GDPR

1. Introductory Provisions
This privacy policy explains how THE BEACH d.o.o. (the “Controller”) collects, uses, and protects the personal data of guests and visitors to the website www.thebeachresortvir.com. The processing of personal data is governed by Regulation (EU) 2016/679 of the European Parliament and of the Council (“GDPR”) and applicable Croatian legislation.

2. What Personal Data We Process
We only process data that you provide to us, in particular:
– First name and last name
– Residential address
– Email address
– Phone number
– Booking details (stay dates, number of people, apartment type)
– Payment details and billing information
– Travel document details (e.g., passport or ID card number – required by Croatian law for guest registration)

3. Purposes of Processing
We process your personal data only for the following purposes:
1. Concluding and fulfilling accommodation bookings, the course or support of the booking process
2. Fulfillment of legal obligations (e.g., registration of guests in the eVisitor system, accounting and tax regulations)
3. Communication with you (answering inquiries, booking confirmation, etc.)
4. Sending informational emails and news (voluntary customer registration for newsletter subscription – only with consent)
5. Protection of rights and legitimate interests (e.g., ensuring the security of the property)

4. Legal Basis for Processing
The processing of personal data takes place on the basis of:
– performance of a contract/booking for accommodation (Art. 6 para. 1 letter b) GDPR),
– fulfillment of a legal obligation (Art. 6 para. 1 letter c)),
– legitimate interest of the controller (Art. 6 para. 1 letter f)),
– or your consent (Art. 6 para. 1 letter a)).

5. Data Retention Period
We retain personal data:
– for the period necessary to fulfill the contract/booking,
– for the period stipulated by law (e.g., accounting documents – 10 years),
– or until you withdraw your consent, if granted.

6. Recipients of Personal Data
Your data may only be accessed by:
– employees of THE BEACH d.o.o.,
– accounting and tax advisors,
– IT and web hosting providers, website and booking system
– booking portals (e.g., Booking.com, Airbnb – if you make a booking this way),
– state administration bodies (authorized by law).

7. Transfers to Third Countries
We do not transfer personal data outside the European Union.

8. Rights of the Data Subject
You have the right to:
– request access to your personal data,
– request rectification or erasure,
– restrict processing,
– object to processing,
– data portability,
– withdraw consent to processing,
– and lodge a complaint with the supervisory authority: Agencija za zaštitu osobnih podataka (AZOP), www.azop.hr

9. Data Security
We protect your personal data with technical and organizational measures to ensure its confidentiality, integrity, and availability.

10. Cookies
We use cookies on our website to:
– ensure the proper functioning of the website,
– analyze traffic (e.g., Google Analytics),
– and possibly for marketing purposes (only with your consent).
Details are provided in a separate Cookie Policy.

11. Contact Details of the Controller
If you have any questions or requests regarding the processing of personal data, please contact us:

Email: info@the-beach.eu
Phone: +420 739 421 942

This policy was last updated on October 1, 2025.