Privacy Policy
Since your privacy is important to us, our Privacy Policy is based on the General Data Protection Regulation (GDPR).
It refers to collecting and processing your data and cookies on our platform/page: www.todoinistria.com, how we process, use, and protect this data, the purposes for which we use it, and your rights to your data. Istrian Tourism Development Agency, IRTA d.o.o. is obliged and therefore takes all necessary measures to preserve the privacy of individuals visiting this site and protect the personal data we process and store.
We collect and process data only when necessary and to the extent required to fulfil the purpose of our relationship/contract. The data collected are name and surname, address, OIB/VAT, company representative, bank account, e-mail, mobile phone number, links to social networks, and a brief company description. The data mentioned above is collected when a contact form is sent. Until then, your presence on the webpage remains anonymous.
In the process of collecting and processing personal data, IRTA adheres to the principles of the General Data Protection Regulation (GDPR) and, therefore:
- does not collect more information than is strictly necessary
- uses personal data exclusively for the purpose for which it was collected and does not use it for other purposes
- does not keep personal data if it is no longer needed
- does not sell, borrow, distribute or publicly disclose personal information
- sends / forwards personal data to a third party only with the consent of the individual/user
- does not perform profiling or automatic data processing
- takes care of the security of stored personal data
Granting access to data to other legal or natural persons is always limited to the extent necessary to achieve the data’s purpose. At the same time, we guarantee that it will not be transferred to third countries outside the European Union as part of our processing of personal data.
The data is collected based on the provision of services and the performance of the contracted work (purchase, provision of services), which IRTA processes exclusively for the purpose for which it was given, i.e., for the purchase, provision of services, and customer service.
IRTA collaborates with partners to help us provide and improve the service, communicate better with customers, and perform the requested service. For these reasons, we will provide access to your data to authorized external data processors to process personal data for our company based on our explicit instructions and through concluded contracts. These partners are obliged to respect confidentiality by strictly following this privacy policy, signed contracts, and the commitments of the General Data Protection Regulation. These outsourced executives ensure the delivery of products and services, accounting and bookkeeping services, IT and application maintenance services, legal services, and other services related to the subject of our company’s business, without which we would not be able to ensure compliance with our contractual obligations and ensure our users a superior level of quality of our services.
It is within your rights at any time to:
- request access to all personal data collected by IRTA about you
- ask for the correction of personal data that IRTA has about you
- request the deletion of personal data that IRTA has about you
- request a restriction on the processing of your data
- object to the processing of your data by IRTA
If you want to exercise any of these rights, please send an inquiry via the contact form or e-mail to: info@todoinistria.com
Furthermore, suppose you believe that we are not managing your data lawfully. In that case, you can send a complaint directly to the competent supervisory authority in the EU country where you reside or the Croatian supervisory authority – AGENCY FOR PERSONAL DATA PROTECTION (AZOP), Selska cesta 136, Zagreb.
If we determine that personal data has been breached, we are responsible for taking all actions and measures to reduce possible consequences for your privacy. We will report any personal data breach to AZOP as the competent supervisory authority for data protection within 72 hours of the breach.
The manager of the processing of your data is:
Istrian Development Tourist Agency, IRTA d.o.o.
Pionirska 1a, HR-52440 Poreč
Suppose you want additional information about our services/business partners and promotional activities. In that case, we can provide them to you soon after establishing the first direct contact and sending your data via the contact form on this website. In that case, you will receive a separate request for your consent to any further promotional activities towards you. We will not provide any promotional activity without your permission.
If there is a contractual relationship based on our legitimate interest, we can contact you about news and ways to expand our cooperation.
At all times, you have the right to request the termination of any of our promotional activities, and we will fully respect your choice.