and protect your personal data when you interact with us—whether by browsing our website (http://www.kneerehab.net), making purchases, or submitting feedback on our products or services.
Data Controller
The data controller responsible for processing your personal data through this website is:
SVETLANA OSTOJIĆ PR SPORTSKO OBRAZOVANJE KNEE REHAB ŠABAC,
Registered in the Republic of Serbia with the Business Registers Agency under No. 67967674,
Address: Kralja Milutina 78, Šabac.
Methods of Data Collection
We collect personal data directly from you or through third-party sources using the following methods:
Interactions via the KNEE REHAB website
Electronic communications (e.g., email, online chat)
Customer support inquiries
Engagement with advertisements or promotional materials
Automatically generated data (e.g., browsing and purchasing activity)
Third-party sources (e.g., social networks like Facebook and Google, public databases, market research, and partners)
Categories of Data We Collect
Depending on your interaction with KNEE REHAB, we may collect the following categories of personal data:
Contact Information: Name, surname, address, email address, phone number
Account Details: Email, password, date of birth, gender (collected upon registration)
Device Information: IP address, operating system, browser type/version, device identifiers, advertising ID, approximate location, and technical data
Legal Basis and Purpose of Data Processing
We process your personal data based on the following legal grounds:
Your explicit consent for one or more specified purposes
Processing necessary for the performance of a contract or pre-contractual steps at your request
Compliance with our legal obligations
Legitimate interests pursued by us or third parties, provided such interests are not overridden by your fundamental rights and freedoms
Providing personal data is generally voluntary unless otherwise required by law. Refusal to provide certain data may hinder the ability to receive or utilize particular services (e.g., completing a purchase or delivery).
We primarily process your data for the following purposes:
Creating orders and executing sales contracts
Sending confirmation emails and fulfilling delivery, payment, and complaint-related obligations
Allowing users to review products post-purchase via email links
Responding to customer inquiries, generating anonymous statistics, and improving our services
Sending reminder emails for incomplete purchases, based on our legitimate interest in enhancing user experience
Legal disclosures when required by law, court order, or regulatory request
All data is processed confidentially and used only for the stated purposes or as required by applicable regulations. Should a new purpose arise, we will notify you in advance.
Data Retention
Your personal data will be retained only as long as necessary to fulfill the purposes outlined in this policy or as required by law. For services, benefits, and purchases, your data may be stored for up to ten (10) years from the date of collection, depending on the legal requirements applicable.
Disclosure and Transfer of Data
Security Measures: We store your personal data in protected digital environments and implement appropriate technical and organizational safeguards to prevent unauthorized access, alteration, or loss. Please note that no internet-based transmission is ever entirely secure.
Your Role in Security: We advise users to maintain strong passwords, avoid sharing login details, and always log out after sessions—especially when using public or shared devices. Take advantage of our website’s privacy features to manage your information responsibly.
Third Parties: We may share your data with the following, where necessary:
Service Providers: Third-party vendors who support our operations (e.g., delivery companies, technical support, promotional services), all bound by strict confidentiality obligations
International Transfers: In cases where your data is transferred outside Serbia, such transfers are conducted in compliance with Serbian law and relevant international data protection standards, including the Council of Europe Convention 108+
Your Rights
In accordance with applicable data protection laws, you have the right to:
Request confirmation of whether your data is being processed and access to that data
Request correction or completion of inaccurate or incomplete data
Request deletion of your personal data
Request restriction of data processing under certain circumstances (e.g., contesting accuracy, objections, or legal claims)
Request portability of your data to another controller
Object to processing based on our legitimate interests
If you have provided consent for processing, you may withdraw it at any time. This withdrawal does not affect the legality of processing carried out before the withdrawal. Please note that withdrawing consent may require deletion of your account. In some cases, we may retain specific data for legal compliance, even after a deletion request.
Exercising Your Rights
To exercise any of the rights above or submit a complaint regarding your data, please contact us at milan94ostojic@gmail.com. Kindly include specific details about the request (e.g., what data you seek to access, correct, delete, or transfer) and the grounds for any objections.
If someone submits a request on your behalf without appropriate authorization, it will be rejected.
Requests by mail must be signed and dated. We aim to respond promptly and in compliance with legal timeframes.
You also have the right to lodge a complaint with:
Commissioner for Information of Public Importance and Personal Data Protection
Bulevar Kralja Aleksandra 15, 11000 Belgrade, Serbia
Or initiate legal proceedings before a competent court.
Data Security
We implement robust technical and organizational measures to ensure the confidentiality, integrity, and availability of your data. These systems are regularly reviewed, tested, and updated to mitigate risks of unauthorized access or disclosure.
Only personal data strictly necessary for each specific processing purpose is collected and stored, taking into account the scope, duration, and accessibility of such data.
However, while we make every effort to protect your data, we cannot guarantee absolute security due to the inherent risks of internet communication.
Changes to This Policy
Should we amend this Privacy Policy, we will communicate such changes clearly and in a timely manner, either through the website or via email, depending on the nature of the update.