Privacy Policy

How we collect, use, and protect your data

Version 1.4 | Effective: November 15, 2025

Data Collection

We collect only data necessary for union operation:

  • Full name
  • Quicklook ID (QLID)
  • City
  • Organization/unit (optional)

Anonymous application is possible.

Verification Methods

We offer multiple application methods with different privacy levels:

  1. In-person application with representative – most secure, no digital trace
  2. Upload proof of employment – document deleted immediately after verification
  3. ⚠️ Internal chat system – may be visible to employer IT department
  4. ⚠️ Work email – employer may see communication
Privacy Warning

⚠️ Important:

We do not recommend using corporate systems (email, chat, work laptop) for union activities as your employer may see your communication.

We recommend:

In-person application with representative or upload document from personal device.

Use corporate systems at your own risk only.

Data Usage

We use data exclusively for:

  • Communication with members
  • Organizing union activities
  • Representing your worker interests

We do not share data with third parties without your explicit consent.

Access Logging

We log all data access with:

  • Timestamps
  • Audit trail
Data Processors

We use the following processors with signed Data Processing Agreements (DPA):

  • Supabase (EU) – database, authentication, serverless functions
  • Vercel (EU) – hosting, CDN, edge services
  • Resend (EU) – email service (transactional messages)
  • Plausible (EU) – cookieless analytics (no user identification)
  • Hostinger (EU) – email and hosting services

Data Transfer:

All data is stored exclusively in the EU. For any transfers outside EU, Standard Contractual Clauses (SCC) and Transfer Impact Assessment (TIA) apply according to the Personal Data Protection Act ("Official Gazette RS", No. 87/2018).

Security:

All processors have signed Data Processing Agreements (DPA) and comply with GDPR standards.

Data Retention
  • Membership data: Deletion or anonymization within 30 days of your request or exit
  • Verification materials: Automatically deleted after 15 days
  • Audit logs: Kept for 2 years for security and transparency
Your Rights

You have the right to:

  • Access your data
  • Rectification of inaccurate data
  • Erasure ("right to be forgotten")
  • Restriction of processing
  • Data portability
  • Object to processing

Send requests to: office@sindikatncr.com

Complaint

If you believe your data protection rights have been violated, you can file a complaint with the Commissioner for Information of Public Importance and Personal Data Protection:

📧 office@poverenik.rs
📞 +381 11 3408 900

Contact

Sindikat NCR Atleos – Beograd

Španskih Boraca 75, 11070 Novi Beograd

office@sindikatncr.com | +381 66 138 034

Related topics

ConfidentialityLegal Support