1. Introduction
Gebetsroither Resorts d.o.o. respects your privacy and is committed to protecting the personal data of all affected individuals in accordance with applicable regulations, including the General Data Protection Regulation (EU) 2016/679 (GDPR) and the law implementing the GDPR.
This Privacy Policy describes which personal data we collect, for what purposes we process it, on which legal bases, how long we store it, which rights you have, and how you can exercise them.
2. Controller and Contact Details
Company: Gebetsroither Resorts d.o.o.
Address: Mletačka ulica – Via Venezia 12, 52 100 Pula, Croatia
OIB: 38751034034
Phone: 022 646 805
Data Protection Officer: Petar Vušković
E-mail: info@qnorma.com
3. Methods of Collection and Types of Guest Personal Data
Gebetsroither Resorts d.o.o. collects guest personal data in the following ways:
– directly at the reception desk
– via the website or by e-mail
– by phone
– through video surveillance or ANPR cameras
Collected data includes:
– eVisitor data (name, surname, date of birth, nationality, ID/passport number, address, arrival and departure dates)
– reservation and communication data
– payment data
– complaints or inquiries
– newsletter/marketing data
– cookie data according to the cookie policy
– photos or videos with consent
– video surveillance and ANPR data
Purposes of use:
– legal obligations
– processing reservations and accommodation services
– communication
– payment processing
– security
– marketing with consent
4. Legal Bases for Processing
– Legal obligation (Art. 6(1)(c) GDPR)
– Legitimate interest (Art. 6(1)(f) GDPR)
– Consent (Art. 6(1)(a) GDPR)
5. Collection During Online Reservation and at Reception
The website can be visited without revealing personal data. Upon arrival, guest data is scanned according to eVisitor requirements.
Retention period:
Data is stored in accordance with legal obligations or until the purpose ceases to apply.
Data transfer:
No transfer to third parties or third countries unless legally required.
Data based on consent:
Stored until withdrawn and then deleted or anonymized.
7. Rights of Data Subjects
Guests have the right to:
– access
– rectification
– erasure
– restriction of processing
– data portability
– objection
– withdrawal of consent
– complaint to the Data Protection Authority (AZOP)
8. Data Protection Officer
Contact:
Petar Vušković
E-mail: info@qnorma.com
9. Exercising Rights
Requests can be made:
– by e-mail: info@qnorma.com
– by mail: Mletačka ulica – Via Venezia 12, 52 100 Pula
Response within 30 days, with the possibility of a two-month extension if necessary.
10. Data Protection Principles
Data processing is carried out in accordance with the principles of lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity and confidentiality. Technical and organizational measures are applied.
11. Security Measures
Examples include:
– password protection
– access restrictions
– confidentiality commitments
– contracts with processors
– antivirus and security systems
– physical security measures
– secure document destruction
– regular internal audits
12. Cookie Policy
The website uses necessary, analytical, and marketing cookies. Users can accept, decline, or adjust these. Cookies are only activated after consent.
Retention periods:
– Necessary cookies: until session end (or up to 30 days)
– Analytical cookies: up to 24 months
– Marketing cookies: 3–12 months
13. Entry into Force and Changes
This Privacy Policy is effective as of 1 October 2025. Changes will be communicated via official communication channels.
As of November 2025
