en
en

Privacy Policy

This Privacy Policy describes how dbackup.eu collects, uses, and protects your personal data when you visit our website or use our backup and private cloud services ("we", "us", "our"). This website and all related services are operated by dbackup.eu d.o.o., Vučetinec 156, 40000 Vučetinec, Croatia, in accordance with the General Data Protection Regulation (GDPR) and applicable Croatian law.

We are committed to protecting your personal data and ensuring your privacy through the highest technical and organizational standards.

What personal data do we collect

We only collect the personal data necessary for communication and service provision, including:

  • Name and surname

  • Email address

  • The content of your message or inquiry

You provide this information voluntarily by using the contact form or by contacting us directly via email.

Additionally, certain technical information is collected automatically through cookies and analytics tools (see below).

Purpose and legal basis of processing

We process your personal data solely for the following purposes:

  • Responding to your inquiries and communications

  • Managing user accounts and fulfilling contractual obligations

  • Maintaining security, functionality, and optimization of our systems

The legal bases for processing under the GDPR are: consent, legitimate interest, and legal obligation.

We do not use your data for marketing, automated profiling, or automated decision-making.

Cookies and tracking technologies

Our website uses cookies and similar technologies to improve user experience and collect anonymous statistical data:

  • Google Analytics – website analytics (USA)

  • Hostinger – hosting provider (EU)

When you first visit, you can accept or refuse non-essential cookies.

Data retention

We retain your data only as long as necessary for the purposes described above or as long as there is a valid legal basis (such as an active contract or legal obligation).
Contact form data is stored for up to 12 months, unless longer retention is required.

Data sharing and sub-processors

We do not sell or share your personal data with third parties for commercial purposes.

For proper functioning and security of services, we use the following data processors (sub-processors), with whom we have strict data protection agreements:

  • Google Analytics – web analytics (USA)

  • Hostinger – hosting (EU)

  • Twingate – secure network access/VPN (USA)

  • Google Firebase – application hosting and analytics (USA/EU)

  • Nextcloud – collaboration and storage platform (self-hosted; data is always encrypted, only the user has access)

  • Restic – backup tool (self-hosted; used exclusively for automated encrypted backups)

Security and privacy notice:
Our services are built on a “Zero Trust” principle. You (the user) encrypt all your data before transfer and only you hold the decryption keys. We, as the service provider, never have access to your unencrypted data.

A detailed and updated list of sub-processors is available upon request or on this page.

International data transfers

Due to the use of certain external services (e.g., Google Analytics, Firebase), some personal data may be transferred to countries outside the EEA. In such cases, we take appropriate protective measures, including the use of Standard Contractual Clauses (SCC) approved by the European Commission.

Your rights under the GDPR

You have the right to:

  • Access your personal data

  • Correct inaccurate data

  • Erase data (“right to be forgotten”)

  • Restrict processing

  • Data portability

  • Object to processing

  • Lodge a complaint with your data protection authority

You may submit your requests by email to the address below; we will respond within 30 days.

Data security

We have implemented advanced technical and organizational security measures, including:

  • Encryption of all data before transfer (AES-256)

  • Zero Trust architecture – only the user holds decryption keys

  • Geo-redundant servers in multiple physically separate locations within the EEA

  • Multi-factor authentication and strict access controls

  • Regular monitoring and security testing

In the event of an incident or suspected personal data breach, you will be notified within the legally required timeframe (no later than 36 hours).

Children’s privacy

This website is not intended for persons under 16 years of age. We do not knowingly collect data from children.

External links

Our website may contain links to external sites. We are not responsible for the content or privacy practices of such sites.

Legal data disclosure

We may disclose your data if required by law (e.g., court order or for the protection of the rights and safety of users and systems).
In such cases, only the minimum necessary data will be provided, and where applicable, in encrypted form.

Version and updates

This Privacy Policy may be updated from time to time. Any changes will be published on this page, and significant changes may be announced to users by email.

Contact

For any questions, requests, or complaints regarding privacy and data protection, contact:


Company = dbackup.eu d.o.o.
Address = Vučetinec 156, 40000 Vučetinec, Croatia
E-mail = contact@dbackup.eu
Web = https://dbackup.eu

Backup-Services

Professional Backup and Data-recovery solutions

Imprint

Company: dbackup.eu

Address: Vučetinec 156

Postal: 40311 Lopatinec

Phone: +385 99 2014 126

E-mail: contact@dbackup.eu

Country: Croatia
OIB: 57361531051

© 2025. All rights reserved.

Privacy Policy & Terms

DBACKUP.EU

About Us
Contact
Learn More