This Privacy Policy explains how the travel agency DOMUS DIVINA d.o.o. (“the Agency”) processes and protects personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“GDPR”), as well as other applicable regulations.
These principles apply to all users who access or use the Agency’s website, including visitors browsing the offers, individuals making accommodation bookings through the website, and anyone contacting the Agency for information, reservations, or to exercise other rights related to the Agency’s services and offers
Your security is important to us. We are committed to processing your personal data lawfully, fairly, and transparently, while protecting your privacy from unauthorized or unlawful processing, by applying high technical, security, and organizational standards.
The data controller is: DOMUS DIVINA d.o.o., Ulica Dumići 59, Grebaštica (City of Šibenik), Croatia
For any questions regarding personal data protection, you can contact us at: info@villuna.de
To provide our services and process reservations, the Agency collects and processes the following categories of personal data:
Your personal data are processed for the following purposes:
Providing personal data is necessary to conclude and execute the accommodation contract. If you choose not to provide the required data, the Agency will not be able to process your reservation.
Your personal data may be made available to:
All third parties and service providers processing personal data on behalf of the Agency are required to act strictly in accordance with the Agency’s instructions, apply appropriate technical and organizational safeguards, and are contractually bound by confidentiality and GDPR compliance.
As a rule, personal data are processed within the European Economic Area (EEA). If, in exceptional cases, data are transferred to a third country, the Agency will ensure that appropriate safeguards are implemented in accordance with the GDPR (e.g. an adequacy decision or standard contractual clauses).
The Agency retains your personal data only for as long as necessary to fulfill the purposes for which they were collected or as required by law. Once this period expires, the data are deleted, anonymized, or archived in accordance with legal requirements.
The Agency applies appropriate technical and organizational measures to ensure the security and confidentiality of personal data and to prevent unauthorized access, loss, destruction, or misuse. The website uses an SSL certificate to ensure secure communication, and data are encrypted during transmission.
Payment data are processed exclusively through certified payment service providers that comply with PCI DSS security standards. The Agency does not have access to full card numbers, security codes, or other confidential payment information.
Our website uses cookies to enhance user experience, customize content, analyze traffic, gather statistics, and support advertising. Cookies are small text files stored on your device when you visit a website. They allow the website to recognize your device and remember certain information, such as your preferences, language settings, and login details, making future visits easier and faster.
Types of cookies we use:
The website uses Google Analytics for statistical analysis of traffic and to monitor the effectiveness of content and marketing activities. Data collected through Google Analytics are anonymous or pseudonymized and used solely to improve the website and user experience.
You can manage or disable cookies in your browser settings. Please note that disabling certain cookies may affect website functionality. You can also adjust your Google ad settings through the Ads Settings tool: https://www.google.com/settings/ads.
The Agency may send information about special offers, promotions, news, and events via email newsletter or other communication channels, only to users who have given explicit consent.
Your consent is voluntary, and you can withdraw it at any time by clicking the unsubscribe link in the newsletter or by contacting the Agency at info@villuna.de. Data collected for newsletter purposes are used solely for the Agency’s marketing communications and are not sold or shared with third parties without your explicit consent.
You have the following rights regarding your personal data:
If you consider that your rights have been infringed, you may file a complaint with the Croatian Personal Data Protection Agency at its registered address or via email: azop@azop.hr.
We recommend contacting us first so we can attempt to resolve your concern amicably.
The Agency regularly reviews and updates this Privacy Policy to ensure compliance with applicable regulations and changes in business operations. All updates will be published on the Agency’s website and will take effect from the date of publication.
