10+
products

6
microgreen varieties

100%
pesticide-free

3
languages

✓ EU registrirano poduzece ✓ Bez pesticida i GMO-a ✓ SSL secured ✓ Satisfaction guarantee ✓ Money-back guarantee ✓ Privacy Policy ✓ Terms of Service

Limited time: Exclusive free shipping on all Shilajit orders this month. Only 5 spots left — don't miss out, act now! Order Now

Proizvodi

Mikrobilje — 6 sorti, 4-6€/100g, svježe rezano, bez pesticida
Suvarna Shilajit 25g — 44,44€ — 70,95% fulvinske kiseline, 85+ minerala
Suvarna Shilajit 50g — 77,77€
Suvarna Shilajit 100g — 133,33€
Lauha Shilajit 25g — 55,55€
Lauha Shilajit 50g — 88,88€
Lauha Shilajit 100g — 144,44€
Ashwagandha Prah 100g — 44,44€ — Withania somnifera, divlje rastuća
Ashwagandha Prah 200g — 77,77€
CBD Ulje 10ml (6% CBD + 4% CBG) — 99,99€
CBD Ulje 20ml (6% CBD + 4% CBG) — 188,88€
Heirloom sjemena — Volovsko Srce, White Beauty, Green Zebra, Blue Pearl — od 3,99€

Trusted by customers across Croatia

★★★★★ 4.9/5 customer rating

"Najbolje mikrobilje koje sam probala. Svježe, ukusno i dostava je brza. Definitivno narucujem opet!"
— Ana M., Zagreb

"Shilajit je top kvalitete. Osjecam razliku u energiji vec nakon tjedan dana. Certificiran i pravi deal."
— Marko K., Split

Faga.bio — INDI vl. Monika Kunstek | Draskovic 3 A-D, 42220 Novi Marof | OIB: 66987567542

Privacy Policy

Effective: April 29, 2026 · Version 2.0

This document describes how Faga.bio (INDI vl. Monika Kunstek) collects, processes, stores, and protects your personal data in accordance with the EU General Data Protection Regulation (GDPR — Regulation (EU) 2016/679) and the Croatian Personal Data Protection Implementation Act (NN 42/18).

1. Data Controller

INDI vl. Monika Kunstek
Drašković 3 A-D, 42220 Novi Marof, Croatia
VAT ID (OIB): 66987567542
Email: info@indi-24.de · Phone: +385 99 381 8371

For data protection inquiries please contact us at the email address above. We are not required to appoint a Data Protection Officer (DPO) as our processing does not meet the criteria of Art. 37 GDPR.

2. What Personal Data We Collect

2.1. Data You Actively Provide

Order data: first and last name, delivery and billing address, email, phone number, order history.
Newsletter: email address (only upon subscription).
Contact form: name, email, message content.
Communication: content of email or phone correspondence with us.

2.2. Automatically Collected Data on Visit

Server logs: IP address (anonymized), browser type, operating system, date and time, page accessed, referrer URL. Storage: 7 days, exclusively for security incident detection.
Technical cookies: session ID for cart functionality (temporary).
Anonymous analytics: via Umami Analytics (self-hosted, cookie-free) — visit counts, popular pages, traffic sources, device type. We do not collect IP addresses, fingerprints, or personal identifiers.

3. Legal Bases for Processing (Art. 6 GDPR)

Art. 6(1)(b) GDPR — performance of contract: processing order data for delivery, payment, and purchase fulfillment.
Art. 6(1)(a) GDPR — consent: newsletter (revocable at any time), optional marketing communications.
Art. 6(1)(c) GDPR — legal obligation: retention of invoices and tax documentation (10 years per Croatian Tax Act).
Art. 6(1)(f) GDPR — legitimate interest: website security, fraud prevention, anonymous analytics for service improvement.

4. Data Processors and Recipients

We share your data only with parties necessary for service fulfillment. Each processor has signed a Data Processing Agreement under Art. 28 GDPR.

4.1. Payment Processing — Stripe

Stripe Payments Europe, Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland. Stripe receives: name, email, billing address, card data (PCI-DSS Level 1 certified). Privacy: stripe.com/privacy. Legal basis: contract performance (Art. 6(1)(b)). Stripe may transfer data to the US under the EU-US Data Privacy Framework.

4.2. Shipping — Croatian Post and Partners

Address, name, and phone number are forwarded only to the chosen shipping provider (Hrvatska pošta, GLS, DPD, or courier service) for parcel delivery.

4.3. Hosting — 1&1 IONOS

1&1 IONOS SE, Elgendorfer Straße 57, 56410 Montabaur, Germany. Server location: Germany (EU). Privacy: ionos.com/terms/privacy-notice.

4.4. Analytics — Umami

Umami Analytics is self-hosted on our server. It uses no cookies and sends no data to third parties. Anonymous statistics remain exclusively on our infrastructure.

4.5. Newsletter (if subscribed)

Newsletters are currently sent directly from our server, without external services. You may unsubscribe at any time via the link in any email or by emailing us.

5. Cookies

Faga.bio uses a minimal number of cookies. Overview:

session_id — technical cookie for session and cart, deleted when browser closes.
faga-lang — local storage (not a cookie) for language preference; remains only on your device.
cookie-consent — stores your choice in the consent banner (1 year).

We do not use tracking cookies, advertising cookies, or share behavioral data with third parties.

6. Retention Periods

Invoices and tax documents: 10 years (Croatian Tax Act Art. 86).
Newsletter subscription: until unsubscribe.
Server logs: 7 days.
Contact inquiries: 3 years (statute of limitations under Obligations Act).
Customer account: until deletion, max. 5 years after last activity.

7. Your Rights Under GDPR

You have the following rights regarding your personal data. To exercise any right, send an email to info@indi-24.de with subject "GDPR Request". Response within 30 days.

Right of access (Art. 15): request confirmation of processing and a copy of your data.
Right to rectification (Art. 16): correct inaccurate or complete incomplete data.
Right to erasure / "right to be forgotten" (Art. 17): request deletion when no legal basis remains.
Right to restriction of processing (Art. 18): in certain cases restrict our processing.
Right to data portability (Art. 20): receive your data in a structured, machine-readable format.
Right to object (Art. 21): object to processing based on legitimate interest.
Right to withdraw consent (Art. 7(3)): at any time, without justification.
Right not to be subject to automated decision-making (Art. 22): not applicable to us — all decisions are made manually.

8. Data Security

The website uses HTTPS (TLS 1.3) for encrypted communication. Data is stored on EU servers with regular security patches. Access is limited to persons who require it for task performance. In case of a personal data breach posing high risk to you, we will notify you and the supervisory authority (AZOP) within 72 hours.

9. International Data Transfers

We process your data primarily in the EU. The exception is Stripe (may transfer data to the US under the EU-US Data Privacy Framework, recognized as adequate by the European Commission — Decision 2023/1795).

10. Right to Lodge a Complaint with Supervisory Authority

If you believe our processing of your data violates the GDPR, you have the right to lodge a complaint with the supervisory authority. In Croatia this is the Personal Data Protection Agency (AZOP), Selska cesta 136, 10000 Zagreb, email: azop@azop.hr, web: azop.hr. You may also lodge a complaint with the supervisory authority in your country of residence.

11. Changes to This Policy

We may update this privacy policy from time to time to maintain legal compliance or reflect changes in our business. The effective date appears at the top. We will announce material changes on the website and, where applicable, by email to registered users.

12. Minors

Our service is not directed to persons under 16 years of age. We do not knowingly collect data from persons under 16. If we become aware of such processing, we will delete the data immediately. Parents or guardians are asked to inform us if they suspect such processing.

100% prirodno — bez pesticida, bez GMO-a