Privacy Policy

Last Updated: January 2, 2026

1. Introduction

This Privacy Policy explains how MOMZA GRUPPO d.o.o. ("we", "us", "our", or "SeaGull Dubrovnik") collects, uses, stores, and protects your personal data when you use our website https://seagulldubrovnik.com (the "Website") and our services.

We are committed to protecting your privacy and handling your personal data in accordance with:

  • Regulation (EU) 2016/679 (General Data Protection Regulation - "GDPR")
  • Croatian Personal Data Protection Act (Zakon o provedbi Opće uredbe o zaštiti podataka, NN 42/18)
  • ePrivacy Directive and national implementing legislation

By using our Website and services, you acknowledge that you have read and understood this Privacy Policy.

2. Data Controller

The data controller responsible for processing your personal data is:

MONZA GRUPPO d.o.o.

Od Gaja 56
20000 Dubrovnik
Croatia

Tax ID (OIB): 54419028561
Email: info@seagulldubrovnik.com
Website: https://seagulldubrovnik.com

For any questions regarding the processing of your personal data or to exercise your rights under GDPR, please contact us at the email address above.

3. Personal Data We Collect

We collect and process the following categories of personal data:

3.1 Information You Provide Directly

When you contact us or make a booking, we collect:

  • Contact Information: Name, email address, phone number
  • Booking Information: Preferred tour date, number of guests, special requests
  • Communication Data: Content of messages sent via contact form, email, or WhatsApp
  • Payment Information: When processing payments through Stripe, we collect billing name, address, and payment card details (stored securely by Stripe, not on our servers)
  • Marketing Preferences: Your consent to receive marketing communications (newsletter subscription)

3.2 Information Collected Automatically

When you visit our Website, we automatically collect:

  • Technical Data: IP address, browser type and version, device type, operating system
  • Usage Data: Pages visited, time spent on pages, click behavior, referring website
  • Location Data: Approximate geographic location based on IP address
  • Cookies and Similar Technologies: Data collected through cookies (see Section 8)

3.3 Analytics Data

We use Google Analytics to understand how visitors use our Website. Google Analytics collects pages viewed, session duration, traffic sources, and device information.

For more information, see Google's Privacy Policy: https://policies.google.com/privacy

We process your personal data on the following legal bases under Article 6(1) GDPR:

4.1 Consent (Article 6(1)(a))

  • Marketing communications (newsletter subscription)
  • Non-essential cookies and analytics tracking

You have the right to withdraw consent at any time.

4.2 Performance of Contract (Article 6(1)(b))

  • Processing booking requests and reservations
  • Communicating with you about your tour
  • Processing payments and issuing receipts

4.3 Legitimate Interest (Article 6(1)(f))

  • Responding to general inquiries
  • Improving our Website based on analytics
  • Preventing fraud and ensuring security

4.4 Legal Obligation (Article 6(1)(c))

  • Complying with tax and accounting regulations
  • Responding to lawful requests from authorities

7. Payment Processing

We use Stripe as our payment processor for handling deposits and full payments. Stripe is a PCI DSS Level 1 certified payment provider.

Important:

  • We DO NOT store your full credit card details on our servers
  • Card information is transmitted directly to Stripe's secure servers
  • All payment data is encrypted using TLS/SSL protocols

Stripe's Privacy Policy: https://stripe.com/privacy

13. Your Rights Under GDPR

As a data subject, you have the following rights under GDPR:

Right of Access

Article 15

Request a copy of your personal data

Right to Rectification

Article 16

Correct inaccurate data

Right to Erasure

Article 17

Request deletion of your data

Right to Restriction

Article 18

Limit how we use your data

Right to Data Portability

Article 20

Receive data in portable format

Right to Object

Article 21

Object to processing

14. How to Exercise Your Rights

To exercise any of your rights under GDPR, please contact us:

Email: info@seagulldubrovnik.com
Subject Line: "GDPR Data Request - [Your Name]"

Response Time: We will respond within 1 month

Cost: Free of charge

13.8 Right to Lodge a Complaint

If you believe we have violated your privacy rights, you have the right to lodge a complaint with:

Croatian Personal Data Protection Agency (AZOP)

Selska cesta 136
10000 Zagreb, Croatia
Email: azop@azop.hr
Website: https://azop.hr

20. Contact Information

For any questions, concerns, or requests regarding this Privacy Policy, please contact us:

MONZA GRUPPO d.o.o.

Od Gaja 56, 20000 Dubrovnik, Croatia

Email: info@seagulldubrovnik.com
Website: https://seagulldubrovnik.com
Phone: +385 91 916 7163

Document Version: 1.0
Effective Date: January 2, 2026
Next Review Date: January 2, 2027

This Privacy Policy has been prepared in accordance with GDPR and Croatian data protection law. For legal advice specific to your situation, please consult a qualified attorney.

Quick Navigation

1. Introduction2. Data Controller3. Data We Collect4. Legal Basis7. Payment Processing13. Your Rights14. Exercise RightsLodge a Complaint20. Contact Us