PRIVACY POLICY

1. Data Controller

MEDOME d.o.o.

Brka

76206 Brčko District

Bosnia and Herzegovina

Email: contact@medome.eu

We act as the data controller for personal data collected via our website.

2. Personal Data We Collect

We may collect and process the following categories of personal data:

• Full name
• Billing and shipping address
• Email address
• Phone number
• Company name
• VAT number
• Account login credentials
• Order, quotation, and invoice details
• Communication data (chat/ticket messages)
• IP address and technical log data
• Newsletter subscription data

Payment information is processed via bank transfer and is not stored on our website.

3. Purpose of Processing

We process personal data for the following purposes:

• Handling product inquiries
• Negotiation and quotation management
• Invoice generation
• Order processing and fulfillment
• Shipping and logistics
• Customer communication
• Account management
• Accounting and legal compliance
• Newsletter distribution (if subscribed)
• Website security and fraud prevention

4. Legal Basis for Processing (GDPR Art. 6)

We process personal data based on:

• Contract performance (quotation, invoicing, order fulfillment)
• Legal obligation (tax and accounting laws)
• Legitimate interest (website security, fraud prevention, business communication)
• Consent (newsletter subscription)

Newsletter subscribers may withdraw consent at any time.

5. User Accounts

To submit inquiries or communicate via our platform, users may create an account.

When creating an account, users provide personal data necessary for communication and order management.

Users are responsible for maintaining the confidentiality of their login credentials.

We reserve the right to suspend or delete accounts where necessary for security or legal reasons.

6. Newsletter

If you subscribe to our newsletter, we collect your email address based on your explicit consent.

We store consent-related information (such as subscription date and technical data) where applicable.

You may unsubscribe at any time via the unsubscribe link or by contacting us.

7. Data Sharing

We may share personal data with:

• Shipping companies
• Accounting and tax advisors
• IT service providers
• Hosting provider (Vercel Inc.)

These providers process data only to the extent necessary to perform their services.

8. International Data Transfers

Our website is hosted via Vercel, which may process technical data outside the European Union.

Where personal data is transferred internationally, appropriate safeguards are implemented to ensure GDPR-compliant protection.

9. Data Retention

We retain personal data only as long as necessary:

• Quotation, order, and invoice data: up to 10 years (legal requirement)
• Account data: until account deletion
• Newsletter data: until consent is withdrawn
• Technical logs: as necessary for security and system integrity

10. Your Rights (EU Residents)

Under GDPR, you have the right to:

• Access your personal data
• Correct inaccurate data
• Request deletion (“right to be forgotten”)
• Restrict processing
• Object to processing
• Data portability
• Lodge a complaint with a supervisory authority

Requests can be sent to: contact@medome.eu

11. Cookies

Our website may use essential cookies necessary for website functionality and account management.

If analytics or marketing cookies are implemented in the future, users will be asked for consent via a cookie banner before such cookies are activated.

12. Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse, or alteration.

13. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy at any time.

The version published on our website applies.