Privacy policy

PRIVACY POLICY

Terzo Projekt d.o.o.
Ježdovečka 7C, 10250 Lučko, Croatia
OIB: 01883620584
Contact: booking@enjoy-zagreb.hr
Last updated: 01.06.2025.

1. INTRODUCTION

This Privacy Policy explains how Terzo Projekt d.o.o. (“we”, “our company”) collects, uses, stores, and protects personal data of its users, clients, and website visitors. Data processing is carried out by the General Data Protection Regulation (EU) 2016/679 (GDPR) and applicable Croatian laws.

2. TYPES OF DATA WE COLLECT

We only collect data necessary for the purposes of processing, including:

·        Full name

·        Email address

·        Phone number

·        Residential address (if required for invoicing or registration)

·        ID/passport details (for legal guest registration)

·        Booking details and service usage

·        IP address and technical data (when visiting our website)

3. PURPOSE OF DATA PROCESSING

Personal data is used for the following purposes:

·        Booking processing and confirmation

·        Communication before, during, and after the stay

·        Invoicing and fulfilling legal obligations

·        Registration in the eVisitor system (as required by Croatian tourism law)

·        Handling inquiries and complaints

·        Sending information about services (with prior consent)

4. LEGAL BASIS FOR PROCESSING

We process data based on:

·        Performance of a contract (e.g. accommodation booking)

·        Legal obligations (e.g. guest registration, tax regulations)

·        User consent (e.g. for marketing)

·        Legitimate interests (e.g. property protection, system security)

5. THIRD-PARTY DATA SHARING

Your data may be shared with third parties only in the following cases:

·        Legal requirements (e.g. Tax Office, Tourist Board)

·        Technical or IT service providers (under data processing agreements)

·        Accounting services (for invoicing and bookkeeping)

·        Online payment providers (e.g. Stripe)
All data sharing is secured and compliant with GDPR standards.

6. DATA RETENTION

Personal data is stored only as long as necessary for the intended purpose:

·        Booking data: up to 5 years (or longer, if legally required)

·        Accounting data: 11 years

·        Marketing data: until consent is withdrawn

7. DATA SUBJECT RIGHTS

Under GDPR, you have the right to:

·        Access your data

·        Correct inaccurate data

·        Request deletion ("right to be forgotten")

·        Restrict processing

·        Data portability

·        Object to processing

·        Withdraw consent at any time

To exercise your rights, contact: info@enjoy-zagreb.hr

8. DATA SECURITY

We apply technical and organizational measures to protect your data against unauthorized access, loss, misuse, or disclosure.

9. COOKIES

Our website may use cookies for functionality and analytics. Users can manage cookie settings in their browser.

10. CHANGES TO THIS POLICY

We reserve the right to modify this Privacy Policy. Updates will be published on our website with the effective date.