Legal
Privacy Policy
This Privacy Policy explains how Zipline Omiš (Malik d.o.o.) collects and uses your personal data when you book or contact us, in line with the EU General Data Protection Regulation (2016/679).
1. Data controller
Malik d.o.o. Omiš, OIB 27969502148, Josipa Pupačića 4, 21310 Omiš, Croatia. Contact: zipline.croatia@gmail.com.
2. What we collect
- Booking details: name, email, phone, country, date and party size.
- Payment information, processed securely by our payment provider (we do not store full card numbers).
- Messages you send us via the contact or enquiry forms.
- Basic analytics data (see our Cookie Policy).
3. Legal basis
We process your data to perform our contract with you (your booking), to comply with legal obligations, and — for analytics and marketing — on the basis of your consent, which you can withdraw at any time.
4. Your rights
Under the GDPR you have the right to access, rectify, erase, restrict and port your data, and to object to processing. To exercise any of these, email us and we will respond within 30 days.
5. Retention
We keep booking records only as long as necessary for the booking, legal and accounting obligations, after which they are securely deleted.
6. Complaints
If you believe your data has been handled unlawfully, you may lodge a complaint with the Croatian Personal Data Protection Agency (AZOP), Selska cesta 136, 10000 Zagreb.
7. Contact
Questions about your data? Email zipline.croatia@gmail.com or call +385 (0) 95 82 22 221.