Privacy & Cookie Policy

Last updated: January 13, 2026

1. Introduction

Fiore Paklenica ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal information when you visit our website or make a booking inquiry.

We comply with the General Data Protection Regulation (GDPR) and Croatian data protection laws.

2. Information We Collect

2.1 Information You Provide

When you use our contact form or make a booking inquiry, we collect:

• Full name
• Email address
• Phone number (if provided)
• Booking dates and number of guests
• Any additional information you include in your message

2.2 Information Collected Automatically

When you visit our website, our first-party analytics system collects anonymized usage data. We do not use third-party tracking services like Google Analytics.

We collect:

• Anonymized visitor identifier: A daily-rotating hash generated from your IP address and browser information. This identifier changes every 24 hours and cannot be used to identify you personally.
• Hashed IP address: We never store your raw IP address. Instead, we store a one-way cryptographic hash that cannot be reversed to reveal your actual IP.
• Browser type and device category (desktop, tablet, or mobile)
• Pages visited and scroll depth
• Referring website domain
• Language preference (from your browser settings)
• Interaction events: gallery views, form engagement, contact button clicks

This data helps us understand how visitors use our website and improve our services, while preserving your privacy.

3. How We Use Your Information

We use your personal information to:

• Respond to your booking inquiries
• Process and manage reservations
• Communicate with you about your stay
• Improve our website and services
• Comply with legal obligations

4. Legal Basis for Processing

Under GDPR, we process your data based on:

• Consent: When you submit a contact form or accept cookies
• Contract: To fulfill booking requests and provide accommodation services
• Legitimate Interest: To improve our services and website functionality
• Legal Obligation: To comply with applicable laws and regulations

5. Cookie Policy & Local Storage

5.1 What Are Cookies

Cookies are small text files stored on your device when you visit websites. They help websites function properly and provide information to website owners.

5.2 Our Use of Cookies and Browser Storage

Essential Cookies (First-Party):

• Admin session cookies (only used in the administrative area)
• CSRF protection tokens for form security

Analytics - Session Storage (Not Cookies):

Our first-party analytics system uses your browser's sessionStorage instead of cookies. This means:

• Data is stored only for the duration of your browser session
• Data is automatically deleted when you close your browser tab
• Data is never sent to third parties
• No tracking across different websites or sessions

Third-Party Cookies:

• Google Maps: We embed Google Maps to show our location. Google may set cookies when you interact with the map. See Google's Privacy Policy.

5.3 Managing Cookies and Storage

You can control cookies through your browser settings. Note that disabling certain cookies may affect website functionality. Our analytics sessionStorage data is automatically cleared when you close your browser.

6. Data Sharing

We do not sell your personal information. We may share your data with:

• Service Providers: Email hosting, website hosting services
• Legal Requirements: When required by law or to protect our rights

7. Data Retention

We retain your personal information for:

• Booking inquiries: Up to 3 years after your last interaction
• Completed bookings: Up to 7 years for legal and accounting purposes
• Analytics data: Detailed visit data is retained for 90 days, then automatically aggregated into anonymous daily statistics and deleted
• Session storage: Automatically cleared when you close your browser

8. Your Rights

Under GDPR, you have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your data ("right to be forgotten")
• Restriction: Limit how we process your data
• Portability: Receive your data in a machine-readable format
• Objection: Object to certain types of processing
• Withdraw Consent: Withdraw consent at any time

To exercise these rights, contact us at housefiorepaklenica@gmail.com.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

• SSL/TLS encryption for data transmission
• Secure email communication
• Limited access to personal data

10. International Transfers

Your data is primarily processed within the European Economic Area (EEA). If data is transferred outside the EEA, we ensure appropriate safeguards are in place.

11. Children's Privacy

Our website is not directed at children under 16. We do not knowingly collect personal information from children.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date.

13. Contact Us

For questions about this Privacy Policy or your personal data, contact us:

• Email: housefiorepaklenica@gmail.com
• Address: Ul. Jose Dokoza 70, 23244 Starigrad, Croatia
• Phone: +385 91 234 0221

14. Supervisory Authority

You have the right to lodge a complaint with the Croatian Personal Data Protection Agency (AZOP):

• Website: azop.hr
• Address: Fra Grge Martića 14, 10000 Zagreb, Croatia