Privacy Policy

Who Are We?

The owner of the website www.bitf.rs is the Business Technology Incubator of Technical Faculties Belgrade (BITF), located at Veljka Dugoševića 54, Belgrade. BITF is registered under number 20183926 and has a VAT number of 104625646. The director of BITF is Jovana Vasić. You can contact us by phone at +381113370950 or via email at office@bitf.rs.

BITF is the data controller responsible for processing and safeguarding your personal data.

We respect your privacy and are committed to protecting your personal information. This Privacy Policy explains the types of personal data we collect, the purposes and legal grounds for processing that data, the security measures we have in place to protect your information, the third parties we may share your data with, the retention period for your data, and your rights regarding personal data protection.

This Policy applies to all visitors of our website. If you have any questions about this Policy or want to exercise your rights, please contact us at office@bitf.rs with the subject line “Personal Data Protection.”

Key Terms

Each of the terms defined below has a specific meaning within the context of this Policy:

  • Personal Data refers to any information that can be used to identify an individual (e.g., name, surname, email address, IP address, city, phone number).
  • Sensitive Data refers to information relating to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, sexual life or orientation, genetic data, criminal records, and biometric data used for the purpose of unique identification.
  • Visitor denotes individuals who access our website without creating a user account.
  • Processing encompasses any operation performed on personal data, including collection, recording, classification, grouping or structuring, storage, adaptation or alteration, disclosure, access, usage, transmission or delivery, duplication, dissemination or otherwise making data available, comparison, restriction, deletion, or destruction.
Types of Personal Data We Collect
  • Visitor IP address
  • Visitor email address
  • Date and time of website access
  • Volume of data transmitted
  • Information about the user’s internet browser and operating system

Purpose, Legal Basis, and Method of Data Processing

The collected data is used exclusively for service quality analysis and improvement and for statistical purposes.

  • Email addresses are collected to provide updates on upcoming events, conferences, and community news.
  • IP addresses are used solely for the purpose of identifying visitors in cases of misuse or violations of our website’s terms of use.

The legal basis for processing IP addresses is the legitimate interest of the website owner in ensuring the security and integrity of the website. Collecting IP addresses may help in detecting and preventing malicious activities such as hacking, identity theft, and other forms of cybercrime.

The legal basis for processing email addresses is your consent. Your email address will only be used for the purpose you have selected and will not be shared with third parties without your explicit consent. You may withdraw your consent at any time, and we will cease using your email address for that purpose.

Users and Recipients of Data

Access to and processing of your data will be carried out by employees of the Science and Technology Park Belgrade, as the owner of the website.

We may share your data with third parties, including providers of advertising and marketing services, as well as any recipient if required by law or based on a court order.

All recipients of your personal data are obligated to take all appropriate technical, organizational, and personnel measures to ensure the security of your personal data.

Data Retention Period

We retain your data only for as long as necessary to provide you with our services and fulfill the purposes described in this policy. Once the conditions for retaining this data are no longer met, we delete and remove it from our databases no later than within one month.

Protection of Your Personal Data

The platform protects your data using the following security measures:

  1. We encrypt and store your personal data in a secure cloud. We follow widely accepted industry standards to protect the personal data we receive, both during transmission and after receipt, using various security technologies and procedures to prevent loss, misuse, unauthorized access, or disclosure of information. For example, we use encryption technologies such as SSL (Secure Sockets Layer) to protect sensitive information like location data and TLS (Transport Layer Security) for encrypting data from the application to the server. Unfortunately, no method of data transmission over the Internet or electronic storage is 100% secure. We regularly monitor our systems for potential vulnerabilities and attacks. However, we cannot guarantee the security of any data you send to us. Therefore, while we strive to protect your personal data, we cannot guarantee its absolute security.
  2. For the security of your personal data, we have adopted appropriate technical and organizational measures, including:
    • Regular and effective updates of software and hardware where your personal data is stored,
    • Protection of access to personal data,
    • Creation of backup copies,
    • Training of employees who process personal data as part of their duties,
    • Monitoring and appropriate action in case of potential security incidents, to prevent or minimize damage to personal data.

Transfer of Personal Data

We do not share your personal data with third parties, unless specifically stated and with your explicit consent in this regard.

Links to Third Parties

NTP provides links on its website that allow you to connect to other websites (Facebook, Instagram, YouTube, LinkedIn), just as those sites may link to ours.

It is important to note that other websites operate according to their own Terms of Use and Privacy Policies, and we have no control over them. We do not possess their data, nor can we guarantee or be responsible for any content, advertisements, products, or other materials available on those websites.

Your Rights

Regarding the processing of personal data, you have the following rights:

  1. Right to Access Your Personal Data
    At any time, you have the right to request access to your personal data, receive information about the purposes for which your data is being used and processed, the category of your personal data that we store, and the period for which we process and store your data. You may also request information about third parties and the category of third parties with whom we share your data.
  2. Right to Receive a Copy of Your Personal Data
    You have the right to request a copy of the personal data we process. We can provide you with the copy electronically, in a commonly used electronic format, unless you request the copy to be provided in another way.
  3. Right to Rectify and Supplement Your Personal Data
    It is important to us that your data is accurate and complete. You have the right to request that any incorrect data be erased or corrected immediately, as well as to request that we supplement and update your data if it is outdated.
  4. Right to Erase Your Personal Data
    If you wish to have your data deleted or if you want us to stop processing it, you may contact us. If your data is necessary to fulfill contractual obligations, and you request its deletion, please note that in such cases, the contractual obligations may not be fulfilled.
  5. Right to Restrict the Processing of Your Personal Data
    If you dispute the accuracy of your personal data, in cases where the processing is unlawful, and you oppose the deletion while requesting a restriction of its use, or if we no longer need the data but you require it for the submission, establishment, or defense of legal claims, or if you have filed an objection to the processing of data under Article 37, Paragraph 1 of the Personal Data Protection Act and an assessment is ongoing to determine whether the legal basis for processing by the controller overrides your interests.
  6. Right to Object
    It is important to know that at any time you have the right to object to the processing of your data. You also have the right to object to the processing of your personal data for direct marketing purposes, including profiling to the extent it is related to such direct marketing.
  7. Right to Data Portability
    If the processing of data is based on your consent or is automated, you have the right to request that your personal data be transferred to another data controller.
  8. Right to Withdraw Consent
    When processing is based on your consent, you have the right to withdraw it at any time. Please note that if you withdraw your consent, the withdrawal will not affect the lawfulness of the processing based on your consent before its withdrawal.
  9. Right to File a Complaint with the Commissioner
    If you believe that the processing of data is in violation of the law, you have the right to file a complaint with the Commissioner for Personal Data Protection.

You can exercise the above rights by contacting us at the following email address: office@ntpark.rs.

Competent Authority

The competent authority for personal data protection is the Commissioner for Information of Public Importance and Personal Data Protection of the Republic of Serbia. You can contact the authority at the address Bulevar kralja Aleksandra 15, 11000 Belgrade, Republic of Serbia, via email at office@poverenik.rs, or by phone at +381 11 3408 900.

Final Provisions

This Policy is effective as of January 1, 2021. In case of any changes, we will notify you in advance. You are considered to have accepted the new version of this Policy if you continue to use our portal, as determined by this Policy, since the new version of this Policy has come into effect.