PRIVACY POLICY
COOKIE POLICY
This Privacy Policy explains how Samstag d.o.o. collects, processes and protects personal data in accordance with the General Data Protection Regulation (GDPR) and applicable laws of the Republic of Croatia.
1. Data Controller
Samstag d.o.o., Petrinjska 4, 21000 Split, Croatia
Email for data protection enquiries: service@samstag.hr
2. Personal Data Collected
Samstag d.o.o. may collect and process the following categories of personal data:
• identification and contact details (name, surname, address, telephone number, email address)
• booking and transaction information related to accommodation services
• data required by law for guest registration through the eVisitor system
• technical data generated through website usage (IP address, browser data, access time and navigation behaviour)
3. Legal Basis for Processing
Personal data is processed on the following legal grounds:
• contractual necessity for providing accommodation services
• legal obligation relating to mandatory guest registration in eVisitor
• legitimate interest in ensuring security, service integrity and fraud prevention
• consent, where required for marketing communications
4. Purpose of Processing
Personal data is processed for:
• handling reservations and guest communication
• issuing confirmations, invoices and related documents
• legal compliance including tax, accounting and tourism regulations
• improving service quality and website functionality
5. eVisitor Registration Obligation
Under Croatian law, all guests must provide personal information required for registration in the national eVisitor system. Guests who refuse to provide required information cannot be accommodated.
6. Data Retention
Personal data is stored only for as long as necessary to fulfil the purpose of processing, or for the duration required by applicable legislation, including obligations relating to tourism records, tax regulations and accounting documentation.
7. Data Sharing
Personal data may be shared only with:
• service providers necessary for reservation handling and accommodation operations
• legally authorised public authorities when required by law
• payment and invoicing processors when applicable
Personal data is not sold or disclosed to third parties for unrelated purposes.
8. Data Security Measures
Appropriate technical and organisational measures are implemented to protect personal data against loss, misuse, unauthorised access, alteration or disclosure.
9. Rights of Data Subjects
Individuals have the following rights under GDPR:
• right of access to personal data
• right to rectification of inaccurate or incomplete data
• right to erasure under applicable conditions
• right to restriction of processing
• right to data portability
• right to object to processing, including objection to marketing communication
Requests regarding personal data may be submitted to service@samstag.hr
.
10. Complaints to Supervisory Authority
Individuals have the right to lodge a complaint with the Croatian Personal Data Protection Agency (AZOP) if they believe their data has been processed unlawfully.
11. Changes to the Privacy Policy
Samstag d.o.o. may update this Privacy Policy when required. The current version is published on the official website and applies from the date of publication.
This Cookie Policy explains how cookies and similar technologies are used on the website operated by Samstag d.o.o. and how users can manage their cookie preferences.
1. Use of Cookies
Cookies are small data files stored on the user’s device when accessing the website. Cookies are used to ensure proper website functionality, improve user experience and analyse website performance.
2. Types of Cookies Used
a) Essential cookies
These cookies are necessary for the website to function correctly and cannot be disabled. They enable core features such as page navigation, security and access to protected areas.
b) Functional and preference cookies
These cookies allow the website to remember user settings and preferences, such as language or browsing options.
c) Analytical and performance cookies
These cookies collect aggregated data about how visitors use the website, helping improve structure, navigation and content. Data collected through these cookies does not personally identify users.
d) Marketing and tracking cookies (if applicable)
These cookies are used to tailor content and measure campaign effectiveness. They are applied only with user consent.
3. Legal Basis for Cookie Use
Essential cookies are used based on legitimate interest in ensuring proper website functionality. All other cookies may only be used with the user’s explicit consent.
4. Cookie Consent and Control
Users may accept or decline non-essential cookies through the cookie settings displayed when first accessing the website. Cookie preferences can be changed at any time through browser settings or cookie management tools.
5. Third-Party Cookies
Some cookies may be provided by third-party service providers such as analytics platforms or booking engines. These providers may process data in accordance with their own privacy policies.
6. Data Collected Through Cookies
Information collected through cookies may include device type, browser type, IP address (anonymised where possible), pages visited, duration of visits and interaction patterns. Personal data is not used for identification unless explicitly stated and consented to.
7. Retention Period
Cookies are stored for different durations depending on their purpose. Session cookies are deleted when the browser is closed, while persistent cookies remain stored until manually removed or until they expire.
8. Changes to the Cookie Policy
This Cookie Policy may be updated when necessary to reflect changes in legislation or website functionality. The latest version is published on the website.
9. Contact Information
For questions regarding the use of cookies, users may contact:
service@samstag.hr