Privacy Policy

v: 2.0.0

This Privacy Policy explains how Apartmanly ("Portal", "we", "our website") collects, uses, and protects users’ personal data ("you"). The data controller is the operator of the Apartmanly platform, whose identification and contact details are provided on the Portal. This Privacy Policy may be available in multiple languages for easier understanding by users. In case of any difference between a translated version and the official version, the official Croatian version shall prevail. This Privacy Policy applies to all Portal users, regardless of their location, when Apartmanly processes their personal data in connection with providing its services.

1. Data We Collect

  • We may collect information that you voluntarily provide when using the Portal.
  • First and last name.
  • Email address.
  • Phone number (if provided).
  • Content of inquiries.
  • Information about the accommodation for which you are sending an inquiry (dates, number of persons, and other information necessary for communication).
  • When visiting the Portal, certain technical data may be automatically processed, including IP address, browser information, device information, operating system data, and access logs, for security purposes, system maintenance, and prevention of misuse.

2. How We Use Data

  • To enable communication between potential guests and accommodation owners.
  • To forward inquiries to owners of selected accommodations.
  • To provide technical support and maintain Portal functionality.
  • To send technical notifications related to the use of the Portal.
  • To protect system security and prevent misuse.
  • To analyze and improve the quality of our services.
  • Apartmanly does not confirm reservations, manage accommodations, or participate in agreements between guests and accommodation owners.
  • Apartmanly does not process payments and does not charge commissions for reservations between users and accommodation owners.
  • To verify the user's email address before an enquiry is sent to the accommodation owner in order to prevent abuse, spam and protect Portal users.

3. Legal Basis for Processing

  • We process personal data when necessary to provide the service and enable communication between Portal users.
  • Data voluntarily provided by users through forms is processed for the purpose of responding to their requests.
  • Technical data such as IP addresses and access logs may be processed based on our legitimate interest in protecting security, stability, and proper operation of the Portal.
  • Where consent is required for specific processing activities, users will be clearly informed and may withdraw their consent in accordance with applicable regulations.

4. Transfer of Data to Accommodation Owners

  • Users confirm that when using the Portal they provide only their own data or data for which they have an appropriate authorization.
  • By submitting an inquiry through the Portal, your data may be forwarded to the selected accommodation owner in order to respond to your request.
  • After receiving the data, the accommodation owner becomes an independent data controller for the personal data received from the potential guest.
  • Apartmanly is not responsible for further processing carried out by accommodation owners outside the functionality of the Portal.

5. Your Rights

  • Right to access your personal data.
  • Right to correction of inaccurate or incomplete data.
  • Right to deletion of data where legal conditions are met.
  • Right to restriction of processing.
  • Right to object to processing based on legitimate interests.
  • Right to withdraw consent where processing is based on consent.
  • Right to lodge a complaint with the competent data protection authority.

6. Security and Third Parties

  • The security of your personal data is important to us. We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, alteration, misuse, or disclosure. However, please note that no method of transmission over the Internet or method of electronic storage is completely secure, and we cannot guarantee absolute security of your personal data.
  • Personal data stored by the Portal is hosted on infrastructure located within the European Union. Certain technical processing may also be carried out by third-party service providers for security, maintenance, and reliable operation of the Portal, as described in this Privacy Policy.
  • To protect the Portal against malicious traffic, security threats, and DDoS attacks, we use security and network infrastructure services provided by Cloudflare, Inc.
  • Cloudflare may process limited technical information as part of providing security and network services, including IP addresses, browser information, HTTP request headers, and access logs, solely for the purpose of maintaining security, stability, and protecting the infrastructure.
  • For address entry, geocoding and map display, the Portal uses Google Maps Platform (including Places API and Geocoding API) together with Leaflet. When these features are used, certain technical data may be processed by the respective service providers in accordance with their privacy policies.
  • Providers of technical infrastructure may process limited technical data necessary for hosting, security, maintenance, and reliable operation of the system, in accordance with their contractual obligations and applicable data protection requirements.
  • If you use links to other services, the processing of personal data is governed by the privacy policies of those services.

7. Data Transfer and Storage

  • Apartmanly operates from Bosnia and Herzegovina, while the infrastructure used for storage and operation of the Portal is located on servers within the European Union.
  • Personal data of users and accommodation owners may be transferred from Bosnia and Herzegovina to the European Union for the purposes of storage, technical maintenance, system security, and providing the service.
  • Such transfers are carried out with appropriate technical and organizational safeguards designed to protect personal data.
  • Certain technical data related to security and service delivery may be processed by providers of technical infrastructure and security services.
  • If personal data is transferred outside the European Economic Area in specific cases, such transfers will be carried out using appropriate safeguards in accordance with applicable data protection laws.

8. Data Retention and Deletion

  • Users may request deletion of their account and personal data in accordance with applicable laws.
  • Deletion requests are handled taking into account technical capabilities, legal obligations, and the legitimate interests of the Portal.
  • Certain data may be retained for a limited period where necessary for system security, prevention of misuse, protection of legal interests, resolution of disputes, or compliance with legal obligations.
  • Deleting an account does not necessarily mean the immediate physical removal of all records from existing backup copies if such removal is technically impossible or would conflict with legal obligations. Backup copies are used solely for system recovery and security purposes and are not intended for regular data processing.
  • Following a deletion request, the user account may be deactivated, and data that is no longer required for the stated purposes may be deleted or anonymized.
  • Personal data is retained only for as long as necessary to fulfill the purpose for which it was collected or as required by applicable legal obligations.

9. Cookies

  • The Portal uses necessary and functional cookies required for the proper operation of the website.
  • Additional cookies may only be used in accordance with applicable laws and cookie regulations.

10. Accommodation Owner Data

  • Accommodation owners voluntarily provide the data required for publishing listings on the Portal.
  • Accommodation owners confirm that they have the legal right to advertise the listed accommodation, that all submitted information is accurate and up to date, and that they have the right to use submitted photographs and other content.
  • Certain owner information, including name, surname, telephone number, email address and other contact details selected by the owner for public display, may be publicly available on the Portal.
  • By publishing a listing, the accommodation owner agrees to the public display of selected contact information for the purpose of enabling communication with potential guests.
  • The accommodation owner may request modification or removal of publicly displayed information in accordance with the Portal rules and applicable legal obligations.

11. Children’s Privacy

  • The Portal is not intended for persons under the age of 18.
  • We do not knowingly collect personal data from children under the age of 18 without an appropriate legal basis or parental or legal guardian consent where such consent is required under applicable laws.
  • If a parent or legal guardian believes that a child has provided personal data through the Portal without an appropriate legal basis, they may contact us using the contact details provided on the Portal.
  • If we become aware that we have collected personal data of a child without an appropriate legal basis, we will take steps to remove such data without undue delay, in accordance with applicable regulations and the technical capabilities of the system.

12.Changes to this Privacy Policy

  • We reserve the right to modify this Privacy Policy from time to time.
  • The updated version will be published on the Portal.
  • The date of the latest update will be displayed at the beginning of this page.

Contact

  • For questions regarding personal data protection, you can contact us through the contact form or email address provided on the Portal.

For all questions regarding this Privacy Policy, please contact us using the contact information provided on the Portal.