Sunside Apartments Pula - Ferienwohnungen in Kroatien

data protection

This privacy policy applies to data processing by:

Sunside Apartments Pula

Nada Zubak

Approach Cerella 6

52100 Pula

E-Mail: info@sunside-apartments-pula.eu

1. The protection of your data is important to us!

We want you to feel safe when you visit our website, including with regard to the protection of your personal data. We want you to know when we collect which data and how we use it. We have taken technical and organizational measures to ensure that the data protection regulations are observed both by us and by the external service providers we commission.

2. Processing of personal data and the nature and purpose of their use

Personal data is any data that allows you to be identified by reasonable means, e.g. information such as name, address, telephone number, email address, date of birth.

a. Visit website

When you visit our website, the Internet browser used on your device automatically sends various information to our website server. This information is stored temporarily.

These include as standard:

IP address of the requesting computer, date and time of access, name and URL of the retrieved file, website from which access is made (referrer URL), device information, browser used and, if applicable, the operating system of your computer and the name of your access provider.

We process the above data for the following purposes:

Ensuring a smooth connection to the website, ensuring comfortable use of our website, evaluating system security and stability and for other administrative purposes.

The legal basis for data processing is Art. 6 I S.1 lit. f. GDPR. Our legitimate interest follows from the purposes for data collection listed above. In addition, we use cookies and analysis tools when you visit our website. You can find more detailed explanations in this data protection declaration.

b. Booking requests and email contact

If you make a booking request via our website, we require your personal data so that we can send you an offer, fulfil our other contractual obligations and process your requests.

The provision of personal data is partly necessary for the conclusion of the contract. Failure to provide the data means that no contract can be concluded. The processing is carried out on the basis of Art. 6 I lit. b. GDPR and is necessary for the fulfillment of the contract to be concluded with you (e.g. name, address, email, date of birth). Your data will not be passed on to third parties without your express consent. The only exceptions to this are our service partners, on whom we rely to fulfill our contractual obligations, and service providers whom we use as part of order processing. In addition to the recipients already named in this data protection declaration, these include, for example, tourist registration authorities, payment service providers (banks), web hosts and IT service providers. The scope of data transmission is kept to a minimum.

c. Contact

If you have any questions, we offer you the opportunity to contact us. You must provide a valid email address so that we know who the request came from and can answer it. Data processing for the purpose of contacting us is carried out in accordance with Art. 6 I lit. a. GDPR on the basis of your voluntarily given consent. The personal data we collect for the purpose of contacting you will be automatically deleted after your request has been processed.

3. Cookies

We and our partners use cookies to provide the relevant services. This also applies when you visit our website or access our services. A cookie is a small data packet that is assigned to your respective device (e.g. laptop, tablet, smartphone) when you visit a website. Cookies are useful and can be used for different purposes. These include, for example, making it easier to navigate between different pages, automatically activating certain functions, saving your settings and optimizing access to our services. The use of cookies also enables us to collect statistical information about your use of our services and to make the use of our services more pleasant for you.

We use so-called "session cookies" to recognize that you have already visited individual pages of our website. These are automatically deleted when you leave our site.

In addition, we also use "permanent cookies" to optimize user-friendliness, which are stored on your device for a specific period of time. If you visit our site again to use our services, it will automatically recognize that you have already visited us and what entries and settings you have made so that you do not have to enter them again.

On the other hand, we use "third-party cookies" that are set by other online services that have their own content on the page you visit. These can be, for example, external web analytics companies that record and analyze access to our website.

Cookies store information that is related to the specific device used. This does not mean that we immediately know your identity. Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or so that a message always appears before a new cookie is created. However, completely deactivating cookies may mean that you cannot fully use all the functions of our website.

The tool we use is based on Snowplow Analytics technology. The data we collect about the use of our website includes, for example, how often users visit the website or which areas are accessed. The tool we use does not collect any personal data and is used by our web hosting provider and service provider solely to improve their own offering.

The data processed by cookies are necessary for the purposes mentioned to protect our legitimate interests and those of third parties in accordance with Art. 6 I S.1 lit. f GDPR.

4. Cookie consent with Usercentrics

This website uses the cookie consent technology from Usercentrics to obtain your consent to the storage of certain cookies on your device or to the use of certain technologies and to document this in accordance with data protection regulations. The provider of this technology is Usercentrics GmbH, Rosental 4, 80331 Munich, website: https://usercentrics.com/de/ (hereinafter "Usercentrics").

When you enter our website, the following personal data is transferred to Usercentrics: your consent(s) or the revocation of your consent(s), your IP address, information about your browser, information about your device, time of your visit to the website. Usercentrics also stores a cookie in your browser in order to be able to assign the consent granted or its revocation to you. The data collected in this way is stored until you ask us to delete it, delete the Usercentrics cookie yourself or the purpose for storing the data no longer applies. Mandatory statutory retention periods remain unaffected. Usercentrics is used to obtain the legally required consent for the use of certain technologies. The legal basis for this is Art. 6 Para. 1 Clause 1 Letter c of GDPR.

5. Use of script libraries (Google Web Fonts)

To ensure that our content is displayed correctly and graphically appealing in every browser, we use script and font libraries such as Google Web Fonts (https://www.google.com/webfonts) for this website. Google Web Fonts are transferred to your browser's cache so that they only need to be loaded once. If your browser does not support Google Web Fonts or denies access, the content will be displayed in a standard font. When you access script or font libraries, a connection is automatically established to the operator of the library. In theory, this means that this operator has the opportunity to collect data. It is currently not known whether and for what purpose the operators of the relevant libraries actually collect data.

You can find the privacy policy of the operator of the Google library here: https://www.google.com/policies/privacy .

6. Analysis of user behavior through the web analysis service 1&1-WebAnalytics

This website uses the analysis services of 1&1 WebAnalytics. The provider is 1&1 IONOS SE, Elgendorfer Straße 57, D - 56410 Montabaur. As part of the analyses with 1&1 IONOS SE, visitor numbers and behavior (e.g. number of page views, duration of a website visit, bounce rates), visitor sources (i.e. which page the visitor comes from), visitor locations and technical data (browser and operating system versions) can be analyzed. For this purpose, 1&1 IONOS SE stores the following data in particular:

Referrer (previously visited website)Requested website or fileBrowser type and browser versionOperating system usedDevice type usedTime of accessIP address in anonymized form (only used to determine the location of access)

According to 1&1 IONOS SE, data collection is completely anonymous so that it cannot be traced back to individual people. Cookies are not stored by 1&1 WebAnalytics. According to 1&1 IONOS SE, the data is determined either by a pixel or a log file. The data is stored and analyzed on the basis of Art. 6 Paragraph 1 Letter f of GDPR. The website operator has a legitimate interest in the statistical analysis of user behavior in order to optimize both its website and its advertising. If consent has been requested, processing is carried out exclusively on the basis of Art. 6 Paragraph 1 Letter a of GDPR; consent can be revoked at any time.

For further information on data collection and processing by 1&1 WebAnalytics, please refer to the following links:

https://www.ionos.de/hilfe/datenschutz/datenverarbeitung-von-webseitenbesuchern-ihres-11-ionos-produktes/webanalytics/

https://www.ionos.de/terms-gtc/terms-privacy/

7. belegungskalender-kostenlos.de

This website uses an HTML code from www.belegungskalender-kosenlos.de to show you our available apartments. We do not transfer any of your personal data to this calendar. Below the calendar there is a link that leads to the website of the provider of the occupancy calendar and over whose content we have no influence. Therefore we cannot accept any liability for this third-party content. The respective provider or operator of the pages is always responsible for the content of the linked pages. If you visit third-party pages via our site, please inform yourself about the respective data protection regulations there.

8. cloudfront.net

This website uses the Content Delivery Network (CDN) Cloudfront. This is a service provided by Amazon Europe Core S.à rl (Société à responsabilité limitée) 5 Rue Plaetis, L-2338, Luxembourg. The Cloudfront CDN provides duplicates of a website's data on various Amazon Web Services (AWS) servers. This results in faster website loading times, greater reliability, and increased protection against data loss. Some of the images embedded on this website are retrieved from the Cloudfront CDN when the page is accessed. When the page is accessed, information about your use of our website (such as your IP address) is transferred to Amazon servers and stored there for the duration of the processing purposes. Amazon Web Services and the Amazon CDN Cloudfront are used in the interests of greater website reliability, increased protection against data loss, and better loading speed of this website. This represents a legitimate interest within the meaning of Art. 6 (1) (f) GDPR. You can find out more about Amazon Web Services’ data protection measures at: https://aws.amazon.com/de/compliance/data-privacy-faq/?nc=sn&loc=4

9. gstatic.com

This website uses gstatic.com, a web service provided by Alphabet Inc. 1600 Amphitheatre Parkway, Mountain View, CA 94043-1351, United States of America. This is a domain used by Google to load static content into another domain name in order to reduce bandwidth usage and increase network performance for the end user. In this context, your browser may transmit personal data to Gstatic. The legal basis for the processing is Art. 6 Paragraph 1 Letter f of GDPR. The legitimate interest is that the website functions correctly. Gstatic has certified itself under the EU-US Privacy Shield Agreement (see www.privacyshield.gov/list). The data is deleted as soon as the purpose for which it was collected has been fulfilled.

You can find more information about how the transferred data is handled in Gstatic's privacy policy: policies.google.com/privacy. You can prevent Gstatic from collecting and processing your data by deactivating the execution of script code in your browser or by installing a script blocker in your browser.

10. Data protection provisions regarding the application and use of Instagram

We maintain publicly accessible profiles on the social network Instagram. The Instagram service is one of the Facebook products provided by Facebook Ireland Limited (Facebook Ireland Ltd., 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland). Social networks are able to analyze your user behavior and process certain information about you when you visit our Instagram pages.

We would like to point out that the use of the Instagram page is your own responsibility. This applies in particular to interactive functions such as commenting, sharing or rating. Facebook processes personal data about your account, your IP address and the devices you use. Cookies are used to collect data; these are small files that are stored on your devices. If you have an Instagram profile and are logged in to it, the data is stored and analyzed across devices. Facebook describes what information Facebook receives and how it is used in its Instagram data guidelines: https://de-de.facebook.com/help/instagram/519522125107875 . There you will also find information about how to contact Facebook and how you can object.

Facebook provides us, as the operator of the Instagram pages, with statistical information (so-called "Instagram insights"), such as accounts reached, content interactions, total number of subscribers, number of shared content, gender and age distribution, country and city of origin, language, clicks. These "Instagram insights" are made available to us anonymously. The processing of this data serves our legitimate interest in evaluating actions taken on our Instagram page and improving our content based on these findings. The legal basis is Art. 6 Para. 1 lit. f. GDPR.

When you visit our Instagram page, you trigger the processing of your personal data. In this case, we and Facebook are jointly responsible for these data processing operations within the meaning of Art. 26 GDPR. You can generally assert your rights (right to information in accordance with Art. 15 GDPR, right to rectification in accordance with Art. 16 GDPR, right to erasure in accordance with Art. 17 GDPR, right to restriction of processing in accordance with Art. 18 GDPR, right to data portability in accordance with Art. 20 GDPR and right to complain in accordance with Art. 77 GDPR) both against us and against Facebook. Since only Facebook has full access to user data and we as the operator of the page have no influence on the generation and presentation of the statistics, we can only forward your request to Facebook and therefore recommend that you contact Facebook directly. If you need support with this, please contact us by email.

No Instagram plugins are set on this website, only so-called social bookmarks (buttons with the Instagram icon). These are integrated on the website as a link to Instagram. After clicking on the integrated graphic, the user is redirected to the Instagram page. If you are logged in to Instagram as a user, there is a cookie on your device with your Instagram ID, which enables Facebook to track that you have visited this page and how you have used it. Instagram buttons integrated into websites enable Facebook to record your visits to these pages and assign them to your Instagram profile. If you want to avoid this, you should log out of Instagram, delete any cookies on your device, close and restart your browser before visiting our site. Information on how you can manage or delete information about you can be found here: https://de-de.facebook.com/about/privacy#

11. Google reCAPTCHA

We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our websites. The provider of the service is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter “Google”). reCAPTCHA checks whether the data entered on our websites (e.g. in a contact form) is made by a human or abusively through automated, machine processing. The query includes sending the IP address and any other data required by Google for the reCAPTCHA service to Google. For this purpose, your input is transmitted to Google and used there. reCAPTCHA analyses the behaviour of visitors to our website based on various characteristics. This analysis begins as soon as the website visitor enters the website. To do this, reCAPTCHA evaluates various information (including IP address, length of time the website visitor spends on our various pages or the mouse movements made by the visitor). The data recorded during the analysis is forwarded to Google. However, your IP address will be shortened by Google beforehand within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in a few exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. Google will use this information on our behalf to evaluate your use of this service. The IP address transmitted by your browser as part of reCaptcha will not be merged with other Google data. Your data may also be transmitted to the USA. For data transfers to the USA, an adequacy decision of the EU Commission, the "Privacy Shield", exists. Google participates in the "Privacy Shield" and has submitted to its requirements. By clicking on the query, you consent to the processing of your data. The processing is carried out on the basis of Art. 6 (1) lit. a GDPR with your consent.

The IP address transmitted by your browser as part of reCaptcha will not be merged with other data held by Google. The different data protection regulations of Google apply to this data.

The reCAPTCHA analyses run entirely in the background. The data processing is carried out on the basis of Art. 6 I lit. f GDPR. We have a legitimate interest in protecting our web offerings from abusive automated spying and from SPAM contact requests.

For more information about Google's privacy policy, please visit: https://policies.google.com/privacy?hl=de and https://www.google.com/recaptcha/intro/android.html.

12. Data security

To protect your data, our website uses the common SSL (Secure Socket Layer) method in conjunction with the highest level of encryption supported by your Internet browser. This is usually 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is being transmitted encrypted by the closed display of the key or lock symbol in the lower status bar of your browser.

We also use suitable technical and organizational security measures to protect your data against manipulation, loss, destruction or unauthorized access by third parties. Our security measures are continually being improved in line with technological developments. Although we take reasonable steps to protect data, we cannot be held responsible for the actions of those who gain unauthorized access to our website or misuse it, and we give no express or implied warranty that we can prevent such access.

13. Transfer of data outside the European Economic Area

Please note that some recipients may not be based in the European Economic Area. If this is the case, we will only transfer your data to countries approved by the European Commission with an adequate level of data protection or ensure an adequate level of data protection through a legal agreement.

14. Duration of storage

We store your data for as long as it is necessary to provide our services, comply with legal obligations, resolve disputes and enforce our policies. Even after the contract has been fully fulfilled, your data will be stored for the duration of the warranty period in compliance with the relevant statutory retention periods, in particular tax and commercial law retention periods in Croatia. In the event that you have not consented to further processing and use, your data will be deleted after the deadline has expired. We can correct, complete or remove incomplete or incorrect data at any time and at our sole discretion.

15. Transfer of data to third parties

Except in the cases explained in this privacy policy, your data will only be passed on to third parties without your express consent if there is an obligation to do so by law or an official or court order.

16. Collection of data by third parties

This policy only addresses the use and disclosure of information we collect from you. When you post information on other websites or disclose information to third parties on the Internet, different terms may apply, so please always read the terms and conditions and privacy policies carefully when you disclose information.

This Privacy Policy does not apply to the business practices of companies that we do not own or control, or to persons other than our officers and employees, including third parties to whom we disclose such information as described in this Privacy Policy.

17. Rights of the data subjects

You have the right to information, correction, deletion, revocation, restriction of processing of your data and data portability. If your personal data is processed on the basis of legitimate interests in accordance with Art. 6 I lit. f. GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, provided there are reasons for doing so that arise from your particular situation, as well as to data processing for the purpose of direct advertising. According to Art. 77 GDPR, you have the right to complain about us to the supervisory authority if you believe that the processing of your personal data by us is unlawful.

If you would like to exercise your rights mentioned above, simply send us an email.

18. Current status and changes to this privacy policy

Due to the further development of our website or due to changes in legal or official requirements, it may become necessary to change this privacy policy. You can access and print out the current privacy policy at any time in our web shop.

19. Questions, suggestions, complaints

If you have any questions about our privacy policy or the processing of your personal data, you can contact us directly at: info@sunside-apartments-pula.eu

This privacy policy is dated May 2024.