Data protection
1. General Information
This Privacy Policy explains how we collect, use, and protect your personal data when you visit and interact with the website www.golosinj.com. The processing of personal data is carried out in accordance with the General Data Protection Regulation (EU) 2016/679 (hereinafter: “GDPR”) and other applicable data protection laws of the Republic of Croatia.
By accessing our website, you accept the terms and conditions of this Privacy Policy. If you do not agree with our data processing practices, please refrain from using this website.
2. Data Controller
The data controller responsible for processing your personal data is:
ASL AGENCY d.o.o.
Tourist agency “Turist”
O.M.T. 17
HR-51551 Veli Lošinj
Tel: +385 51 236 256
Fax: +385 51 236 256
E-mail: [email protected]
Website: www.island-losinj.com
Tax number: 0699829
OIB: 65435216902
Code: HR-AB-51-040117753
3. What Data We Collect
We may collect the following categories of personal data:
-
Contact data (such as your name, email address, phone number) when you fill out contact forms or send inquiries;
-
Technical data (such as your IP address, browser type, language settings, time zone, and device identifiers);
-
Data related to your use of the website (such as pages visited, time spent on the website, and navigation paths);
-
Any other data you voluntarily provide to us (e.g., through feedback forms, newsletter subscriptions, or booking inquiries).
4. Purposes and Legal Basis for Processing
We process your personal data for the following purposes:
-
To respond to your inquiries or booking requests (based on your consent and/or performance of a contract);
-
To maintain and improve the functionality and security of the website (based on our legitimate interests);
-
To send newsletters and promotional materials if you have explicitly consented to such communication;
-
To comply with legal obligations arising from Croatian or EU legislation.
5. Data Storage and Retention
Your personal data is stored only for as long as is necessary to fulfill the purposes outlined in this Privacy Policy or as required by law. After that period, your data will be securely deleted or anonymized.
6. Data Sharing and Transfers
We do not sell, rent, or lease your personal data to third parties. However, we may share your data with:
-
Service providers who assist us in operating our website (e.g., hosting services, email platforms), under strict data protection agreements;
-
Competent authorities if required to do so by law or legal process;
-
Third-party tools such as Google Analytics, which may process data in accordance with their own privacy policies.
7. Cookies
Our website uses cookies to improve user experience and collect statistical data. You can control the use of cookies through your browser settings. For more detailed information, please consult our [Cookie Policy].
8. Your Rights
In accordance with the GDPR, you have the following rights:
-
Right to access your personal data;
-
Right to rectification of inaccurate data;
-
Right to erasure (“right to be forgotten”);
-
Right to restriction of processing;
-
Right to data portability;
-
Right to object to processing;
-
Right to withdraw consent at any time;
-
Right to lodge a complaint with the competent supervisory authority (in Croatia, this is the AZOP – Croatian Personal Data Protection Agency).
9. Data Security
We implement appropriate technical and organizational measures to ensure a high level of security of your personal data and to protect it from unauthorized access, alteration, disclosure, or destruction.
10. Changes to This Policy
We reserve the right to update this Privacy Policy at any time. The latest version will always be available on this page. We recommend checking it periodically to stay informed of any changes.
