This Privacy Policy explains how your data are collected, used and shared when you visit this website.
Who are we? Kornati National Park Public Institution, Butina 2, 22243 Murter, Croatia
Our web address is: https://www.np-kornati.hr
What personal data we collect
When you visit our website, we automatically collect information about your device, including your web browser, IP address, time zone and cookies already installed on your device. Additionally, as you visit our web pages, we will collect data about the site pages you visit, how long you stay on them and which search terms have led you to different pages. We will call this type of data ‘device data’.
Data collection technologies we use to collect ‘device data’ are:
- Cookies – small files stored in your browser that often contain an anonymous unique identifier. For more information about cookie files and how to disable them, please go to http://www.allaboutcookies.org
- Log files – files created by web servers recording data about your IP address, visit time, web browser and last page viewed
- Web beacons, tags and pixels – files used for monitoring web user activity at a website
How we use your personal data?
We use the personal data provided in your enquiry to contact you and answer your questions.
Only when explicitly permitted by you we use your personal data to send you an offer we believe might interest you.
We use your device data to minimize the risk of fraud, for user experience enhancement and optimization and to make our advertising campaigns more successful.
Sharing of your personal data
We use Google Analytics to explore how users use our website.
For more information about how Google uses your personal data please visit https://www.google.com/intl/en/policies/privacy/. To disable sharing your personal data with Google Analytics click here: https://tools.google.com/dlpage/gaoptout.
Credit card charges
Our personal data protection is in compliance with the Regulation (EU) 2016/679 of the European Parliament and of the Council and the General Data Protection Regulation implementing acts.
Corvus Pay
Online Payments Security Statement
For payments on our webshop you are using CorvusPay – an advanced system for secure payment card acceptance on the Internet.
CorvusPay ensures complete payment card data secrecy from the moment of their entry in the CorvusPay payment form. Payment data are encoded and transmitted from your web browser to the issuing bank. Our webshop cannot access your complete cardholder data. Also, your cardholder data are inaccessible even to CorvusPay system operators. An isolated system core independently transmits and manages sensitive data, while ensuring they are completely safe.
The form for entering payment data is secured by an SSL transmission cipher of maximum reliability. All stored data is additionally protected by hi-grade encryption, using hardware devices certified by FIPS 140 2 Level 3 standard. CorvusPay meets all of the requirements for safe online payment prescribed by the leading credit card brands, operating in compliance with the PCI DSS Level 1 standard - the highest security standard in the payment card industry. Payments made by cards enrolled with the 3-D Secure program are further authenticated by the issuing bank, confirming your identity through the use of a token or a password.
All information collected by Corvus Info is considered a banking secret and treated accordingly. The information is used exclusively for the purposes for which they were intended. Your sensitive data is fully secure and their privacy is guaranteed by state-of-the-art safeguard mechanisms. We collect only the data necessary for performing the work in accordance with the demanding prescribed procedures for online payment.
Security controls and operating procedures applied within the CorvusPay infrastructure not only ensure current reliability of CorvusPay, but permanently maintain and enhance the security levels of protecting your credit card information by maintaining strict access controls, regular security and in-depth system checks for preventing network vulnerabilities.
Thank you for using CorvusPay!
Behavioural marketing
As we have already mentioned, we may occasionally use your personal data to adjust our marketing language to your preferences to make the content relevant and interesting. For more information about targeted advertising please visit: http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work
You can disable or customize targeted advertising using the links below:
- Facebook: https://www.facebook.com/settings/?tab=ads
- Google: https://www.google.com/settings/ads/anonymous
- Bing: https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads
Additionally, some targeted advertising services can be disabled at: http://optout.aboutads.info/.
Cookies
CSRF_TOKEN => unique token, sessional
GA => possible use of google analytics or google tag manager cookies
laravel_session cookie => unique token, sessional
Embedded content
The content on this website (e.g. videos, photos, articles, etc.) can be from other web sites that are not under our control. Such content may behave the same way as the external website and your personal data may be collected, such websites may use their own cookies or third-party cookies, including tracking your interaction with the content if you have a user account and are logged in (e.g. google, facebook).
Links
When you open a link on our website, it can take you to a website that is not under our control. In such cases, we may not be held liable for the protection of your personal data and we hereby recommend that you find and read privacy policies published on those websites. We will not post links to any websites that are not meeting personal data protection requirements.
Your rights
You have the right of access to your personal data we are processing and the right to have them corrected, amended or erased. In order to use any of your rights please contact us using the contact details provided at the bottom of this page.
Any consent given to us in connection with the use of your personal data can be withdrawn at any time.
Personal data retention periods
After you submit an enquiry via this website, your personal data will be stored until you request their deletion. However, we cannot delete your personal data that are necessary for us to comply with our administrative or legal obligations (e.g. if you have bought a ticket).
Privacy Policy changes
From time to time this Privacy Policy may be subject to changes to make it better suited to our business practice and legal and regulatory requirements.
Contact us
For any clarifications, to lodge your complaint or in order to exercise any of your data subject rights, feel free to contact us at:
kornati@np-kornati.hr