Croatian Roots
shieldLegal

Privacy Policy

Themis d.o.o.— Effective Date: 19 March 2026

1. Introduction

This Privacy Policy describes how Themis d.o.o.(“we,” “us,” or “our”) collects, uses, and discloses your personal information when you use our software as a service (the “Service”).

We are committed to protecting your personal information and your right to privacy. When you visit our platform and use our products, you trust us with your personal information — we take that seriously. In this Privacy Policy, we seek to explain clearly what information we collect, how we use it, and what rights you have in relation to it.

This Privacy Policy applies to all information collected through our Service, as well as any related services, sales, marketing, or events. Please read it carefully.

2. Definitions

The following terms are used throughout this Privacy Policy with the meanings defined here:

Cookie
A small file placed on your device to enable certain features and functionality.
Company
When this policy mentions "Company," "we," "us," or "our," it refers to Themis d.o.o.
Country
Where Themis d.o.o. or its owners/founders are based — Croatia.
Customer
The company, organisation, or person that signs up to use our Service.
Device
Any internet-connected device (phone, tablet, computer, etc.) that can be used to access our Service.
Personal Data
Any information that directly or indirectly allows for the identification of a natural person.
Service
The software as a service provided by Themis d.o.o., available at croatianroots.net.
Third-Party Service
Advertisers, partners, and others who provide content or services we may offer.
Website
The Themis d.o.o. site accessible at https://croatianroots.net.
You
A person or entity registered with Themis d.o.o. to use the Services.

3. Information We Collect

3.1 Personal Data

While using our Service, we may ask you to provide personally identifiable information, including but not limited to: email address, first and last name, phone number, address (state, province, ZIP/postal code, city), cookies, and usage data.

3.2 Usage Data

We may also collect information about how the Service is accessed and used. This may include your IP address, browser type and version, pages visited, time and date of your visit, time spent on pages, unique device identifiers, and other diagnostic data.

3.3 Tracking Technologies & Cookies

We use cookies and similar tracking technologies to track activity on our Service and hold certain information. You can instruct your browser to refuse all cookies, though some parts of the Service may not function correctly without them.

We use the following types of cookies: Session Cookies to operate our Service; Preference Cookies to remember your settings; Security Cookies for security purposes; and Advertising Cookies to serve relevant advertisements.

4. How We Use Your Information

We use the collected data to provide and maintain our Service, notify you about changes, allow you to participate in interactive features, provide customer support, gather analysis to improve our Service, monitor usage, detect and address technical issues, fulfil the purposes for which you provided information, send news and offers about similar services (where permitted), and for any other purpose with your consent.

6. Retention of Your Personal Data

We retain your Personal Data only for as long as necessary for the purposes set out in this Privacy Policy, including to comply with legal obligations, resolve disputes, and enforce our agreements. Usage Data is generally retained for a shorter period, except where needed to improve security or functionality, or where we are legally required to retain it longer.

For orders involving physical goods, we retain shipping and billing information as necessary to fulfil your order, process returns, manage warranty claims, and comply with tax and regulatory obligations.

7. Transfer of Your Personal Data

Your information, including Personal Data, may be transferred to and maintained on computers located outside your jurisdiction where data protection laws may differ. If you are located outside Croatia and choose to provide information to us, please note that we transfer and process it in Croatia.

Your consent to this Privacy Policy followed by your submission of information represents your agreement to that transfer. We will take all steps reasonably necessary to ensure your data is treated securely and in accordance with this Privacy Policy.

8. Disclosure of Your Personal Data

If Themis d.o.o. is involved in a merger, acquisition, or asset sale, your Personal Data may be transferred. We will provide notice before this occurs. Under certain circumstances, we may also be required to disclose your Personal Data if required by law or in response to valid requests by public authorities.

We may disclose your Personal Data in good faith when necessary to comply with a legal obligation, protect and defend the rights or property of Themis d.o.o., prevent or investigate possible wrongdoing in connection with the Service, protect the personal safety of users or the public, or protect against legal liability.

9. Third-Party Services

Analytics

We use Google Analytics, a web analytics service offered by Google that tracks and reports website traffic. Google may use this data for its advertising network. You can opt out by installing the Google Analytics opt-out browser add-on. For more information, see Google’s Privacy Policy.

Payments

We use third-party payment processors for paid services. We do not store or collect your payment card details — that information is provided directly to our processors, who are PCI-DSS compliant. We work with Stripe and PayPal / Braintree.

10. Security of Your Personal Data

The security of your Personal Data is important to us. While we strive to use commercially acceptable means to protect your data, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee its absolute security.

11. Children’s Privacy

Our Service does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from children under 13. If you are a parent or guardian and believe your child has provided us with Personal Data, please contact us and we will take steps to remove that information from our servers.

12. Your Data Protection Rights

Depending on your location and applicable laws, you may have certain rights regarding your personal information. We honour these rights regardless of your location. You may request a copy of the personal information we hold about you in a structured, machine-readable format, or request that we delete your personal information, unless we are legally required to retain certain data.

To submit a data access or deletion request, contact us using the details in Section 16. We will respond within 30 days and may need to verify your identity before processing your request.

13. Service Providers

We may employ third-party companies and individuals to facilitate our Service, provide the Service on our behalf, or assist us in analysing how our Service is used. These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

15. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. When we do, we will update the effective date at the top of this page and, where the changes are material, notify you by email or by a prominent notice within the platform.

Your continued use of the Service after changes take effect constitutes your acceptance of the revised Policy.

16. Contact Us

If you have any questions about this Privacy Policy, please contact us: