+382 69 300 222
en

Privacy Policy

Personal Data Processing Policy

1. General Provisions

This Personal Data Processing Policy has been prepared in accordance with the requirements of the Personal Data Protection Law (PDPL) (hereinafter referred to as the “Personal Data Law”) and determines the procedure for processing personal data and the measures taken by Prometheus Real Estate (hereinafter referred to as the “Operator”) to ensure the security of personal data.

1.1. The Operator considers the observance of human and civil rights and freedoms during the processing of personal data, including the protection of the right to privacy, personal and family secrets, as its most important goal and condition for conducting its activities.

1.2. This Policy applies to all information that the Operator may obtain about visitors of the website https://www.prometheyre.com/.

2. Key Terms Used in This Policy

2.1. Automated processing of personal data – processing using computer technology.

2.2. Blocking of personal data – temporary suspension of processing, except when processing is necessary for verification.

2.3. Website – a set of graphic and informational materials, software, and databases accessible online at https://www.prometheyre.com/.

2.4. Personal data information system – a set of personal data contained in databases, and the technologies and equipment used for their processing.

2.5. Depersonalization of personal data – actions making it impossible to determine the subject of the personal data without additional information.

2.6. Processing of personal data – any action or set of actions with or without automation tools, including collection, recording, systematization, accumulation, storage, clarification (updating or modification), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.

2.7. Operator – a state, municipal authority, legal or physical person, organizing and/or processing personal data, determining the purposes, scope, and operations on personal data.

2.8. Personal data – any information related directly or indirectly to an identified or identifiable User of the website https://www.prometheyre.com/.

2.9. Personal data made public by the data subject – personal data to which the data subject has provided access for an unlimited number of persons by consenting to such disclosure.

2.10. User – any visitor to the website https://www.prometheyre.com/.

2.11. Provision of personal data – actions aimed at disclosure of personal data to a specific person or a group of persons.

2.12. Dissemination of personal data – any actions aimed at disclosure to an indefinite circle of persons or making personal data publicly available.

2.13. Cross-border transfer of personal data – transfer of data to a foreign country’s authority, individual, or legal entity.

2.14. Destruction of personal data – actions resulting in irreversible loss of personal data or destruction of the physical storage media.

3. Key Rights and Obligations of the Operator

3.1. The Operator has the right to:

  1. Request reliable personal data or supporting documents from the subject;
  2. Continue processing personal data without consent if permitted by law;
  3. Independently determine necessary and sufficient measures for compliance with the law, unless otherwise stated by federal law.

3.2. The Operator is obliged to:

  1. Provide information on data processing to the data subject upon request;
  2. Process data in accordance with Montenegrin law;
  3. Respond to data subject or their legal representative requests;
  4. Notify the authorized body for data protection within 10 days upon request;
  5. Publish or otherwise make this Policy publicly accessible;
  6. Take legal, organizational, and technical measures to protect personal data;
  7. Cease processing, provision, or dissemination of data in accordance with legal requirements;
  8. Comply with other obligations stipulated by the Personal Data Law.

4. Key Rights and Obligations of Data Subjects

4.1. Data subjects have the right to:

  1. Access information about their data processing;
  2. Request rectification, blocking, or deletion of incorrect or unlawfully obtained data;
  3. Require prior consent for use of data for marketing purposes;
  4. Withdraw consent and request termination of processing;
  5. Appeal to supervisory authorities or the courts for unlawful actions;
  6. Exercise other rights under Montenegrin law.

4.2. Data subjects are obliged to:

  1. Provide accurate information to the Operator;
  2. Inform the Operator of updates or changes to their data.

4.3. Persons who submit false data or third-party data without consent are liable under Montenegrin law.

5. Principles of Personal Data Processing

5.1. Lawful and fair processing.

5.2. Purpose limitation.

5.3. Prohibition of incompatible processing.

5.4. Relevance to processing purposes.

5.5. Data minimization.

5.6. Accuracy, sufficiency, and up-to-dateness.

5.7. Storage only as long as necessary. Destruction or anonymization upon reaching the purpose or loss of necessity.

6. Purpose of Personal Data Processing

  1. Purpose: To inform the User by email;
  2. Personal Data: Surname, first name, patronymic, phone numbers;
  3. Legal Grounds: Charter (founding documents) of the Operator;
  4. Types of Processing: Collection, recording, systematization, accumulation, storage, destruction, anonymization.

7. Conditions for Processing Personal Data

7.1. Based on consent.

7.2. Required to fulfill legal or treaty obligations.

7.3. Required for judicial or enforcement acts.

7.4. Required for performance or conclusion of a contract involving the data subject.

7.5. Required for Operator’s or third parties’ legitimate interests without violating the subject’s rights.

7.6. For data made public by the subject.

7.7. Required by law for publication or disclosure.

8. Procedure for Collection, Storage, Transfer, and Other Processing

  1. Security ensured through legal, organizational, and technical measures.
  2. Operator guarantees data confidentiality and excludes unauthorized access.
  3. Data is not shared with third parties unless required by law or consented by the subject.
  4. Data subjects may update their data via email at info@prometheyre.com.
  5. Data is processed until the purpose is fulfilled or consent is withdrawn.
  6. Third-party services (e.g., payment systems) process data under their policies, and the Operator is not liable for their actions.
  7. Public interest processing is exempt from certain restrictions.
  8. Confidentiality and secure storage are ensured.

9. Operator’s Actions with Personal Data

9.1. The Operator performs collection, recording, systematization, accumulation, storage, clarification (updating or modification), retrieval, usage, transfer (dissemination, provision, access), anonymization, blocking, deletion, and destruction of personal data.

9.2. The Operator carries out automated processing with or without network transmission.

10. Cross-Border Transfer of Personal Data

10.1. The Operator must notify the authorized body before engaging in cross-border transfers.

10.2. Prior to notification, the Operator must obtain required assurances from the foreign recipients.

11. Confidentiality of Personal Data

The Operator and other persons with access to data must not disclose or distribute personal data without the subject’s consent unless legally required.

12. Final Provisions

12.1. Users may contact the Operator at info@prometheyre.com for clarification regarding data processing.

12.2. This Policy is subject to updates. It remains valid until replaced by a new version.

12.3. The current version of the Policy is freely available on the Internet at https://www.prometheyre.com/en/privacy-policy-en/.

Get a free consultation