PRIVACY POLICY

Aquapark Istralandia (“We”) are committed to protecting and respecting your privacy.

This policy (together with any other terms of use available on our website and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

Aquapark Istralandia owns and operates the following websites :

 

INTRODUCTION INFORMATION

We respect your privacy and we undertake to pretect it together with your personal data. Collection and protection of personal data is performed in accordance with the provision of Regulation (EU) 2016/679 of the European Parliment and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Privacy Regulation), Croatian Act on Implementation of the General Data Protection Regulation (NN 42/2018) and other regulations governing the subject area in force in the Republic of Croatia.

 

WHO IS PERSONAL DATA CONTROLLER?

The operator of aquapark Istralandia and Personal Data Controller is Aquapark Istralandia d.o.o., with registered office at Brtonigla, Ronki 1, Croatia, OIB: 3245196106

 

INFORMATION WE MAY COLLECT FROM YOU

We may collect and process the following data about you:

  • Contact and general information that you provide by filling in an online enquiry or feedback forms on our websites.
  • Contact and address details when you purchase a product in order to confirm the transaction, send you a product and/or update you with details of your booking, or in the unlikely event that we need to contact you urgently about your booking.
  • Certain products that we offer may require more detailed data to be collected and processed, for example; Special Events, VIP Experiences and Corporate bookings. This may include information such as additional names, ages and dietary arrangements.
  • Marketing and Communications data, such as your name, address and email, if you choose to opt-in to receive marketing material from us.
  • We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
  • Details of your visits to our websites including, but not limited to; traffic data, IP address, weblogs and other communication data.
  • If you contact us, we may also keep a record of that correspondence.

 

CHILDREN UNDER THE AGE OF 16

We do not intend to collect information from or market to children under the age of 16 years. If you sign up to receive marketing materials from us we will proceed on the basis that you are over 16.

Children under the age of 13 years will not be able to register for any activities, trails or competitions, without consent from an adult who holds parental responsibility. That person will then be designated the contact for communication of any information, updates and/or prizes.

 

WHERE WE STORE YOUR PERSONAL DATA

The information you provide to us is stored on our secure servers. All payment transactions will be encrypted using SSL technology and are handled by a certified 3rd Party. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone. We will never ask you for that password.

By submitting your personal data, you agree to the transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

 

USES MADE OF THE INFORMATION

We use information held about you in the following ways:

  • To ensure that content from our websites is presented in the most effective manner for you and for your computer.
  • To provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes.
  • To carry out our obligations arising from any contracts entered into between you and us.
  • To notify you about changes to our service.
  • To allow you to participate in interactive features of our service when you choose to do so.

TICKETING PARTNERS

We work with multiple ticketing partners who offer our products and services at reduced prices. If you are purchasing one of our products using a ticketing or promotional partner in order to provide these services, securely fulfil transactions and provide you with relevant booking communications we may need to share your data with the relevant partner.

With partners who sell tickets on their own websites, we may be required to share identifiable personal data in order for us to process bookings and payments correctly. When purchasing tickets from websites not owned or operated by us we would recommend checking the relevant partner’s privacy policy.

Our ticketing partners are not permitted to send you marketing material unless you give them explicit consent to do so and we only allow our partners to handle your data when they conform to appropriate data protection and security controls.

 

OPTING-OUT OF RECEIVING MARKETING

If you have chosen not to opt-in to receive marketing material from us, or since opting in have decided to opt-out, we will only contact you regarding any products you may have purchased from us and when we consider it to be in our legitimate interest to contact you about said products.

This may include:

  • Sending e-tickets and a record of your purchase to you via email.
  • When a situation has arisen that could directly impact the delivery of a booked product or experience. For instance, if weather meant we had to close Aquapark Istralandia d.o.o, we would endeavour to inform you trought web page or social media. This contact data would be extracted from our e-ticketing system; such information is recorded at point of purchase as it’s necessary for the fulfilment of all bookings and transactions.
  • If you are an Annual Pass holder and have therefore entered into a contract with us for a set period. We may contact you with advice on how to make the most of your pass and membership and update you when your pass is due for renewal.
  • Emailing you to ask you to complete a feedback survey so we can study how our customers use our products and services and improve our offering accordingly. We will only ask you to feedback on the product you have purchased and you are not obliged to complete the survey we send you.
  • If you have been directly involved in any photo, video or media opportunities and provided your details.

 

DISCLOSURE OF YOUR INFORMATION

We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries.

We may disclose your personal information to third parties:

  • In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
  • If Aquapark Istralandia d.o.o. or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
  • If we are under a duty to disclose or share your personal data in order to comply with any legal obligation.

We will not sell your data or share personal data with third party organisations for marketing purposes, but we do use third parties to outsource functions when we do not have the in-house capacity or capability required, such as the use of a mailing house for mailings, fulfilment of an electronic booking or service and analytical services that enable us to target our communications to you more effectively. In such cases, we will only use reputable and well-vetted firms and have contracts and processes in place that ensure the safe and confidential processing of personal data at all times. We may also disclose personal information where required or otherwise permitted by law.

We require all third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes on our behalf and in accordance with our instructions.

 

DATA RETENTION

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

In order to comply with legal and tax obligations, we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for at least six years after they cease being customers.

In some circumstances you can ask us to delete your data: see ‘your rights’ for further information.

In some circumstances, we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

 

YOUR RIGHTS

You have the right to ask us not to process your personal data for marketing purposes. We will inform you (before collecting your data) if we intend to use your data for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us at info@istralandia.com

A reminder of all your rights under GDPR:

  • Request access to your personal data.
  • Request correction of your personal data.
  • Request erasure of your personal data.
  • Object to the processing of your personal data.
  • Request restriction of processing your personal data.
  • Request transfer of your personal data.
  • Right to withdraw consent.

 

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We may need to request specific information from you (two forms of identification) to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

 

CHANGES TO OUR PRIVACY POLICY

Any changes we may make to our privacy policy in the future will be posted on this page.

 

CONTACT

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to info@istralandia.com