In accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (Official Journal of the European Union L 119 , 4.5.2016, page 1, hereinafter: General Regulation on Data Protection), which is in full application from 25 May 2018 in the Republic of Croatia and all EU Member States, as well as the Law on Implementation General Regulations on Data Protection (Official Gazette No. 42/18, hereinafter: the Act), the Labor Act (Official Gazette nos. 93/14 and 127/17), the Occupational Safety and Health Act (Official Gazette no. 71/14, 118/14 and 154/14), ie in accordance with the legal framework for personal data protection in the Republic of Croatia and the European Union and the best European practice, Villa Boskovic d.o.o OIB 92377984797, Merima Dzapo, Baltazara Bogisica 21, 20000 Dubrovnik, Croatia. registered in the Commercial Court in Dubrovnik (hereinafter: The company), as the head of the processing of personal data of users of its services and customers, drafted a policy on the protection of personal data of users of services and customers.
Methods of collection and types of personal data collected
Directly by the users themselves in a way that the users themselves submit the data to the The company as the processing manager in a certain range of data that is essential for the provision of appropriate services, sales or some other user link and www.villaanica.com. In order to provide appropriate services, the user is obliged to provide the The company with the following information that he needs to establish a contractual relationship in order to provide a particular service and / or sell certain products. The customer-user can submit the data orally or in writing to the center of the The company, via e-mail sent to one of the e-mail addresses of the The company and via the website of the The company www.villaanica.com. From other publicly available sources of data on companies and physical persons in companies on internet portals, telephone directories that contain such data and other publicly available services only for the purposes for which they were initially collected. Automatically by visiting The company internet (web) pages, applications and portal, which are data associated with network identifiers (Internet protocol addresses and cookie identifiers, such as Google Analytics to track user and / or customer interaction). A cookie is a small data file that is stored on a computer or mobile device when you visit a particular website. Cookies are used to provide a better user experience to each user and/or customer, to store user and/or customer preferences, in order to make the website work more efficiently, as well as to monitor and test the use and traffic of the website The company. By disabling and/or blocking the storage of cookies, the user and/or customer can still browse the website The company. However, it is likely that certain features and/or functionalities of the website will not be available to such user and/or customer, or that the time required to access certain features of the website will be longer than usual. The network identifiers in question may leave traces which, in combination with other identifiers and information provided by Internet service providers, may be used to identify the user and/or customer. The amount or scope of personal data that it The company collects depends on the type of service that it The company provides to its users and/or customers, as well as on the legal basis on which it collects data. The company, it constantly takes care of collecting only the necessary range of personal data that is necessary to achieve the legally established purpose for which the data is processed.
Data on potential users
The company, it also collects data on potential users and/or customers of its services and/or products. This information includes basic information (name and surname, e-mail address), but also the interests of potential Users and/or Customers who contact the association with the desire to be informed and/or offered certain products and services. A cookie is a small data file that is stored on a computer or mobile device when you visit a particular website. Cookies are used to provide a better user experience to each user and/or customer, to store user and/or customer preferences, in order to make the website work more efficiently, as well as to monitor and test the use and traffic of the website The company. By disabling and/or blocking the storage of cookies, the user and/or customer can still browse the website The company. However, it is likely that certain features and/or functionalities of the website will not be available to such user and/or customer, or that the time required to access certain features of the website will be longer than usual. The network identifiers in question may leave traces which, in combination with other identifiers and information provided by Internet service providers, may be used to identify the user and/or customer. The amount or scope of personal data that it The company collects depends on the type of service that it The company provides to its users and/or customers, as well as on the legal basis on which it collects data. The company, it constantly takes care of collecting only the necessary range of personal data that is necessary to achieve the legally established purpose for which the data is processed.
Types of personal data collected?
The data that the Customer – User most often provides are:
– name and surname
– personal identification number (OIB)
– contact phone and/or mobile phone number
– contact details of e-mail (e-mail address)
– identity card data
Where is personal data processed?
Personal data of Users – Customers The company processes in the Republic of Croatia.
Where is the collected data stored?
Data are processed in such a way that all or part of the information about Customers – Users – Respondents is stored in the databases of the processing manager.
Obligations of the processing manager regarding the security of processing
TECHNICAL DATA PROTECTION The processing manager implements technical and organizational measures to ensure an appropriate level of security. The processing manager shall also take measures to ensure that any individual acting under the responsibility of the controller who has access to personal data does not process that data if this is not in accordance with the instructions of the processing manager. Taking into account the nature, scope, context and purposes of processing, as well as risks of different levels of probability and severity for risks to the rights and freedoms of individuals, the Processing Manager implements appropriate technical and organizational measures in accordance with Security Policies to ensure and prove processing implemented in accordance with the General Regulation.
Purpose of data collection and further processing
The company collects and further processes personal data of users and/or customers for the purpose of concluding and executing contracts, making purchases or service interventions on equipment, delivery of ordered products, advice and assistance in using products, providing appropriate additional and/or extended product warranties, resolving complaints of users and/or customers and other actions related to the conclusion and execution of the contract in accordance with applicable regulations. The processing of personal data of users and/or customers for the above purposes is a necessity and legal basis for concluding a contract, ie, in case the user and/or customer refuses to provide relevant data, the service will not be able to enter into a contract and/or take certain actions. with the execution of the concluded contract.
Time duration of personal data storage
Depending on the purpose and legal basis on which the personal data of users and/or customers are collected, The company is in some cases mandatory to keep personal data for a period of time prescribed by the relevant regulations or termination of the purpose for which they were collected. Upon the expiration of the legal deadline which obliges The company on the storage of certain personal data or the termination of the purpose, they are deleted. In cases where the basis for data collection and processing is the consent of the user and/or customer, personal data is stored for 10 years. Data processed with the consent of the user and/or customer may be deleted before the expiration of the period specified in this Policy, in the event that such deletion is requested by the user and/or customer or when the user and/or customer objects to such processing via the Internet. e-mail address: firstname.lastname@example.org
Ways of exercising rights
The customer can exercise his rights if he considers that there has been an irregularity in the processing of his personal data, via contact information or by e-mail email@example.com. Also, the user and / or the buyer has the right to lodge a complaint with the national supervisory authority. Under what conditions and for what reason personal data is passed on to third parties The personal data of the Customer-User The company forwards to third parties (including competent authorities) in the following cases:
-to fulfill the legal obligations of the The company
– when such processing is necessary to protect the key interests of Customers – Users
– for the purpose of fulfilling the contractual obligation, performing the work for the account of the Buyer – User
– for which it is necessary to hire a third person – the processor manager
Processing of personal data in the context of employment
Personal data of employees may be collected, processed, used and delivered to third parties only if it is determined by law or if it is necessary for the exercise of rights and obligations arising from the employment relationship, or in connection with the employment relationship. In order to exercise the rights and obligations arising from the employment relationship, the controller will collect, process, use and deliver to third parties only those personal data that are necessary for the stated purpose, and will provide such data only at the request of courts and other state or public bodies.
Security of Online Payments
While conducting payments on our web shop you are using CorvusPay – an advanced system for secure acceptance of credit cards on the Internet. CorvusPay system ensures complete privacy of your credit card data and personal data from the moment you type them into the CorvusPay payment form. Data required for billing is forwarded encrypted from your web browser to the bank that issued your payment card. Our store never comes into contact with your sensitive payment card data. Similarly, CorvusPay operators cannot access your complete cardholder data. An isolated system core independently transmits and manages sensitive data while at the same time keeping it completely safe. The form for entering payment data is secured by an SSL transmission cipher of the greatest reliability. All stored data is additionally protected by hi-grade encryption, using hardware devices certified by FIPS 140 2 Level 3 standard. CorvusPay fulfills all of the requirements for safe online payment prescribed by the leading credit card brands, operating in compliance to the PCI DSS Level 1 standard – the highest security standard of the payment card industry. Payments made by cards enroled with the 3-D Secure program are further authenticated by the issuing bank, confirming your identity through the use of a token or a password. All information collected by Corvus Pay is considered a secret and treated accordingly. The information is used exclusively for the purposes for which they were intended. Your sensitive data is fully secure and it’s privacy is guaranteed by the state of the art safeguard mechanisms. We collect only the data necessary for performing the work in accordance with the demanding prescribed procedures for online payment. Security controls and operating procedures applied within the CorvusPay infrastructure not only ensure current reliability of CorvusPay but permanently maintain and enhance the security levels of protecting your credit card information by maintaining strict access controls, regular security and in-depth system checks for preventing network vulnerabilities. Thank you for using CorvusPay!
These terms and conditions define the booking procedure, payment method and cancellation policy offered on our website. The organizer of the accommodation (Host) offered on the website is Villa Anica, and the Accommodation user (Guest) is a visitor to the website who chooses at least one appointment (Reservation), fills in an electronic reservation form and sends it to the Host.
THE ACCOMMODATION RESERVATION
Reservation is to be ordered by electronic form. The guest has to fill in the Profile with basic payment information, choose the desired date of accommodation and make the payment of the desired reservation according to the offered payment terms, and will be notified by e-mail about the reservation and payment made.
Payment is possible by payment on bank account or credit cards:
When choosing this form of payment, you will receive a confirmation of your order with all the information required for payment. You can then make the payment using online banking or the way you normally pay your bills, at IBAN HR7324020061100604655. Upon receipt, we will send you a confirmation of your reservation.
The guest has the option of canceling the reservation without giving any reason at any time until the start of the booked accommodation. The Host shall calculate the cost of cancellation according to the following form:
– The guest will be charged 30% of the total price if they cancel after reservation and the total price of the reservation if they cancel in the 3 days before arrival.
– The guest will be charged a prepayment of 30% of the total price after reservation and the remaining amount in the 30 days before arrival.
– The guest will be charged the total price of the reservation if they cancel anytime.
– The guest will be charged a prepayment of the total price of the reservation anytime.
LIMITATION OF LIABILITY
Villa Boskovic assumes no responsibility for the accuracy of the information or any errors on this site. Our goal is to keep this information timely and accurate and therefore the content on this site is constantly updated and subject to change. We are also not responsible for any damage or loss caused directly or indirectly through the use of this website. The Guest agrees that no employee of Villa Boskovic, as well as any other person or company involved in the creation of these sites, shall be liable for any damage or loss to other persons or companies resulting from the use of this website.