Privacy Policy


At LightFork, we value your privacy and are committed to protecting your data. These privacy rules will inform you about the purposes for which we collect and use your personal information and how you can control these processes and exercise your rights.

The goal of this privacy policy is to provide you with information on how LightFork collects and processes your data through this website, including all the information you may provide when registering for an account or purchasing a product or service from us.

This website is not intended for children, and we do not knowingly collect data related to children.

We have appointed a Data Protection Officer responsible for overseeing matters related to this privacy policy. If you have any questions regarding this privacy policy, including requests to exercise your legal rights, please contact our Data Protection Officer using the contact information provided below.

Data processing is carried out by:

LAKNER d.o.o. for trade and services

Frankopanska 1, Zagreb


As a user of our website, you have the right to receive information about the handling of your data and to make requests to exercise your rights.

What data do we have about you?

Personal data or personal information refers to any information about individuals that allows a person to be identified. We may collect various types of personal data about you, including:

  • Your general identification data (name, gender, photograph).
  • Your contact information (email, residential address, delivery address, phone number).
  • Payment data (information on the name and surname printed on the credit card).
  • Data on activities/interactions with us, including potential future interactions.
  • Demographic and interest data.

If you do not allow access to personal data

In situations where the law requires the collection of your data or under the terms of the contract we have with you if you do not provide the requested information, we may not be able to fulfill the contract we have or are trying to conclude with you (for example, if you do not provide the correct address, we cannot send you orders). In such cases, we may have to cancel the product or service you have with us, but we will inform you in advance.

For what purpose do we use your data, and why is it justified?

We will not process your data without a lawful basis for doing so. We will process your data if there is a legitimate interest or if we have obtained your prior consent to contact you via email or phone, to send your order, and for marketing campaigns.

Contact Form and Email

We use Titan Mail to process all internal emails and communicate with clients. When we receive your email, we will obtain your email address, IP address, and the information you provided in the contact form or message. We keep email communication on the server indefinitely to improve our services and provide you with adequate service.

User Account

When registering on our website, we will request your data to create your user account, necessary for order fulfillment, payment, and delivery of our products or services. During registration, we will ask for your name, gender, ID card address, delivery address, email, and phone number.

Website Traffic Analysis

We use Google Analytics to track visitors and generate information about traffic on our website. During basic information collection, we do not gather any personal data about you. If you give consent for demographic and interest tracking, Google’s data about you will be forwarded to us in an aggregate report about our website.

Marketing Campaigns

During social media campaigns or other online advertising campaigns, service providers may use cookies or pixels on our website to track and serve our ads on different platforms. In some Google campaigns, we use remarketing to optimize the display of our ads.

If you have user accounts or use services from any of the mentioned partners, you can adjust privacy settings at the following links:

Google Ads:

Facebook (Privacy Policy Opt Out):


Embedded Content from Other Websites

On some parts of our website, there is content embedded from other websites through code. Accessing this content occurs in the same way as if you accessed it on the original website, and you may download cookies that you would otherwise download by visiting that site.

Typical embedded content includes content from pages that share videos, images, etc. These pages may collect your IP address, and information about the browser and operating system, store and download cookies to your browser, and embed interaction tracking with embedded content, including linking interactions to your account on that service if you are logged in at that time.

Links to the privacy policies of the services we use are below:



Cookies are sets of information that websites store on your browser at the time of the visit or acceptance, and the browser delivers this information to the website during the next visit.

We use cookies to track our visitors, and services embedded in our site also use cookies. To use these services, you need to enable the acceptance of these cookies.

Orders and Subscription Purchases

When purchasing a subscription for meals, you provide the necessary data for the completion of your order. Employees processing your order and, in the case of online payments, our service provider partners, CorvusPay (, have access to this data. We do not store data about your credit cards; they are processed by the mentioned services.

When delivering your orders, your name, surname, and address are provided to our partners for package delivery.

Data from your account will be stored for the legally specified period.

With whom do we share your data?

In our business, we use the services of other individuals and legal entities (third parties) – data processors. The level of sharing your data with each of them depends on the specific purpose of processing and your use of our website. All our data processors have the same or higher security standards as we do. Where necessary to further increase the level of protection of your data, we have signed a Data Processing Agreement with data processors.

During our activities, your data may be accessed or forwarded to the following categories of recipients according to the principle that only those who need to know have access:

  • Our employees
  • Our contractual partners
  • Related organizations

Some of these employees, partners, and related organizations may be located outside Croatia or the EU, and by accepting the privacy rules, you give consent for this data to be transferred to these countries. In the case of purchasing specific products that include services from partner organizations, such as the Metabolic Friendly meal plan, customer data is forwarded to the Metabolic Friendly counseling service.

The above-mentioned third parties are contractually obliged to maintain the confidentiality and security of your data by applicable law.

Your data may also be accessed or forwarded to any national and/or international regulatory, executive, or public body or court, where we are required to do so by law or regulation or at their request.

If there is a need to transfer your data to third parties for reasons that were not collected in the first place or obtained later with your consent, we will allow you to express your choice.

How do we protect your data?

We have implemented appropriate technical and organizational measures to provide a level of security and confidentiality for your data.

The SSL certificate ensures the security of our site by encrypting data transmitted from your device to our server.

Our computer systems and third-party systems are protected by technical and organizational measures against unauthorized access, alteration, or dissemination of your data, as well as against loss or deletion.

Our employees are educated to handle and safeguard personal data properly.

How long do we keep your data?

Your data stored in our records will be retained for 5 years after your last interaction with us unless otherwise indicated.

What are your rights and how can you exercise them?

We provide the following rights:

  • Right of access (information about the scope and type) to your data
  • Right to rectification (concerns the data you provided)
  • Right to be forgotten
  • Right to object to the use of personal data
  • Right to data portability, i.e., the right to receive personal data or have it transmitted to a person of your choice, in a structured, machine-readable format, without hindrance from us.

Right of access:

You have the right to information about your data that we keep in memory. If you are the legal guardian of a user, you also have the right to information about the personal data of the person for whom you are the legal guardian.

Right to rectification:

You have the right to correct inaccurate personal data concerning you, which we will do in a reasonable timeframe.

Right to erasure (right to be forgotten):

You have the right to obtain the anonymization of your data without undue delay if there is no lawful reason for further processing of the data by us (e.g. if the data is no longer necessary for the purposes for which it was processed). If such a lawful reason exists, we will inform you in detail as part of our response to your request for erasure.

The right to object to the use of personal data:

If the processing of your data is based on the pursuit of our legitimate interests, you have the right to object at any time to such processing of personal data to the extent that it relates to your data. If we demonstrate compelling legitimate and lawful reasons for processing that outweigh your interests, rights, and freedoms, or if it is necessary for the establishment, exercise, or defense of our legal claims, your objection will not be upheld.

Right to data portability:
You have the right to receive the personal data you provided to us in a structured, commonly used, and machine-readable
format and to transmit it to another data controller without hindrance from us.

You can submit your request to the email address:

How will you be informed of changes to our Personal Data Processing Notice?

Any future changes to the processing of your data will be communicated to you in advance through a separate notice on this website.

If you have further questions regarding the processing of your data, we invite you to contact us:

LAKNER d.o.o. for trade and services

Frankopanska 1, Zagreb


With the designation: Attention Data Protection Officer

The policy comes into effect and begins to apply on the date of publication, and it is available on the website

In Zagreb, January 2021.