Your privacy is important to us. We value the trust you have placed in us, and are committed to protecting and safeguarding any personal data you give us. This document describes how we use and process your personal data. It also tells you how you can contact us if you have questions.
Realcroatia.com offers tourist services through its own websites and through other online platforms such as partners’ websites and social media. Realcroatia.com may amend the Privacy policy from time to time, so visit this page regularly to stay informed of the updates. If you disagree with this Privacy policy, you should discontinue using our services.
From visitors navigating around our website RealCroatia.com we collect no personal data.
From visitors who decide to send us an enquiry, either for a specific trip or to plan a custom trip for them, to initiate the enquiry process we ask for the bare minimum of personal data:
From customers who decide to book a trip with us we will be collecting information necessary to organize the entire trip. Details below.
Personal data we collect
We use social media to promote our partners’ services and to promote, improve and facilitate our own services.
These social media services may allow you to share information with Realcroatia.com. When you register with a social media app, you will be told which information will be shared with Realcroatia.com. The information you choose to share with us may include the basic information that’s available in your social media profile, email address, status updates and your list of friends. This information is necessary to create a unique user experience either in the app itself or on our websites. It facilitates such things as personalizing our website to suit your needs, connecting you with your friends on travel destinations and analyzing and enhancing our travel-related services.
In certain circumstances, we may share your personal data with third parties.
We will retain your personal data for only as long as it is necessary [R2] for the uses set out in this Privacy Notice and/or to meet legal and regulatory requirements. After this period, we will securely erase personal data. If data is needed after this period for analytical, historical or other legitimate business purposes, we will take appropriate measures to anonymise this data.
We will only collect and use your personal data if at least one of the following conditions applies:
• We have your consent;
Example: Newsletter
You give us permission to process your personal data when you register for newsletters.
• It is necessary for a contract with you or to take steps at your request prior to entering into a contract;
Example: To provide the products and services you request
We need to process your personal data so that we can manage your account or booking, provide you with the products and services you want to buy and help you with any orders and refunds you may ask for.
• It is necessary for us to comply with a legal obligation;
Example: Sharing personal data with regulatory authorities
So that you can travel, it may be mandatory (as required by government authorities at the point(s) of departure and/or destination) to disclose and process your personal data for immigration, border control, security and anti-terrorism purposes, or any other purposes which they determine appropriate.
• It is necessary to protect your vital interests or those of another individual;
Example: In an emergency
Your insurance company, their agents and medical staff may exchange relevant personal data and special categories of personal data with us in circumstances where we/they need to act on your behalf or in the interest of other customers or in an emergency.
• It is in the public interest or we have official authority;
Example: Security operations
We may use personal data to respond to and to manage security operations, accidents or other similar incidents, including medical and insurance purposes.
• It is in our or a third party’s legitimate interests and these are not overridden by your interests or rights.
Example: To personalise your experience
We may use your personal data to better understand your interests so that we can try to predict what other products, services and information you might be most interested in. This enables us to tailor our communications to make them more relevant and interesting for you.
Where we need to process special categories of personal data, for example health data for medical reasons, we will only do so if one or more additional conditions apply. For example, we have your explicit consent; it is necessary to protect the vital interests of you or another individual and you are physically or legally incapable of giving consent; it is necessary to establish, exercise or defend legal claims; it is necessary for reasons of substantial public interest.
What security procedures does Realcroatia.com put in place to safeguard your personal data?
In accordance with European data protection laws, we observe reasonable procedures to prevent unauthorized access and the misuse of personal data.
We use appropriate business systems and procedures to protect and safeguard the personal data you give us. We also use security procedures and technical and physical restrictions for accessing and using the personal data on our servers. Only authorized personnel are permitted to access personal data in the course of their work.
We do not store your credit card data. The billing and form for entering such data is on the payment gateway provider. In the payment process, you will be redirected to that site solely for payment purposes, for security reasons.
Where we provide your personal data to a third party one of the following two circumstances will apply:
· In some cases, your personal data may be held and otherwise processed by others on our behalf. We have not included the names of our service partners as these will change over time. We will remain responsible for what they do with your personal data, and your personal data will only be held and processed by them in accordance with our instructions and this privacy policy. The sharing of your data is necessary for the performance of any contract with you and for the efficient provision of our services.
· In other cases, your personal data may need to be provided to them to be held and processed by them in their own right and on their own account. In such case, they will have their own responsibility for your personal data, subject to their own privacy policy, and we will not be responsible for what they do with it following disclosure. This will only be done to perform the contract
We (or other person processing your personal data on our behalf) may transfer, store and otherwise process your personal data anywhere within the European Economic Area (“EEA”).
We will only send your personal data outside the EEA to parties with whom we have a contract. We ensure your personal data is protected and for those other organisations with whom we have contracts we ensure that we have in place adequate safeguards in respect of such transfers outside the EEA.
We take appropriate technical and organizational measures to secure your information and to protect it against unauthorized or unlawful use and accidental loss or destruction, including:
· only sharing and providing access to your information to the minimum extent necessary, subject to confidentiality restrictions where appropriate, and on an anonymized basis wherever possible;
· using secure servers to store your information;
· verifying the identity of any individual who requests access to information prior to granting them access to information
· using Secure Sockets Layer (SSL) and Transport Layer Security (TLS) software or other similar encryption technologies to encrypt your personal transactions
Transmission of information over email is not secure, and if you submit any information to us over the internet by email you do so entirely at your own risk. We cannot be responsible for any costs, expenses, loss of profits, harm to reputation, damages, liabilities or any other form of loss or damage suffered by you as a result of your decision to transmit information to us by email.
For your own privacy protection, we encourage you to maintain anti-virus and other malware protection software on your computers and other devices, and to maintain your own measures to protect your personal data. Please do not include sensitive personal data in any emails you may send to us, including payment card information.
We also encourage you to be careful about who you give personal data to. We never contact you to ask you for sensitive personal data, such as payment card information, or sensitive personal data such as passport numbers or log-in details, and we will only ask you for such information through our website or by telephone in connection with a booking you are making or have made. Please let us know if you notice someone purports to contact you in our name.
The services offered by Realcroatia.com are not directed at children under 18 years old. The use of any of our services is only allowed with the valid consent of a parent or a guardian. If we receive information from a child under 18 years old, that we are aware of, we reserve the right to delete it.
Who is responsible for the processing of personal data on the Realcroatia.com website and apps?
Q-travels GmbH controls the processing of personal data on its websites. Q-travels GmbH is a private limited liability company, incorporated under the laws of the Switzerland and has its offices at Gartenstrasse 4, 6300 Zug, Switzerland. If you have any suggestions or comments about this privacy notice, please send an email to helpdesk@Realcroatia.com.
Accessing and updating your personal data; and complaints
You have a right to ask for a copy of the personal data we hold about you, although you should be able to access online the personal data associated with your account or booking. You can write to us asking for a copy of other personal data we hold about you.
Please include any details to help us identify and locate your personal data. Where we can provide data access, we will do so free of charge.
We want to make sure that the personal data we hold about you is accurate and up to date. If any of the details we hold are incorrect, please let us know.
You can also ask for your personal data to be rectified or erased, to object to the processing of your personal data and, where technically feasible, to ask for personal data you provided to be transmitted to another organization.
We will update or erase your data, unless we have to keep it for legitimate business or legal purposes.
You can also contact us if you have a complaint about how we collect, store or use your personal data. We aim to resolve complaints but if you are dissatisfied with our response, you may complain to the Data Protection Officer:
Please note that we may ask you to verify your identity before we can act on your request or complaint. We may also ask you for more information to help ensure that you are authorised to make such a request or complaint when you contact us on behalf of someone else.
Last updated: 1. June 2019