Privacy Policy

Effective date: 28 May 2026 · Applies to www.greenflow.ie

1. Data Controller & Contact

Data Controller (legal entity):
Green Flow d.o.o.
Savska cesta 41, 10000 Zagreb, Republic of Croatia
OIB: 92557545052 · MBS: 06140386
Registered with the Commercial Court of Zagreb (Trgovački sud u Zagrebu)
Director: Ante Lelas

Irish Business Operations:
Green Flow Ireland
51 Bracken Road, Sandyford Business Park, D18 CV48, Dublin, Ireland

For data protection inquiries:
Email: info@greenflow.ie · Phone: +353 83 406 9819

Supervisory authorities: Croatian Personal Data Protection Agency (AZOP) acts as the lead supervisory authority. Irish residents may also lodge complaints with the Irish Data Protection Commission (DPC).

2. Scope

This Policy explains how Green Flow d.o.o. ("Green Flow", "we") collects, uses and protects personal data of visitors and B2B customers of www.greenflow.ie. It applies in addition to the EU General Data Protection Regulation (Regulation (EU) 2016/679, "GDPR") and Croatian data-protection law.

3. Personal data we collect

Submitted via forms:

Name, position, company name
Email address, phone number
Shipping / billing address (for samples and B2B orders)
EU VAT number (where relevant for reverse-charge invoicing)
Facility / project details you provide

Collected automatically:

IP address, browser, device and operating system data
Pages viewed, referrers, session analytics
Cookies (see Cookie Policy)

4. Legal basis (GDPR Art. 6)

Contract performance (Art. 6(1)(b)) — processing samples, quotes and B2B orders
Legitimate interest (Art. 6(1)(f)) — B2B outreach, customer support, anti-fraud, service improvement
Consent (Art. 6(1)(a)) — newsletter sign-ups and non-essential cookies; you can withdraw consent at any time
Legal obligation (Art. 6(1)(c)) — tax, accounting and customs records under Croatian law

5. How we use your data

Process sample requests, quotes, B2B orders and partnership applications
Respond to inquiries and provide after-sales support
Issue invoices under EU reverse-charge VAT for VIES-registered B2B customers
Send opt-in updates about products, certifications and case studies
Maintain and improve www.greenflow.ie

6. Sharing & processors

We do not sell or rent personal data. We share it only with:

Hosting and form processing — Netlify, Inc. (US, EU data regions; Standard Contractual Clauses)
Analytics providers — Google LLC (Google Analytics) if enabled with consent
Email marketing tools — only with explicit opt-in
Shipping and logistics partners (for sample / order delivery)
Accounting and tax advisors bound by professional confidentiality
Public authorities where strictly required by law

7. International transfers

Some of our processors (e.g. Netlify, Google) may process data outside the European Economic Area. Where this occurs, transfers are protected by European Commission adequacy decisions or Standard Contractual Clauses (SCCs) as required under Chapter V GDPR.

8. Retention

We retain B2B contact and transaction data for up to 7 years after the end of the business relationship, as required by Croatian tax and accounting law. Marketing-only data is deleted within 24 months of last interaction or earlier if consent is withdrawn.

9. Your rights

Under the GDPR you have the right to:

Access the personal data we hold about you
Request rectification or erasure
Restrict or object to processing
Data portability
Withdraw consent at any time (without affecting lawful processing before withdrawal)
Lodge a complaint with a supervisory authority

To exercise these rights write to info@greenflow.ie.

10. Supervisory authorities

Because Green Flow is established in Croatia, our lead supervisory authority is the:
Croatian Personal Data Protection Agency (AZOP)
Selska cesta 136, 10000 Zagreb, Croatia · azop.hr

Irish data subjects may also file complaints with the:
Data Protection Commission (DPC)
6 Pembroke Row, Dublin 2, D02 X963, Ireland · dataprotection.ie

11. Security

We implement appropriate technical and organisational measures (encryption in transit, access controls, vendor due-diligence) to protect personal data from unauthorised access, loss or disclosure.

12. Children

Our website is a B2B platform and is not directed at children under 16. We do not knowingly collect data from children.

13. Cookies

See our separate Cookie Policy for opt-in details and a list of cookies used.

14. Changes

We may update this Policy from time to time. The "Effective date" at the top shows the latest revision.

15. Contact

Green Flow d.o.o., Savska cesta 41, 10000 Zagreb, Croatia
Email: info@greenflow.ie
Phone: +353 83 406 9819