Privacy Policy

Home

Privacy Policy

Last updated: 2025

This Privacy Policy explains how Crocation, obrt za turizam i putnička agencija, vl. Ivana Mujkić (“Crocation”, “we”, “us”, “our”) collects, uses and protects your personal data in accordance with the General Data Protection Regulation (GDPR) and applicable Croatian laws.

By using our website or contacting us, you agree to the terms of this Privacy Policy.

1. DATA CONTROLLER

The data controller responsible for the processing of your personal information is:

Crocation, obrt za turizam i putnička agencija
Owner & Data Protection Officer: Ivana Mujkić
Address: Široki put 126, 32000 Vukovar, Croatia
Email: support@crocation.hr

2. WHAT PERSONAL DATA WE COLLECT

We collect only the data necessary to provide our services, respond to your enquiries and communicate effectively. This may include:

Data you provide directly

  • Name and surname
  • Email address
  • Phone number
  • Information submitted through the contact form
  • Information used for trip planning (e.g. travel dates, preferences, number of travellers, budget)
  • Any additional information voluntarily provided to us during communication

Automatically collected data

When you visit our website, certain technical data may be collected automatically through Google Analytics:

  • IP address (anonymised where possible)
  • Browser type and version
  • Device information
  • Pages visited and time spent on the website
  • General geolocation information (non-precise)

We do not collect or store payment card information, as no payments are processed through our website.

3. HOW WE USE YOUR PERSONAL DATA

We process your personal data only for legitimate business purposes, including:

  • Responding to your enquiries
  • Preparing customised travel proposals
  • Providing travel planning and consulting services
  • Creating and delivering personalised itineraries
  • Ensuring customer support before and during your trip
  • Improving our website and user experience (analytics)

Your data will never be sold, leased or shared for marketing purposes.

4. SHARING YOUR PERSONAL DATA WITH THIRD PARTIES

Your personal data may be shared with trusted third parties only when necessary for the execution of the service you request, such as:

  • Hotels and other accommodation providers
  • Transport companies
  • Local tour operators or guides
  • Excursion providers
  • Other travel service partners

We only share the minimum required information (e.g. guest name for hotel check-in).
All partners receiving your data are obliged to comply with GDPR and use your data solely for the purpose of fulfilling your booking.

Your data is not shared with any other third parties except when legally required (e.g. by authorities).

5. LEGAL BASIS FOR PROCESSING

We process your data based on the following legal grounds:

  • Consent – when you voluntarily contact us or submit a form
  • Contractual necessity – when processing is required to provide travel-related services
  • Legitimate interest – for communication, fraud prevention or analytics
  • Legal obligation – when required by applicable regulations

6. DATA RETENTION

We retain your data only for as long as necessary to fulfil the purpose for which it was collected:

  • Emails and enquiry data: up to 12 months
  • Booking-related data: up to 5 years (in accordance with Croatian accounting law)
  • Analytics data: according to Google Analytics retention settings

After this period, data is securely deleted or anonymised.

7. YOUR RIGHTS UNDER GDPR

You have the right to:

  • Access your personal data
  • Request correction of inaccurate or incomplete data
  • Request deletion (“right to be forgotten”)
  • Restrict or object to processing
  • Request data portability
  • Withdraw consent at any time
  • File a complaint with the Croatian Personal Data Protection Agency (AZOP)

To exercise your rights, contact us at support@crocation.hr.

8. DATA SECURITY

We take appropriate technical and organisational measures to protect your data from unauthorised access, loss or misuse. This includes secure communication channels, restricted access and the use of trusted service providers.

9. USE OF GOOGLE ANALYTICS

Our website uses Google Analytics to better understand how visitors use our site. Google may process anonymised technical data in accordance with its own privacy policies.
Analytics helps us improve performance, but we do not use it to identify individuals.

10. MINORS

Our services are not directed to persons under the age of 18.
We do not knowingly collect personal data from minors.

11. UPDATES TO THIS POLICY

We may update this Privacy Policy from time to time. Any changes will be published on this page with an updated revision date.

12. CONTACT INFORMATION

For any privacy-related questions or requests, please contact us:

Crocation
Email: support@crocation.hr
Address: Široki put 126, 32000 Vukovar, Croatia