The Public Institution of the Plitvice Lakes National Park owns and manages the following website: https://np-plitvicka-jezera.hr/,and we hereby inform all of our users about the ways of collecting and processing personal data on this website.
DATA COLLECTION AND PROCESSING
Personal data is any information relating to an identified or an identifiable living individual. A person can be identified directly or indirectly, in particular with the help of identifiers such as name, identification number, location data, network identifier or by using one or more factors specific to the physical, physiological, genetic, mental,economic, cultural or social identity of that individual.
We gather your personal data only if you provide us with that information of your own accord. We collect your data through a newsletter sign-up form or through forms you fill out at hotels, provided we have gained your consent to collect information.
You should also keep in mind that non-personal information and data can be automatically collected through our online servers or by using “cookies”.
Examples of site usage information include: most visited and most viewed pages and links on our website, time spent on the page and most popular keywords that lead users to our website, your IP address, information gathered through cookies, your device’s data such as hardware settings, system activity, browser types, etc.
We use the collected data for one or more of the following purposes:
• to personalize user experience (the collected data helps us respond more effectively to individual needs)
• to improve our website
• to establish a primary communication channel
• to periodically send emails concerning occasionally receiving news (if you wish), updates, information about services, etc.
LINKS TO THIRD PARTIES
We do not offer or provide third-party services or products (except to suggest an offer related to a better experience of the Plitvice Lakes and its surroundings).
By giving your consent, you can subscribe to our newsletter by which we will inform you of our current offers.
We use the so-called single-opt-in process for subscribing to the newsletter.
To send a newsletter, the only information we are required to have is your e-mail address. The provision of additional specifically designated information is voluntary and shall be used for the purpose of personalized marketing. After confirmation, we will store your e-mail address for the purpose of sending the newsletter. The legal basis for the above is Article 6, paragraph 1. a) of the General Regulation, i.e. consent.
You are entitled to withdraw your consent to send the newsletter and unsubscribe at any time. You can withdraw your consent by clicking on the link available in each newsletter, via this form on the webpage, by sending an e-mail to firstname.lastname@example.org or by sending a notice to the contacts listed in the credits.
Please note that, if we send a newsletter, we will analyze how you use it. For the purpose of conducting this analysis, the submitted e-mails contain a so-called web beacon, i.e. a tracking pixel, which are single-pixel image files stored on our webpage. For the purpose of analysis, we link the data referred to in Article 3 and the web beacon to your e-mail address and individual identification (ID).
Such identification (ID) is also contained in the link provided in the newsletter. With the data obtained in this way, we create a user profile in order to adapt the newsletter to your individual interests. In doing so, we collect information during the time you are reading our newsletter and monitor which links you clicked on, and from this we draw conclusions about your personal interests. We link the data in question to your actions on our webpage.
Such tracking is not possible if you have deactivated image display in your e-mail client by default. In this case, the newsletter will not be displayed in its entirety and you may not be able to use all the features. If you manually enable image display, the abovementioned tracking shall take place.
The data is stored exclusively for the purpose of sending the newsletter and will not be passed on to third parties.
PROTECTING YOUR DATA
All data is stored in databases and repositories in the European Union. We will not store stored data in countries outside the European Union.We retain and protect personal data for the duration of the business relationship and in accordance with current regulations.
RIGHTS OF INDIVIDUALS
If you want to know if we own or process your personal data, or if you want to access the personal data we own, please contact the Data Protection Officer via the following email address: email@example.com
You may also request information about the purpose and means of data processing. You have the right to correct the personal data we own if it is incorrect. With certain exceptions, you may also request that we delete or discontinue processing your data or you may request that we discontinue processing personal data for direct marketing purposes.
If you submit a request to send your personal data, it will be free of charge. If we cannot meet your request within a reasonable period of time, we will notify you of the date when we will satisfy your request, and if we cannot meet your request, we will send you an explanation pertaining to why we did not meet your request.
PERSONAL DATA BREACH NOTIFICATION
In the event of a personal data breach, we will notify you and the competent supervisory authority within 72 hours, via email, of the extent of the breach, the data involved, the potential impact on our services, as well as our planned data protection measures and the limitation of harmful effects on individuals.
We will not send you a breach notification if:
- there are technical and organizational protection measures (such as encryption) applied to the personal data affected by the personal data breach, which make the data incomprehensible to any person that is not authorized to access them;
- we have taken subsequent measures to ensure that the rights and freedoms of individuals will no longer be at risk;
- this would require excessive effort (in this case, we will notify you by means of public disclosure or we will take other equally effective measures).
- Personal data breach constitutes a security breach that leads to unintentional or unlawful destruction, loss, alteration, unauthorized disclosure or access to personal data transmitted, stored or processed in relation to the provision of our services.
RIGHT OF COMPLAINT WITH A COMPETENT AUTHORITY
You may lodge a complaint with a supervisory authority at any time regarding the collection and processing of your data. In the Republic of Croatia, a complaint shall be lodged with the Personal Data Protection Agency (AZOP).