Privacy Policy



1) Definitions

“Android / IOS application” is a mobile phone application through which Service users can pay Services. Android / IOS application is owned by Beograd na vodi d.o.o./the Intermediary.
“Internet portal” is a web site on which the Service users open accounts, through which they manage accounts, and which portal serves to pay for the Services. Internet portal is owned by the Intermediary.;
„Intermediary“ In terms of article 40 paragraph 5 of the Law on Housing and Building Maintenance, is Belgrade Waterfront llc Belgrade, Karadjordjeva 48, registry no: 21033391, tax id no: 108608107. Key role of the Intermediary is to supervise quality of the Services. Beograd na vodi d.o.o. is developer of “Belgrade Waterfront” project and has interest that building management and maintenance activities are performed continuously and to a high standard. Services Provider is obliged to observe instructions of the Intermediary. Beograd na vodi d.o.o. itself may also be a Service Provider.
“Service provider” is an entity contracted by Owners Association for provision of Services;
„Services“ means those services as defined under an agreement between Owners Association and Service Provider such as professional building management services, cleaning and maintenance of the common areas of the building and the land for its regular use, unified billing, security services, hosting services, waste collection, pest control, as well as all other services which Service provider offers and executes to Service users, in the course of its professional business activity, including additional services;

Service user/users are owners i.e. users of separate parts, apartments and business premises in the buildings within Belgrade Waterfront project, who mutually form Owners association;

2) Subject

The subject of these Payment Terms and Conditions is to regulate certain aspects of the payment executed by the Service User to the Service Provider for Services via the Internet portal or the Android / IOS application. Payment through the Internet portal or the Android / IOS application is an advanced user service provided to the Service users, for easier access to the Service Provider’s invoices, additional services provided by the Service Provider, and facilitated payment for the services provided. In the event that the Service user opts not to execute payments through internet portal or Android/IOS application, the Service Provider shall provide the invoice for the Services to the address of Service user.

In accordance with an Agreement between the Owners Association and the Service Provider in consideration of the Services, the Service Provider is entitled to a fee („Fee“).

Fee to the Service Provider is paid in the manner that Service users shall pay monthly assessments/proportionate part of the Fee to the bank account of the Service Provider. Service users may if they so wish pay the Fee also through internet portal or Android/IOS application.

In the event of additional services, requested by the Service users, Fee for these additional services will be invoiced by the Service provider on occurrence and delivered in the same above described manner.

Service Provider shall invoice unit owners for the Services, through internet portal or Android/IOS application, at the latest until 10th in the month for the previous month. After delivering the Invoice, Service user can make the payment through internet portal or Android/IOS application.

The Fee shall be computed in RSD by applying median exchange rate of the National Bank of Serbia at the date of issuing invoice, increased for the amount of VAT.

Deadline for payment of invoice shall be specified on it. In case of nonpayment or delay in payment the Service Provider shall have statutory prescribed rights against Service user as the debtor including right to calculate default interest.

When making payment through internet portal or Android/IOS application, Service user inserts personal data, name and surname as well as the number of payment card.

Payment for services through internet portal or Andorid/IOS application can be performed in one of the following manners: by credit/debit card – VISA, Maestro or MasterCard, which support on-line payment. Paying with credit/debit cards is done in cooperation with AllSecure doo and UniCredit Bank Beograd and it is done in a secured and certified manner through AllSecure Payment Gateway, simply by entering the credit/debit card information.

Please note that all payments will be effected in the Serbian currency – dinar (RSD). If the payment is done using foreign issuers payment cards, total amount of transaction will be converted into bank settlement currency (EUR), according to the current exchange rate of the National Banka of Serbia. Once the transaction is settled the already converted amount will be converted into your local currency according to the exchange rate of credit card associations. As a result of this conversion there is a possibility of a slight difference from the original price in RSD.

After the information is entered and the payment is confirmed, the bank authorizes the transaction and transfers the amount from the bank account of the Service user to bank account of Service provider, by which the payment is executed.

When entering the credit/debit card information, confidential information is transferred through public networks in a protected (encrypted) form by using SSL protocols, applying the most up-to-date methods of tokenization of sensitive information, and in accordance with PCI-DSS standards. Data protection while paying on-line is guaranteed by the processor of the credit/debit cards, UniCredit Bank Beograd. Credit/debit card information is not available to the Services provider at any time.

3D Secure protection – AllSecure Payment Gateway uses the highest possible global standards of information privacy and protection. Credit/debit card numbers are not kept in the system of the Service provider, and the information which is entered is protected by SSL data encryption.

PCI DSS Standards – AllSecure Payment Gateway is constantly updated according to the requests of the credit/debit card companies, in order to maximize the level of safety for the merchants and the buyers. Since 2005 to this day, without interruption, the system was certified as PCI-DSS Level 1 which represents the highest industry standard. PCI Data Security Standard (PCI-DSS) is a model which defines the necessary security measures while processing, storing and transferring sensitive credit/debit card data. PCI Standards are protecting the sensitive information on the credit/debit card holder, throughout the entire payment process: from the moment of entering the information, through the communication between the Service provider and the relevant banks and credit/debit card organizations, as well as storing that information later.

When the information on the credit/debit card holder, is TOKENIZED (stored in a certified manner for later use), that information is stored on AllSecure PCI-DSS level 1 certified servers. Tokenized credit/debit card information is transferred in a completely secured and certified manner. Service provider does not have access to the information on the credit/debit card number or any other sensitive information, at any time. Service user has the possibility to unregister the previously registered card, as well as to change the details or the previously tokenized card.

In the event of a refund to the Service user (for the reasons of wrong payment, excess amount of payment or any other reason), and when the User of services has paid online or through the Android/iOS application with one of the credit/debit cards, partially or in full, regardless of the reason for the refund, that refund is processed exclusively through the same VISA, Maestro or MasterCard which was used for the payment. Service providers bank will, at the Service provider’s request, perform the refund to the account of the credit/debit card user- Service user. Refund expenses will be borne by the Service user.

3) Instruction for using the Internet portal

Service user is registered on the internet portal, by accessing the internet address ,
thus creating an account in his name. While creating the account, Service user enters his first and last name, address, exact number of the unit which he owns, i.e. for which he pays Services, e-mail and telephone number, as well as the credit/debit card number of the card which will be used for payment of Services. Legal ground for processing personal data is consent of the Service user, execution of the Agreement and performance of statutory obligations of the building manager (article 50 paragraph 1 point 6 of the Law). While creating the account, Service User is informed of data processing matters and consents to processing of personal data in accordance with Privacy policy. Account access is protected with a password which the Service user creates himself. For disclosure of the password by the Service user to a third party, the Service Provider is not liable. Creating account is voluntary, Service user may at any time request deletion of its account.

Service user manages his account by himself and if necessary changes the entered data.

Service provider can communicate with the Service user, through the registered account, deliver invoices for provided services, and notify him on new services which were made available by the Service provider.

By accessing his account on the internet portal, the Service user has the possibility to view his due, yet unpaid invoices, services which he is charged for, offer of extra services which the Service provider can offer to the Service user.

Invoices and notices which are delivered through the internet portal are considered orderly delivered at the moment when the Service provider sends them to the Service user.


Cookie is information which is stored on Your computer by the internet page You visit. Cookies usually save Your settings, internet page settings, such as preferred language or address. Later, when You open the same internet page, the internet browser sends back the cookies which belong to that page. This enables the page to recognize You and to show You information which was best suited for Your needs. If you do not wish for our Web site to have access to Your cookies, you can block them. Most web browsers allow You to block cookies. You can do that in Settings of Your web browser.

4) Privacy notice

This Notice serves to inform you about personal data processing in relation to the use of Internet portal and the Android/iOS application aimed for use by owners of properties within Belgrade Waterfront communities. Use of the Internet portal and the Android/iOS application means that you are sharing with us data about you, your property and information arising from use of devices connected to internet.

Your personal data are collected and processed by Beograd na vodi d.o.o., Beograd, Karadjordjeva 48, corporate id no 21033391 (“Belgrade Waterfront”), as further detailed in this Personal Data Processing Notice. This means that in accordance with the law Belgrade Waterfront is accountable for processing of your personal data.
For any questions about processing of your personal data and to exercise your rights you can contact us by email [email protected] or write to our office address:

Beograd na vodi d.o.o., Beograd – Savski venac,
Karadjordjeva 48,
11000 Beograd.

– Manner of collecting and using data

While visiting the internet portal and the Android/iOS application the controler collects the personal data of the Service user, which is necessary to create the account, set up the account, as well as for charging for the Services. Service user’s personal data is used exclusively for the purpose of securing payment for the provided services, executing Service user’s requests, adjusting, i.e. personalizing the service offer, updating the internet portal and the Android/iOS application, checking of administrative tasks, contacting the Service user, and also in order to cooperate with the law enforcing institutions.

Personal data which the Service provider can collect and use, are those personal data required for providing the Services, as follows:

– Basic information (name and title);

– Contact information, (residential address/seat address, e-mail address, telephone number(s));

– Commercial information (such as history of service requests, invoices, payment history, information on paid and unpaid invoices for the Services);

– Technical information (IP address and other information which is collected while visiting the internet portal and the Android/iOS application or in relation to the materials and communication which the Service provider directs to the Service user, electronically);

– such other data which the Service user voluntarily makes available to the Service provider. (Photos/media)

Legal basis for processing is your consent, performance of contractual obligations, as well as compliance with a legal obligation to which the controller is subject.
Legal basis for the processing is also our legitimate interest that follows from the said purposes of data processing.

Access to functions on your mobile device
After downloading the Android/iOS application, you will be asked for separate consent/permission for access to certain information on your device:
Photos / media / files on your mobile device / USB memory content – It is processed only if by an “Allow” option you consented to the use of this functionality. Depending on the location, installation of the app and the available memory, these will be stored directly in the memory of your mobile device.
Camera (recorded images and videos) – Functionality is enabled only if by an “Allow” option you consented to the use of this functionality.

Legal basis for the processing of your data is your consent. You may withdraw your consent/permission at any time by change of app settings and deactivating particular function. Please note if you do not activate certain application functionalities, it will not be possible for you to use all of the Android/iOS app features (e.g. to send us images of a problem in the property, when making service request).

– Data storage and protection

Personal information is stored in a secured and classified manner. We are taking necessary technical and organizational measures in order to protect from unauthorized or illegal access and processing of your personal information.

In the event that the Service user does not want for his personal information to be used for online payment purposes, i.e. through the Android/iOS application, the Service provider will ensure another method of payment to the Service user and shall delete all collected personal data of such Service user immediately upon deactivation of Service user’s account.


Generally, we keep your data for the period necessary to achieve purpose of the processing, or for the period required by the applicable laws. If you signed an agreement with us, this means that we will keep your data for the duration of contractual rights and obligations, and thereafter for the period set out in applicable laws.
We retain your data even after the termination of our contractual relationship if we need your data for the establishment, exercise, or defence of legal claims or for compliance with a legal obligation. To the extent possible, we will limit processing of your data to such limited purposes after the termination of contractual relationship.

In our operations we use various service providers who, in accordance with our instructions, have access to your data as so-called processors.

Our related parties with whom we share IT systems, who provide us with or to whom we provide business and operations support and with whom we have signed an agreement have access to your data:

– Eagle Hills Properties LLC, Abu Dhabi, UAE, PO Box 34888
– BW Kula d.o.o., Karadjordjeva 48, Beograd
– BW Galerija d.o.o., Karadjordjeva 48, Beograd
We can reveal your data to the competent authorities and institutions upon their order or when we believe that is necessary for compliance with legal obligations, or to protect our interests.

We can disclose your data to third parties in case of corporate reorganisation, transfer, or other disposal of any part of busines or assets of Belgrade Waterfront (including mortgage foreclosure, bankruptcy or similar proceeding) or in other case of compliance with legal obligations.

TRANSFER OUTSIDE OF REPULIC OF SERBIA – In compliance with by the law prescribed rules, data are transferred and processed out of Serbia. If data are transferred to recipients outside of the countries members to the Convention of the Council of Europe for the Protection of Individuals with regard to Automatic Processing of Personal Data, transfer is done in compliance with by the law prescribed measures (e.g. by way of standard contract clauses).

Upon request, you have the right to receive information about your personal data processed by us free of charge. You have the right of rectification and deletion of your personal data, a right to limitation of processing and a right to data transferability. You have the right to object to processing done by us for our legitimate interests. You have the right not to be subject to a decision based solely on automated means including profiling, if the decision produces legal effects concerning you or significantly affects you. If our processing of your personal data takes place on the basis of your consent, you have the right at any time to revoke this consent. This revocation does not make unlawful the processing that took place before you revoked consent.

In addition, you may complain to the Commissioner for Information of Public Importance and Personal Data Protection, address: 15, Bulevar kralja Aleksandra str, Belgrade 11120, Serbia о[email protected] and you may file lawsuit to the competent court.
For any questions about processing of your personal data and to exercise your rights, you can contact us by email or by mail to the addresses from this document.

Return To Top