The Palms resort d.o.o. understands and respects the importance of your privacy and we are committed to safeguarding your personal information. In providing our service to you, we must collect personal information from you and this policy outlines how we treat your personal data after it has been collected by any of our channels which include our website, communication by telephone and any future digital services or channels as they evolve.
TYPES OF PERSONAL DATA WE COLLECT?
We may collect all or some of the following information relating to you or other members:
- Names and contact/address details including telephone number and email address
- Credit/ debit card or other payment details (including card number, cardholder name, expiry date)
- Special requirements such as those relating to any disability or medical condition which may affect the chosen arrangements
- Dietary restrictions (which may disclose your religious beliefs)
- Other personal information you may provide during our correspondence
You are responsible for ensuring that other members are aware of the content of this Policy and consent to your acting on their behalf in all your dealings with us.
We collect all data to cater to your needs or act in your interest, and we are only prepared to accept sensitive personal data from you on the condition that we have your positive consent. We will seek this consent when necessary.
WHEN WILL WE COLLECT THIS INFORMATION?
We will only collect personal information from you by specifically asking for it:
- When you purchase a product or service from or through us
- When you submit an inquiry or fill out the form on the website
- When you subscribe to our newsletter
- When you speak to any of our team
- When you complete a survey or enter a competition
WHAT WILL WE DO WITH IT?
- We will use your name, address and other contact information as well as credit card details to complete your booking with us.
- We will also use your details to manage your arrangements, send you notifications and communicate with you generally as well as deliver you information about services you might be interested in.
- For the purpose of completing your booking, we may have to disclose some of your information to the providers of the services making up your arrangements (who could be located outside Croatia and European Economic Area). We may also have to disclose some information to third parties in relation to customer services, credit card processing or other services.
- Credit/debit card payments are processed via our merchant provider on their secure platform and include the card type, date and time, amount, card expiry date, billing postcode, your address and other related information. This information is required and necessary for the performance of our contract with you. We do not have sight of the complete card number or CVV code at any time, but this will be held securely by our merchant provider who are audited and certified as a PCI Service Provider Level 1. All transactions which include your bank details are only relayed to a service we use to process transactions and your perosonal information regarding your banking information are used only in that regard.
- We may need to disclose your information where required by law, where such a request is made by a legal authority.
- We may also disclose information to organisations who act as “data processors” on our behalf, or to other organisations that perform business functions on our behalf, some of whom are outside the EU. These functions include administration, providing services (and contacting you where necessary), customer care, business management and operation, re-organisation/structuring/sale of our business (or our group companies), risk assessment, security and crime prevention/detection, research and analysis, marketing, monitoring, measuring and assessing customer purchasing preferences and trends, dispute resolution, credit checking and debt collection.
- We may from time to time contact you with information about special offers, brochures, new products, forthcoming events or competitions. If you do not wish to receive such information, you may ask us in writing not to receive it.
- According to the law, we keep guest data for at least two years after the year of stay, and data in the e-Visitor system must be kept for 10 years.
We keep data related to accounting regulations for 11 years. This includes accounts that may also contain your personal information.
In the case of using credit card data for the purpose of guaranteeing the reservation, we record such data in our system up to 30 days after your check-out, and in case of charging the amount of the guarantee, we store it in accordance with accounting regulations
We would also like to store and use your personal details for future marketing purposes (for example, emailing you our newsletter). All details you give us in connection with your booking will be kept but we will use only names and contact details for marketing purposes unless you have indicated that you do not wish us to do so.
We have taken all reasonable steps to have appropriate security measures in place to protect your information. Outside the European Economic Area, controls on data protection may not be as wide as the legal requirements in this country. The transmission of information via the internet is never completely secure. We exclude our liability for personal data lost in transmission to the website.
SECURITY OF PERSONAL DATA
We apply technical and organizational measures to ensure that your data is secure and to protect it from accidental or intentional unauthorized access, loss or alteration. We have ensured that your data can only be accessed by those persons who have a business need for it, exclusively for purposes that are permitted and about which you have been informed, and that these persons are under an obligation to keep your data confidential.
If you suspect any unauthorized use, loss or unauthorized access to your personal data, please notify us.
In case you have any question related to the protection of your personal data, you can contact us in the following ways:
• By e-mail to the address firstname.lastname@example.org
• By mail, to the address Kužina 35, 23212 Tkon, Pašman