Privacy Policy

Last Updated: January 2026

1. Introduction

Apartments Blažević ("we," "us," or "our") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our website or book our vacation rental properties.

We comply with the General Data Protection Regulation (GDPR) and Croatian data protection laws (Zakon o provedbi Opće uredbe o zaštiti podataka).

Data Controller:

2. Information We Collect

2.1 Personal Information You Provide

We collect personal information that you voluntarily provide when you:

  • Submit a booking inquiry or reservation request
  • Contact us via email, phone, or contact form
  • Subscribe to our newsletter or updates
  • Book through Airbnb (information shared by Airbnb)

This information may include:

  • Full name
  • Email address
  • Phone number
  • Mailing address
  • Booking dates and preferences
  • Number of guests
  • Special requests or requirements
  • Payment information (processed through Airbnb, not stored by us)

2.2 Website Analytics

We use Umami, a privacy-focused analytics tool, to understand how visitors use our website. Umami does not use cookies, does not collect personal data, and does not track you across websites. It only collects anonymous, aggregated data such as page views, referrer sources, and general device information to help us improve our website.

2.3 Information from Third Parties

If you book through Airbnb, we receive information about you through their platform in accordance with their privacy policy and terms of service.

3. How We Use Your Information

We use your personal information for the following purposes:

3.1 Booking and Service Delivery

  • Processing and confirming your reservation
  • Communicating about your booking (check-in details, directions, house rules)
  • Providing customer support
  • Managing check-in and check-out
  • Sending important updates about your stay

3.2 Communication

  • Responding to your inquiries and questions
  • Sending booking confirmations and reminders
  • Providing local tips and recommendations
  • Following up after your stay (optional feedback requests)

3.3 Marketing (With Your Consent)

  • Sending occasional newsletters with local tips and updates
  • Informing you about special offers or availability
  • Sharing blog posts and area guides

You can opt out of marketing communications at any time by clicking the unsubscribe link in our emails or contacting us directly.

3.4 Legal and Safety

  • Complying with Croatian tourism registration requirements
  • Maintaining safety and security of our properties
  • Resolving disputes or legal issues
  • Preventing fraud

4. Legal Basis for Processing (GDPR)

Under GDPR, we process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary to fulfill our booking agreement with you
  • Legitimate Interests: Improving our services, maintaining guest records, and property management
  • Legal Obligation: Complying with Croatian tourism laws and tax regulations
  • Consent: Marketing communications and optional newsletter subscriptions (you can withdraw consent anytime)

5. How We Share Your Information

We do not sell, rent, or trade your personal information. We may share your information only in the following limited circumstances:

5.1 Booking Platforms

When you book through Airbnb, your information is shared with us through their platform. Airbnb's privacy policy applies to how they handle your data.

5.2 Service Providers

We may share information with trusted service providers who assist us:

  • Email service providers (if we use email marketing tools)
  • Website hosting services

These providers are contractually obligated to protect your data and use it only for specified purposes.

5.3 Legal Requirements

We may disclose your information if required by Croatian law, such as:

  • Tourism registration with local authorities
  • Tax reporting requirements
  • Response to legal processes or government requests
  • Protection of our rights, property, or safety

5.4 Emergency Situations

In case of emergency during your stay, we may share your information with local emergency services or medical personnel.

6. Data Retention

We retain your personal information only as long as necessary for the purposes outlined in this policy:

  • Booking information: Retained for 7 years for tax and legal compliance (Croatian law requirement)
  • Marketing consent: Until you unsubscribe or withdraw consent
  • Inquiry information: Deleted after 2 years if no booking was made

After the retention period, we securely delete or anonymize your personal data.

7. Your Rights Under GDPR

As a data subject under GDPR, you have the following rights:

7.1 Right to Access

You can request a copy of the personal data we hold about you.

7.2 Right to Rectification

You can ask us to correct inaccurate or incomplete personal data.

7.3 Right to Erasure ("Right to be Forgotten")

You can request deletion of your personal data, except where we must retain it for legal obligations (e.g., tax records).

7.4 Right to Restrict Processing

You can request that we limit how we use your data in certain circumstances.

7.5 Right to Data Portability

You can request your data in a structured, commonly used format to transfer to another service.

7.6 Right to Object

You can object to processing based on legitimate interests or for direct marketing purposes.

7.7 Right to Withdraw Consent

Where processing is based on consent, you can withdraw it at any time (e.g., unsubscribing from newsletters).

To exercise any of these rights, please contact us at:

Email: blazevic.ljubomir@gmail.com
Phone: +385 91 504 6084

We will respond to your request within 30 days.

8. Data Security

We take reasonable technical and organizational measures to protect your personal data from unauthorized access, loss, misuse, or disclosure:

  • Email communications are secured
  • Access to personal data is limited to Ljubo and Meri only
  • Physical documents are stored securely
  • We do not store payment card information (handled by Airbnb)
  • Regular data backups are performed

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

9. International Data Transfers

Your personal data is stored and processed in Croatia (European Economic Area). If we use service providers located outside the EEA, we ensure they provide adequate data protection through:

  • EU-approved Standard Contractual Clauses
  • Adequacy decisions by the European Commission
  • Other legally approved transfer mechanisms

10. Children's Privacy

Our services are not directed to children under 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected data from a child under 16 without parental consent, we will delete it promptly.

If you believe we have collected information from a child under 16, please contact us immediately.

11. Third-Party Websites

Our website contains links to third-party websites, including:

  • Airbnb (booking platform)
  • Wikimedia Commons (image sources)
  • Unsplash (image sources)
  • Pexels (image sources)
  • Pixabay (image sources)
  • Google Maps (location services)

These third-party sites have their own privacy policies. We are not responsible for their privacy practices. We encourage you to review their policies before providing any personal information.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. The "Last Updated" date at the top of this page indicates when the policy was last revised.

If we make significant changes, we will notify you by:

  • Posting a notice on our website
  • Sending an email to registered users (if applicable)

Your continued use of our services after changes are posted constitutes acceptance of the updated policy.

13. Supervisory Authority

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with the Croatian Data Protection Authority (Agencija za zaštitu osobnih podataka - AZOP):

  • Agencija za zaštitu osobnih podataka (AZOP)
  • Selska cesta 136, 10000 Zagreb, Croatia
  • Phone: +385 1 4609 000
  • Email: azop@azop.hr
  • Website: azop.hr

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please contact us:

We respond to privacy inquiries within a few working days and formal GDPR requests within 30 days as required by law.

Your Privacy Matters: We are a small family business committed to treating your personal information with respect and care. If you have any concerns about your privacy, please don't hesitate to reach out to Ljubo or Meri directly.