Privacy policy


1. INTRODUCTORY PROVISIONS

Travel Agency DUBROVNIK 2 REMEMBER d.o.o., 20000 Dubrovnik, Branitelja Dubrovnika 44, OIB: 60097956040, MBS: 090033807; phone: +385 20 413 453; e-mail address: info@du2remember.com, hereinafter referred to as DU2REMEMBER, pays special attention to the protection of personal data of its clients and customers, all in accordance with best business practice and applicable Croatian and European regulations, including the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016) . The aim of this policy is to provide all interested parties with all the necessary information on the processing and protection of personal data and on the rights that consumers / clients have regarding the personal data processing.


2. THE SCOPE

This Policy applies to all personal data of consumers / clients that is collected and processed by DU2REMEMBER and data collected and processed by DU2REMEMBER partners on behalf of and for the needs of DU2REMEMBER. A client is a person (legal or natural) who has requested a service or offer for a service from the DU2REMEMBER. Personal data is any data related to an individual whose identity has been established or can be established (Article 4 of the General Data Protection Regulation). Data processing means any procedure or set of procedures performed on personal data or on personal data sets (Article 4 of the General Data Protection Regulation).


3. PRINCIPLES OF PERSONAL DATA PROCESSING

The data is processed in accordance with the applicable laws related to the personal data processing and in accordance with the best business practices of data protection. We process the collected data only in accordance with the purpose for which the data was collected. We collect and process only the data that is necessary to achieve the purpose of processing. We pay special attention to the accuracy of the collected data. Consumer / client has the right to inspect the data and correct his/her data at any time. We process and store the data only for as long as is necessary to fulfill the purpose for which the data were collected or as required by applicable regulations. We pay the utmost attention to the security of personal data.


4. CONSUMERS’ RIGHTS

In accordance with the General Data Protection Regulation, the client has the following rights:

  1. Right of access to data Consumer / client has the right to receive confirmation whether we process his/her personal data, and if we process, he/she has the right to receive the following information: information on the purpose of processing, the category of personal data we process, recipients or categories of recipients of the data we process, the estimated period of time that the data will be stored or criteria for determining of the said period, the right to request rectification, erasure and restriction of data processing, the right to file a complaint with the supervisory authority, information on the automated decision-making system, such as profiling, safeguards if the data is transferred to a third country.
  2. Right of correction and erasure Consumer / client has the right to obtain the correction of incorrect data. Consumer / client has the right to obtain the deletion of data, unless the data are necessary for the purpose for which they were collected or need to be stored in accordance with applicable law. DU2REMEMBER is obliged to inform the client about the change or deletion of data that has been done at the request of the Consumer / client
  3. Right to processing limits Consumer / client has the right to obtain a restriction on data processing, under the conditions defined in the General Data Protection Regulation. DU2REMEMBER has the obligation to inform the client about the processing restriction that are done upon the Consumer / client’s request.
  4. Right to data transfer Consumer / client has the right to receive the data that he / she has provided DU2REMEMBER; data is due to be delivered to Consumer / client in a structured, standard and machine-readable format and he/she can transfer them to another processing manager without restriction.
  5. Right to object Consumer / client has the right to object to the processing of personal data at any time. Consumer / client has the right to object to direct marketing at any time, in that case we will no longer use the data for this purpose.
  6. Automated decision-making, including profile creation Consumer / client has the right not to be subject to decisions based on automated processing, including profile creation.

5. METHOD OF PERSONAL DATA COLLECTING

We collect information about our Consumer / client in following ways:

  1. I. Branch office data collection When making a reservation or requesting an offer, we ask the Consumer / client for the personal information required for the reservation or offer. Consumer / client can leave their data in person, or another person can do it on behalf of the Consumer / client, or the user can contact DU2REMEMBER by phone or email.
  2. II. Data collection via the web On our website, when making a reservation or inquiry for an offer, we collect the information needed to make a reservation or offer. Consumer / client submits the data to us through a form on the website.
  3. III. Consumer / client’s consent Consumer / client’s consent means any voluntary, special, informed and unambiguous expression of the respondent's wishes by which he/she gives a statement or a clear affirmative action consent to the processing of personal data relating to him/her (Article 4 of the General Data Protection Regulation). Without the Consumer / client’s consent, we will never use the client's personal data for any purposes for which the consent is required under applicable regulations.

6. TYPES OF THE DATA COLLECTED

We collect only the data that are necessary for the execution of the purpose of data collection and in accordance with applicable legal regulations. The data we collect are: name, date of birth for children needed for discounts where applicable, telephone number and e-mail address for contact, location, gender, citizenship, passport number or other appropriate personal document where necessary to fulfil legal requirements (for example, when crossing the border), credit card number or other means of payment. Due to the nature of travel services, there may be a need to process specially protected categories of personal data that disclose, for example, religious or philosophical beliefs, union membership and client health data solely for the purpose of enforcing a contract between DU2REMEMBER and the Consumer / client, i.e. performing actions that precede the conclusion of the contract. Consumer / client who has provided DU2REMEMBER with data from a special category of personal data shall be considered as he/she has explicitly stated his/her consent to the processing of such data.


7. PURPOSE OF DATA COLLECTION

DU2REMEMBER collects the personal data for following purposes:


8. DATA TRANSFER TO THIRD PARTIES

DU2REMEMBER transfers Consumer / client’s data to third parties as per following:


9. PERSONAL DATA PROTECTION

In order to protect the personal data of our Consumer / client, we use the best business practices in the field of tourism and information and communication technologies. We continuously adjust our internal processes in order to achieve the optimal level of personal data protection. We use various organizational measures and technical means to protect user data from unauthorized access, alteration, loss, theft or other misuse of data.


10. CONTACT

Consumer / client can exercise his/her rights from the GDPR by submitting a request to the e-mail address info@du2remember.com, or by personal visit to Branch office I, Iva Vojnovića 24, 20 000 Dubrovnik. If Consumer / client suspects that there has been a violation of his/her personal data, he/she can send the report to the following e-mail address: info@du2remember.com, or by personal visit to Branch office I, Iva Vojnovića 24, 20 000 Dubrovnik. Likewise, Consumer / client can submit a request to The Croatian Personal Data Protection Agency.


11. PERSONAL DATA COLLECTED ON OUR WEBSITE

When you send an inquiry through our website, we collect the data visible from contact form. Furthermore, we also collect the visitor's IP address as well as the browser's user agent string, all in order to help us detect the spam. The information we collect in the contact form is the most necessary information we need to collect about you and that we need to answer your inquiry, send an offer, submit documents, or to contact you in case of problems in the organization. When contacting us, we will ask you to provide us with the data, including your name, billing address, e-mail address, phone number, payment receipts, payment information and other account information. We shall use that data for the purposes such as:

We usually store your data for as long as we need them for payment and service delivery; once the service is delivered and paid for, your data will be deleted, unless you want to receive our offers and newsletter. Likewise, we will store your comments and/or reviews, in case you decide to leave them.


12. BUILT-IN CONTENT FROM OTHER WEBSITES

This website may contain the built-in content (such as videos, pictures, articles and alike). Built-in content from other websites acts in the exactly same manner as if the Customer /client visits that other specific website. Those websites may collect your data, use the cookies, have additional built-in tracking by third party (tracking including your account and you are registered on the website)


13. DATA SHARING

Your data shall not be publicly shared nor shall be given to third party; we shall not make them public and they shall be solely used for the protection and purpose of our business. Personal data stated in contact form (name, address and phone number) can be shared with certain partnering travel agencies; we are giving the data to them only if that agency is our subcontractor, therefore needs your data so the program can be performed.


14. ACCESS TO PERSONAL DATA

Our team has access to the data you provide us with. For example, website admins and managers can access to:

In order to reply your inquiries, calculate the refund and to provide you customer service, our team members have access to your data. Likewise, our team member that are authorized for data access, are also subject to confidentiality and they cannot take Customer / client’s data out of DU2REMEMBER, and they can use them solely to complete the orders received.


15. DATA BREACH PROCEDURES

In case of data breach, we shall inform you on the event by e-mail, within 24hrs from the moment the data breach is discovered. That notice will contain the information on the type of the breach, what is the risk for the future safety of your data.


16. FINAL PROVISIONS

This Privacy Policy is effective from the date it is published; it is available on our website and in our Branch office I, Iva Vojnovića 24, 20000 DUBROVNIK. Privacy policy is subject to change, without prior direct notice to Customer / client. Therefore, we recommend that you check this page occasionally for any policy changes.

CONNECT WITH US

LETS TALK