skip to Main Content


This post is also available in: Italiano Español Français

1. Take care of who is managing your data and why he/she is doing this

Is less probably that your data are used in a improper way in cases in which are provided in compliance with the legislation and when exist a legitimate purposes for the provision of personal data, for example the provision of personal data to the employer, doctor, government, agencies and other services providers for the provision of those contracting services, etc. the provision of data to banks in which the person is a client and other juridical persons and/or public bodies with the purpose of regulate the mutual relationships.

This means, in those relationships in which there is the possibility to control (supervise) on personal data processing, because it is known who, how, based on what and for which purposes it will be processed personal data.

In situations in which you provide personal data to unknown persons or you uncritical sleep off without thinking about the aim and the reason for which you provide them and to who.

It is completely uncertain for which aim they will (improperly) used!

  1. store personal information on no-authorized access with complex passwords.

The recommendation of the Agency is that users created a complex password different from any access to the internet service or other services that they use for gaining the access to this service and do not use the same username and password for more services.

A security and complex password includes:

  • 16 or more characters (the more they are, the best will be the password):
  • Upper cases (ABCDFGH…)
  • Lower cases (abcdefgh…)
  • Numbers (3123456,)
  • Symbols (@ # $% {} [] () / \ ‘”,;:. <>…).

We recommend to citizens, in accordance with institution of the National CERT service “Have I Been Pawned” by the link to control ALL their email addresses that uses as username in order to have the access to internet services (not only those one who defines on .hr) are compromised, this means are into the hacker’s database. If they discover that a particular email address has been compromised, we recommend to do the following:

  • change your password of this email address with a complex new one
  • create a new specific password different from all the internet and internet services for which it was used this email address as an access (for example, social network, internet shop, etc.). if it is offered, it is better to use the two authentication factors.
  1. Before throwing you personal information, think carefully: what can happen if anyone can find them?

List with personal information that you do not need anymore, destroy them!

  1. consider where you leave your personal information

If you left some personal data on a social network, you left other personal data on another company network, in an easily accessible third party – you also left some of your personal data, you may not even be aware that you are in another but easily accessible places leave an entire set of personal data that can be associated and then used improperly.


Back To Top