Dream Holiday craft for tourist agency services
Gospe od Andela 10
21214 Kastel Kambelovac
OIB vl.: 30320798247
Association of Craftsmen – Kastela
Bank: Privredna Banka Zagreb, Radnička cesta 50, 10 000 Zagreb
Phone: +385 (0) 95 878 8099
All content on this web site (pictures, videos, texts, documents) is subject to the copyright of Dream Holiday. Content is not allowed to be copied without written consent. The base of the site is based on a WordPress platform that is subject to GPL licensing, the WordPress theme was made by order of Dream Holiday.
We are very delighted that you have shown interest in our agency. Data protection is of a particularly high priority for the management of Dream Holiday. The use of the Internet pages of Dream Holiday is possible without any indication of personal data; however, if a data subject wants to use special enterprise services via our website, processing of personal data could become necessary. If the processing of personal data is necessary and there is no statutory basis for such processing, we generally obtain consent from the data subject.
The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject shall always be in line with the General Data Protection Regulation (GDPR), and in accordance with the country-specific data protection regulations applicable to Dream Holiday. By means of this data protection declaration, our agency would like to inform the general public of the nature, scope, and purpose of the personal data we collect, use and process. Furthermore, data subjects are informed, by means of this data protection declaration, of the rights to which they are entitled.
As the controller, Dream Holiday has implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this website. However, Internet-based data transmissions may in principle have security gaps, so absolute protection may not be guaranteed. For this reason, every data subject is free to transfer personal data to us via alternative means, e.g. by telephone.
The data protection declaration is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our data protection declaration should be legible and understandable for the general public, as well as our customers and business partners. To ensure this, we would like to first explain the terminology used.
In this data protection declaration, we use, inter alia, the following terms:
a) Personal data
Personal data means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
b) Data subject
Data subject is any identified or identifiable natural person, whose personal data is processed by the controller responsible for the processing.
Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
d) Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of limiting their processing in the future.
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyses or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.
Pseudonymisation is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
g) Controller or controller responsible for the processing
Controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by union or member state law, the controller or the specific criteria for its nomination may be provided for by union or member state law.
Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Recipient is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. however, public authorities which may receive personal data in the framework of a particular inquiry in accordance with union or member state law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
j) Third party
Third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
Consent of the data subject is any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
2. Name and address of the controller
Controller for the purposes of the General Data Protection Act (GDPR), other data protection laws applicable in the EU Member States and other data protection provisions:
Dream Holiday Crafts for Travel Agency Services
Gospe od Andela 10
21214 Kastel Kambelovac
3. Name and address of the Data Protection Officer
The Personal Data Protection Officer is:
Dream Holiday Crafts for Travel Agency Services
Gospe od Andela 10
21214 Kastel Kambelovac
Any data subject can at any time contact our data protection officer with any questions and suggestions regarding data protection.
4. What information do we collect about you and how?
We collect information about you when you fill out any of the forms on our website or by sending queries. Web site usage was collected using the cookie.
If you are under the age of 16, you must obtain parental consent before filling out any form on our website.
Cookies are text files placed on your computer to collect standard information about internet records and visitor behavior information. This information is then used to monitor the use of a visitor’s web site and to create statistical site activity reports.
You can set your browser to not accept cookies, and the above mentioned webpages tell you how to remove cookies from your browser. Please note that some of the features on our website may not work because of that.
We use the following cookies:
– Strictly necessary cookies: help the website to work and improve the look and impression of the web site. They also help improve navigation on our website and allow you to return to the pages you have previously visited. This type of cookie only lasts for the duration of a visit to the web site. When you leave the website, they are automatically deleted.
– Analytical cookies: Allow us to recognize and count the number of visitors and to see how visitors move to our website when they are used. This helps us improve the way our website works, for example, so that users find it easier to find what they are looking for and what they are interested in.
– Functional Cookies: Used to recognize when you return to our web site. This allows us to customize our content, personalize and memorize your preferences (for example, your choice of language or region).
On this website, the controller integrated the Google Analytics component. Google Analytics is a web analytics service. Web analytics collects and analyzes site visitor behavior data. The web analytics service collects, among other things, information about the site that the person came from (referrer), which subpages were visited, or how often and by what time viewed the subpages. Web analytics is mainly used to optimize a website and to conduct cost analysis and use of internet advertising.
The Google Analytics component operator is Google Inc., 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, United States.
The purpose of the Google Analytics component is to analyze traffic on our web site. Google collects collected data and information, among other things, to evaluate the use of our web site and provide online reports that show activity on our web site and provide other services related to the use of our web site for us.
Google Analytics puts a cookie on the information technology system of the respondent. The cookie definition is explained above. The cookie is used to store personal information, such as access time, the place where access is made and the frequency of visits to our site by the subject. Every visit to our web site, such personal information, including the Internet access IP address that uses the data subject, will be transmitted to Google in the United States. These personal information is stored by Google in the United States. Google may transfer this personal information collected through a technical process to third part.
The data subject can, as noted above, at any time prevent cookies from being placed on our web site by matching the web browser used, thereby permanently denying cookies. Such adaptation to the web browser used would also prevent Google Analytics from setting up a cookie on the subject’s information technology. In addition, cookies that Google Analytics already uses can be deleted at any time via an Internet browser or other software program.
Additional information and applicable Google data protection provisions can be downloaded at https://www.google.com/intl/en/policies/privacy/ and http://www.google.com/analytics/terms/us.html Google Analytics is further explained in the following link: https://www.google.com/analytics/
7. Regulations on the Protection of Information on application and using Facebook
On this website, the controller has integrated the Facebook component. Facebook is a social network. The Social Network is the place for social meetings on the Internet, a network community that usually allows users to communicate with each other and interact in the virtual space. The social network can serve as a platform for sharing opinions and experiences, or enabling the Internet to provide personal or business information. Facebook allows social network users to include private profiles, upload photos, and network through friend requests.
The Facebook operating company is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, United States. If a person lives outside the United States or Canada, the controller is Facebook Ireland Ltd., Grand Canal 4, Grand Canal port, Dublin 2, Ireland.
If a person is logged on Facebook at the same time, Facebook detects every call on our website by the data bearer and for the entire duration of our stay on our Internet site – which specific submissions of our site was visited by the data bearer. These data are collected through the Facebook component and are linked to the corresponding Facebook account of the subject. If a user clicks on one of the Facebook buttons integrated into our website, such as the “I Like” button or if a subject submits a comment, then Facebook pairs this information with the personal Facebook account of the data subject and saves the personal information.
The Data Protection Policy published by Facebook, available at https://facebook.com/about/privacy/ provides information on collecting, processing and using personal data from Facebook. In addition, it explains what settings Facebook offers to protect the privacy of data objects. In addition, different configuration options are available to allow removal of data transfer to Facebook, such as a Facebook blocker from Web graph, which can be obtained at http://webgraph.com/resources/facebookblocker/ . This application can use the data subject to remove data transfer to Facebook.
We embed videos from our YouTube channel. You do not need to sign up with either YouTube or Google (YouTube owner) to watch embedded videos. When viewing these videos, YouTube may record data that cannot detect the user’s identity about using the web site, such as channels that are being used, video views, and data transfer data to improve their services. If you sign up for a YouTube site before watching a video, YouTube may associate information about using your site with your YouTube account. If you sign up for YouTube and comment on the embedded video, all the personal information that you provide when signing in to your account will be visible to visitors who click the comment.
9. Access your information, correction, portability and deletion of data
What is a data access request?
This is your right to request a copy of the information we hold about you. If you want a copy of some or all of your personal information, send us an e-mail to: firstname.lastname@example.org or write to us at: Tomislav Đikić, Dream Holiday Crafts for Travel Agency Services, Gospe od Andela 10, 21214 Kastel Kambelovac, Croatia. We will reply to your request within 30 days of receiving your request.
We want to make sure your personal information is accurate and up to date. You may request that we correct or remove the information you believe to be incorrect, by e-mail to: email@example.com or by writing to the above address.
You also have the right to receive the personal information you have provided, in a structured, standard format, and in a machine readable format and have the right to transfer this data to another controller without delay from the current controller if:
(a) The processing is based on a consent or contract, and
(b) Processing is carried out by automated means.
Right to delete (Right to be forgotten)
If you want us to completely delete all of the information pertaining to you, please send us a request to delete the data in the following ways:
In written form: Tomislav Đikić, Dream Holiday Craft for Travel Agency Services, Gospe od Andela 10, 21214 Kastel Kambelovac, Hrvatska.
10. Final Provisions
If you consider that your personal information is processed in a manner that does not meet GDPR, you have the right to file a complaint with the competent supervisory authority.
The supervisory authority will inform you of the progress and outcome of your appeal.
The Supervisory Authority in the Republic of Croatia is the Personal Data Protection Agency.