Privacy Policy of holidaysroko.com
Last updated: April 13, 2026
Owner and Data Controller
Apartments Holidays Roko
Malgorzata Bacelic
Grebastica, Donji Banovci 58
22000 Šibenik
Croatia
Owner contact email: rokogrebastica@gmail.com
Types of Data Collected
Holidays Roko respects your privacy and is committed to protecting your personal data. The collection and storage of personal data is conducted in accordance with the General Data Protection Regulation (GDPR), applicable EU legislation and Croatian laws.
The Owner undertakes appropriate measures to protect personal data and collects only the information necessary to fulfill obligations toward guests, website users and potential customers.
The following information may be collected:
- Name and surname
- Address
- E-mail address
- Telephone number
- Reservation details
- Information voluntarily submitted through contact forms
- Usage data such as IP address, browser type, pages visited and time spent on the Website
- Information collected through cookies and analytics tools
All user information is treated as strictly confidential and is available only to authorized persons who require access in order to perform their duties.
Contact Forms and Reservations
Personal Data submitted through contact forms, reservation requests, e-mail inquiries or booking forms is used solely for the purpose of responding to inquiries, providing requested information, confirming reservations and fulfilling legal obligations.
Cookies and Third-Party Services
This Website may use cookies and third-party services to improve user experience and analyze Website performance.
These services may include:
- Google Analytics
- Google Maps
- Instagram content and embedded feeds
- Meta/Facebook services
- Booking.com widgets or links
- Contact form providers
- Website hosting and security services
These third-party services may collect information such as IP address, browser information, cookies and interaction with the Website.
Users can manage or disable cookies through their browser settings.
Third-Party Links
This Website may contain links to websites owned and operated by third parties. If you use these links, you leave this Website.
These links are provided for information and convenience only and do not represent an endorsement of the content, privacy policies or practices of such websites.
Holidays Roko has no control over the contents of any linked website and is not responsible for those websites or their privacy practices.
Methods of Processing
The Owner takes appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of personal data.
Data processing is carried out using computers and IT-enabled tools, following organizational procedures strictly related to the purposes indicated in this Privacy Policy.
In addition to the Owner, personal data may be accessible to:
- Website administrators
- Technical service providers
- Hosting providers
- IT service providers
- Marketing agencies
- Accounting or legal service providers
These parties may process personal data only when necessary and in accordance with applicable privacy laws.
Place of Processing
The Data is processed at the Owner’s operating offices and in any other places where the parties involved in the processing are located.
Depending on the User’s location, data transfers may involve transferring personal data to a country other than the User’s own country.
Retention Time
Personal Data shall be processed and stored only for as long as required by the purpose for which it has been collected.
Reservation-related data may be retained for up to 5 years in accordance with accounting, tax and legal obligations.
Contact form submissions and e-mail inquiries may be retained for as long as necessary to provide customer support and maintain business records.
Once the retention period expires, Personal Data will be deleted or anonymized.
Legal Basis of Processing
The Owner may process Personal Data relating to Users if one of the following applies:
- Users have given their consent for one or more specific purposes
- Processing is necessary for the performance of a contract or reservation
- Processing is necessary for compliance with a legal obligation
- Processing is necessary for the legitimate interests pursued by the Owner
User Rights Under GDPR
Users have the right to:
- Withdraw consent at any time
- Access their personal data
- Correct inaccurate or incomplete data
- Request deletion of their data
- Restrict processing of their data
- Object to processing of their data
- Receive their data in a structured and machine-readable format
- Lodge a complaint with a supervisory authority
Users also have the right to lodge a complaint with the Croatian Personal Data Protection Agency (AZOP).
How to Exercise Your Rights
Any requests to exercise User rights can be directed to the Owner through the contact details provided in this document.
Such requests are free of charge and will be answered as soon as possible and always within one month.
Legal Action
The User’s Personal Data may be used for legal purposes by the Owner in court or in the stages leading to possible legal action arising from improper use of this Website or the related services.
The User declares to be aware that the Owner may be required to reveal personal data upon request of public authorities.
System Logs and Maintenance
For operation and maintenance purposes, this Website and any third-party services may collect files that record interaction with the Website, including IP addresses and other technical data.
Changes to This Privacy Policy
The Owner reserves the right to make changes to this Privacy Policy at any time by notifying Users on this page.
Users are strongly advised to check this page regularly for any changes.
If you have any questions regarding this Privacy Policy or the processing of your personal data, please contact us at rokogrebastica@gmail.com.
