Tara's Lodge

Privacy Policy


The protection of your privacy when processing personal data is important to us. In the following, we therefore inform you about the details of the processing of your personal data and your related rights.

By default, when you visit our website, our web servers store the IP address of your internet service provider, the website from which you visit us, the websites you visit, the date and duration of the visit. This information is mandatory for the technical transfer of websites and secure server operation. A personalized evaluation of this data does not take place.


For all processing activities of your personal data in connection with the use of this website, we are "data controller" within the meaning of Art. 4 No. 7 GDPR.

You can contact us as follows:

Tara’s Lodge

Zrnovo 712, Zrnovska Banja

Tel: +385 (0) 20 721 555

Email: info@taraslodge.com

Legal representative: Mrs Dennis BANDACK

You can contact our Data Protection Officer as follows:

Andromeda Group D.o.o.

Žrnovo 712

20275 Žrnovo (Žrnovska Banja)

Korcula Island - CROATIA

Tel: +385 20 721 555


This privacy policy only applies to this website operated by us. Should offers from other providers ("third party offers") be accessible from this website, in particular the websites of our partners, neither our privacy policy applies nor we are data controller within the meaning of Art. 4 No. 7 GDPR for the processing of your personal data within the scope of such third party offers.



You can browse our website without having to provide any personal data. We only store the following types of access data in so-called server log files, such as:

· - your IP address

· - the type and version of your Internet browser

· - the parts of our website you are browsing

· - the referrer website (the website from which you are browsing us)

· -the time, date, location, language, screen resolution, flash version, java, and duration of your browsing

The IP address can be regarded as personal data, since, under certain conditions and with additional information provided by the respective Internet service provider, it allows to obtain the identity of the subscriber of the Internet connection.

The data within the server log files is used by us exclusively to ensure the smooth operation of the website for which we have a legitimate interest in the sense of Art. 6 para. 1 lit. f) GDPR. Your IP address will be deleted within 26 months.


We offer you the opportunity to contact us by email. In this case, we process the personal data you voluntarily provide to us when contacting us which includes at least your email address. We will only process these data for the correspondence with you and for the purpose for which you have given us the data in the course of this communication, such as to contact you at your request. In this case, processing takes place on the basis of your consent in the sense of Art. 6 para. 1 lit. a) GDPR. Insofar as processing is necessary for the performance of a contract to which you are party or in order to take, at your request, steps prior to entering into a contract, processing is based on Art. 6 para. 1 lit. b) GDPR. After completing your request, your data will be erased in compliance with statutory retention periods, unless you have explicitly consented to a further use of your data or we have a right to store your data otherwise.



If you want to make a booking through our site or if you want to apply with us, you have to provide certain data within the scope of the contract to be concluded. In any other context, the provision of personal data is neither required by law nor by contract, nor are you required to provide personal information. However, the provision of personal data for the use of our services may also be partially required within the services we provide. In other words, if you do not provide us with the information, we specify to be necessary, we may not be able to provide you with the full scope of services. When you visit our website, we store certain information for administrative and technical reasons.


On our website, you can subscribe to our email newsletter. In this case, we process the following data from:

· - your email address

· - your confirmation that you have taken note of our terms and conditions and privacy policy

· - the time and date of granting your consent

· - your IP address

The e-mail address is required to send you our newsletter, the legal basis for the processing therefore stems from your consent, Art. 6 para. 1 lit. a) GDPR. Regarding the other types of data, we have a legitimate interest to document your granting of consent to receive the newsletter in order to be able to prove this in case of doubt, Art. 6 para 1 lit. f) GDPR. In order to obtain your consent, we use the so-called double opt-in procedure, which means that we will only send you a newsletter by email if you have previously explicitly confirmed to us that we should activate your account. After entering your email address into the input mask, we will send you a notification email asking you to confirm that you wish to receive our newsletter by clicking on a link in this email.

Alternatively, we may send you our newsletter, if

· - we have obtained your email address in connection with the sale of goods or services,

· - use your address for direct advertising of our own similar goods or services,

· - you have not objected to this use, and

· - you have been clearly and unequivocally advised when the address is collected and each time it is used that you can object to such use at any time without costs arising by virtue thereof, other than transmission costs pursuant to the basic rates.

We will send you newsletters for an indefinite period of time until you unsubscribe, or we decide to stop sending newsletters to you. If you no longer wish to receive newsletters from us, you can object to them at any time without costs arising by virtue thereof, other than transmission costs pursuant to the basic rates.


You can book a hotel stay via our website. In this case, we process the following data:

· - title

· - first and last name

· - email address

· - phone number

· - address

· - city

· - country/region

· - credit card information

· - confirmation number

These data are transferred via our reservation system to the hotel for the arrangement of the contractual relationship.

In case you cancel your booking, we will process above data.

Should you wish so, with each booking on our website, the indicated email address and the associated booking information will be automatically registered with an account that stores the booking, such as the given email address, full name, and address provided during the booking. In order to access the account, it must be activated by following the instructions of the welcome email. In any case, the legal basis is Art. 6 para 1 lit. b) GDPR.

Your bookings will be recorded for the purpose of making the specific information accessible to you and the statistic information available to us. This is necessary due to our legitimate interests of providing relevant offers to our customers and improving the user experience of our website, Art. 6 para. 1 lit. f) GDPR.

We will store such data in accordance with statutory retention periods.


We aim for the best user experience on taraslodge.com. Therefore, when you register to our newsletter, we will personalize content based on what pages you visit to show you the information that interests you the most. We will not create a personalised user profile. The underlying data is anonymised.

The legal basis is Art. 6 para. 1 lit. a) GDPR.

The data will only be used to decide whether to accept your hotel into our membership portfolio. It will be forwarded internally only to the responsible contact persons who will decide on the admission. All data will be erased in accordance with statutory retention periods erased, unless you have explicitly consented to a further use of your data or we have a right to store your data otherwise


In the event that you apply for a job via our website, you first need to register with an account. We collect the following data:

· - title

· - first and last name

· - email address

· - password

· - phone number

· - cover letter

· - résumé

· - information on how your heard about us

You may additionally add you LinkedIn or Xing profile and other documents.

Your data will only be used for the decision on whether to establish an employment relationship with you. It will be forwarded internally to the responsible contact persons only who will decide on the staffing of the position you are interest in. In case you do not apply for a specific vacancy, we will use your data with regard to all positions vacant at the moment of your application that meet your requirements.

The legal basis for the processing is Art. 88 GDPR in conjunction with section 26 para. 1 German Federal Data Protection Act.

We will erase your data after completion of the application process upon expiry of a six months retention period.


For some of the purposes described in this section, we use tracking technologies. The legal basis for the use of cookies and alternative technologies is the legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR, namely that we understand and improve the user experience on our websites so that we can serve the users’ interests.


On our website we make use of cookies. Cookies are small text files that are transferred from an Internet server to your browser and stored on its hard disk. The information, which is stored in the cookies, allows us inter alia to automatically recognize you the next time you visit our website, which will facilitate your use of the same.

We make use of cookies for the following purposes:

AUTHENTICATION - We use cookies to verify your account and determine when you’re logged in so we can make it easier for you to access your accounts and related content and features.

SECURITY, SITE AND PRODUCT INTEGRITY - We use cookies to help us keep your account, data and the Designhotels.com safe and secure.

ADVERTISING, RECOMMENDATIONS, INSIGHTS AND MEASUREMENT - We use cookies to help us show relevant content and to make recommendations on designhotels.com and our mailings with the goal to provide the best experience possible. In addition, we apply cookies to measure the performance of our advertising campaigns.

ANALYTICS AND RESEARCH - We use cookies to better understand how people use the Tara’s Lodge website, with the legitimate interest of designing our website as user-friendly as possible, Art. 6 para. 1 lit. f) GDPR.

Of course, you can also visit our website without accepting cookies. If you do not want your computer to be recognized the next time you visit, you may also decline to use cookies by changing the settings in your browser to "decline cookies". The respective procedure can be found in the operating instructions of your respective browser. If you refuse the use of cookies, however, it may lead to restrictions in the use of some areas of our websites.


If you choose to stay logged in on our website, we will store your login information in a cookie on your computer so that you do not have to authenticate upon return to our website but will be automatically logged in ("auto log in"). The cookie and thereby the auto login expire automatically after 60 days.

4.7.2 ADFORM

We use technology of ADFORM (Hovedvagtsgade 6, 1103 Kopenhagen, Danmark). In this context a cookie is stored on your computer as part of so called conversion tracking, if you have clicked on an ad from or have accessed our website through an ad. This allows us to analyse the behaviour of users on our website, that have accessed our website through ads, in order to adapt our ads and the website to user needs. You will find more information about adform and can opt out from the collection of data by Adform at: http://site.adform.com/privacy-policy/en/.

4.7.3 GOOGLE

On our website we use different services provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043 USA, hereafter "Google".

For further information to those listed below, please visit Googles privacy policy at https://policies.google.com/privacy?hl=en&gl=en

Google is Privacy Shield certified and thus an adequate level of protection exists according to the Implementing Decision of the Commission (EU) 2016/1250 (https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016D1250&from=EN). The certification can be viewed at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active. GOOGLE TAG MANAGER

We make use of Google Tag Manager. This is a tool which helps us to manage website tags such like Google Analytics. While using Google Tag Manger, no personal data are being processed. The privacy policy of Google for this tool can be found here: https://www.google.com/analytics/terms/tag-manager/ GOOGLE ANALYTICS WITH ANONYMIZATION FUNCTION

We make use of the web analytics service "Google Analytics. We use Google Analytics on our website with the addition "_gat. anonymizeIp". In this case, your IP address will already be shortened and thus anonymised by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Google makes use of cookies which generate information about the use of our website and are usually transmitted to a Google server in the USA where they are stored. Google will use this information on our behalf to evaluate the use of our website and to compile reports on website activities. This is due to our legitimate interest of steadily improving our website and to make it as user-friendly as possible, Art. 6 (1) (f) GDPR.

Your IP address will not be merged with other data provided by Google. You can prevent the storage of cookies in your browser settings. You can also prevent the storage of cookies by installing a browser plug-in which can be downloaded here: https://tools.google.com/dlpage/gaoptout?hl=en.

Further information can be found in Google's Privacy Policy which can be found here: https://policies.google.com/technologies/ads?hl=en

Your personal data will be erased after 26 months. If you do not agree, you can opt-out of this through the "My Account" section of your Google Account. GOOGLE REMARKETING

This website uses the Google Remarketing feature. The feature is designed to present interest-based ads to web page visitors within the Google Network. The technology allows us to post automatically generated, targeted ads after you visit our website. The advertisements are based on the products and services you clicked on the last visit to our website. For this purpose, a cookie is stored in the browser of the website visitor, which makes it possible to recognize the visitor when he calls web pages belonging to the advertising network of Google. Google usually stores information such as your web request, IP address, browser type, browser language, and the date and time of your request. This information is used to associate the web browser with a particular computer. On the pages of the Google Network, advertisers can then be presented with ads related to content that the visitor previously viewed on web pages that use Google's remarketing feature.

If you visited https://www.google.com/settings/u/0/ads/authenticated you agree to linking your browsing history of Google with your Google Account, and information from your Google Account is used for ad personalization, as well as the remarketing feature across devices. Google collects your Google ID and uses it for cross-device discovery.

If you do not wish to use Google Remarketing, you can disable it by following Google ads settings here: https://adssettings.google.com/authenticated. GOOGLE SITESEARCH (GOOGLE AJAX SEARCH API)

On our site, Java Script Code is downloaded from Google. If you have activated JavaScript in your browser and have not installed a Java Script Blocker, your browser may transfer personal data to Google. We do not know what data Google associates with the data received and why Google uses that information. To prevent the execution of Java script code by Google as a whole, you can install a java script blocker (e.g. www.noscript.net). GOOGLE GOOGLEADSERVICES / GOOGLE ADWORDS CONVERSION

This website uses Google tools for online marketing. This is to recognize that a visitor has come across our website through a Google ad. This is due to our legitimate interest of designing our website as user-friendly as possible, Art. 6 para. 1 lit. f) GDPR. Google uses cookies that are stored on your computer and allow an analysis of the use of the website. The so-called "conversion tracking" cookies are set when you click on an ad served by Google. These cookies lose their validity after 30 days and are not used for personal identification. If you want to prevent "conversion tracking", you can set your browser to block cookies from the domain "googleadservices.com". You can also exercise your right to opt-out. If you would like to know more about these methods, or if you would like to know what you can do to prevent this information from being used by Google, click here: https://www.google.com/settings/u/0/ads/authenticated.


On our website, we use the conversion and tracking tool "Bing Ads" of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. Microsoft is certified under the Privacy Shield Agreement, which is why it guarantees to comply with European data protection law. Microsoft Bing Ads places a cookie on your device if you have accessed our website via a Microsoft Bing ad. Microsoft Bing as well as we can thus recognize that someone clicked on an ad, was redirected to our website and reached a previously determined landing page (conversion page). We only get to know the total number of users who clicked on a Bing ad and were then redirected to the conversion page. No personal information about the identity of the user will be shared. If you do not want information about your behaviour to be used by Microsoft as explained above, you can refuse the cookies in your browser settings. In addition, you may prevent the collection of data generated by the cookie and related to your use of the website as well as the processing of this data by Microsoft by using the following link: http://choice.microsoft.com/en-EN/opt-out and objecting to the use of these cookies. For more information about privacy and cookies used by Microsoft and Bing Ads, visit the Microsoft Web site at https://privacy.microsoft.com/en-us/privacystatement.


On our website we use different services provided by Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA ("Facebook"). For more information on the collection and use of data by Facebook and your rights in this regard and ways to protect your privacy, see the privacy policy of Facebook https://www.facebook.com/about/privacy. Facebook is Privacy Shield certified and thus an adequate level of protection exists according to the Implementing Decision of the Commission (EU) 2016/1250 (https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016D1250&from=EN). The certification can be viewed at https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active. FACEBOOK IMPRESSIONS

In this context we use the function Facebook Impressions. Through this feature information about the frequency with which a post of our site is displayed is gathered. Here the frequency of the page views is recorded by the visitors of our website. The information generated by these cookies, such as time, location and frequency of your website visit, including your IP address, will be transferred to the Facebook servers in the United States.

The storage of cookies can be prevented by appropriate settings in your browser. The purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as your rights in this regard and setting options for the protection of your privacy can be found in the Privacy policy of Facebook. FACEBOOK CUSTOM AUDIENCES PIXELS

To promote interest-based advertisements to visitors to our website while visiting Facebook, we use Custom Audiences Pixel from Facebook. It connects to the Facebook servers when visiting our website. The information that you have visited our website is transmitted to the Facebook server and Facebook assigns this information to your personal Facebook user account.


This website uses Mouseflow, a web analytics tool of Mouseflow ApS, Flaesketorvet 68, 1711 Copenhagen, Denmark, to collect randomly selected individual visits (using an anonymous IP address only). The mouse movements, mouse clicks and keyboard interactions are logged at random, along with the intention of individual visits to this site as so-called session replays to reproduce and evaluate the so-called heat maps and determine potential improvements for this site. The data collected by Mouseflow are non-personal and will not be disclosed to third parties. The storage and processing of the collected data takes place within the EU. If you do not want to be tracked by Mouseflow on any websites using this cookie, you may object to this at the following link: https://mouseflow.com/opt-out/


As explained above we will share your personal data with the hotel if you make a booking and we will use external parties as data processors as follows:

· - A reservation system for bookings provided by Little Hotelier whom we have entered a contract under the standard contractual clauses (https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32010D0087&from=EN) with, that guarantees an adequate level of data protection.

· - Stripe, Inc., California, 185 Berry Street, Suite 550, San Francisco, California 94107, USA that is used by Squarespace for payment services. Stripe is Privacy Shield certified and thus an adequate level of protection exists according to the Implementing Decision of the Commission (EU) 2016/1250 (https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016D1250&from=EN). The certification can be viewed at https://www.privacyshield.gov/participant?id=a2zt0000000TQOUAA4&status=Active.


In connection with the processing of your personal data, you have the following rights. These can be basically exercised free of charge. However, where your requests for the rights set out in numbers 2 to 5 are manifestly unfounded or excessive, in particular because of their repetitive character, we may either

- charge a reasonable fee taking into account the administrative costs of providing the information or communication or taking the action requested, or

- refuse to act on the request.


You have the right to withdraw any consent you have given us for processing your data. However, this will only affect future processing. The lawfulness of processing carried out on the basis on your original consent will not be affected.


You have the right to request confirmation as to whether your person data is being processed. If this is the case, you are entitled to have access to the personal data in the sense of Art. 15 GDPR.


You have the right to demand rectification of incorrect personal data and the completion of incomplete data (Art. 16 GDPR) as well as, under the conditions of Art. 17 GDPR, erasure of your data.


You have the right to restrict the processing of your personal data under the conditions of Art. 18 GDPR.


You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without our hindrance. However, this right exists only insofar as the processing is based on your consent pursuant to Art. 6 para. 1 lit. a) or Art. 9 para. 2 lit. a) GDPR or on a contract pursuant to Art. 6 para. 1 lit. b); and the processing is carried out by automated means.

This right is precluded as far as rights and freedoms of other persons (in particular personal data of third parties, business or company secrets existing on our parts, copyrights) are concerned.


There is no obligation for you to provide your personal information. However, if you do not provide the data required according to this privacy statement, you may not be able to use certain services or features in whole or in part.


Insofar as you believe that we do not properly comply with the obligations stipulated in data protection law, you have the right to lodge a complaint with a supervisory authority.

The competent supervisory authority would be:

· Berliner Beauftragte für Datenschutz und Informationsfreiheit

· Friedrichstraße 219

· 10969 Berlin, Germany

· Tel: +49 (0)30/138890

· Email: mailbox@datenschutz-berlin.de


On grounds relating to your particular situation and where processing is based on Art. 6 para. 1 lit. e) or lit. f) GDPR, you may object to the processing of your personal data at any time. We then will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.



New legal or regulatory requirements or new features on our website may require an update of this Privacy Notice. In these cases, we will provide further information here. It is therefore recommended to periodically review this Policy for any changes. The latest version of this Policy can be found as conclusion.


You can print and save this privacy policy directly via the print or save function of your browser.