image 21

Privacy Policy

This Privacy Policy outlines how Villa Casa Tia collects, uses, and protects personal data when you visit our website, communicate with us, or submit a booking inquiry. We are committed to complying with the EU General Data Protection Regulation (GDPR) and applicable Croatian data protection laws

Last updated: November 10. 2025.

1. Data Controller

Villa Casa Tia, 
Mihatovići 47, Nova Vas
info@casatiaistria.com
mob: +385 91 5932 428

2. Personal Data We Collect

2.1 Data Provided Directly by You

We may collect the following information when you contact us or request a booking:

  1. Full name
  2. Email address
  3. Phone number
  4. Booking details (dates, number of guests, preferences)
  5. Messages or inquiries sent through forms, email, or social media
  6. Payment information processed through approved third-party providers

2.2 Data Collected Automatically

When visiting our website, we may collect:

IP address

Browser type and version

Device information

Pages visited and time spent on the website

Cookies and analytics data

3. Purpose of Processing

We process your personal data for the following purposes:

  1. Responding to inquiries
  2. Managing booking requests and confirming reservations
  3. Providing updates and relevant information about your stay
  4. Maintaining website functionality and improving user experience
  5. Ensuring security and preventing misuse
  6. Complying with legal obligations, including guest registration requirements in Croatia

4. Legal Basis for Processing

Your personal data may be shared with:

  1. Booking platforms (e.g., Airbnb, Booking.com)
  2. Payment processors
  3. Website hosting and analytics services
  4. Legal authorities when required by Croatian law
  5. All third parties are required to protect your data and comply with GDPR.

5. International Data Transfers

If personal data is transferred outside the EU/EEA, it is done in accordance with GDPR-approved safeguards, such as Standard Contractual Clauses or equivalent protections.

6. Data Retention

We retain personal data only for as long as necessary:

  1. Inquiry data: up to 12 months
  2. Booking and financial records: as required by Croatian law
  3. Analytics data: according to third-party retention policies
  4. After the retention period, data is securely deleted.
  5. If personal data is transferred outside the EU/EEA, it is done in accordance with GDPR-approved safeguards, such as Standard Contractual Clauses or equivalent protections.

7. Your Rights (GDPR)

You have the right to:

  1. Access your personal data
  2. Request correction of inaccurate information
  3. Request deletion of your data
  4. Restrict or object to processing
  5. Withdraw consent
  6. Request data portability
  7. Lodge a complaint with a data protection authority
  8. To exercise these rights, contact us at the email provided above.

8. Security

We take appropriate technical and organizational measures to protect personal data, including secure hosting, encryption, access controls, and regular system updates. No system can guarantee absolute security, but we strive to maintain a high level of protection.

 

9. Links to External Websites

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of external sites.

10. Changes to This Privacy Policy

We may update this Privacy Policy periodically. The revised version will be posted on this page with an updated “Last updated” date.

11. Contact

For any questions regarding this Privacy Policy or your personal data rights, please contact:
info@casatiaistria.com